If not infected then what?

Brett1337Vierra · April 29, 2014

Log Name:      Application
Source:        Microsoft-Windows-Wininit
Date:          4/28/2014 8:51:41 PM
Event ID:      1001
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Vittorio-PC
Description:

Checking file system on C:
The type of the file system is NTFS.

A disk check has been scheduled.
Windows will now check the disk.

CHKDSK is verifying files (stage 1 of 5)...
187904 file records processed.

File verification completed.
282 large file records processed.

0 bad file records processed.

2 EA records processed.

75 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 5)...
252152 index entries processed.

Index verification completed.
0 unindexed files scanned.

0 unindexed files recovered.

CHKDSK is verifying security descriptors (stage 3 of 5)...
187904 file SDs/SIDs processed.

Cleaning up 929 unused index entries from index $SII of file 0x9.
Cleaning up 929 unused index entries from index $SDH of file 0x9.
Cleaning up 929 unused security descriptors.
Security descriptor verification completed.
32125 data files processed.

CHKDSK is verifying Usn Journal...
216188464 USN bytes processed.

Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
187888 files processed.

File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
35864505 free clusters processed.

Free space verification is complete.
CHKDSK discovered free space marked as allocated in the
master file table (MFT) bitmap.
CHKDSK discovered free space marked as allocated in the volume bitmap.
Windows has made corrections to the file system.

195358719 KB total disk space.
51364912 KB in 92728 files.
     63528 KB in 32126 indexes.
         0 KB in bad sectors.
    472255 KB in use by the system.
     65536 KB occupied by the log file.
143458024 KB available on disk.

      4096 bytes in each allocation unit.
48839679 total allocation units on disk.
35864506 allocation units available on disk.

Internal Info:
00 de 02 00 c1 e7 01 00 3b 9a 03 00 00 00 00 00 ........;.......
59 01 00 00 4b 00 00 00 00 00 00 00 00 00 00 00 Y...K...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

Windows has finished checking your disk.
Please wait while your computer restarts.

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
    <Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />
    <EventID Qualifiers="16384">1001</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2014-04-29T03:51:41.000000000Z" />
    <EventRecordID>6907</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>Application</Channel>
    <Computer>Vittorio-PC</Computer>
    <Security />
</System>
<EventData>
    <Data>

Checking file system on C:
The type of the file system is NTFS.

A disk check has been scheduled.
Windows will now check the disk.

CHKDSK is verifying files (stage 1 of 5)...
187904 file records processed.

File verification completed.
282 large file records processed.

0 bad file records processed.

2 EA records processed.

75 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 5)...
252152 index entries processed.

Index verification completed.
0 unindexed files scanned.

0 unindexed files recovered.

CHKDSK is verifying security descriptors (stage 3 of 5)...
187904 file SDs/SIDs processed.

Cleaning up 929 unused index entries from index $SII of file 0x9.
Cleaning up 929 unused index entries from index $SDH of file 0x9.
Cleaning up 929 unused security descriptors.
Security descriptor verification completed.
32125 data files processed.

CHKDSK is verifying Usn Journal...
216188464 USN bytes processed.

Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
187888 files processed.

File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
35864505 free clusters processed.

Free space verification is complete.
CHKDSK discovered free space marked as allocated in the
master file table (MFT) bitmap.
CHKDSK discovered free space marked as allocated in the volume bitmap.
Windows has made corrections to the file system.

195358719 KB total disk space.
51364912 KB in 92728 files.
     63528 KB in 32126 indexes.
         0 KB in bad sectors.
    472255 KB in use by the system.
     65536 KB occupied by the log file.
143458024 KB available on disk.

      4096 bytes in each allocation unit.
48839679 total allocation units on disk.
35864506 allocation units available on disk.

Internal Info:
00 de 02 00 c1 e7 01 00 3b 9a 03 00 00 00 00 00 ........;.......
59 01 00 00 4b 00 00 00 00 00 00 00 00 00 00 00 Y...K...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

Windows has finished checking your disk.
Please wait while your computer restarts.
</Data>
</EventData>
</Event>

I had a problem when rebooting. Malwarebytes did not boot up and the icon was removed

AdvancedSetup · April 29, 2014

Please doing the following.

Please try the following but when installing use the latest beta below. - MBAM Clean Removal Process 2x
Then please reboot the computer and read the following and post back the requested logs again. - Diagnostic Logs
NOTE: There is an FAQ section with valuable information located here: - Common Questions, Issues, and their Solutions
Please try installing the new beta which has corrected some previously reported issues: - Malwarebytes Anti-Malware 2.0.2 Public Beta

Thank You

Brett1337Vierra · April 29, 2014

MBAM Clean Removal Process 2x worked. I restarted and tried to run FRST64. It scaned and made the files but nothing in them.

Brett1337Vierra · April 29, 2014

I tried MBAM-chk and it got a cmd prompt with an error 7-zip something it went away to fast

AdvancedSetup · April 30, 2014

Please restart the computer and try again.

Brett1337Vierra · April 30, 2014

Same thing FRST64 ran. at drivers it froze and said not responding and then started back up finish and spit out nothing. as of now I have no malwarebytes installed on my computer and it hasn't been there for a day now.

Brett1337Vierra · April 30, 2014

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2014
Ran by Sirly (administrator) on VITTORIO-PC on 30-04-2014 11:57:56
Running from C:\Users\Sirly\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\system32\inetsrv\inetinfo.exe
(Microsoft Corporation) C:\Windows\system32\mqsvc.exe
(Microsoft Corporation) C:\Windows\system32\mqtgsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-25] (COMODO)
HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-20] (Adobe Systems Incorporated)
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3E51F0CA5363CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Sirly\AppData\Roaming\Mozilla\Firefox\Profiles\jvy1qi3l.default-1398738901204
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-14] (Advanced Micro Devices, Inc.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-20] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] ()

==================== Drivers (Whitelisted) ====================

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2012-07-03] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-04-16] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2014-04-16] (COMODO)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
R3 HPKBx64; C:\Windows\System32\DRIVERS\HPKBx64.sys [57856 2013-03-19] (Hewlett-Packard Company)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105552 2014-04-16] (COMODO)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104560 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-04-18] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-30 11:58 - 2014-04-30 11:58 - 00008329 _____ () C:\Users\Sirly\Desktop\FRST.txt
2014-04-30 11:56 - 2014-04-30 11:56 - 00000000 _____ () C:\Users\Sirly\Desktop\Addition.txt
2014-04-29 10:42 - 2014-04-29 10:42 - 02061824 _____ (Farbar) C:\Users\Sirly\Desktop\FRST64.exe
2014-04-29 10:21 - 2014-04-29 10:22 - 17290592 _____ (Malwarebytes Corporation ) C:\Users\Sirly\Desktop\mbam-setup-consumer-2.0.2.1007.exe
2014-04-29 10:20 - 2014-04-29 10:20 - 00315392 _____ (Malwarebytes Corporation) C:\Users\Sirly\Desktop\mbam-clean-2.0.2.0.exe
2014-04-29 10:19 - 2014-04-29 10:19 - 01673896 _____ (Malwarebytes Corporation) C:\Users\Sirly\Desktop\mbam-check-2.1.0.0002.exe
2014-04-28 21:02 - 2014-04-28 21:02 - 00000000 ____D () C:\Windows\SysWOW64\Atheros_L1e
2014-04-28 19:35 - 2014-04-28 19:35 - 00000000 ____D () C:\Users\Sirly\Desktop\Old Firefox Data
2014-04-28 15:26 - 2014-04-28 15:26 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Adobe
2014-04-28 13:49 - 2014-04-29 10:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-28 12:55 - 2014-04-28 12:55 - 00854355 _____ () C:\Users\Sirly\Desktop\SecurityCheck.exe
2014-04-28 12:16 - 2014-04-28 12:16 - 00000629 _____ () C:\Users\Sirly\Desktop\JRT.txt
2014-04-27 22:44 - 2014-04-27 22:44 - 00000637 _____ () C:\Users\Sirly\Sirly - Shortcut.lnk
2014-04-27 21:30 - 2014-04-27 21:30 - 01016261 _____ (Thisisu) C:\Users\Sirly\Desktop\JRT.exe
2014-04-27 21:16 - 2014-04-27 21:16 - 00448512 _____ (OldTimer Tools) C:\Users\Sirly\Desktop\TFC.exe
2014-04-25 18:34 - 2014-04-25 18:34 - 00079863 _____ () C:\ComboFix.txt
2014-04-25 17:58 - 2011-06-25 23:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-25 17:58 - 2010-11-07 10:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-25 17:58 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-25 17:58 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-25 17:58 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-25 17:58 - 2000-08-30 17:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-25 17:58 - 2000-08-30 17:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-25 17:58 - 2000-08-30 17:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-25 17:56 - 2014-04-25 18:34 - 00000000 ____D () C:\Qoobox
2014-04-25 17:53 - 2014-04-25 17:54 - 05196870 ____R (Swearware) C:\Users\Sirly\Desktop\ComboFix.exe
2014-04-25 14:16 - 2014-04-25 14:17 - 00000000 ____D () C:\AdwCleaner
2014-04-25 12:09 - 2014-04-25 12:12 - 10303344 _____ () C:\Users\Beta\Downloads\Kit_Kat_Xperience.zip
2014-04-25 11:00 - 2014-04-25 11:24 - 436903589 _____ () C:\Users\Beta\Downloads\Samurai_4-9-2014.zip
2014-04-25 10:54 - 2012-07-03 11:58 - 00031744 _____ (Google Inc) C:\Windows\system32\Drivers\lgandnetadb.sys
2014-04-25 10:54 - 2012-07-03 11:50 - 00036352 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetmodem64.sys
2014-04-25 10:54 - 2012-07-03 11:50 - 00029184 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetdiag64.sys
2014-04-25 10:53 - 2014-04-25 10:53 - 00000000 ____D () C:\Program Files (x86)\LG Electronics
2014-04-25 10:49 - 2013-02-25 18:01 - 00000000 ____D () C:\Users\Beta\Desktop\spirited_away
2014-04-25 07:16 - 2014-04-25 07:16 - 00000000 ____D () C:\Windows\ERUNT
2014-04-25 07:03 - 2014-04-25 07:13 - 00000000 ____D () C:\Users\Sirly\Desktop\mbar
2014-04-25 07:03 - 2014-04-25 07:03 - 01365865 _____ () C:\Users\Sirly\Desktop\AdwCleaner.exe
2014-04-25 07:02 - 2014-04-25 07:03 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Sirly\Desktop\mbar-1.07.0.1009.exe
2014-04-24 13:33 - 2014-04-24 13:34 - 00000000 ____D () C:\Users\Sirly\Desktop\GrantPerms64
2014-04-24 13:21 - 2014-04-24 13:21 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Boredom Software
2014-04-24 13:19 - 2014-04-24 13:19 - 00000000 ____D () C:\Program Files (x86)\Boredom Software
2014-04-24 13:17 - 2014-04-24 13:17 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\WinRAR
2014-04-24 13:03 - 2014-04-24 13:03 - 00002956 _____ () C:\Users\Sirly\Desktop\RKreport[0]_S_04242014_130356.txt
2014-04-24 12:41 - 2014-04-24 12:41 - 00000000 ____D () C:\Users\Sirly\AppData\Local\CrashDumps
2014-04-24 12:27 - 2014-04-24 12:27 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Macromedia
2014-04-24 12:20 - 2014-04-24 13:00 - 00000000 ____D () C:\Users\Sirly\Desktop\RK_Quarantine
2014-04-24 12:19 - 2014-04-24 12:19 - 04527616 _____ () C:\Users\Sirly\Desktop\RogueKillerX64.exe
2014-04-24 12:07 - 2014-04-25 18:27 - 00000000 ____D () C:\Windows\ERDNT
2014-04-24 12:06 - 2014-04-24 12:06 - 00000924 _____ () C:\Users\Sirly\Desktop\NTREGOPT.lnk
2014-04-24 12:06 - 2014-04-24 12:06 - 00000924 _____ () C:\Users\Administrator\Desktop\NTREGOPT.lnk
2014-04-24 12:06 - 2014-04-24 12:06 - 00000905 _____ () C:\Users\Sirly\Desktop\ERUNT.lnk
2014-04-24 12:06 - 2014-04-24 12:06 - 00000905 _____ () C:\Users\Administrator\Desktop\ERUNT.lnk
2014-04-24 12:06 - 2014-04-24 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-04-24 12:06 - 2014-04-24 12:06 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-04-24 12:01 - 2014-04-25 08:06 - 00002522 _____ () C:\Users\Sirly\Desktop\Rkill.txt
2014-04-24 12:00 - 2014-04-24 12:00 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Sirly\Desktop\rkill.exe
2014-04-24 11:38 - 2014-04-24 11:38 - 00024505 _____ () C:\Users\Beta\Documents\CisReport_x64_v7.0.317799.4142_20140424-113807.zip
2014-04-24 11:38 - 2014-04-24 11:38 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\WinRAR
2014-04-22 12:05 - 2012-05-31 22:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2014-04-22 12:05 - 2012-05-31 22:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2014-04-22 12:05 - 2012-05-31 22:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2014-04-22 12:05 - 2012-05-31 22:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2014-04-22 12:05 - 2012-05-31 22:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2014-04-22 12:05 - 2012-05-31 22:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2014-04-22 12:05 - 2012-05-31 21:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2014-04-22 12:05 - 2012-05-31 21:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2014-04-22 12:05 - 2012-05-31 21:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2014-04-22 12:05 - 2012-05-31 21:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2014-04-22 12:05 - 2012-05-31 21:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2014-04-22 12:05 - 2012-05-31 21:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2014-04-21 17:46 - 2014-04-22 22:17 - 00047601 _____ () C:\Windows\iis7.log
2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices
2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\system32\msmq
2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\inetpub
2014-04-21 17:29 - 2014-04-21 17:29 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Mozilla
2014-04-21 17:29 - 2014-04-21 17:29 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Mozilla
2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\ATI
2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Local\ATI
2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Local\AMD
2014-04-21 14:37 - 2014-04-21 14:42 - 00014830 _____ () C:\Users\Administrator\Downloads\Addition.txt
2014-04-21 14:36 - 2014-04-30 11:57 - 00000000 ____D () C:\FRST
2014-04-21 14:36 - 2014-04-21 14:42 - 00057207 _____ () C:\Users\Administrator\Downloads\FRST.txt
2014-04-21 14:25 - 2014-04-21 14:25 - 02061312 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2014-04-21 14:08 - 2014-04-21 14:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Adobe
2014-04-21 11:46 - 2014-04-21 11:46 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia
2014-04-21 11:46 - 2014-04-21 11:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Macromedia
2014-04-21 11:44 - 2014-04-21 11:44 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Mozilla
2014-04-21 11:44 - 2014-04-21 11:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Mozilla
2014-04-21 11:15 - 2014-04-21 11:15 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieUserList
2014-04-21 11:15 - 2014-04-21 11:15 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieSiteList
2014-04-21 11:09 - 2014-04-21 11:09 - 00058016 _____ () C:\Users\Sirly\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-21 11:09 - 2014-04-21 11:09 - 00001413 _____ () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ____D () C:\Users\Sirly\AppData\Local\VirtualStore
2014-04-19 00:25 - 2014-04-19 00:25 - 00000000 ____D () C:\Users\Beta\AppData\Local\Macromedia
2014-04-18 22:12 - 2014-04-18 22:12 - 00000000 __SHD () C:\Users\Beta\AppData\Local\EmieUserList
2014-04-18 22:12 - 2014-04-18 22:12 - 00000000 __SHD () C:\Users\Beta\AppData\Local\EmieSiteList
2014-04-18 20:54 - 2014-04-18 20:54 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Macromedia
2014-04-18 20:13 - 2014-04-28 15:26 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Adobe
2014-04-18 20:13 - 2014-04-18 22:04 - 00000000 ____D () C:\Users\Sirly\Documents\InfiniteCrisis
2014-04-18 20:13 - 2014-04-18 20:14 - 00000000 ____D () C:\Users\Sirly\AppData\Local\InfiniteCrisis
2014-04-18 20:13 - 2014-04-18 20:13 - 00000000 __SHD () C:\Users\Sirly\AppData\Local\EmieUserList
2014-04-18 20:13 - 2014-04-18 20:13 - 00000000 __SHD () C:\Users\Sirly\AppData\Local\EmieSiteList
2014-04-18 20:12 - 2014-04-18 20:13 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Turbine
2014-04-18 19:52 - 2014-04-18 20:12 - 00000000 ____D () C:\Users\Beta\Documents\InfiniteCrisis
2014-04-18 19:51 - 2014-04-18 19:52 - 00000000 ____D () C:\Users\Beta\AppData\Local\InfiniteCrisis
2014-04-18 19:49 - 2014-04-22 12:18 - 00000000 ____D () C:\Users\Beta\AppData\Local\Turbine
2014-04-18 18:01 - 2014-04-27 22:44 - 00000000 ____D () C:\Users\Sirly
2014-04-18 18:01 - 2014-04-18 18:01 - 00000020 ___SH () C:\Users\Sirly\ntuser.ini
2014-04-18 18:01 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-18 18:01 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-18 17:56 - 2014-04-18 17:56 - 00000000 ____D () C:\Users\Beta\AppData\Local\AMD
2014-04-18 17:53 - 2014-04-18 17:53 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Mozilla
2014-04-18 17:53 - 2014-04-18 17:53 - 00000000 ____D () C:\Users\Beta\AppData\Local\Mozilla
2014-04-18 17:52 - 2014-04-18 17:52 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Macromedia
2014-04-18 17:52 - 2014-04-18 17:52 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\LolClient
2014-04-18 17:46 - 2014-04-18 17:46 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\ATI
2014-04-18 17:46 - 2014-04-18 17:46 - 00000000 ____D () C:\Users\Beta\AppData\Local\ATI
2014-04-18 17:41 - 2014-04-18 17:41 - 00058016 _____ () C:\Users\Beta\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-18 17:41 - 2014-04-18 17:41 - 00001413 _____ () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-18 17:41 - 2014-04-18 17:41 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-18 17:41 - 2014-04-18 17:41 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-18 17:41 - 2014-04-18 17:41 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Adobe
2014-04-18 17:40 - 2014-04-18 17:41 - 00000000 ____D () C:\Users\Beta
2014-04-18 17:40 - 2014-04-18 17:40 - 00000020 ___SH () C:\Users\Beta\ntuser.ini
2014-04-18 17:40 - 2014-04-18 17:40 - 00000000 ____D () C:\Users\Beta\AppData\Local\VirtualStore
2014-04-18 17:40 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-18 17:40 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\ATI
2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Local\ATI
2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Local\AMD
2014-04-18 17:17 - 2014-04-21 14:08 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-04-18 17:17 - 2014-04-18 17:17 - 00058016 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-18 17:17 - 2014-04-18 17:17 - 00001409 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-18 17:17 - 2014-04-18 17:17 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ____D () C:\Users\Administrator
2014-04-18 17:17 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-18 17:17 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-18 17:13 - 2014-04-18 17:26 - 00004040 __RSH () C:\ProgramData\ntuser.pol
2014-04-18 12:17 - 2014-04-18 12:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-18 12:16 - 2014-04-18 12:26 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-18 12:16 - 2014-04-18 12:16 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-17 23:14 - 2014-04-17 23:14 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-17 23:14 - 2014-04-17 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-17 23:14 - 2014-04-17 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-17 21:14 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-04-17 21:14 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-04-17 21:14 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-04-17 21:14 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-04-17 21:14 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-04-17 21:14 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-04-17 21:14 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-04-17 21:14 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-04-17 21:14 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-04-17 21:14 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-04-17 21:14 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-04-17 21:14 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-04-17 21:14 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-04-17 21:14 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-04-17 21:14 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-04-17 21:14 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-04-17 21:14 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-04-17 21:14 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-04-17 21:14 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-04-17 21:14 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-04-17 21:14 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-04-17 21:14 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-04-17 21:14 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-04-17 21:14 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-04-17 21:14 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-04-17 21:14 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-04-17 21:14 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-04-17 21:14 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-04-17 21:14 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-04-17 21:14 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-04-17 21:14 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-04-17 21:14 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-04-17 21:14 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-04-17 21:14 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-04-17 21:14 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-04-17 21:14 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-04-17 21:14 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-04-17 21:14 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-04-17 21:14 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-04-17 21:14 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-04-17 21:14 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-04-17 21:14 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-04-17 21:14 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-04-17 21:14 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-04-17 21:14 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-04-17 21:14 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-04-17 21:14 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-04-17 21:14 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-04-17 21:14 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-04-17 21:14 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-04-17 21:14 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-04-17 21:14 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-04-17 21:13 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-04-17 21:13 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-04-17 21:13 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-04-17 21:13 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-04-17 21:13 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-04-17 21:13 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-04-17 21:13 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-04-17 21:13 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-04-17 21:13 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-04-17 21:13 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-04-17 21:13 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-04-17 21:13 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-04-17 21:13 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-04-17 21:13 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-04-17 21:13 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-04-17 21:13 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-04-17 21:13 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-04-17 21:13 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-04-17 21:13 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-04-17 21:13 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-04-17 21:13 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-04-17 21:13 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-04-17 21:13 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-04-17 21:13 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-04-17 21:13 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-04-17 21:13 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-04-17 21:13 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-04-17 21:13 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-04-17 21:13 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-04-17 21:13 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-04-17 21:13 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-04-17 21:13 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-04-17 21:13 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-04-17 21:13 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-04-17 21:13 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-04-17 21:13 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-04-17 21:13 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-04-17 21:13 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-04-17 21:13 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-04-17 21:13 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-04-17 21:13 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-04-17 21:13 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-04-17 21:13 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-04-17 21:13 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-04-17 21:13 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-04-17 21:13 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-04-17 21:13 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-04-17 21:13 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-04-17 21:13 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-04-17 21:13 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-04-17 21:13 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-04-17 21:13 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-04-17 21:13 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-04-17 21:13 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-04-17 21:13 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-04-17 21:13 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-04-17 21:13 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-04-17 21:13 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-04-17 21:13 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-04-17 21:13 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-04-17 21:13 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-04-17 21:13 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-04-17 21:13 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-04-17 21:13 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-04-17 21:13 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-04-17 21:13 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-04-17 21:13 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-04-17 21:13 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-04-17 21:13 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-04-17 21:13 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-04-17 21:13 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-04-17 21:13 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-04-17 21:13 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-04-17 21:13 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-04-17 21:13 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-04-17 21:13 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-04-17 21:13 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-04-17 21:13 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-04-17 21:13 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-04-17 21:13 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-04-17 21:13 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-04-17 21:13 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-04-17 21:13 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-04-17 21:13 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-04-17 21:13 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-04-17 21:13 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-04-17 21:13 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-04-17 21:13 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-04-17 21:13 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-04-17 21:13 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-04-17 21:13 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-04-17 21:13 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-04-17 21:13 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-04-17 21:13 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-04-17 21:13 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-04-17 21:13 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-04-17 21:13 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-04-17 21:13 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-04-17 21:13 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-04-17 21:13 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-04-17 21:13 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-04-17 21:13 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-04-17 21:13 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-04-17 21:13 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-04-17 21:13 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-04-17 21:13 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-04-17 21:13 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-04-17 21:13 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-04-17 21:13 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-04-17 21:13 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-04-17 21:13 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-04-17 21:13 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-04-17 21:13 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-04-17 21:13 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-04-17 21:12 - 2014-04-18 03:10 - 00000000 ____D () C:\Program Files (x86)\InfiniteCrisis
2014-04-17 21:12 - 2014-04-17 21:13 - 00010123 _____ () C:\Windows\DirectX.log
2014-04-17 21:12 - 2014-04-17 21:12 - 00000000 ____D () C:\ProgramData\Turbine
2014-04-17 21:12 - 2014-04-17 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis
2014-04-17 21:12 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-04-17 21:12 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-04-17 21:12 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-04-17 21:12 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-04-17 21:12 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-04-17 21:12 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-04-17 21:12 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-04-17 21:12 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-04-17 21:12 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-04-17 21:12 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-04-17 15:22 - 2014-04-17 15:22 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-17 15:22 - 2014-04-17 15:22 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-14 18:49 - 2014-04-22 22:16 - 00313636 _____ () C:\Windows\system32\Drivers\fvstore.dat
2014-04-14 18:49 - 2014-04-14 18:49 - 00000000 ____D () C:\VTRoot
2014-04-14 18:39 - 2014-04-14 18:39 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO
2014-04-14 18:39 - 2014-04-14 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2014-04-14 18:38 - 2014-04-14 18:39 - 00000000 ___SD () C:\ProgramData\Shared Space
2014-04-14 18:37 - 2014-04-14 18:37 - 00000000 ____D () C:\Program Files\COMODO
2014-04-14 18:31 - 2014-04-14 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2014-04-14 18:31 - 2013-04-17 14:59 - 00718840 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-04-14 18:31 - 2013-04-17 14:59 - 00593144 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-04-14 18:29 - 2014-04-14 18:31 - 00000000 ____D () C:\Program Files\Bitdefender
2014-04-14 18:29 - 2013-05-28 12:12 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-04-14 18:29 - 2013-04-22 13:21 - 00148696 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-04-14 18:20 - 2014-04-14 18:20 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-04-14 18:18 - 2014-04-18 15:10 - 00000000 ____D () C:\ProgramData\Comodo
2014-04-14 18:13 - 2014-04-28 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-14 18:13 - 2014-04-28 13:45 - 00000000 ____D () C:\Program Files (x86)\Mbam2
2014-04-14 18:13 - 2014-04-18 14:03 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-14 18:13 - 2014-04-18 14:03 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-14 18:13 - 2014-04-18 14:03 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-14 18:10 - 2014-04-25 18:22 - 00324506 _____ () C:\Windows\PFRO.log
2014-04-09 22:32 - 2014-03-06 03:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 22:32 - 2014-03-06 02:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 22:32 - 2014-03-06 02:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-09 22:32 - 2014-03-06 02:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-09 22:32 - 2014-03-06 01:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-09 22:32 - 2014-03-06 01:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-09 22:32 - 2014-03-06 01:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-09 22:32 - 2014-03-06 01:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-09 22:32 - 2014-03-06 01:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-09 22:32 - 2014-03-06 01:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-09 22:32 - 2014-03-06 01:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-09 22:32 - 2014-03-06 01:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-09 22:32 - 2014-03-06 01:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-09 22:32 - 2014-03-06 01:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-09 22:32 - 2014-03-06 01:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-09 22:32 - 2014-03-06 01:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-09 22:32 - 2014-03-06 01:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-09 22:32 - 2014-03-06 01:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-09 22:32 - 2014-03-06 01:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-09 22:32 - 2014-03-06 01:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-09 22:32 - 2014-03-06 01:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-09 22:32 - 2014-03-06 01:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-09 22:32 - 2014-03-06 00:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-09 22:32 - 2014-03-06 00:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-09 22:32 - 2014-03-06 00:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-09 22:32 - 2014-03-06 00:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-09 22:32 - 2014-03-06 00:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-09 22:32 - 2014-03-06 00:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-09 22:32 - 2014-03-06 00:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-09 22:32 - 2014-03-06 00:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-09 22:32 - 2014-03-06 00:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-09 22:32 - 2014-03-06 00:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-09 22:32 - 2014-03-06 00:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-09 22:32 - 2014-03-06 00:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-09 22:32 - 2014-03-06 00:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-09 22:32 - 2014-03-06 00:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-09 22:32 - 2014-03-06 00:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-09 22:32 - 2014-03-06 00:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-09 22:32 - 2014-03-05 23:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-09 22:32 - 2014-03-05 23:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-09 22:32 - 2014-03-05 23:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-09 22:32 - 2014-03-05 23:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-09 22:32 - 2014-03-05 23:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-09 22:32 - 2014-03-05 22:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 22:32 - 2014-03-05 22:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-09 22:32 - 2014-03-05 22:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-09 22:32 - 2014-03-05 22:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-09 22:32 - 2014-03-05 22:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 12:04 - 2014-03-04 02:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 12:04 - 2014-03-04 02:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 12:04 - 2014-03-04 02:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 12:04 - 2014-03-04 02:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 12:04 - 2014-03-04 02:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 12:04 - 2014-03-04 02:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 12:04 - 2014-03-04 02:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 12:04 - 2014-03-04 02:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 12:04 - 2014-03-04 02:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 12:04 - 2014-03-04 01:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 12:04 - 2014-03-04 01:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 12:04 - 2014-02-03 19:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 12:04 - 2014-02-03 19:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 12:04 - 2014-02-03 19:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 12:04 - 2014-02-03 19:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 12:04 - 2014-02-03 19:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 12:04 - 2014-01-23 19:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

==================== One Month Modified Files and Folders =======

2014-04-30 11:58 - 2014-04-30 11:58 - 00008329 _____ () C:\Users\Sirly\Desktop\FRST.txt
2014-04-30 11:57 - 2014-04-21 14:36 - 00000000 ____D () C:\FRST
2014-04-30 11:56 - 2014-04-30 11:56 - 00000000 _____ () C:\Users\Sirly\Desktop\Addition.txt
2014-04-30 11:42 - 2009-07-13 21:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-30 11:42 - 2009-07-13 21:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-30 11:39 - 2014-03-26 14:14 - 01344625 _____ () C:\Windows\WindowsUpdate.log
2014-04-30 11:39 - 2009-07-13 22:13 - 00891324 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-30 11:37 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-04-30 11:35 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-30 11:34 - 2014-03-29 23:50 - 00010023 _____ () C:\Windows\setupact.log
2014-04-29 10:42 - 2014-04-29 10:42 - 02061824 _____ (Farbar) C:\Users\Sirly\Desktop\FRST64.exe
2014-04-29 10:25 - 2014-04-28 13:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-29 10:22 - 2014-04-29 10:21 - 17290592 _____ (Malwarebytes Corporation ) C:\Users\Sirly\Desktop\mbam-setup-consumer-2.0.2.1007.exe
2014-04-29 10:20 - 2014-04-29 10:20 - 00315392 _____ (Malwarebytes Corporation) C:\Users\Sirly\Desktop\mbam-clean-2.0.2.0.exe
2014-04-29 10:19 - 2014-04-29 10:19 - 01673896 _____ (Malwarebytes Corporation) C:\Users\Sirly\Desktop\mbam-check-2.1.0.0002.exe
2014-04-29 10:17 - 2014-03-26 12:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-28 21:02 - 2014-04-28 21:02 - 00000000 ____D () C:\Windows\SysWOW64\Atheros_L1e
2014-04-28 21:01 - 2014-02-10 18:03 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-28 19:35 - 2014-04-28 19:35 - 00000000 ____D () C:\Users\Sirly\Desktop\Old Firefox Data
2014-04-28 15:26 - 2014-04-28 15:26 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Adobe
2014-04-28 15:26 - 2014-04-18 20:13 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Adobe
2014-04-28 13:49 - 2014-04-14 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-28 13:45 - 2014-04-14 18:13 - 00000000 ____D () C:\Program Files (x86)\Mbam2
2014-04-28 12:55 - 2014-04-28 12:55 - 00854355 _____ () C:\Users\Sirly\Desktop\SecurityCheck.exe
2014-04-28 12:16 - 2014-04-28 12:16 - 00000629 _____ () C:\Users\Sirly\Desktop\JRT.txt
2014-04-27 22:44 - 2014-04-27 22:44 - 00000637 _____ () C:\Users\Sirly\Sirly - Shortcut.lnk
2014-04-27 22:44 - 2014-04-18 18:01 - 00000000 ____D () C:\Users\Sirly
2014-04-27 21:30 - 2014-04-27 21:30 - 01016261 _____ (Thisisu) C:\Users\Sirly\Desktop\JRT.exe
2014-04-27 21:16 - 2014-04-27 21:16 - 00448512 _____ (OldTimer Tools) C:\Users\Sirly\Desktop\TFC.exe
2014-04-25 18:34 - 2014-04-25 18:34 - 00079863 _____ () C:\ComboFix.txt
2014-04-25 18:34 - 2014-04-25 17:56 - 00000000 ____D () C:\Qoobox
2014-04-25 18:27 - 2014-04-24 12:07 - 00000000 ____D () C:\Windows\ERDNT
2014-04-25 18:24 - 2009-07-13 19:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-25 18:22 - 2014-04-14 18:10 - 00324506 _____ () C:\Windows\PFRO.log
2014-04-25 18:22 - 2009-07-13 19:34 - 52166656 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-04-25 18:22 - 2009-07-13 19:34 - 19136512 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-04-25 18:22 - 2009-07-13 19:34 - 00786432 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-04-25 18:22 - 2009-07-13 19:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-04-25 18:22 - 2009-07-13 19:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-04-25 17:54 - 2014-04-25 17:53 - 05196870 ____R (Swearware) C:\Users\Sirly\Desktop\ComboFix.exe
2014-04-25 14:17 - 2014-04-25 14:16 - 00000000 ____D () C:\AdwCleaner
2014-04-25 12:12 - 2014-04-25 12:09 - 10303344 _____ () C:\Users\Beta\Downloads\Kit_Kat_Xperience.zip
2014-04-25 11:24 - 2014-04-25 11:00 - 436903589 _____ () C:\Users\Beta\Downloads\Samurai_4-9-2014.zip
2014-04-25 10:53 - 2014-04-25 10:53 - 00000000 ____D () C:\Program Files (x86)\LG Electronics
2014-04-25 08:06 - 2014-04-24 12:01 - 00002522 _____ () C:\Users\Sirly\Desktop\Rkill.txt
2014-04-25 07:16 - 2014-04-25 07:16 - 00000000 ____D () C:\Windows\ERUNT
2014-04-25 07:13 - 2014-04-25 07:03 - 00000000 ____D () C:\Users\Sirly\Desktop\mbar
2014-04-25 07:13 - 2014-03-19 23:16 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-25 07:03 - 2014-04-25 07:03 - 01365865 _____ () C:\Users\Sirly\Desktop\AdwCleaner.exe
2014-04-25 07:03 - 2014-04-25 07:02 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Sirly\Desktop\mbar-1.07.0.1009.exe
2014-04-24 13:34 - 2014-04-24 13:33 - 00000000 ____D () C:\Users\Sirly\Desktop\GrantPerms64
2014-04-24 13:21 - 2014-04-24 13:21 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Boredom Software
2014-04-24 13:19 - 2014-04-24 13:19 - 00000000 ____D () C:\Program Files (x86)\Boredom Software
2014-04-24 13:17 - 2014-04-24 13:17 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\WinRAR
2014-04-24 13:03 - 2014-04-24 13:03 - 00002956 _____ () C:\Users\Sirly\Desktop\RKreport[0]_S_04242014_130356.txt
2014-04-24 13:00 - 2014-04-24 12:20 - 00000000 ____D () C:\Users\Sirly\Desktop\RK_Quarantine
2014-04-24 12:41 - 2014-04-24 12:41 - 00000000 ____D () C:\Users\Sirly\AppData\Local\CrashDumps
2014-04-24 12:27 - 2014-04-24 12:27 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Macromedia
2014-04-24 12:19 - 2014-04-24 12:19 - 04527616 _____ () C:\Users\Sirly\Desktop\RogueKillerX64.exe
2014-04-24 12:06 - 2014-04-24 12:06 - 00000924 _____ () C:\Users\Sirly\Desktop\NTREGOPT.lnk
2014-04-24 12:06 - 2014-04-24 12:06 - 00000924 _____ () C:\Users\Administrator\Desktop\NTREGOPT.lnk
2014-04-24 12:06 - 2014-04-24 12:06 - 00000905 _____ () C:\Users\Sirly\Desktop\ERUNT.lnk
2014-04-24 12:06 - 2014-04-24 12:06 - 00000905 _____ () C:\Users\Administrator\Desktop\ERUNT.lnk
2014-04-24 12:06 - 2014-04-24 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-04-24 12:06 - 2014-04-24 12:06 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-04-24 12:00 - 2014-04-24 12:00 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Sirly\Desktop\rkill.exe
2014-04-24 11:38 - 2014-04-24 11:38 - 00024505 _____ () C:\Users\Beta\Documents\CisReport_x64_v7.0.317799.4142_20140424-113807.zip
2014-04-24 11:38 - 2014-04-24 11:38 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\WinRAR
2014-04-22 22:17 - 2014-04-21 17:46 - 00047601 _____ () C:\Windows\iis7.log
2014-04-22 22:16 - 2014-04-14 18:49 - 00313636 _____ () C:\Windows\system32\Drivers\fvstore.dat
2014-04-22 22:16 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv
2014-04-22 12:18 - 2014-04-18 19:49 - 00000000 ____D () C:\Users\Beta\AppData\Local\Turbine
2014-04-21 20:18 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-04-21 17:48 - 2014-02-10 18:11 - 00843060 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-21 17:48 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices
2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\system32\msmq
2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\inetpub
2014-04-21 17:45 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-04-21 17:45 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-04-21 17:29 - 2014-04-21 17:29 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Mozilla
2014-04-21 17:29 - 2014-04-21 17:29 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Mozilla
2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\ATI
2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Local\ATI
2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Local\AMD
2014-04-21 14:42 - 2014-04-21 14:37 - 00014830 _____ () C:\Users\Administrator\Downloads\Addition.txt
2014-04-21 14:42 - 2014-04-21 14:36 - 00057207 _____ () C:\Users\Administrator\Downloads\FRST.txt
2014-04-21 14:25 - 2014-04-21 14:25 - 02061312 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2014-04-21 14:08 - 2014-04-21 14:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Adobe
2014-04-21 14:08 - 2014-04-18 17:17 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-04-21 11:46 - 2014-04-21 11:46 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia
2014-04-21 11:46 - 2014-04-21 11:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Macromedia
2014-04-21 11:44 - 2014-04-21 11:44 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Mozilla
2014-04-21 11:44 - 2014-04-21 11:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Mozilla
2014-04-21 11:37 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-21 11:15 - 2014-04-21 11:15 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieUserList
2014-04-21 11:15 - 2014-04-21 11:15 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieSiteList
2014-04-21 11:09 - 2014-04-21 11:09 - 00058016 _____ () C:\Users\Sirly\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-21 11:09 - 2014-04-21 11:09 - 00001413 _____ () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ____D () C:\Users\Sirly\AppData\Local\VirtualStore
2014-04-19 00:25 - 2014-04-19 00:25 - 00000000 ____D () C:\Users\Beta\AppData\Local\Macromedia
2014-04-18 22:12 - 2014-04-18 22:12 - 00000000 __SHD () C:\Users\Beta\AppData\Local\EmieUserList
2014-04-18 22:12 - 2014-04-18 22:12 - 00000000 __SHD () C:\Users\Beta\AppData\Local\EmieSiteList
2014-04-18 22:04 - 2014-04-18 20:13 - 00000000 ____D () C:\Users\Sirly\Documents\InfiniteCrisis
2014-04-18 20:54 - 2014-04-18 20:54 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Macromedia
2014-04-18 20:14 - 2014-04-18 20:13 - 00000000 ____D () C:\Users\Sirly\AppData\Local\InfiniteCrisis
2014-04-18 20:13 - 2014-04-18 20:13 - 00000000 __SHD () C:\Users\Sirly\AppData\Local\EmieUserList
2014-04-18 20:13 - 2014-04-18 20:13 - 00000000 __SHD () C:\Users\Sirly\AppData\Local\EmieSiteList
2014-04-18 20:13 - 2014-04-18 20:12 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Turbine
2014-04-18 20:12 - 2014-04-18 19:52 - 00000000 ____D () C:\Users\Beta\Documents\InfiniteCrisis
2014-04-18 19:52 - 2014-04-18 19:51 - 00000000 ____D () C:\Users\Beta\AppData\Local\InfiniteCrisis
2014-04-18 18:01 - 2014-04-18 18:01 - 00000020 ___SH () C:\Users\Sirly\ntuser.ini
2014-04-18 17:56 - 2014-04-18 17:56 - 00000000 ____D () C:\Users\Beta\AppData\Local\AMD
2014-04-18 17:53 - 2014-04-18 17:53 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Mozilla
2014-04-18 17:53 - 2014-04-18 17:53 - 00000000 ____D () C:\Users\Beta\AppData\Local\Mozilla
2014-04-18 17:52 - 2014-04-18 17:52 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Macromedia
2014-04-18 17:52 - 2014-04-18 17:52 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\LolClient
2014-04-18 17:46 - 2014-04-18 17:46 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\ATI
2014-04-18 17:46 - 2014-04-18 17:46 - 00000000 ____D () C:\Users\Beta\AppData\Local\ATI
2014-04-18 17:41 - 2014-04-18 17:41 - 00058016 _____ () C:\Users\Beta\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-18 17:41 - 2014-04-18 17:41 - 00001413 _____ () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-18 17:41 - 2014-04-18 17:41 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-18 17:41 - 2014-04-18 17:41 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-18 17:41 - 2014-04-18 17:41 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Adobe
2014-04-18 17:41 - 2014-04-18 17:40 - 00000000 ____D () C:\Users\Beta
2014-04-18 17:40 - 2014-04-18 17:40 - 00000020 ___SH () C:\Users\Beta\ntuser.ini
2014-04-18 17:40 - 2014-04-18 17:40 - 00000000 ____D () C:\Users\Beta\AppData\Local\VirtualStore
2014-04-18 17:30 - 2014-02-21 19:37 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-04-18 17:26 - 2014-04-18 17:13 - 00004040 __RSH () C:\ProgramData\ntuser.pol
2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\ATI
2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Local\ATI
2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Local\AMD
2014-04-18 17:17 - 2014-04-18 17:17 - 00058016 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-18 17:17 - 2014-04-18 17:17 - 00001409 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-18 17:17 - 2014-04-18 17:17 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ____D () C:\Users\Administrator
2014-04-18 17:17 - 2009-07-13 21:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-04-18 17:10 - 2009-07-13 20:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-18 15:13 - 2014-03-29 23:50 - 00275712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-18 15:10 - 2014-04-14 18:18 - 00000000 ____D () C:\ProgramData\Comodo
2014-04-18 15:04 - 2014-02-11 16:52 - 00000000 ____D () C:\Riot Games
2014-04-18 14:03 - 2014-04-14 18:13 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-18 14:03 - 2014-04-14 18:13 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-18 14:03 - 2014-04-14 18:13 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-18 12:26 - 2014-04-18 12:16 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-18 12:17 - 2014-04-18 12:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-18 12:16 - 2014-04-18 12:16 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-18 03:10 - 2014-04-17 21:12 - 00000000 ____D () C:\Program Files (x86)\InfiniteCrisis
2014-04-17 23:14 - 2014-04-17 23:14 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-17 23:14 - 2014-04-17 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-17 23:14 - 2014-04-17 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-17 21:13 - 2014-04-17 21:12 - 00010123 _____ () C:\Windows\DirectX.log
2014-04-17 21:12 - 2014-04-17 21:12 - 00000000 ____D () C:\ProgramData\Turbine
2014-04-17 21:12 - 2014-04-17 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis
2014-04-17 15:57 - 2014-02-21 21:39 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-04-17 15:22 - 2014-04-17 15:22 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-17 15:22 - 2014-04-17 15:22 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-16 14:12 - 2014-03-25 20:22 - 00738472 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2014-04-16 14:12 - 2014-03-25 20:22 - 00105552 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2014-04-16 14:12 - 2014-03-25 20:22 - 00048360 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2014-04-16 14:12 - 2014-03-25 20:22 - 00023168 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2014-04-14 18:55 - 2009-07-13 22:08 - 00032574 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-14 18:49 - 2014-04-14 18:49 - 00000000 ____D () C:\VTRoot
2014-04-14 18:39 - 2014-04-14 18:39 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO
2014-04-14 18:39 - 2014-04-14 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2014-04-14 18:39 - 2014-04-14 18:38 - 00000000 ___SD () C:\ProgramData\Shared Space
2014-04-14 18:37 - 2014-04-14 18:37 - 00000000 ____D () C:\Program Files\COMODO
2014-04-14 18:31 - 2014-04-14 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2014-04-14 18:31 - 2014-04-14 18:29 - 00000000 ____D () C:\Program Files\Bitdefender
2014-04-14 18:20 - 2014-04-14 18:20 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-04-10 14:45 - 2014-03-03 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-10 14:45 - 2014-03-03 18:46 - 00000000 ____D () C:\ProgramData\Skype
2014-04-09 22:34 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-09 22:02 - 2014-02-10 19:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 22:01 - 2014-02-10 19:10 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-31 09:35 - 2010-11-20 20:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-04-29 13:12

==================== End Of Log ============================

I got it to work. The cause was comodo on game mode.

Brett1337Vierra · April 30, 2014

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2014
Ran by Sirly at 2014-04-30 11:59:18
Running from C:\Users\Sirly\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
AS: COMODO Antivirus (Disabled - Out of date) {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}

==================== Installed Programs ======================

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.10.100.30313 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{9D5A28E4-6AC3-DD51-C1FA-A8698E91ECBE}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In (Version: 2.06.0000 - AMD) Hidden
AMD VISION Engine Control Center (x32 Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) Hidden
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.15.16 - Atheros Communications Inc.)
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
Catalyst Control Center InstallProxy (x32 Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) Hidden
COMODO Firewall (HKLM\...\{D32EF4F9-1506-434E-A813-3D4C0AA50300}) (Version: 7.0.53315.4132 - COMODO Security Solutions Inc.)
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer)
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)
InfiniteCrisis_410193F41CAE (HKLM-x32\...\InfiniteCrisis_410193F41CAE) (Version: - Turbine, Inc)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.8.1 - LG Electronics)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VT Hash Check 1.42 (HKLM-x32\...\{1E579B65-503B-4184-B481-5138124BEE1D}_is1) (Version: 1.42 - Boredom Software)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Restore Points =========================

22-04-2014 00:34:27 Lag redection regedit
22-04-2014 00:44:45 Windows Modules Installer
23-04-2014 05:00:18 Windows Update
25-04-2014 17:53:43 Installed LG United Mobile Driver
26-04-2014 17:21:27 Windows Update
29-04-2014 04:01:39 Installed Atheros Communications Inc.® AR81Family Gigabit/Fast]áu!

==================== Hosts content: ==========================

2009-07-13 19:34 - 2014-04-25 18:23 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {57A80709-F66B-4C5A-B80C-1D7B04103FCC} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {BD18720E-EE08-40A8-B3BD-6006DAD46DC7} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)

==================== Loaded Modules (whitelisted) =============

2014-04-14 18:31 - 2013-03-19 12:07 - 00696632 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2014-04-14 18:31 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2013-03-14 00:41 - 2013-03-14 00:41 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-09-23 14:53 - 2012-09-23 14:53 - 00748544 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-09-23 14:53 - 2012-09-23 14:53 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-03-14 00:41 - 2013-03-14 00:41 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-02-10 18:03 - 2013-11-22 19:34 - 08266456 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
2013-03-14 00:41 - 2013-03-14 00:41 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-02-10 18:03 - 2013-11-01 17:31 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Administrator\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\AdwCleaner.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\ComboFix.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\JRT.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\mbam-check-2.1.0.0002.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\mbam-clean-2.0.2.0.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\mbam-setup-consumer-2.0.2.1007.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\mbar-1.07.0.1009.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\rkill.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\RogueKillerX64.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\SecurityCheck.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\TFC.exe:BDU

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: WinDefend => 2
MSCONFIG\Services: WMPNetworkSvc => 3

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (04/30/2014 11:36:29 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/29/2014 10:27:47 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/29/2014 10:15:01 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/28/2014 08:52:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/28/2014 01:48:03 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/28/2014 00:41:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/28/2014 00:19:59 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (04/30/2014 11:35:09 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Microsoft Office Sessions:
=========================
Error: (04/30/2014 11:36:29 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/29/2014 10:27:47 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/29/2014 10:15:01 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/28/2014 08:52:38 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/28/2014 01:48:03 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/28/2014 00:41:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/28/2014 00:19:59 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity Errors:
===================================
Date: 2014-04-25 18:19:32.173
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-25 18:19:32.127
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 20%
Total physical RAM: 7657.54 MB
Available physical RAM: 6081.39 MB
Total Pagefile: 15313.25 MB
Available Pagefile: 13543.08 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:186.31 GB) (Free:135.65 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 186 GB) (Disk ID: 00037BA0)
Partition 1: (Active) - (Size=186 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Brett1337Vierra · April 30, 2014

This one is to large

CheckResults.txt

Brett1337Vierra · April 30, 2014

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/30/2014
Scan Time: 12:16:19 PM
Logfile:
Administrator: Yes

Version: 2.00.2.1007
Malware Database: v2014.04.30.10
Rootkit Database: v2014.03.27.01
License: Premium
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Enabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Sirly

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 313375
Time Elapsed: 8 min, 22 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

Brett1337Vierra · April 30, 2014

Now malwarebytes will not activate file system protection and website protection. Please help.

AdvancedSetup · May 1, 2014

Please visit this webpage and read the ComboFix User's Guide:

Once you've read the article and are ready to use the program you can download it directly from the link below.
Important! - Please make sure you save combofix to your desktop and do not run it from your browser
Direct download link for: ComboFix.exe
Please make sure you disable your security applications before running ComboFix.
Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
Please attach that log file to your next reply.
If needed the file can be located here: C:\combofix.txt
NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.

Brett1337Vierra · May 1, 2014

ComboFix 14-04-30.01 - Sirly 05/01/2014   9:27.2.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.7658.6003 [GMT -7:00]
Running from: c:\users\Sirly\Desktop\ComboFix.exe
AV: Bitdefender Antivirus Free Edition *Disabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: Bitdefender Antivirus Free Edition *Disabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
(((((((((((((((((((((((((   Files Created from 2014-04-01 to 2014-05-01 )))))))))))))))))))))))))))))))
.
.
2014-05-01 16:44 . 2014-05-01 16:44   --------   d-----w-   c:\users\Default\AppData\Local\temp
2014-04-29 17:18 . 2014-04-17 12:31   10651704   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{F55CBAFA-D3A6-4FEA-878A-522970583828}\mpengine.dll
2014-04-29 04:02 . 2014-04-29 04:02   --------   d-----w-   c:\windows\SysWow64\Atheros_L1e
2014-04-28 20:49 . 2014-04-30 19:14   --------   d-----w-   c:\program files (x86)\Malwarebytes Anti-Malware
2014-04-25 21:16 . 2014-04-25 21:17   --------   d-----w-   C:\AdwCleaner
2014-04-25 17:54 . 2012-07-03 18:58   31744   ----a-w-   c:\windows\system32\drivers\lgandnetadb.sys
2014-04-25 17:54 . 2012-07-03 18:50   36352   ----a-w-   c:\windows\system32\drivers\lgandnetmodem64.sys
2014-04-25 17:54 . 2012-07-03 18:50   29184   ----a-w-   c:\windows\system32\drivers\lgandnetdiag64.sys
2014-04-25 17:53 . 2014-04-25 17:53   --------   d-----w-   c:\program files (x86)\LG Electronics
2014-04-25 14:16 . 2014-04-25 14:16   --------   d-----w-   c:\windows\ERUNT
2014-04-24 20:19 . 2014-04-24 20:19   --------   d-----w-   c:\program files (x86)\Boredom Software
2014-04-24 19:06 . 2014-04-24 19:06   --------   d-----w-   c:\program files (x86)\ERUNT
2014-04-22 19:05 . 2012-06-01 05:39   14848   ----a-w-   c:\windows\system32\wamregps.dll
2014-04-22 19:05 . 2012-06-01 05:36   192000   ----a-w-   c:\windows\system32\iisRtl.dll
2014-04-22 19:05 . 2012-06-01 05:35   60928   ----a-w-   c:\windows\system32\ahadmin.dll
2014-04-22 19:05 . 2012-06-01 05:34   55296   ----a-w-   c:\windows\system32\admwprox.dll
2014-04-22 19:05 . 2012-06-01 05:33   16896   ----a-w-   c:\windows\system32\iisreset.exe
2014-04-22 19:05 . 2012-06-01 04:37   154624   ----a-w-   c:\windows\SysWow64\iisRtl.dll
2014-04-22 19:05 . 2012-06-01 04:35   50688   ----a-w-   c:\windows\SysWow64\admwprox.dll
2014-04-22 19:05 . 2012-06-01 04:34   15360   ----a-w-   c:\windows\SysWow64\iisreset.exe
2014-04-22 19:05 . 2012-06-01 05:36   11264   ----a-w-   c:\windows\system32\iisrstap.dll
2014-04-22 19:05 . 2012-06-01 04:40   10752   ----a-w-   c:\windows\SysWow64\wamregps.dll
2014-04-22 19:05 . 2012-06-01 04:37   8192   ----a-w-   c:\windows\SysWow64\iisrstap.dll
2014-04-22 19:05 . 2012-06-01 04:35   26624   ----a-w-   c:\windows\SysWow64\ahadmin.dll
2014-04-22 00:45 . 2014-05-01 16:16   4194304   ----a-w-   c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2014-04-22 00:45 . 2014-04-22 00:45   --------   d-----w-   c:\windows\SysWow64\BestPractices
2014-04-22 00:45 . 2014-04-22 00:45   --------   d-----w-   c:\windows\system32\msmq
2014-04-22 00:45 . 2014-04-22 00:45   --------   d-----w-   c:\windows\system32\BestPractices
2014-04-22 00:45 . 2014-04-22 00:45   --------   d-----w-   C:\inetpub
2014-04-21 21:36 . 2014-04-30 19:05   --------   d-----w-   C:\FRST
2014-04-19 01:01 . 2014-04-28 05:44   --------   d-----w-   c:\users\Sirly
2014-04-19 00:40 . 2014-04-19 00:41   --------   d-----w-   c:\users\Beta
2014-04-19 00:17 . 2014-04-19 00:17   --------   d-----w-   c:\users\Administrator
2014-04-18 19:16 . 2014-04-18 19:16   --------   d-----w-   c:\program files (x86)\Common Files\Adobe
2014-04-18 06:14 . 2014-04-18 06:14   --------   d-----w-   c:\program files (x86)\Mozilla Maintenance Service
2014-04-18 04:13 . 2008-10-15 13:22   519000   ----a-w-   c:\windows\system32\d3dx10_40.dll
2014-04-18 04:12 . 2005-12-06 01:09   3815120   ----a-w-   c:\windows\system32\d3dx9_28.dll
2014-04-18 04:12 . 2005-07-23 02:59   3807440   ----a-w-   c:\windows\system32\d3dx9_27.dll
2014-04-18 04:12 . 2005-05-26 22:34   3767504   ----a-w-   c:\windows\system32\d3dx9_26.dll
2014-04-18 04:12 . 2005-05-26 22:34   2297552   ----a-w-   c:\windows\SysWow64\d3dx9_26.dll
2014-04-18 04:12 . 2005-03-19 00:19   3823312   ----a-w-   c:\windows\system32\d3dx9_25.dll
2014-04-18 04:12 . 2005-02-06 02:45   3544272   ----a-w-   c:\windows\system32\d3dx9_24.dll
2014-04-18 04:12 . 2014-04-18 04:12   --------   d-----w-   c:\programdata\Turbine
2014-04-18 04:12 . 2014-04-18 10:10   --------   d-----w-   c:\program files (x86)\InfiniteCrisis
2014-04-17 22:22 . 2014-04-17 22:22   70832   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-17 22:22 . 2014-04-17 22:22   692400   ----a-w-   c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-15 01:49 . 2014-04-15 01:49   --------   d-----w-   C:\VTRoot
2014-04-15 01:38 . 2014-04-15 01:39   --------   d-s---w-   c:\programdata\Shared Space
2014-04-15 01:37 . 2014-04-15 01:37   --------   d-----w-   c:\program files\COMODO
2014-04-15 01:31 . 2013-04-17 21:59   593144   ----a-w-   c:\windows\system32\drivers\avckf.sys
2014-04-15 01:31 . 2013-04-17 21:59   718840   ----a-w-   c:\windows\system32\drivers\avc3.sys
2014-04-15 01:29 . 2014-04-15 01:31   --------   d-----w-   c:\program files\Bitdefender
2014-04-15 01:29 . 2013-04-22 20:21   148696   ----a-w-   c:\windows\system32\drivers\gzflt.sys
2014-04-15 01:29 . 2013-05-28 19:12   382536   ----a-w-   c:\windows\system32\drivers\trufos.sys
2014-04-15 01:20 . 2014-04-15 01:20   --------   d-----w-   c:\programdata\Comodo Downloader
2014-04-15 01:18 . 2014-04-18 22:10   --------   d-----w-   c:\programdata\Comodo
2014-04-15 01:13 . 2014-04-28 20:45   --------   d-----w-   c:\program files (x86)\Mbam2
2014-04-15 01:13 . 2014-04-18 21:03   63704   ----a-w-   c:\windows\system32\drivers\mwac.sys
2014-04-15 01:13 . 2014-04-18 21:03   91352   ----a-w-   c:\windows\system32\drivers\mbamchameleon.sys
2014-04-15 01:13 . 2014-04-18 21:03   25816   ----a-w-   c:\windows\system32\drivers\mbam.sys
2014-04-09 19:04 . 2014-01-29 02:32   116736   ----a-w-   c:\windows\system32\drivers\UMDF\WUDFUsbccidDriver.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-30 19:29 . 2014-03-26 19:46   122584   ----a-w-   c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-16 21:12 . 2014-03-26 03:22   48360   ----a-w-   c:\windows\system32\drivers\cmdhlp.sys
2014-04-16 21:12 . 2014-03-26 03:22   105552   ----a-w-   c:\windows\system32\drivers\inspect.sys
2014-04-16 21:12 . 2014-03-26 03:22   738472   ----a-w-   c:\windows\system32\drivers\cmdguard.sys
2014-04-16 21:12 . 2014-03-26 03:22   23168   ----a-w-   c:\windows\system32\drivers\cmderd.sys
2014-04-10 05:01 . 2014-02-11 02:10   90655440   ----a-w-   c:\windows\system32\MRT.exe
2014-03-31 16:35 . 2010-11-21 03:27   270496   ------w-   c:\windows\system32\MpSigStub.exe
2014-03-26 03:22 . 2014-03-26 03:22   43216   ----a-w-   c:\windows\system32\cmdcsr.dll
2014-03-26 03:22 . 2014-03-26 03:22   363504   ----a-w-   c:\windows\SysWow64\guard32.dll
2014-03-26 03:22 . 2014-03-26 03:22   453680   ----a-w-   c:\windows\system32\guard64.dll
2014-03-26 03:22 . 2014-03-26 03:22   45784   ----a-w-   c:\windows\system32\cmdkbd64.dll
2014-03-26 03:22 . 2014-03-26 03:22   352984   ----a-w-   c:\windows\system32\cmdvrt64.dll
2014-03-26 03:22 . 2014-03-26 03:22   284888   ----a-w-   c:\windows\SysWow64\cmdvrt32.dll
2014-03-26 03:22 . 2014-03-26 03:22   40664   ----a-w-   c:\windows\SysWow64\cmdkbd32.dll
2014-03-04 09:17 . 2014-04-09 19:04   44032   ----a-w-   c:\windows\apppatch\acwow64.dll
2014-03-02 04:22 . 2014-03-02 04:22   348160   ----a-w-   c:\windows\SysWow64\msvcr71.dll
2014-03-02 04:22 . 2014-03-02 04:22   1700352   ----a-w-   c:\windows\SysWow64\gdiplus.dll
2014-03-02 04:22 . 2014-03-02 04:22   1060864   ----a-w-   c:\windows\SysWow64\mfc71.dll
2014-02-27 22:19 . 2014-02-27 22:19   194048   ----a-w-   c:\windows\SysWow64\elshyph.dll
2014-02-27 22:19 . 2014-02-27 22:19   86016   ----a-w-   c:\windows\SysWow64\iesysprep.dll
2014-02-27 22:19 . 2014-02-27 22:19   74240   ----a-w-   c:\windows\SysWow64\SetIEInstalledDate.exe
2014-02-27 22:19 . 2014-02-27 22:19   71680   ----a-w-   c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-02-27 22:19 . 2014-02-27 22:19   645120   ----a-w-   c:\windows\SysWow64\jsIntl.dll
2014-02-27 22:19 . 2014-02-27 22:19   62464   ----a-w-   c:\windows\SysWow64\tdc.ocx
2014-02-27 22:19 . 2014-02-27 22:19   61952   ----a-w-   c:\windows\SysWow64\MshtmlDac.dll
2014-02-27 22:19 . 2014-02-27 22:19   48640   ----a-w-   c:\windows\SysWow64\mshtmler.dll
2014-02-27 22:19 . 2014-02-27 22:19   36352   ----a-w-   c:\windows\SysWow64\imgutil.dll
2014-02-27 22:19 . 2014-02-27 22:19   337408   ----a-w-   c:\windows\SysWow64\html.iec
2014-02-27 22:19 . 2014-02-27 22:19   24576   ----a-w-   c:\windows\SysWow64\licmgr10.dll
2014-02-27 22:19 . 2014-02-27 22:19   235008   ----a-w-   c:\windows\system32\elshyph.dll
2014-02-27 22:19 . 2014-02-27 22:19   182272   ----a-w-   c:\windows\SysWow64\msls31.dll
2014-02-27 22:19 . 2014-02-27 22:19   151552   ----a-w-   c:\windows\SysWow64\iexpress.exe
2014-02-27 22:19 . 2014-02-27 22:19   139264   ----a-w-   c:\windows\SysWow64\wextract.exe
2014-02-27 22:19 . 2014-02-27 22:19   13312   ----a-w-   c:\windows\SysWow64\mshta.exe
2014-02-27 22:19 . 2014-02-27 22:19   111616   ----a-w-   c:\windows\SysWow64\IEAdvpack.dll
2014-02-27 22:19 . 2014-02-27 22:19   1051136   ----a-w-   c:\windows\SysWow64\mshtmlmedia.dll
2014-02-27 22:19 . 2014-02-27 22:19   942592   ----a-w-   c:\windows\system32\jsIntl.dll
2014-02-27 22:19 . 2014-02-27 22:19   90112   ----a-w-   c:\windows\system32\SetIEInstalledDate.exe
2014-02-27 22:19 . 2014-02-27 22:19   86016   ----a-w-   c:\windows\system32\RegisterIEPKEYs.exe
2014-02-27 22:19 . 2014-02-27 22:19   84992   ----a-w-   c:\windows\system32\mshtmled.dll
2014-02-27 22:19 . 2014-02-27 22:19   83968   ----a-w-   c:\windows\system32\MshtmlDac.dll
2014-02-27 22:19 . 2014-02-27 22:19   81408   ----a-w-   c:\windows\system32\icardie.dll
2014-02-27 22:19 . 2014-02-27 22:19   774144   ----a-w-   c:\windows\system32\jscript.dll
2014-02-27 22:19 . 2014-02-27 22:19   77312   ----a-w-   c:\windows\system32\tdc.ocx
2014-02-27 22:19 . 2014-02-27 22:19   62464   ----a-w-   c:\windows\system32\pngfilt.dll
2014-02-27 22:19 . 2014-02-27 22:19   616104   ----a-w-   c:\windows\system32\ieapfltr.dat
2014-02-27 22:19 . 2014-02-27 22:19   52224   ----a-w-   c:\windows\system32\msfeedsbs.dll
2014-02-27 22:19 . 2014-02-27 22:19   48640   ----a-w-   c:\windows\system32\mshtmler.dll
2014-02-27 22:19 . 2014-02-27 22:19   48128   ----a-w-   c:\windows\system32\imgutil.dll
2014-02-27 22:19 . 2014-02-27 22:19   413696   ----a-w-   c:\windows\system32\html.iec
2014-02-27 22:19 . 2014-02-27 22:19   30208   ----a-w-   c:\windows\system32\licmgr10.dll
2014-02-27 22:19 . 2014-02-27 22:19   263376   ----a-w-   c:\windows\system32\iedkcs32.dll
2014-02-27 22:19 . 2014-02-27 22:19   247808   ----a-w-   c:\windows\system32\msls31.dll
2014-02-27 22:19 . 2014-02-27 22:19   243200   ----a-w-   c:\windows\system32\webcheck.dll
2014-02-27 22:19 . 2014-02-27 22:19   235520   ----a-w-   c:\windows\system32\url.dll
2014-02-27 22:19 . 2014-02-27 22:19   167424   ----a-w-   c:\windows\system32\iexpress.exe
2014-02-27 22:19 . 2014-02-27 22:19   147968   ----a-w-   c:\windows\system32\occache.dll
2014-02-27 22:19 . 2014-02-27 22:19   143872   ----a-w-   c:\windows\system32\wextract.exe
2014-02-27 22:19 . 2014-02-27 22:19   13824   ----a-w-   c:\windows\system32\mshta.exe
2014-02-27 22:19 . 2014-02-27 22:19   135680   ----a-w-   c:\windows\system32\iepeers.dll
2014-02-27 22:19 . 2014-02-27 22:19   13312   ----a-w-   c:\windows\system32\msfeedssync.exe
2014-02-27 22:19 . 2014-02-27 22:19   131072   ----a-w-   c:\windows\system32\IEAdvpack.dll
2014-02-27 22:19 . 2014-02-27 22:19   1228800   ----a-w-   c:\windows\system32\mshtmlmedia.dll
2014-02-27 22:19 . 2014-02-27 22:19   105984   ----a-w-   c:\windows\system32\iesysprep.dll
2014-02-27 22:19 . 2014-02-27 22:19   101376   ----a-w-   c:\windows\system32\inseng.dll
2014-02-11 02:51 . 2014-02-11 02:51   9728   ---ha-w-   c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-11 02:51 . 2014-02-11 02:51   9728   ---ha-w-   c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-11 02:51 . 2014-02-11 02:51   648192   ----a-w-   c:\windows\system32\d3d10level9.dll
2014-02-11 02:51 . 2014-02-11 02:51   604160   ----a-w-   c:\windows\SysWow64\d3d10level9.dll
2014-02-11 02:51 . 2014-02-11 02:51   5632   ---ha-w-   c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-11 02:51 . 2014-02-11 02:51   5632   ---ha-w-   c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-11 02:51 . 2014-02-11 02:51   5632   ---ha-w-   c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-11 02:51 . 2014-02-11 02:51   5632   ---ha-w-   c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-11 02:51 . 2014-02-11 02:51   522752   ----a-w-   c:\windows\system32\XpsGdiConverter.dll
2014-02-11 02:51 . 2014-02-11 02:51   4096   ---ha-w-   c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-11 02:51 . 2014-02-11 02:51   4096   ---ha-w-   c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-11 02:51 . 2014-02-11 02:51   364544   ----a-w-   c:\windows\SysWow64\XpsGdiConverter.dll
2014-02-11 02:51 . 2014-02-11 02:51   363008   ----a-w-   c:\windows\system32\dxgi.dll
2014-02-11 02:51 . 2014-02-11 02:51   3584   ---ha-w-   c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-11 02:51 . 2014-02-11 02:51   3584   ---ha-w-   c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-11 02:51 . 2014-02-11 02:51   333312   ----a-w-   c:\windows\system32\d3d10_1core.dll
2014-02-11 02:51 . 2014-02-11 02:51   3072   ---ha-w-   c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-11 02:51 . 2014-02-11 02:51   3072   ---ha-w-   c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-11 02:51 . 2014-02-11 02:51   3072   ---ha-w-   c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-11 02:51 . 2014-02-11 02:51   3072   ---ha-w-   c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-11 02:51 . 2014-02-11 02:51   296960   ----a-w-   c:\windows\system32\d3d10core.dll
2014-02-11 02:51 . 2014-02-11 02:51   293376   ----a-w-   c:\windows\SysWow64\dxgi.dll
2014-02-11 02:51 . 2014-02-11 02:51   2776576   ----a-w-   c:\windows\system32\msmpeg2vdec.dll
2014-02-11 02:51 . 2014-02-11 02:51   2560   ---ha-w-   c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-11 02:51 . 2014-02-11 02:51   2560   ---ha-w-   c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-11 02:51 . 2014-02-11 02:51   249856   ----a-w-   c:\windows\SysWow64\d3d10_1core.dll
2014-02-11 02:51 . 2014-02-11 02:51   245248   ----a-w-   c:\windows\system32\WindowsCodecsExt.dll
2014-02-11 02:51 . 2014-02-11 02:51   2284544   ----a-w-   c:\windows\SysWow64\msmpeg2vdec.dll
2014-02-11 02:51 . 2014-02-11 02:51   221184   ----a-w-   c:\windows\system32\UIAnimation.dll
2014-02-11 02:51 . 2014-02-11 02:51   220160   ----a-w-   c:\windows\SysWow64\d3d10core.dll
2014-02-11 02:51 . 2014-02-11 02:51   207872   ----a-w-   c:\windows\SysWow64\WindowsCodecsExt.dll
2014-02-11 02:51 . 2014-02-11 02:51   194560   ----a-w-   c:\windows\system32\d3d10_1.dll
2014-02-11 02:51 . 2014-02-11 02:51   187392   ----a-w-   c:\windows\SysWow64\UIAnimation.dll
2014-02-11 02:51 . 2014-02-11 02:51   1682432   ----a-w-   c:\windows\system32\XpsPrint.dll
2014-02-11 02:51 . 2014-02-11 02:51   1643520   ----a-w-   c:\windows\system32\DWrite.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-14 642656]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR WNA3100 Genie.lnk - c:\program files (x86)\NETGEAR\WNA3100\WNA3100.exe [2014-2-10 8266456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 WSWNA3100;WSWNA3100;c:\program files (x86)\NETGEAR\WNA3100\WifiSvc.exe;c:\program files (x86)\NETGEAR\WNA3100\WifiSvc.exe [x]
R3 andnetadb;ADB Interface DriverNet;c:\windows\system32\Drivers\lgandnetadb.sys;c:\windows\SYSNATIVE\Drivers\lgandnetadb.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;c:\windows\system32\DRIVERS\lgandnetndis64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetndis64.sys [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 pneteth;PdaNet Broadband;c:\windows\system32\DRIVERS\pneteth.sys;c:\windows\SYSNATIVE\DRIVERS\pneteth.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys;c:\windows\SYSNATIVE\DRIVERS\scmndisp.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 gzserv;Bitdefender Antivirus Free Edition;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe [x]
S2 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\DRIVERS\bcmwlhigh664.sys;c:\windows\SYSNATIVE\DRIVERS\bcmwlhigh664.sys [x]
S3 HPKBx64;HP Keyboard Smart Card Driver;c:\windows\system32\DRIVERS\HPKBx64.sys;c:\windows\SYSNATIVE\DRIVERS\HPKBx64.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs   REG_MULTI_SZ     w3svc was
apphost   REG_MULTI_SZ     apphostsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2014-03-26 1275608]
"MsmqIntCert"="mqrt.dll" [2010-11-21 247808]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Sirly\AppData\Roaming\Mozilla\Firefox\Profiles\jvy1qi3l.default-1398738901204\
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-{8e70e4e1-06d7-470b-9f74-a51bef21088e} - c:\programdata\Package Cache\{8e70e4e1-06d7-470b-9f74-a51bef21088e}\vcredist_x86.exe
.
.
"ImagePath"="\"c:\program files\COMODO\COMODO Internet Security\cmdagent.exe\""
"Filename"="HKLM\SYSTEM\ControlSet001\services\MBAMWebAccessControl\ImagePath"
"ImagePath"="\"c:\program files\COMODO\COMODO Internet Security\cmdagent.exe\""
"Filename"="HKLM\SYSTEM\ControlSet001\services\MBAMWebAccessControl\ImagePath"
"DeviceName"="HKLM\SYSTEM\ControlSet001\services\MBAMWebAccessControl\ImagePath"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Installer\Sym_Cam\CIS]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
Completion time: 2014-05-01 09:52:23
ComboFix-quarantined-files.txt 2014-05-01 16:52
ComboFix2.txt 2014-04-26 01:34
.
Pre-Run: 146,804,121,600 bytes free
Post-Run: 146,588,532,736 bytes free
.
- - End Of File - - 7C786C7CC2D05981F29F27B74B76BA6A
A36C5E4F47E84449FF07ED3517B43A31

AdvancedSetup · May 2, 2014

Please use the MBAM CLEAN removal but do not reinstall MBAM just yet.

Then restart the computer and let me know what issues you're still seeing or having.

Brett1337Vierra · May 2, 2014

Seems ok

AdvancedSetup · May 2, 2014

Please restart the computer 2 times. Then run the following for me.

Please download MiniToolBox save it to your desktop and run it.

Checkmark the following check-boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Devices
List Users, Partitions and Memory size.
List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using Reset FF Proxy Settings option Firefox should be closed.

Brett1337Vierra · May 2, 2014

Here it is

Result.txt

AdvancedSetup · May 3, 2014

Please visit this Microsoft lik and run their automated fix. It should correct these errors

Error: (05/02/2014 10:51:08 AM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Event ID 10 is logged in the Application log

Then run this other one for the cdrom error

Error: (05/02/2014 10:49:47 AM) (Source: Service Control Manager) (User: )Description: The following boot-start or system-start driver(s) failed to load:cdrom

Event ID 7000 or 7026 is logged in the System log on a computer that is running Windows 7

Once that is complete then restart the computer 2 more times again and run FRST again but make sure ADDITION is checked and post back both new logs.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply as well.

Brett1337Vierra · May 3, 2014

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2014
Ran by Sirly (administrator) on VITTORIO-PC on 03-05-2014 10:17:48
Running from C:\Users\Sirly\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-25] (COMODO)
HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-20] (Adobe Systems Incorporated)
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3E51F0CA5363CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Sirly\AppData\Roaming\Mozilla\Firefox\Profiles\jvy1qi3l.default-1398738901204
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-14] (Advanced Micro Devices, Inc.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-20] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] ()

==================== Drivers (Whitelisted) ====================

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2012-07-03] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-04-16] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2014-04-16] (COMODO)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
R3 HPKBx64; C:\Windows\System32\DRIVERS\HPKBx64.sys [57856 2013-03-19] (Hewlett-Packard Company)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105552 2014-04-16] (COMODO)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104560 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-05-03 10:06 - 2014-05-03 10:06 - 02062336 _____ (Farbar) C:\Users\Sirly\Desktop\FRST64.exe
2014-05-02 22:00 - 2014-04-29 07:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-02 22:00 - 2014-04-29 06:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-02 22:00 - 2014-04-29 05:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-02 22:00 - 2014-04-29 05:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-02 11:10 - 2014-05-02 11:15 - 00054331 _____ () C:\Users\Sirly\Desktop\Result.txt
2014-05-02 11:08 - 2014-05-02 11:08 - 00982016 _____ (Farbar) C:\Users\Sirly\Desktop\MiniToolBox.exe
2014-05-01 18:39 - 2014-05-01 18:39 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Comodo
2014-05-01 10:42 - 2014-05-01 10:42 - 00000000 ____D () C:\Users\Beta\AppData\Local\Adobe
2014-05-01 09:52 - 2014-05-01 09:52 - 00025186 _____ () C:\ComboFix.txt
2014-05-01 09:19 - 2014-05-01 09:19 - 05197895 ____R (Swearware) C:\Users\Sirly\Desktop\ComboFix.exe
2014-04-30 12:09 - 2014-04-30 12:09 - 00018141 _____ () C:\Users\Sirly\Desktop\CheckResults.txt
2014-04-30 11:58 - 2014-05-03 10:17 - 00008271 _____ () C:\Users\Sirly\Desktop\FRST.txt
2014-04-30 11:56 - 2014-05-03 10:12 - 00018711 _____ () C:\Users\Sirly\Desktop\Addition.txt
2014-04-29 10:21 - 2014-04-29 10:22 - 17290592 _____ (Malwarebytes Corporation ) C:\Users\Sirly\Desktop\mbam-setup-consumer-2.0.2.1007.exe
2014-04-29 10:20 - 2014-04-29 10:20 - 00315392 _____ (Malwarebytes Corporation) C:\Users\Sirly\Desktop\mbam-clean-2.0.2.0.exe
2014-04-29 10:19 - 2014-04-29 10:19 - 01673896 _____ (Malwarebytes Corporation) C:\Users\Sirly\Desktop\mbam-check-2.1.0.0002.exe
2014-04-28 21:02 - 2014-04-28 21:02 - 00000000 ____D () C:\Windows\SysWOW64\Atheros_L1e
2014-04-28 19:35 - 2014-04-28 19:35 - 00000000 ____D () C:\Users\Sirly\Desktop\Old Firefox Data
2014-04-28 15:26 - 2014-04-28 15:26 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Adobe
2014-04-28 12:55 - 2014-04-28 12:55 - 00854355 _____ () C:\Users\Sirly\Desktop\SecurityCheck.exe
2014-04-28 12:16 - 2014-04-28 12:16 - 00000629 _____ () C:\Users\Sirly\Desktop\JRT.txt
2014-04-27 21:30 - 2014-04-27 21:30 - 01016261 _____ (Thisisu) C:\Users\Sirly\Desktop\JRT.exe
2014-04-27 21:16 - 2014-04-27 21:16 - 00448512 _____ (OldTimer Tools) C:\Users\Sirly\Desktop\TFC.exe
2014-04-25 17:58 - 2011-06-25 23:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-25 17:58 - 2010-11-07 10:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-25 17:58 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-25 17:58 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-25 17:58 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-25 17:58 - 2000-08-30 17:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-25 17:58 - 2000-08-30 17:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-25 17:58 - 2000-08-30 17:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-25 17:56 - 2014-05-01 09:52 - 00000000 ____D () C:\Qoobox
2014-04-25 14:16 - 2014-04-25 14:17 - 00000000 ____D () C:\AdwCleaner
2014-04-25 12:09 - 2014-04-25 12:12 - 10303344 _____ () C:\Users\Beta\Downloads\Kit_Kat_Xperience.zip
2014-04-25 11:00 - 2014-04-25 11:24 - 436903589 _____ () C:\Users\Beta\Downloads\Samurai_4-9-2014.zip
2014-04-25 10:54 - 2012-07-03 11:58 - 00031744 _____ (Google Inc) C:\Windows\system32\Drivers\lgandnetadb.sys
2014-04-25 10:54 - 2012-07-03 11:50 - 00036352 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetmodem64.sys
2014-04-25 10:54 - 2012-07-03 11:50 - 00029184 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetdiag64.sys
2014-04-25 10:53 - 2014-04-25 10:53 - 00000000 ____D () C:\Program Files (x86)\LG Electronics
2014-04-25 10:49 - 2013-02-25 18:01 - 00000000 ____D () C:\Users\Beta\Desktop\spirited_away
2014-04-25 07:16 - 2014-04-25 07:16 - 00000000 ____D () C:\Windows\ERUNT
2014-04-25 07:03 - 2014-04-25 07:13 - 00000000 ____D () C:\Users\Sirly\Desktop\mbar
2014-04-25 07:03 - 2014-04-25 07:03 - 01365865 _____ () C:\Users\Sirly\Desktop\AdwCleaner.exe
2014-04-25 07:02 - 2014-04-25 07:03 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Sirly\Desktop\mbar-1.07.0.1009.exe
2014-04-24 13:33 - 2014-04-24 13:34 - 00000000 ____D () C:\Users\Sirly\Desktop\GrantPerms64
2014-04-24 13:21 - 2014-04-24 13:21 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Boredom Software
2014-04-24 13:19 - 2014-04-24 13:19 - 00000000 ____D () C:\Program Files (x86)\Boredom Software
2014-04-24 13:17 - 2014-04-24 13:17 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\WinRAR
2014-04-24 13:03 - 2014-04-24 13:03 - 00002956 _____ () C:\Users\Sirly\Desktop\RKreport[0]_S_04242014_130356.txt
2014-04-24 12:41 - 2014-04-24 12:41 - 00000000 ____D () C:\Users\Sirly\AppData\Local\CrashDumps
2014-04-24 12:27 - 2014-04-24 12:27 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Macromedia
2014-04-24 12:20 - 2014-04-24 13:00 - 00000000 ____D () C:\Users\Sirly\Desktop\RK_Quarantine
2014-04-24 12:19 - 2014-04-24 12:19 - 04527616 _____ () C:\Users\Sirly\Desktop\RogueKillerX64.exe
2014-04-24 12:07 - 2014-04-25 18:27 - 00000000 ____D () C:\Windows\ERDNT
2014-04-24 12:06 - 2014-04-24 12:06 - 00000924 _____ () C:\Users\Sirly\Desktop\NTREGOPT.lnk
2014-04-24 12:06 - 2014-04-24 12:06 - 00000924 _____ () C:\Users\Administrator\Desktop\NTREGOPT.lnk
2014-04-24 12:06 - 2014-04-24 12:06 - 00000905 _____ () C:\Users\Sirly\Desktop\ERUNT.lnk
2014-04-24 12:06 - 2014-04-24 12:06 - 00000905 _____ () C:\Users\Administrator\Desktop\ERUNT.lnk
2014-04-24 12:06 - 2014-04-24 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-04-24 12:06 - 2014-04-24 12:06 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-04-24 12:01 - 2014-04-25 08:06 - 00002522 _____ () C:\Users\Sirly\Desktop\Rkill.txt
2014-04-24 12:00 - 2014-04-24 12:00 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Sirly\Desktop\rkill.exe
2014-04-24 11:38 - 2014-04-24 11:38 - 00024505 _____ () C:\Users\Beta\Documents\CisReport_x64_v7.0.317799.4142_20140424-113807.zip
2014-04-24 11:38 - 2014-04-24 11:38 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\WinRAR
2014-04-22 12:05 - 2012-05-31 22:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2014-04-22 12:05 - 2012-05-31 22:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2014-04-22 12:05 - 2012-05-31 22:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2014-04-22 12:05 - 2012-05-31 22:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2014-04-22 12:05 - 2012-05-31 22:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2014-04-22 12:05 - 2012-05-31 22:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2014-04-22 12:05 - 2012-05-31 21:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2014-04-22 12:05 - 2012-05-31 21:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2014-04-22 12:05 - 2012-05-31 21:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2014-04-22 12:05 - 2012-05-31 21:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2014-04-22 12:05 - 2012-05-31 21:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2014-04-22 12:05 - 2012-05-31 21:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2014-04-21 17:46 - 2014-04-22 22:17 - 00047601 _____ () C:\Windows\iis7.log
2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices
2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\system32\msmq
2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\inetpub
2014-04-21 17:29 - 2014-04-21 17:29 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Mozilla
2014-04-21 17:29 - 2014-04-21 17:29 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Mozilla
2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\ATI
2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Local\ATI
2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Local\AMD
2014-04-21 14:37 - 2014-04-21 14:42 - 00014830 _____ () C:\Users\Administrator\Downloads\Addition.txt
2014-04-21 14:36 - 2014-05-03 10:17 - 00000000 ____D () C:\FRST
2014-04-21 14:36 - 2014-04-21 14:42 - 00057207 _____ () C:\Users\Administrator\Downloads\FRST.txt
2014-04-21 14:25 - 2014-04-21 14:25 - 02061312 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2014-04-21 14:08 - 2014-04-21 14:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Adobe
2014-04-21 11:46 - 2014-04-21 11:46 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia
2014-04-21 11:46 - 2014-04-21 11:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Macromedia
2014-04-21 11:44 - 2014-04-21 11:44 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Mozilla
2014-04-21 11:44 - 2014-04-21 11:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Mozilla
2014-04-21 11:15 - 2014-04-21 11:15 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieUserList
2014-04-21 11:15 - 2014-04-21 11:15 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieSiteList
2014-04-21 11:09 - 2014-04-21 11:09 - 00058016 _____ () C:\Users\Sirly\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-21 11:09 - 2014-04-21 11:09 - 00001413 _____ () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ____D () C:\Users\Sirly\AppData\Local\VirtualStore
2014-04-19 00:25 - 2014-04-19 00:25 - 00000000 ____D () C:\Users\Beta\AppData\Local\Macromedia
2014-04-18 22:12 - 2014-04-18 22:12 - 00000000 __SHD () C:\Users\Beta\AppData\Local\EmieUserList
2014-04-18 22:12 - 2014-04-18 22:12 - 00000000 __SHD () C:\Users\Beta\AppData\Local\EmieSiteList
2014-04-18 20:54 - 2014-04-18 20:54 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Macromedia
2014-04-18 20:13 - 2014-04-28 15:26 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Adobe
2014-04-18 20:13 - 2014-04-18 22:04 - 00000000 ____D () C:\Users\Sirly\Documents\InfiniteCrisis
2014-04-18 20:13 - 2014-04-18 20:14 - 00000000 ____D () C:\Users\Sirly\AppData\Local\InfiniteCrisis
2014-04-18 20:13 - 2014-04-18 20:13 - 00000000 __SHD () C:\Users\Sirly\AppData\Local\EmieUserList
2014-04-18 20:13 - 2014-04-18 20:13 - 00000000 __SHD () C:\Users\Sirly\AppData\Local\EmieSiteList
2014-04-18 20:12 - 2014-04-18 20:13 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Turbine
2014-04-18 19:52 - 2014-04-18 20:12 - 00000000 ____D () C:\Users\Beta\Documents\InfiniteCrisis
2014-04-18 19:51 - 2014-04-18 19:52 - 00000000 ____D () C:\Users\Beta\AppData\Local\InfiniteCrisis
2014-04-18 19:49 - 2014-04-22 12:18 - 00000000 ____D () C:\Users\Beta\AppData\Local\Turbine
2014-04-18 18:01 - 2014-05-02 22:15 - 00000000 ____D () C:\Users\Sirly
2014-04-18 18:01 - 2014-04-18 18:01 - 00000020 ___SH () C:\Users\Sirly\ntuser.ini
2014-04-18 18:01 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-18 18:01 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-18 17:56 - 2014-04-18 17:56 - 00000000 ____D () C:\Users\Beta\AppData\Local\AMD
2014-04-18 17:53 - 2014-04-18 17:53 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Mozilla
2014-04-18 17:53 - 2014-04-18 17:53 - 00000000 ____D () C:\Users\Beta\AppData\Local\Mozilla
2014-04-18 17:52 - 2014-04-18 17:52 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Macromedia
2014-04-18 17:52 - 2014-04-18 17:52 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\LolClient
2014-04-18 17:46 - 2014-04-18 17:46 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\ATI
2014-04-18 17:46 - 2014-04-18 17:46 - 00000000 ____D () C:\Users\Beta\AppData\Local\ATI
2014-04-18 17:41 - 2014-05-01 10:42 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Adobe
2014-04-18 17:41 - 2014-04-18 17:41 - 00058016 _____ () C:\Users\Beta\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-18 17:41 - 2014-04-18 17:41 - 00001413 _____ () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-18 17:41 - 2014-04-18 17:41 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-18 17:41 - 2014-04-18 17:41 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-18 17:40 - 2014-04-18 17:41 - 00000000 ____D () C:\Users\Beta
2014-04-18 17:40 - 2014-04-18 17:40 - 00000020 ___SH () C:\Users\Beta\ntuser.ini
2014-04-18 17:40 - 2014-04-18 17:40 - 00000000 ____D () C:\Users\Beta\AppData\Local\VirtualStore
2014-04-18 17:40 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-18 17:40 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\ATI
2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Local\ATI
2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Local\AMD
2014-04-18 17:17 - 2014-04-21 14:08 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-04-18 17:17 - 2014-04-18 17:17 - 00058016 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-18 17:17 - 2014-04-18 17:17 - 00001409 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-18 17:17 - 2014-04-18 17:17 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ____D () C:\Users\Administrator
2014-04-18 17:17 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-18 17:17 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-18 17:13 - 2014-04-18 17:26 - 00004040 __RSH () C:\ProgramData\ntuser.pol
2014-04-18 12:17 - 2014-04-18 12:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-18 12:16 - 2014-04-18 12:26 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-18 12:16 - 2014-04-18 12:16 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-17 23:14 - 2014-05-03 09:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-17 23:14 - 2014-05-03 09:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-17 23:14 - 2014-04-17 23:14 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-17 21:14 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-04-17 21:14 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-04-17 21:14 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-04-17 21:14 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-04-17 21:14 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-04-17 21:14 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-04-17 21:14 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-04-17 21:14 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-04-17 21:14 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-04-17 21:14 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-04-17 21:14 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-04-17 21:14 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-04-17 21:14 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-04-17 21:14 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-04-17 21:14 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-04-17 21:14 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-04-17 21:14 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-04-17 21:14 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-04-17 21:14 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-04-17 21:14 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-04-17 21:14 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-04-17 21:14 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-04-17 21:14 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-04-17 21:14 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-04-17 21:14 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-04-17 21:14 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-04-17 21:14 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-04-17 21:14 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-04-17 21:14 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-04-17 21:14 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-04-17 21:14 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-04-17 21:14 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-04-17 21:14 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-04-17 21:14 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-04-17 21:14 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-04-17 21:14 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-04-17 21:14 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-04-17 21:14 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-04-17 21:14 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-04-17 21:14 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-04-17 21:14 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-04-17 21:14 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-04-17 21:14 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-04-17 21:14 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-04-17 21:14 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-04-17 21:14 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-04-17 21:14 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-04-17 21:14 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-04-17 21:14 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-04-17 21:14 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-04-17 21:14 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-04-17 21:14 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-04-17 21:13 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-04-17 21:13 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-04-17 21:13 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-04-17 21:13 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-04-17 21:13 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-04-17 21:13 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-04-17 21:13 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-04-17 21:13 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-04-17 21:13 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-04-17 21:13 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-04-17 21:13 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-04-17 21:13 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-04-17 21:13 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-04-17 21:13 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-04-17 21:13 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-04-17 21:13 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-04-17 21:13 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-04-17 21:13 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-04-17 21:13 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-04-17 21:13 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-04-17 21:13 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-04-17 21:13 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-04-17 21:13 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-04-17 21:13 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-04-17 21:13 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-04-17 21:13 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-04-17 21:13 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-04-17 21:13 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-04-17 21:13 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-04-17 21:13 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-04-17 21:13 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-04-17 21:13 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-04-17 21:13 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-04-17 21:13 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-04-17 21:13 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-04-17 21:13 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-04-17 21:13 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-04-17 21:13 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-04-17 21:13 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-04-17 21:13 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-04-17 21:13 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-04-17 21:13 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-04-17 21:13 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-04-17 21:13 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-04-17 21:13 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-04-17 21:13 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-04-17 21:13 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-04-17 21:13 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-04-17 21:13 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-04-17 21:13 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-04-17 21:13 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-04-17 21:13 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-04-17 21:13 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-04-17 21:13 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-04-17 21:13 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-04-17 21:13 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-04-17 21:13 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-04-17 21:13 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-04-17 21:13 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-04-17 21:13 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-04-17 21:13 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-04-17 21:13 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-04-17 21:13 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-04-17 21:13 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-04-17 21:13 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-04-17 21:13 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-04-17 21:13 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-04-17 21:13 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-04-17 21:13 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-04-17 21:13 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-04-17 21:13 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-04-17 21:13 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-04-17 21:13 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-04-17 21:13 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-04-17 21:13 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-04-17 21:13 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-04-17 21:13 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-04-17 21:13 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-04-17 21:13 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-04-17 21:13 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-04-17 21:13 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-04-17 21:13 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-04-17 21:13 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-04-17 21:13 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-04-17 21:13 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-04-17 21:13 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-04-17 21:13 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-04-17 21:13 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-04-17 21:13 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-04-17 21:13 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-04-17 21:13 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-04-17 21:13 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-04-17 21:13 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-04-17 21:13 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-04-17 21:13 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-04-17 21:13 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-04-17 21:13 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-04-17 21:13 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-04-17 21:13 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-04-17 21:13 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-04-17 21:13 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-04-17 21:13 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-04-17 21:13 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-04-17 21:13 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-04-17 21:13 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-04-17 21:13 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-04-17 21:13 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-04-17 21:13 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-04-17 21:13 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-04-17 21:13 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-04-17 21:13 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-04-17 21:13 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-04-17 21:13 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-04-17 21:13 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-04-17 21:12 - 2014-04-18 03:10 - 00000000 ____D () C:\Program Files (x86)\InfiniteCrisis
2014-04-17 21:12 - 2014-04-17 21:13 - 00010123 _____ () C:\Windows\DirectX.log
2014-04-17 21:12 - 2014-04-17 21:12 - 00000000 ____D () C:\ProgramData\Turbine
2014-04-17 21:12 - 2014-04-17 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis
2014-04-17 21:12 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-04-17 21:12 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-04-17 21:12 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-04-17 21:12 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-04-17 21:12 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-04-17 21:12 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-04-17 21:12 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-04-17 21:12 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-04-17 21:12 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-04-17 21:12 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-04-17 15:22 - 2014-04-17 15:22 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-17 15:22 - 2014-04-17 15:22 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-14 18:49 - 2014-04-22 22:16 - 00313636 _____ () C:\Windows\system32\Drivers\fvstore.dat
2014-04-14 18:49 - 2014-04-14 18:49 - 00000000 ____D () C:\VTRoot
2014-04-14 18:39 - 2014-04-14 18:39 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO
2014-04-14 18:39 - 2014-04-14 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2014-04-14 18:38 - 2014-04-14 18:39 - 00000000 ___SD () C:\ProgramData\Shared Space
2014-04-14 18:37 - 2014-04-14 18:37 - 00000000 ____D () C:\Program Files\COMODO
2014-04-14 18:31 - 2014-04-14 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2014-04-14 18:31 - 2013-04-17 14:59 - 00718840 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-04-14 18:31 - 2013-04-17 14:59 - 00593144 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-04-14 18:29 - 2014-04-14 18:31 - 00000000 ____D () C:\Program Files\Bitdefender
2014-04-14 18:29 - 2013-05-28 12:12 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-04-14 18:29 - 2013-04-22 13:21 - 00148696 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-04-14 18:20 - 2014-04-14 18:20 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-04-14 18:18 - 2014-04-18 15:10 - 00000000 ____D () C:\ProgramData\Comodo
2014-04-14 18:10 - 2014-05-01 21:11 - 00338276 _____ () C:\Windows\PFRO.log
2014-04-09 22:32 - 2014-03-06 02:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-09 22:32 - 2014-03-06 01:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-09 22:32 - 2014-03-06 01:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-09 22:32 - 2014-03-06 01:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-09 22:32 - 2014-03-06 01:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-09 22:32 - 2014-03-06 01:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-09 22:32 - 2014-03-06 01:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-09 22:32 - 2014-03-06 01:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-09 22:32 - 2014-03-06 01:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-09 22:32 - 2014-03-06 01:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-09 22:32 - 2014-03-06 01:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-09 22:32 - 2014-03-06 01:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-09 22:32 - 2014-03-06 01:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-09 22:32 - 2014-03-06 01:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-09 22:32 - 2014-03-06 01:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-09 22:32 - 2014-03-06 01:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-09 22:32 - 2014-03-06 01:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-09 22:32 - 2014-03-06 01:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-09 22:32 - 2014-03-06 00:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-09 22:32 - 2014-03-06 00:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-09 22:32 - 2014-03-06 00:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-09 22:32 - 2014-03-06 00:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-09 22:32 - 2014-03-06 00:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-09 22:32 - 2014-03-06 00:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-09 22:32 - 2014-03-06 00:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-09 22:32 - 2014-03-06 00:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-09 22:32 - 2014-03-06 00:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-09 22:32 - 2014-03-06 00:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-09 22:32 - 2014-03-06 00:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-09 22:32 - 2014-03-06 00:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-09 22:32 - 2014-03-06 00:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-09 22:32 - 2014-03-06 00:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-09 22:32 - 2014-03-06 00:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-09 22:32 - 2014-03-06 00:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-09 22:32 - 2014-03-05 23:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-09 22:32 - 2014-03-05 23:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-09 22:32 - 2014-03-05 23:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-09 22:32 - 2014-03-05 23:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-09 22:32 - 2014-03-05 23:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-09 22:32 - 2014-03-05 22:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 22:32 - 2014-03-05 22:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-09 22:32 - 2014-03-05 22:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-09 22:32 - 2014-03-05 22:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-09 22:32 - 2014-03-05 22:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 12:04 - 2014-03-04 02:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 12:04 - 2014-03-04 02:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 12:04 - 2014-03-04 02:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 12:04 - 2014-03-04 02:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 12:04 - 2014-03-04 02:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 12:04 - 2014-03-04 02:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 12:04 - 2014-03-04 02:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 12:04 - 2014-03-04 02:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 12:04 - 2014-03-04 02:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 12:04 - 2014-03-04 01:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 12:04 - 2014-03-04 01:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 12:04 - 2014-02-03 19:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 12:04 - 2014-02-03 19:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 12:04 - 2014-02-03 19:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 12:04 - 2014-02-03 19:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 12:04 - 2014-02-03 19:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 12:04 - 2014-01-23 19:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

==================== One Month Modified Files and Folders =======

2014-05-03 10:17 - 2014-04-30 11:58 - 00008271 _____ () C:\Users\Sirly\Desktop\FRST.txt
2014-05-03 10:17 - 2014-04-21 14:36 - 00000000 ____D () C:\FRST
2014-05-03 10:17 - 2014-03-29 23:50 - 00010751 _____ () C:\Windows\setupact.log
2014-05-03 10:17 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-03 10:17 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-05-03 10:13 - 2014-03-26 14:14 - 01539658 _____ () C:\Windows\WindowsUpdate.log
2014-05-03 10:12 - 2014-04-30 11:56 - 00018711 _____ () C:\Users\Sirly\Desktop\Addition.txt
2014-05-03 10:07 - 2009-07-13 21:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-03 10:07 - 2009-07-13 21:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-03 10:06 - 2014-05-03 10:06 - 02062336 _____ (Farbar) C:\Users\Sirly\Desktop\FRST64.exe
2014-05-03 10:05 - 2009-07-13 22:13 - 00891324 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-03 09:59 - 2014-04-17 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-03 09:59 - 2014-04-17 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-02 22:15 - 2014-04-18 18:01 - 00000000 ____D () C:\Users\Sirly
2014-05-02 11:15 - 2014-05-02 11:10 - 00054331 _____ () C:\Users\Sirly\Desktop\Result.txt
2014-05-02 11:08 - 2014-05-02 11:08 - 00982016 _____ (Farbar) C:\Users\Sirly\Desktop\MiniToolBox.exe
2014-05-01 21:11 - 2014-04-14 18:10 - 00338276 _____ () C:\Windows\PFRO.log
2014-05-01 18:39 - 2014-05-01 18:39 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Comodo
2014-05-01 10:42 - 2014-05-01 10:42 - 00000000 ____D () C:\Users\Beta\AppData\Local\Adobe
2014-05-01 10:42 - 2014-04-18 17:41 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Adobe
2014-05-01 09:52 - 2014-05-01 09:52 - 00025186 _____ () C:\ComboFix.txt
2014-05-01 09:52 - 2014-04-25 17:56 - 00000000 ____D () C:\Qoobox
2014-05-01 09:45 - 2009-07-13 19:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-01 09:19 - 2014-05-01 09:19 - 05197895 ____R (Swearware) C:\Users\Sirly\Desktop\ComboFix.exe
2014-04-30 12:09 - 2014-04-30 12:09 - 00018141 _____ () C:\Users\Sirly\Desktop\CheckResults.txt
2014-04-29 10:22 - 2014-04-29 10:21 - 17290592 _____ (Malwarebytes Corporation ) C:\Users\Sirly\Desktop\mbam-setup-consumer-2.0.2.1007.exe
2014-04-29 10:20 - 2014-04-29 10:20 - 00315392 _____ (Malwarebytes Corporation) C:\Users\Sirly\Desktop\mbam-clean-2.0.2.0.exe
2014-04-29 10:19 - 2014-04-29 10:19 - 01673896 _____ (Malwarebytes Corporation) C:\Users\Sirly\Desktop\mbam-check-2.1.0.0002.exe
2014-04-29 07:01 - 2014-05-02 22:00 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 06:40 - 2014-05-02 22:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 05:48 - 2014-05-02 22:00 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 05:34 - 2014-05-02 22:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-28 21:02 - 2014-04-28 21:02 - 00000000 ____D () C:\Windows\SysWOW64\Atheros_L1e
2014-04-28 21:01 - 2014-02-10 18:03 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-28 19:35 - 2014-04-28 19:35 - 00000000 ____D () C:\Users\Sirly\Desktop\Old Firefox Data
2014-04-28 15:26 - 2014-04-28 15:26 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Adobe
2014-04-28 15:26 - 2014-04-18 20:13 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Adobe
2014-04-28 12:55 - 2014-04-28 12:55 - 00854355 _____ () C:\Users\Sirly\Desktop\SecurityCheck.exe
2014-04-28 12:16 - 2014-04-28 12:16 - 00000629 _____ () C:\Users\Sirly\Desktop\JRT.txt
2014-04-27 21:30 - 2014-04-27 21:30 - 01016261 _____ (Thisisu) C:\Users\Sirly\Desktop\JRT.exe
2014-04-27 21:16 - 2014-04-27 21:16 - 00448512 _____ (OldTimer Tools) C:\Users\Sirly\Desktop\TFC.exe
2014-04-25 18:27 - 2014-04-24 12:07 - 00000000 ____D () C:\Windows\ERDNT
2014-04-25 18:22 - 2009-07-13 19:34 - 52166656 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-04-25 18:22 - 2009-07-13 19:34 - 19136512 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-04-25 18:22 - 2009-07-13 19:34 - 00786432 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-04-25 18:22 - 2009-07-13 19:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-04-25 18:22 - 2009-07-13 19:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-04-25 14:17 - 2014-04-25 14:16 - 00000000 ____D () C:\AdwCleaner
2014-04-25 12:12 - 2014-04-25 12:09 - 10303344 _____ () C:\Users\Beta\Downloads\Kit_Kat_Xperience.zip
2014-04-25 11:24 - 2014-04-25 11:00 - 436903589 _____ () C:\Users\Beta\Downloads\Samurai_4-9-2014.zip
2014-04-25 10:53 - 2014-04-25 10:53 - 00000000 ____D () C:\Program Files (x86)\LG Electronics
2014-04-25 08:06 - 2014-04-24 12:01 - 00002522 _____ () C:\Users\Sirly\Desktop\Rkill.txt
2014-04-25 07:16 - 2014-04-25 07:16 - 00000000 ____D () C:\Windows\ERUNT
2014-04-25 07:13 - 2014-04-25 07:03 - 00000000 ____D () C:\Users\Sirly\Desktop\mbar
2014-04-25 07:03 - 2014-04-25 07:03 - 01365865 _____ () C:\Users\Sirly\Desktop\AdwCleaner.exe
2014-04-25 07:03 - 2014-04-25 07:02 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Sirly\Desktop\mbar-1.07.0.1009.exe
2014-04-24 13:34 - 2014-04-24 13:33 - 00000000 ____D () C:\Users\Sirly\Desktop\GrantPerms64
2014-04-24 13:21 - 2014-04-24 13:21 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Boredom Software
2014-04-24 13:19 - 2014-04-24 13:19 - 00000000 ____D () C:\Program Files (x86)\Boredom Software
2014-04-24 13:17 - 2014-04-24 13:17 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\WinRAR
2014-04-24 13:03 - 2014-04-24 13:03 - 00002956 _____ () C:\Users\Sirly\Desktop\RKreport[0]_S_04242014_130356.txt
2014-04-24 13:00 - 2014-04-24 12:20 - 00000000 ____D () C:\Users\Sirly\Desktop\RK_Quarantine
2014-04-24 12:41 - 2014-04-24 12:41 - 00000000 ____D () C:\Users\Sirly\AppData\Local\CrashDumps
2014-04-24 12:27 - 2014-04-24 12:27 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Macromedia
2014-04-24 12:19 - 2014-04-24 12:19 - 04527616 _____ () C:\Users\Sirly\Desktop\RogueKillerX64.exe
2014-04-24 12:06 - 2014-04-24 12:06 - 00000924 _____ () C:\Users\Sirly\Desktop\NTREGOPT.lnk
2014-04-24 12:06 - 2014-04-24 12:06 - 00000924 _____ () C:\Users\Administrator\Desktop\NTREGOPT.lnk
2014-04-24 12:06 - 2014-04-24 12:06 - 00000905 _____ () C:\Users\Sirly\Desktop\ERUNT.lnk
2014-04-24 12:06 - 2014-04-24 12:06 - 00000905 _____ () C:\Users\Administrator\Desktop\ERUNT.lnk
2014-04-24 12:06 - 2014-04-24 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-04-24 12:06 - 2014-04-24 12:06 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-04-24 12:00 - 2014-04-24 12:00 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Sirly\Desktop\rkill.exe
2014-04-24 11:38 - 2014-04-24 11:38 - 00024505 _____ () C:\Users\Beta\Documents\CisReport_x64_v7.0.317799.4142_20140424-113807.zip
2014-04-24 11:38 - 2014-04-24 11:38 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\WinRAR
2014-04-22 22:17 - 2014-04-21 17:46 - 00047601 _____ () C:\Windows\iis7.log
2014-04-22 22:16 - 2014-04-14 18:49 - 00313636 _____ () C:\Windows\system32\Drivers\fvstore.dat
2014-04-22 22:16 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv
2014-04-22 12:18 - 2014-04-18 19:49 - 00000000 ____D () C:\Users\Beta\AppData\Local\Turbine
2014-04-21 20:18 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-04-21 17:48 - 2014-02-10 18:11 - 00843060 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-21 17:48 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices
2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\system32\msmq
2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\inetpub
2014-04-21 17:45 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-04-21 17:45 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-04-21 17:29 - 2014-04-21 17:29 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Mozilla
2014-04-21 17:29 - 2014-04-21 17:29 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Mozilla
2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\ATI
2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Local\ATI
2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Local\AMD
2014-04-21 14:42 - 2014-04-21 14:37 - 00014830 _____ () C:\Users\Administrator\Downloads\Addition.txt
2014-04-21 14:42 - 2014-04-21 14:36 - 00057207 _____ () C:\Users\Administrator\Downloads\FRST.txt
2014-04-21 14:25 - 2014-04-21 14:25 - 02061312 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2014-04-21 14:08 - 2014-04-21 14:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Adobe
2014-04-21 14:08 - 2014-04-18 17:17 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-04-21 11:46 - 2014-04-21 11:46 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia
2014-04-21 11:46 - 2014-04-21 11:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Macromedia
2014-04-21 11:44 - 2014-04-21 11:44 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Mozilla
2014-04-21 11:44 - 2014-04-21 11:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Mozilla
2014-04-21 11:37 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-21 11:15 - 2014-04-21 11:15 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieUserList
2014-04-21 11:15 - 2014-04-21 11:15 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieSiteList
2014-04-21 11:09 - 2014-04-21 11:09 - 00058016 _____ () C:\Users\Sirly\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-21 11:09 - 2014-04-21 11:09 - 00001413 _____ () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ____D () C:\Users\Sirly\AppData\Local\VirtualStore
2014-04-19 00:25 - 2014-04-19 00:25 - 00000000 ____D () C:\Users\Beta\AppData\Local\Macromedia
2014-04-18 22:12 - 2014-04-18 22:12 - 00000000 __SHD () C:\Users\Beta\AppData\Local\EmieUserList
2014-04-18 22:12 - 2014-04-18 22:12 - 00000000 __SHD () C:\Users\Beta\AppData\Local\EmieSiteList
2014-04-18 22:04 - 2014-04-18 20:13 - 00000000 ____D () C:\Users\Sirly\Documents\InfiniteCrisis
2014-04-18 20:54 - 2014-04-18 20:54 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Macromedia
2014-04-18 20:14 - 2014-04-18 20:13 - 00000000 ____D () C:\Users\Sirly\AppData\Local\InfiniteCrisis
2014-04-18 20:13 - 2014-04-18 20:13 - 00000000 __SHD () C:\Users\Sirly\AppData\Local\EmieUserList
2014-04-18 20:13 - 2014-04-18 20:13 - 00000000 __SHD () C:\Users\Sirly\AppData\Local\EmieSiteList
2014-04-18 20:13 - 2014-04-18 20:12 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Turbine
2014-04-18 20:12 - 2014-04-18 19:52 - 00000000 ____D () C:\Users\Beta\Documents\InfiniteCrisis
2014-04-18 19:52 - 2014-04-18 19:51 - 00000000 ____D () C:\Users\Beta\AppData\Local\InfiniteCrisis
2014-04-18 18:01 - 2014-04-18 18:01 - 00000020 ___SH () C:\Users\Sirly\ntuser.ini
2014-04-18 17:56 - 2014-04-18 17:56 - 00000000 ____D () C:\Users\Beta\AppData\Local\AMD
2014-04-18 17:53 - 2014-04-18 17:53 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Mozilla
2014-04-18 17:53 - 2014-04-18 17:53 - 00000000 ____D () C:\Users\Beta\AppData\Local\Mozilla
2014-04-18 17:52 - 2014-04-18 17:52 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Macromedia
2014-04-18 17:52 - 2014-04-18 17:52 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\LolClient
2014-04-18 17:46 - 2014-04-18 17:46 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\ATI
2014-04-18 17:46 - 2014-04-18 17:46 - 00000000 ____D () C:\Users\Beta\AppData\Local\ATI
2014-04-18 17:41 - 2014-04-18 17:41 - 00058016 _____ () C:\Users\Beta\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-18 17:41 - 2014-04-18 17:41 - 00001413 _____ () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-18 17:41 - 2014-04-18 17:41 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-18 17:41 - 2014-04-18 17:41 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-18 17:41 - 2014-04-18 17:40 - 00000000 ____D () C:\Users\Beta
2014-04-18 17:40 - 2014-04-18 17:40 - 00000020 ___SH () C:\Users\Beta\ntuser.ini
2014-04-18 17:40 - 2014-04-18 17:40 - 00000000 ____D () C:\Users\Beta\AppData\Local\VirtualStore
2014-04-18 17:30 - 2014-02-21 19:37 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-04-18 17:26 - 2014-04-18 17:13 - 00004040 __RSH () C:\ProgramData\ntuser.pol
2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\ATI
2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Local\ATI
2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Local\AMD
2014-04-18 17:17 - 2014-04-18 17:17 - 00058016 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-18 17:17 - 2014-04-18 17:17 - 00001409 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-18 17:17 - 2014-04-18 17:17 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ____D () C:\Users\Administrator
2014-04-18 17:17 - 2009-07-13 21:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-04-18 17:10 - 2009-07-13 20:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-18 15:13 - 2014-03-29 23:50 - 00275712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-18 15:10 - 2014-04-14 18:18 - 00000000 ____D () C:\ProgramData\Comodo
2014-04-18 15:04 - 2014-02-11 16:52 - 00000000 ____D () C:\Riot Games
2014-04-18 12:26 - 2014-04-18 12:16 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-18 12:17 - 2014-04-18 12:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-18 12:16 - 2014-04-18 12:16 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-18 03:10 - 2014-04-17 21:12 - 00000000 ____D () C:\Program Files (x86)\InfiniteCrisis
2014-04-17 23:14 - 2014-04-17 23:14 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-17 21:13 - 2014-04-17 21:12 - 00010123 _____ () C:\Windows\DirectX.log
2014-04-17 21:12 - 2014-04-17 21:12 - 00000000 ____D () C:\ProgramData\Turbine
2014-04-17 21:12 - 2014-04-17 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis
2014-04-17 15:57 - 2014-02-21 21:39 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-04-17 15:22 - 2014-04-17 15:22 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-17 15:22 - 2014-04-17 15:22 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-16 14:12 - 2014-03-25 20:22 - 00738472 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2014-04-16 14:12 - 2014-03-25 20:22 - 00105552 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2014-04-16 14:12 - 2014-03-25 20:22 - 00048360 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2014-04-16 14:12 - 2014-03-25 20:22 - 00023168 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2014-04-14 18:55 - 2009-07-13 22:08 - 00032574 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-14 18:49 - 2014-04-14 18:49 - 00000000 ____D () C:\VTRoot
2014-04-14 18:39 - 2014-04-14 18:39 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO
2014-04-14 18:39 - 2014-04-14 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2014-04-14 18:39 - 2014-04-14 18:38 - 00000000 ___SD () C:\ProgramData\Shared Space
2014-04-14 18:37 - 2014-04-14 18:37 - 00000000 ____D () C:\Program Files\COMODO
2014-04-14 18:31 - 2014-04-14 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2014-04-14 18:31 - 2014-04-14 18:29 - 00000000 ____D () C:\Program Files\Bitdefender
2014-04-14 18:20 - 2014-04-14 18:20 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-04-10 14:45 - 2014-03-03 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-10 14:45 - 2014-03-03 18:46 - 00000000 ____D () C:\ProgramData\Skype
2014-04-09 22:34 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-09 22:02 - 2014-02-10 19:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 22:01 - 2014-02-10 19:10 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-04-29 13:12

==================== End Of Log ============================

Brett1337Vierra · May 3, 2014

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2014
Ran by Sirly at 2014-05-03 10:18:34
Running from C:\Users\Sirly\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
AS: COMODO Antivirus (Disabled - Out of date) {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}

==================== Installed Programs ======================

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.10.100.30313 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{9D5A28E4-6AC3-DD51-C1FA-A8698E91ECBE}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In (Version: 2.06.0000 - AMD) Hidden
AMD VISION Engine Control Center (x32 Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) Hidden
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.15.16 - Atheros Communications Inc.)
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
Catalyst Control Center InstallProxy (x32 Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) Hidden
COMODO Firewall (HKLM\...\{D32EF4F9-1506-434E-A813-3D4C0AA50300}) (Version: 7.0.53315.4132 - COMODO Security Solutions Inc.)
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer)
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)
InfiniteCrisis_410193F41CAE (HKLM-x32\...\InfiniteCrisis_410193F41CAE) (Version: - Turbine, Inc)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.8.1 - LG Electronics)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 en-US)) (Version: 29.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VT Hash Check 1.42 (HKLM-x32\...\{1E579B65-503B-4184-B481-5138124BEE1D}_is1) (Version: 1.42 - Boredom Software)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Restore Points =========================

25-04-2014 17:53:43 Installed LG United Mobile Driver
26-04-2014 17:21:27 Windows Update
29-04-2014 04:01:39 Installed Atheros Communications Inc.® AR81Family Gigabit/Fast]áu!
01-05-2014 16:24:16 ComboFix created restore point
02-05-2014 17:54:30 Windows Update
03-05-2014 05:00:12 Windows Update
03-05-2014 17:04:20 Installed Microsoft Fix it 50688
03-05-2014 17:05:49 Installed Microsoft Fix it 50656

==================== Hosts content: ==========================

2009-07-13 19:34 - 2014-04-25 18:23 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {57A80709-F66B-4C5A-B80C-1D7B04103FCC} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {BD18720E-EE08-40A8-B3BD-6006DAD46DC7} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)

==================== Loaded Modules (whitelisted) =============

2014-04-14 18:31 - 2013-03-19 12:07 - 00696632 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2014-04-14 18:31 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2013-03-14 00:41 - 2013-03-14 00:41 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-09-23 14:53 - 2012-09-23 14:53 - 00748544 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-09-23 14:53 - 2012-09-23 14:53 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-03-14 00:41 - 2013-03-14 00:41 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-02-10 18:03 - 2013-11-22 19:34 - 08266456 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
2014-02-10 18:03 - 2013-11-01 17:31 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Administrator\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\AdwCleaner.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\ComboFix.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\JRT.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\mbam-check-2.1.0.0002.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\mbam-clean-2.0.2.0.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\mbam-setup-consumer-2.0.2.1007.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\mbar-1.07.0.1009.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\MiniToolBox.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\rkill.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\RogueKillerX64.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\SecurityCheck.exe:BDU
AlternateDataStreams: C:\Users\Sirly\Desktop\TFC.exe:BDU

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: WinDefend => 2
MSCONFIG\Services: WMPNetworkSvc => 3

==================== Faulty Device Manager Devices =============

Name: Printer Port (LPT1)
Description: Printer Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard port types)
Service: Parport
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.

==================== Event log errors: =========================

Application errors:
==================
Error: (05/03/2014 10:01:19 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/02/2014 10:10:39 PM) (Source: ESENT) (User: )
Description: WinMail (4360) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (05/02/2014 10:10:38 PM) (Source: ESENT) (User: )
Description: WinMail (3996) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (05/02/2014 10:09:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/02/2014 10:51:08 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2014 09:13:20 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2014 09:18:23 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2014 08:46:49 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/30/2014 03:10:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/30/2014 00:37:43 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (05/03/2014 10:16:44 AM) (Source: Service Control Manager) (User: )
Description: The mbamchameleon service failed to start due to the following error:
%%2

Error: (05/03/2014 10:14:42 AM) (Source: Service Control Manager) (User: )
Description: The mbamchameleon service failed to start due to the following error:
%%2

Error: (05/03/2014 10:00:23 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (05/03/2014 09:59:55 AM) (Source: Service Control Manager) (User: )
Description: The mbamchameleon service failed to start due to the following error:
%%2

Error: (05/02/2014 10:08:38 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (05/02/2014 10:08:05 PM) (Source: Service Control Manager) (User: )
Description: The mbamchameleon service failed to start due to the following error:
%%2

Error: (05/02/2014 10:49:47 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (05/02/2014 10:49:23 AM) (Source: Service Control Manager) (User: )
Description: The mbamchameleon service failed to start due to the following error:
%%2

Error: (05/01/2014 09:11:59 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (05/01/2014 09:11:34 PM) (Source: Service Control Manager) (User: )
Description: The mbamchameleon service failed to start due to the following error:
%%2

Microsoft Office Sessions:
=========================
Error: (05/03/2014 10:01:19 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/02/2014 10:10:39 PM) (Source: ESENT)(User: )
Description: WinMail4360WindowsMail0:

Error: (05/02/2014 10:10:38 PM) (Source: ESENT)(User: )
Description: WinMail3996WindowsMail0:

Error: (05/02/2014 10:09:51 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/02/2014 10:51:08 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2014 09:13:20 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2014 09:18:23 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2014 08:46:49 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/30/2014 03:10:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/30/2014 00:37:43 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity Errors:
===================================
Date: 2014-04-25 18:19:32.173
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-25 18:19:32.127
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 18%
Total physical RAM: 7657.54 MB
Available physical RAM: 6224.63 MB
Total Pagefile: 15313.25 MB
Available Pagefile: 13784.44 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:186.31 GB) (Free:139.92 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 186 GB) (Disk ID: 00037BA0)
Partition 1: (Active) - (Size=186 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Sorry it took so long

AdvancedSetup · May 5, 2014

Well that did not seem to correct those issues but they're not malware related was just hoping to fix them.

So how is the computer running now?

Are there still any issues with MBAM or malware in general that you're seeing?

AdvancedSetup · June 6, 2014

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

If not infected then what?

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information