Brett1337Vierra Posted April 29, 2014 Author ID:824749 Share Posted April 29, 2014 Log Name: ApplicationSource: Microsoft-Windows-WininitDate: 4/28/2014 8:51:41 PMEvent ID: 1001Task Category: NoneLevel: InformationKeywords: ClassicUser: N/AComputer: Vittorio-PCDescription:Checking file system on C:The type of the file system is NTFS.A disk check has been scheduled.Windows will now check the disk. CHKDSK is verifying files (stage 1 of 5)... 187904 file records processed. File verification completed. 282 large file records processed. 0 bad file records processed. 2 EA records processed. 75 reparse records processed. CHKDSK is verifying indexes (stage 2 of 5)... 252152 index entries processed. Index verification completed. 0 unindexed files scanned. 0 unindexed files recovered. CHKDSK is verifying security descriptors (stage 3 of 5)... 187904 file SDs/SIDs processed. Cleaning up 929 unused index entries from index $SII of file 0x9.Cleaning up 929 unused index entries from index $SDH of file 0x9.Cleaning up 929 unused security descriptors.Security descriptor verification completed. 32125 data files processed. CHKDSK is verifying Usn Journal... 216188464 USN bytes processed. Usn Journal verification completed.CHKDSK is verifying file data (stage 4 of 5)... 187888 files processed. File data verification completed.CHKDSK is verifying free space (stage 5 of 5)... 35864505 free clusters processed. Free space verification is complete.CHKDSK discovered free space marked as allocated in themaster file table (MFT) bitmap.CHKDSK discovered free space marked as allocated in the volume bitmap.Windows has made corrections to the file system. 195358719 KB total disk space. 51364912 KB in 92728 files. 63528 KB in 32126 indexes. 0 KB in bad sectors. 472255 KB in use by the system. 65536 KB occupied by the log file. 143458024 KB available on disk. 4096 bytes in each allocation unit. 48839679 total allocation units on disk. 35864506 allocation units available on disk.Internal Info:00 de 02 00 c1 e7 01 00 3b 9a 03 00 00 00 00 00 ........;.......59 01 00 00 4b 00 00 00 00 00 00 00 00 00 00 00 Y...K...........00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................Windows has finished checking your disk.Please wait while your computer restarts.Event Xml:<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" /> <EventID Qualifiers="16384">1001</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2014-04-29T03:51:41.000000000Z" /> <EventRecordID>6907</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>Vittorio-PC</Computer> <Security /> </System> <EventData> <Data>Checking file system on C:The type of the file system is NTFS.A disk check has been scheduled.Windows will now check the disk. CHKDSK is verifying files (stage 1 of 5)... 187904 file records processed. File verification completed. 282 large file records processed. 0 bad file records processed. 2 EA records processed. 75 reparse records processed. CHKDSK is verifying indexes (stage 2 of 5)... 252152 index entries processed. Index verification completed. 0 unindexed files scanned. 0 unindexed files recovered. CHKDSK is verifying security descriptors (stage 3 of 5)... 187904 file SDs/SIDs processed. Cleaning up 929 unused index entries from index $SII of file 0x9.Cleaning up 929 unused index entries from index $SDH of file 0x9.Cleaning up 929 unused security descriptors.Security descriptor verification completed. 32125 data files processed. CHKDSK is verifying Usn Journal... 216188464 USN bytes processed. Usn Journal verification completed.CHKDSK is verifying file data (stage 4 of 5)... 187888 files processed. File data verification completed.CHKDSK is verifying free space (stage 5 of 5)... 35864505 free clusters processed. Free space verification is complete.CHKDSK discovered free space marked as allocated in themaster file table (MFT) bitmap.CHKDSK discovered free space marked as allocated in the volume bitmap.Windows has made corrections to the file system. 195358719 KB total disk space. 51364912 KB in 92728 files. 63528 KB in 32126 indexes. 0 KB in bad sectors. 472255 KB in use by the system. 65536 KB occupied by the log file. 143458024 KB available on disk. 4096 bytes in each allocation unit. 48839679 total allocation units on disk. 35864506 allocation units available on disk.Internal Info:00 de 02 00 c1 e7 01 00 3b 9a 03 00 00 00 00 00 ........;.......59 01 00 00 4b 00 00 00 00 00 00 00 00 00 00 00 Y...K...........00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................Windows has finished checking your disk.Please wait while your computer restarts.</Data> </EventData></Event> I had a problem when rebooting. Malwarebytes did not boot up and the icon was removed Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted April 29, 2014 Root Admin ID:824983 Share Posted April 29, 2014 Please doing the following.Please try the following but when installing use the latest beta below. - MBAM Clean Removal Process 2xThen please reboot the computer and read the following and post back the requested logs again. - Diagnostic LogsNOTE: There is an FAQ section with valuable information located here: - Common Questions, Issues, and their SolutionsPlease try installing the new beta which has corrected some previously reported issues: - Malwarebytes Anti-Malware 2.0.2 Public BetaThank You Link to post Share on other sites More sharing options...
Brett1337Vierra Posted April 29, 2014 Author ID:825124 Share Posted April 29, 2014 MBAM Clean Removal Process 2x worked. I restarted and tried to run FRST64. It scaned and made the files but nothing in them. Link to post Share on other sites More sharing options...
Brett1337Vierra Posted April 29, 2014 Author ID:825125 Share Posted April 29, 2014 I tried MBAM-chk and it got a cmd prompt with an error 7-zip something it went away to fast Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted April 30, 2014 Root Admin ID:825452 Share Posted April 30, 2014 Please restart the computer and try again. Link to post Share on other sites More sharing options...
Brett1337Vierra Posted April 30, 2014 Author ID:825637 Share Posted April 30, 2014 Same thing FRST64 ran. at drivers it froze and said not responding and then started back up finish and spit out nothing. as of now I have no malwarebytes installed on my computer and it hasn't been there for a day now. Link to post Share on other sites More sharing options...
Brett1337Vierra Posted April 30, 2014 Author ID:825646 Share Posted April 30, 2014 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2014Ran by Sirly (administrator) on VITTORIO-PC on 30-04-2014 11:57:56Running from C:\Users\Sirly\DesktopWindows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: NormalThe only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe(AMD) C:\Windows\system32\atiesrxx.exe(Microsoft Corporation) C:\Windows\system32\WLANExt.exe(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe(Microsoft Corporation) C:\Windows\system32\inetsrv\inetinfo.exe(Microsoft Corporation) C:\Windows\system32\mqsvc.exe(Microsoft Corporation) C:\Windows\system32\mqtgsvc.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe(AMD) C:\Windows\system32\atieclxx.exe(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe==================== Registry (Whitelisted) ==================HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-25] (COMODO)HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dllHKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-14] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-20] (Adobe Systems Incorporated)HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTIONHKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTIONWinlogon\Notify\ScCertProp: wlnotify.dll [X]Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnkShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()==================== Internet (Whitelisted) ====================HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3E51F0CA5363CF01HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-USStartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exeBHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No FileHandler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1FireFox:========FF ProfilePath: C:\Users\Sirly\AppData\Roaming\Mozilla\Firefox\Profiles\jvy1qi3l.default-1398738901204FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)==================== Services (Whitelisted) =================R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-14] (Advanced Micro Devices, Inc.)R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-20] (Microsoft Corporation)R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)S2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] ()==================== Drivers (Whitelisted) ====================S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2012-07-03] (Google Inc)S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2012-11-02] (BitDefender)R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-04-16] (COMODO)R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2014-04-16] (COMODO)R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)R3 HPKBx64; C:\Windows\System32\DRIVERS\HPKBx64.sys [57856 2013-03-19] (Hewlett-Packard Company)R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105552 2014-04-16] (COMODO)R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104560 2012-04-25] (Qualcomm Atheros Co., Ltd.)R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-04-18] (Malwarebytes Corporation)R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]S3 catchme; \??\C:\ComboFix\catchme.sys [X]S3 VGPU; System32\drivers\rdvgkmd.sys [X]S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]==================== NetSvcs (Whitelisted) ======================================= One Month Created Files and Folders ========2014-04-30 11:58 - 2014-04-30 11:58 - 00008329 _____ () C:\Users\Sirly\Desktop\FRST.txt2014-04-30 11:56 - 2014-04-30 11:56 - 00000000 _____ () C:\Users\Sirly\Desktop\Addition.txt2014-04-29 10:42 - 2014-04-29 10:42 - 02061824 _____ (Farbar) C:\Users\Sirly\Desktop\FRST64.exe2014-04-29 10:21 - 2014-04-29 10:22 - 17290592 _____ (Malwarebytes Corporation ) C:\Users\Sirly\Desktop\mbam-setup-consumer-2.0.2.1007.exe2014-04-29 10:20 - 2014-04-29 10:20 - 00315392 _____ (Malwarebytes Corporation) C:\Users\Sirly\Desktop\mbam-clean-2.0.2.0.exe2014-04-29 10:19 - 2014-04-29 10:19 - 01673896 _____ (Malwarebytes Corporation) C:\Users\Sirly\Desktop\mbam-check-2.1.0.0002.exe2014-04-28 21:02 - 2014-04-28 21:02 - 00000000 ____D () C:\Windows\SysWOW64\Atheros_L1e2014-04-28 19:35 - 2014-04-28 19:35 - 00000000 ____D () C:\Users\Sirly\Desktop\Old Firefox Data2014-04-28 15:26 - 2014-04-28 15:26 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Adobe2014-04-28 13:49 - 2014-04-29 10:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-04-28 12:55 - 2014-04-28 12:55 - 00854355 _____ () C:\Users\Sirly\Desktop\SecurityCheck.exe2014-04-28 12:16 - 2014-04-28 12:16 - 00000629 _____ () C:\Users\Sirly\Desktop\JRT.txt2014-04-27 22:44 - 2014-04-27 22:44 - 00000637 _____ () C:\Users\Sirly\Sirly - Shortcut.lnk2014-04-27 21:30 - 2014-04-27 21:30 - 01016261 _____ (Thisisu) C:\Users\Sirly\Desktop\JRT.exe2014-04-27 21:16 - 2014-04-27 21:16 - 00448512 _____ (OldTimer Tools) C:\Users\Sirly\Desktop\TFC.exe2014-04-25 18:34 - 2014-04-25 18:34 - 00079863 _____ () C:\ComboFix.txt2014-04-25 17:58 - 2011-06-25 23:45 - 00256000 _____ () C:\Windows\PEV.exe2014-04-25 17:58 - 2010-11-07 10:20 - 00208896 _____ () C:\Windows\MBR.exe2014-04-25 17:58 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe2014-04-25 17:58 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe2014-04-25 17:58 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe2014-04-25 17:58 - 2000-08-30 17:00 - 00098816 _____ () C:\Windows\sed.exe2014-04-25 17:58 - 2000-08-30 17:00 - 00080412 _____ () C:\Windows\grep.exe2014-04-25 17:58 - 2000-08-30 17:00 - 00068096 _____ () C:\Windows\zip.exe2014-04-25 17:56 - 2014-04-25 18:34 - 00000000 ____D () C:\Qoobox2014-04-25 17:53 - 2014-04-25 17:54 - 05196870 ____R (Swearware) C:\Users\Sirly\Desktop\ComboFix.exe2014-04-25 14:16 - 2014-04-25 14:17 - 00000000 ____D () C:\AdwCleaner2014-04-25 12:09 - 2014-04-25 12:12 - 10303344 _____ () C:\Users\Beta\Downloads\Kit_Kat_Xperience.zip2014-04-25 11:00 - 2014-04-25 11:24 - 436903589 _____ () C:\Users\Beta\Downloads\Samurai_4-9-2014.zip2014-04-25 10:54 - 2012-07-03 11:58 - 00031744 _____ (Google Inc) C:\Windows\system32\Drivers\lgandnetadb.sys2014-04-25 10:54 - 2012-07-03 11:50 - 00036352 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetmodem64.sys2014-04-25 10:54 - 2012-07-03 11:50 - 00029184 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetdiag64.sys2014-04-25 10:53 - 2014-04-25 10:53 - 00000000 ____D () C:\Program Files (x86)\LG Electronics2014-04-25 10:49 - 2013-02-25 18:01 - 00000000 ____D () C:\Users\Beta\Desktop\spirited_away2014-04-25 07:16 - 2014-04-25 07:16 - 00000000 ____D () C:\Windows\ERUNT2014-04-25 07:03 - 2014-04-25 07:13 - 00000000 ____D () C:\Users\Sirly\Desktop\mbar2014-04-25 07:03 - 2014-04-25 07:03 - 01365865 _____ () C:\Users\Sirly\Desktop\AdwCleaner.exe2014-04-25 07:02 - 2014-04-25 07:03 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Sirly\Desktop\mbar-1.07.0.1009.exe2014-04-24 13:33 - 2014-04-24 13:34 - 00000000 ____D () C:\Users\Sirly\Desktop\GrantPerms642014-04-24 13:21 - 2014-04-24 13:21 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Boredom Software2014-04-24 13:19 - 2014-04-24 13:19 - 00000000 ____D () C:\Program Files (x86)\Boredom Software2014-04-24 13:17 - 2014-04-24 13:17 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\WinRAR2014-04-24 13:03 - 2014-04-24 13:03 - 00002956 _____ () C:\Users\Sirly\Desktop\RKreport[0]_S_04242014_130356.txt2014-04-24 12:41 - 2014-04-24 12:41 - 00000000 ____D () C:\Users\Sirly\AppData\Local\CrashDumps2014-04-24 12:27 - 2014-04-24 12:27 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Macromedia2014-04-24 12:20 - 2014-04-24 13:00 - 00000000 ____D () C:\Users\Sirly\Desktop\RK_Quarantine2014-04-24 12:19 - 2014-04-24 12:19 - 04527616 _____ () C:\Users\Sirly\Desktop\RogueKillerX64.exe2014-04-24 12:07 - 2014-04-25 18:27 - 00000000 ____D () C:\Windows\ERDNT2014-04-24 12:06 - 2014-04-24 12:06 - 00000924 _____ () C:\Users\Sirly\Desktop\NTREGOPT.lnk2014-04-24 12:06 - 2014-04-24 12:06 - 00000924 _____ () C:\Users\Administrator\Desktop\NTREGOPT.lnk2014-04-24 12:06 - 2014-04-24 12:06 - 00000905 _____ () C:\Users\Sirly\Desktop\ERUNT.lnk2014-04-24 12:06 - 2014-04-24 12:06 - 00000905 _____ () C:\Users\Administrator\Desktop\ERUNT.lnk2014-04-24 12:06 - 2014-04-24 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT2014-04-24 12:06 - 2014-04-24 12:06 - 00000000 ____D () C:\Program Files (x86)\ERUNT2014-04-24 12:01 - 2014-04-25 08:06 - 00002522 _____ () C:\Users\Sirly\Desktop\Rkill.txt2014-04-24 12:00 - 2014-04-24 12:00 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Sirly\Desktop\rkill.exe2014-04-24 11:38 - 2014-04-24 11:38 - 00024505 _____ () C:\Users\Beta\Documents\CisReport_x64_v7.0.317799.4142_20140424-113807.zip2014-04-24 11:38 - 2014-04-24 11:38 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\WinRAR2014-04-22 12:05 - 2012-05-31 22:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll2014-04-22 12:05 - 2012-05-31 22:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll2014-04-22 12:05 - 2012-05-31 22:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll2014-04-22 12:05 - 2012-05-31 22:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll2014-04-22 12:05 - 2012-05-31 22:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll2014-04-22 12:05 - 2012-05-31 22:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe2014-04-22 12:05 - 2012-05-31 21:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll2014-04-22 12:05 - 2012-05-31 21:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll2014-04-22 12:05 - 2012-05-31 21:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll2014-04-22 12:05 - 2012-05-31 21:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll2014-04-22 12:05 - 2012-05-31 21:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll2014-04-22 12:05 - 2012-05-31 21:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe2014-04-21 17:46 - 2014-04-22 22:17 - 00047601 _____ () C:\Windows\iis7.log2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\system32\msmq2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\system32\BestPractices2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\inetpub2014-04-21 17:29 - 2014-04-21 17:29 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Mozilla2014-04-21 17:29 - 2014-04-21 17:29 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Mozilla2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\ATI2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Local\ATI2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Local\AMD2014-04-21 14:37 - 2014-04-21 14:42 - 00014830 _____ () C:\Users\Administrator\Downloads\Addition.txt2014-04-21 14:36 - 2014-04-30 11:57 - 00000000 ____D () C:\FRST2014-04-21 14:36 - 2014-04-21 14:42 - 00057207 _____ () C:\Users\Administrator\Downloads\FRST.txt2014-04-21 14:25 - 2014-04-21 14:25 - 02061312 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe2014-04-21 14:08 - 2014-04-21 14:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Adobe2014-04-21 11:46 - 2014-04-21 11:46 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia2014-04-21 11:46 - 2014-04-21 11:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Macromedia2014-04-21 11:44 - 2014-04-21 11:44 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Mozilla2014-04-21 11:44 - 2014-04-21 11:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Mozilla2014-04-21 11:15 - 2014-04-21 11:15 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieUserList2014-04-21 11:15 - 2014-04-21 11:15 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieSiteList2014-04-21 11:09 - 2014-04-21 11:09 - 00058016 _____ () C:\Users\Sirly\AppData\Local\GDIPFONTCACHEV1.DAT2014-04-21 11:09 - 2014-04-21 11:09 - 00001413 _____ () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ____D () C:\Users\Sirly\AppData\Local\VirtualStore2014-04-19 00:25 - 2014-04-19 00:25 - 00000000 ____D () C:\Users\Beta\AppData\Local\Macromedia2014-04-18 22:12 - 2014-04-18 22:12 - 00000000 __SHD () C:\Users\Beta\AppData\Local\EmieUserList2014-04-18 22:12 - 2014-04-18 22:12 - 00000000 __SHD () C:\Users\Beta\AppData\Local\EmieSiteList2014-04-18 20:54 - 2014-04-18 20:54 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Macromedia2014-04-18 20:13 - 2014-04-28 15:26 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Adobe2014-04-18 20:13 - 2014-04-18 22:04 - 00000000 ____D () C:\Users\Sirly\Documents\InfiniteCrisis2014-04-18 20:13 - 2014-04-18 20:14 - 00000000 ____D () C:\Users\Sirly\AppData\Local\InfiniteCrisis2014-04-18 20:13 - 2014-04-18 20:13 - 00000000 __SHD () C:\Users\Sirly\AppData\Local\EmieUserList2014-04-18 20:13 - 2014-04-18 20:13 - 00000000 __SHD () C:\Users\Sirly\AppData\Local\EmieSiteList2014-04-18 20:12 - 2014-04-18 20:13 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Turbine2014-04-18 19:52 - 2014-04-18 20:12 - 00000000 ____D () C:\Users\Beta\Documents\InfiniteCrisis2014-04-18 19:51 - 2014-04-18 19:52 - 00000000 ____D () C:\Users\Beta\AppData\Local\InfiniteCrisis2014-04-18 19:49 - 2014-04-22 12:18 - 00000000 ____D () C:\Users\Beta\AppData\Local\Turbine2014-04-18 18:01 - 2014-04-27 22:44 - 00000000 ____D () C:\Users\Sirly2014-04-18 18:01 - 2014-04-18 18:01 - 00000020 ___SH () C:\Users\Sirly\ntuser.ini2014-04-18 18:01 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories2014-04-18 18:01 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance2014-04-18 17:56 - 2014-04-18 17:56 - 00000000 ____D () C:\Users\Beta\AppData\Local\AMD2014-04-18 17:53 - 2014-04-18 17:53 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Mozilla2014-04-18 17:53 - 2014-04-18 17:53 - 00000000 ____D () C:\Users\Beta\AppData\Local\Mozilla2014-04-18 17:52 - 2014-04-18 17:52 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Macromedia2014-04-18 17:52 - 2014-04-18 17:52 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\LolClient2014-04-18 17:46 - 2014-04-18 17:46 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\ATI2014-04-18 17:46 - 2014-04-18 17:46 - 00000000 ____D () C:\Users\Beta\AppData\Local\ATI2014-04-18 17:41 - 2014-04-18 17:41 - 00058016 _____ () C:\Users\Beta\AppData\Local\GDIPFONTCACHEV1.DAT2014-04-18 17:41 - 2014-04-18 17:41 - 00001413 _____ () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2014-04-18 17:41 - 2014-04-18 17:41 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-04-18 17:41 - 2014-04-18 17:41 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2014-04-18 17:41 - 2014-04-18 17:41 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Adobe2014-04-18 17:40 - 2014-04-18 17:41 - 00000000 ____D () C:\Users\Beta2014-04-18 17:40 - 2014-04-18 17:40 - 00000020 ___SH () C:\Users\Beta\ntuser.ini2014-04-18 17:40 - 2014-04-18 17:40 - 00000000 ____D () C:\Users\Beta\AppData\Local\VirtualStore2014-04-18 17:40 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories2014-04-18 17:40 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\ATI2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Local\ATI2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Local\AMD2014-04-18 17:17 - 2014-04-21 14:08 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe2014-04-18 17:17 - 2014-04-18 17:17 - 00058016 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT2014-04-18 17:17 - 2014-04-18 17:17 - 00001409 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2014-04-18 17:17 - 2014-04-18 17:17 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ____D () C:\Users\Administrator2014-04-18 17:17 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories2014-04-18 17:17 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance2014-04-18 17:13 - 2014-04-18 17:26 - 00004040 __RSH () C:\ProgramData\ntuser.pol2014-04-18 12:17 - 2014-04-18 12:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk2014-04-18 12:16 - 2014-04-18 12:26 - 00000000 ____D () C:\ProgramData\Adobe2014-04-18 12:16 - 2014-04-18 12:16 - 00000000 ____D () C:\Program Files (x86)\Adobe2014-04-17 23:14 - 2014-04-17 23:14 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk2014-04-17 23:14 - 2014-04-17 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2014-04-17 23:14 - 2014-04-17 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-04-17 21:14 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll2014-04-17 21:14 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll2014-04-17 21:14 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll2014-04-17 21:14 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll2014-04-17 21:14 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll2014-04-17 21:14 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll2014-04-17 21:14 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll2014-04-17 21:14 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll2014-04-17 21:14 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll2014-04-17 21:14 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll2014-04-17 21:14 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll2014-04-17 21:14 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll2014-04-17 21:14 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll2014-04-17 21:14 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll2014-04-17 21:14 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll2014-04-17 21:14 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll2014-04-17 21:14 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll2014-04-17 21:14 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll2014-04-17 21:14 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll2014-04-17 21:14 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll2014-04-17 21:14 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll2014-04-17 21:14 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll2014-04-17 21:14 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll2014-04-17 21:14 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll2014-04-17 21:14 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll2014-04-17 21:14 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll2014-04-17 21:14 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll2014-04-17 21:14 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll2014-04-17 21:14 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll2014-04-17 21:14 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll2014-04-17 21:14 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll2014-04-17 21:14 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll2014-04-17 21:14 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll2014-04-17 21:14 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll2014-04-17 21:14 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll2014-04-17 21:14 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll2014-04-17 21:14 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll2014-04-17 21:14 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll2014-04-17 21:14 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll2014-04-17 21:14 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll2014-04-17 21:14 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll2014-04-17 21:14 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll2014-04-17 21:14 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll2014-04-17 21:14 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll2014-04-17 21:14 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll2014-04-17 21:14 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll2014-04-17 21:14 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll2014-04-17 21:14 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll2014-04-17 21:14 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll2014-04-17 21:14 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll2014-04-17 21:14 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll2014-04-17 21:14 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll2014-04-17 21:13 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll2014-04-17 21:13 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll2014-04-17 21:13 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll2014-04-17 21:13 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll2014-04-17 21:13 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll2014-04-17 21:13 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll2014-04-17 21:13 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll2014-04-17 21:13 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll2014-04-17 21:13 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll2014-04-17 21:13 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll2014-04-17 21:13 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll2014-04-17 21:13 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll2014-04-17 21:13 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll2014-04-17 21:13 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll2014-04-17 21:13 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll2014-04-17 21:13 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll2014-04-17 21:13 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll2014-04-17 21:13 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll2014-04-17 21:13 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll2014-04-17 21:13 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll2014-04-17 21:13 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll2014-04-17 21:13 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll2014-04-17 21:13 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll2014-04-17 21:13 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll2014-04-17 21:13 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll2014-04-17 21:13 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll2014-04-17 21:13 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll2014-04-17 21:13 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll2014-04-17 21:13 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll2014-04-17 21:13 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll2014-04-17 21:13 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll2014-04-17 21:13 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll2014-04-17 21:13 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll2014-04-17 21:13 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll2014-04-17 21:13 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll2014-04-17 21:13 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll2014-04-17 21:13 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll2014-04-17 21:13 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll2014-04-17 21:13 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll2014-04-17 21:13 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll2014-04-17 21:13 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll2014-04-17 21:13 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll2014-04-17 21:13 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll2014-04-17 21:13 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll2014-04-17 21:13 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll2014-04-17 21:13 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll2014-04-17 21:13 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll2014-04-17 21:13 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll2014-04-17 21:13 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll2014-04-17 21:13 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll2014-04-17 21:13 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll2014-04-17 21:13 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll2014-04-17 21:13 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll2014-04-17 21:13 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll2014-04-17 21:13 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll2014-04-17 21:13 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll2014-04-17 21:13 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll2014-04-17 21:13 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll2014-04-17 21:13 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll2014-04-17 21:13 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll2014-04-17 21:13 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll2014-04-17 21:13 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll2014-04-17 21:13 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll2014-04-17 21:13 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll2014-04-17 21:13 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll2014-04-17 21:13 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll2014-04-17 21:13 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll2014-04-17 21:13 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll2014-04-17 21:13 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll2014-04-17 21:13 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll2014-04-17 21:13 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll2014-04-17 21:13 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll2014-04-17 21:13 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll2014-04-17 21:13 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll2014-04-17 21:13 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll2014-04-17 21:13 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll2014-04-17 21:13 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll2014-04-17 21:13 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll2014-04-17 21:13 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll2014-04-17 21:13 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll2014-04-17 21:13 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll2014-04-17 21:13 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll2014-04-17 21:13 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll2014-04-17 21:13 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll2014-04-17 21:13 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll2014-04-17 21:13 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll2014-04-17 21:13 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll2014-04-17 21:13 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll2014-04-17 21:13 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll2014-04-17 21:13 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll2014-04-17 21:13 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll2014-04-17 21:13 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll2014-04-17 21:13 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll2014-04-17 21:13 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll2014-04-17 21:13 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll2014-04-17 21:13 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll2014-04-17 21:13 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll2014-04-17 21:13 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll2014-04-17 21:13 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll2014-04-17 21:13 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll2014-04-17 21:13 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll2014-04-17 21:13 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll2014-04-17 21:13 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll2014-04-17 21:13 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll2014-04-17 21:13 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll2014-04-17 21:13 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll2014-04-17 21:13 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll2014-04-17 21:13 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll2014-04-17 21:13 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll2014-04-17 21:13 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll2014-04-17 21:13 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll2014-04-17 21:13 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll2014-04-17 21:13 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll2014-04-17 21:13 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll2014-04-17 21:12 - 2014-04-18 03:10 - 00000000 ____D () C:\Program Files (x86)\InfiniteCrisis2014-04-17 21:12 - 2014-04-17 21:13 - 00010123 _____ () C:\Windows\DirectX.log2014-04-17 21:12 - 2014-04-17 21:12 - 00000000 ____D () C:\ProgramData\Turbine2014-04-17 21:12 - 2014-04-17 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis2014-04-17 21:12 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll2014-04-17 21:12 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll2014-04-17 21:12 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll2014-04-17 21:12 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll2014-04-17 21:12 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll2014-04-17 21:12 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll2014-04-17 21:12 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll2014-04-17 21:12 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll2014-04-17 21:12 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll2014-04-17 21:12 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll2014-04-17 15:22 - 2014-04-17 15:22 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-04-17 15:22 - 2014-04-17 15:22 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-04-14 18:49 - 2014-04-22 22:16 - 00313636 _____ () C:\Windows\system32\Drivers\fvstore.dat2014-04-14 18:49 - 2014-04-14 18:49 - 00000000 ____D () C:\VTRoot2014-04-14 18:39 - 2014-04-14 18:39 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO2014-04-14 18:39 - 2014-04-14 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO2014-04-14 18:38 - 2014-04-14 18:39 - 00000000 ___SD () C:\ProgramData\Shared Space2014-04-14 18:37 - 2014-04-14 18:37 - 00000000 ____D () C:\Program Files\COMODO2014-04-14 18:31 - 2014-04-14 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition2014-04-14 18:31 - 2013-04-17 14:59 - 00718840 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys2014-04-14 18:31 - 2013-04-17 14:59 - 00593144 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys2014-04-14 18:29 - 2014-04-14 18:31 - 00000000 ____D () C:\Program Files\Bitdefender2014-04-14 18:29 - 2013-05-28 12:12 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys2014-04-14 18:29 - 2013-04-22 13:21 - 00148696 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys2014-04-14 18:20 - 2014-04-14 18:20 - 00000000 ____D () C:\ProgramData\Comodo Downloader2014-04-14 18:18 - 2014-04-18 15:10 - 00000000 ____D () C:\ProgramData\Comodo2014-04-14 18:13 - 2014-04-28 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-04-14 18:13 - 2014-04-28 13:45 - 00000000 ____D () C:\Program Files (x86)\Mbam22014-04-14 18:13 - 2014-04-18 14:03 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-04-14 18:13 - 2014-04-18 14:03 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-04-14 18:13 - 2014-04-18 14:03 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-04-14 18:10 - 2014-04-25 18:22 - 00324506 _____ () C:\Windows\PFRO.log2014-04-09 22:32 - 2014-03-06 03:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-04-09 22:32 - 2014-03-06 02:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-04-09 22:32 - 2014-03-06 02:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-04-09 22:32 - 2014-03-06 02:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-04-09 22:32 - 2014-03-06 01:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-04-09 22:32 - 2014-03-06 01:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-04-09 22:32 - 2014-03-06 01:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-04-09 22:32 - 2014-03-06 01:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-04-09 22:32 - 2014-03-06 01:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-04-09 22:32 - 2014-03-06 01:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-04-09 22:32 - 2014-03-06 01:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-04-09 22:32 - 2014-03-06 01:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-04-09 22:32 - 2014-03-06 01:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-04-09 22:32 - 2014-03-06 01:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-04-09 22:32 - 2014-03-06 01:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-04-09 22:32 - 2014-03-06 01:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-04-09 22:32 - 2014-03-06 01:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-04-09 22:32 - 2014-03-06 01:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-04-09 22:32 - 2014-03-06 01:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-04-09 22:32 - 2014-03-06 01:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-04-09 22:32 - 2014-03-06 01:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-04-09 22:32 - 2014-03-06 01:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-04-09 22:32 - 2014-03-06 00:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-04-09 22:32 - 2014-03-06 00:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-04-09 22:32 - 2014-03-06 00:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-04-09 22:32 - 2014-03-06 00:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-04-09 22:32 - 2014-03-06 00:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-04-09 22:32 - 2014-03-06 00:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-04-09 22:32 - 2014-03-06 00:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-04-09 22:32 - 2014-03-06 00:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-04-09 22:32 - 2014-03-06 00:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-04-09 22:32 - 2014-03-06 00:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-04-09 22:32 - 2014-03-06 00:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-04-09 22:32 - 2014-03-06 00:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-04-09 22:32 - 2014-03-06 00:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-04-09 22:32 - 2014-03-06 00:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-04-09 22:32 - 2014-03-06 00:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-04-09 22:32 - 2014-03-06 00:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-04-09 22:32 - 2014-03-05 23:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-04-09 22:32 - 2014-03-05 23:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-04-09 22:32 - 2014-03-05 23:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-04-09 22:32 - 2014-03-05 23:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-04-09 22:32 - 2014-03-05 23:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-04-09 22:32 - 2014-03-05 22:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-04-09 22:32 - 2014-03-05 22:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-04-09 22:32 - 2014-03-05 22:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-04-09 22:32 - 2014-03-05 22:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-04-09 22:32 - 2014-03-05 22:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-04-09 12:04 - 2014-03-04 02:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll2014-04-09 12:04 - 2014-03-04 02:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll2014-04-09 12:04 - 2014-03-04 02:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2014-04-09 12:04 - 2014-03-04 02:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll2014-04-09 12:04 - 2014-03-04 02:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll2014-04-09 12:04 - 2014-03-04 02:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2014-04-09 12:04 - 2014-03-04 02:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll2014-04-09 12:04 - 2014-03-04 02:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2014-04-09 12:04 - 2014-03-04 02:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2014-04-09 12:04 - 2014-03-04 01:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2014-04-09 12:04 - 2014-03-04 01:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2014-04-09 12:04 - 2014-02-03 19:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys2014-04-09 12:04 - 2014-02-03 19:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys2014-04-09 12:04 - 2014-02-03 19:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys2014-04-09 12:04 - 2014-02-03 19:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll2014-04-09 12:04 - 2014-02-03 19:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll2014-04-09 12:04 - 2014-01-23 19:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys==================== One Month Modified Files and Folders =======2014-04-30 11:58 - 2014-04-30 11:58 - 00008329 _____ () C:\Users\Sirly\Desktop\FRST.txt2014-04-30 11:57 - 2014-04-21 14:36 - 00000000 ____D () C:\FRST2014-04-30 11:56 - 2014-04-30 11:56 - 00000000 _____ () C:\Users\Sirly\Desktop\Addition.txt2014-04-30 11:42 - 2009-07-13 21:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-04-30 11:42 - 2009-07-13 21:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-04-30 11:39 - 2014-03-26 14:14 - 01344625 _____ () C:\Windows\WindowsUpdate.log2014-04-30 11:39 - 2009-07-13 22:13 - 00891324 _____ () C:\Windows\system32\PerfStringBackup.INI2014-04-30 11:37 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\inetsrv2014-04-30 11:35 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-04-30 11:34 - 2014-03-29 23:50 - 00010023 _____ () C:\Windows\setupact.log2014-04-29 10:42 - 2014-04-29 10:42 - 02061824 _____ (Farbar) C:\Users\Sirly\Desktop\FRST64.exe2014-04-29 10:25 - 2014-04-28 13:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-04-29 10:22 - 2014-04-29 10:21 - 17290592 _____ (Malwarebytes Corporation ) C:\Users\Sirly\Desktop\mbam-setup-consumer-2.0.2.1007.exe2014-04-29 10:20 - 2014-04-29 10:20 - 00315392 _____ (Malwarebytes Corporation) C:\Users\Sirly\Desktop\mbam-clean-2.0.2.0.exe2014-04-29 10:19 - 2014-04-29 10:19 - 01673896 _____ (Malwarebytes Corporation) C:\Users\Sirly\Desktop\mbam-check-2.1.0.0002.exe2014-04-29 10:17 - 2014-03-26 12:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-04-28 21:02 - 2014-04-28 21:02 - 00000000 ____D () C:\Windows\SysWOW64\Atheros_L1e2014-04-28 21:01 - 2014-02-10 18:03 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2014-04-28 19:35 - 2014-04-28 19:35 - 00000000 ____D () C:\Users\Sirly\Desktop\Old Firefox Data2014-04-28 15:26 - 2014-04-28 15:26 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Adobe2014-04-28 15:26 - 2014-04-18 20:13 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Adobe2014-04-28 13:49 - 2014-04-14 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-04-28 13:45 - 2014-04-14 18:13 - 00000000 ____D () C:\Program Files (x86)\Mbam22014-04-28 12:55 - 2014-04-28 12:55 - 00854355 _____ () C:\Users\Sirly\Desktop\SecurityCheck.exe2014-04-28 12:16 - 2014-04-28 12:16 - 00000629 _____ () C:\Users\Sirly\Desktop\JRT.txt2014-04-27 22:44 - 2014-04-27 22:44 - 00000637 _____ () C:\Users\Sirly\Sirly - Shortcut.lnk2014-04-27 22:44 - 2014-04-18 18:01 - 00000000 ____D () C:\Users\Sirly2014-04-27 21:30 - 2014-04-27 21:30 - 01016261 _____ (Thisisu) C:\Users\Sirly\Desktop\JRT.exe2014-04-27 21:16 - 2014-04-27 21:16 - 00448512 _____ (OldTimer Tools) C:\Users\Sirly\Desktop\TFC.exe2014-04-25 18:34 - 2014-04-25 18:34 - 00079863 _____ () C:\ComboFix.txt2014-04-25 18:34 - 2014-04-25 17:56 - 00000000 ____D () C:\Qoobox2014-04-25 18:27 - 2014-04-24 12:07 - 00000000 ____D () C:\Windows\ERDNT2014-04-25 18:24 - 2009-07-13 19:34 - 00000215 _____ () C:\Windows\system.ini2014-04-25 18:22 - 2014-04-14 18:10 - 00324506 _____ () C:\Windows\PFRO.log2014-04-25 18:22 - 2009-07-13 19:34 - 52166656 _____ () C:\Windows\system32\config\SOFTWARE.bak2014-04-25 18:22 - 2009-07-13 19:34 - 19136512 _____ () C:\Windows\system32\config\SYSTEM.bak2014-04-25 18:22 - 2009-07-13 19:34 - 00786432 _____ () C:\Windows\system32\config\DEFAULT.bak2014-04-25 18:22 - 2009-07-13 19:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak2014-04-25 18:22 - 2009-07-13 19:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak2014-04-25 17:54 - 2014-04-25 17:53 - 05196870 ____R (Swearware) C:\Users\Sirly\Desktop\ComboFix.exe2014-04-25 14:17 - 2014-04-25 14:16 - 00000000 ____D () C:\AdwCleaner2014-04-25 12:12 - 2014-04-25 12:09 - 10303344 _____ () C:\Users\Beta\Downloads\Kit_Kat_Xperience.zip2014-04-25 11:24 - 2014-04-25 11:00 - 436903589 _____ () C:\Users\Beta\Downloads\Samurai_4-9-2014.zip2014-04-25 10:53 - 2014-04-25 10:53 - 00000000 ____D () C:\Program Files (x86)\LG Electronics2014-04-25 08:06 - 2014-04-24 12:01 - 00002522 _____ () C:\Users\Sirly\Desktop\Rkill.txt2014-04-25 07:16 - 2014-04-25 07:16 - 00000000 ____D () C:\Windows\ERUNT2014-04-25 07:13 - 2014-04-25 07:03 - 00000000 ____D () C:\Users\Sirly\Desktop\mbar2014-04-25 07:13 - 2014-03-19 23:16 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)2014-04-25 07:03 - 2014-04-25 07:03 - 01365865 _____ () C:\Users\Sirly\Desktop\AdwCleaner.exe2014-04-25 07:03 - 2014-04-25 07:02 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Sirly\Desktop\mbar-1.07.0.1009.exe2014-04-24 13:34 - 2014-04-24 13:33 - 00000000 ____D () C:\Users\Sirly\Desktop\GrantPerms642014-04-24 13:21 - 2014-04-24 13:21 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Boredom Software2014-04-24 13:19 - 2014-04-24 13:19 - 00000000 ____D () C:\Program Files (x86)\Boredom Software2014-04-24 13:17 - 2014-04-24 13:17 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\WinRAR2014-04-24 13:03 - 2014-04-24 13:03 - 00002956 _____ () C:\Users\Sirly\Desktop\RKreport[0]_S_04242014_130356.txt2014-04-24 13:00 - 2014-04-24 12:20 - 00000000 ____D () C:\Users\Sirly\Desktop\RK_Quarantine2014-04-24 12:41 - 2014-04-24 12:41 - 00000000 ____D () C:\Users\Sirly\AppData\Local\CrashDumps2014-04-24 12:27 - 2014-04-24 12:27 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Macromedia2014-04-24 12:19 - 2014-04-24 12:19 - 04527616 _____ () C:\Users\Sirly\Desktop\RogueKillerX64.exe2014-04-24 12:06 - 2014-04-24 12:06 - 00000924 _____ () C:\Users\Sirly\Desktop\NTREGOPT.lnk2014-04-24 12:06 - 2014-04-24 12:06 - 00000924 _____ () C:\Users\Administrator\Desktop\NTREGOPT.lnk2014-04-24 12:06 - 2014-04-24 12:06 - 00000905 _____ () C:\Users\Sirly\Desktop\ERUNT.lnk2014-04-24 12:06 - 2014-04-24 12:06 - 00000905 _____ () C:\Users\Administrator\Desktop\ERUNT.lnk2014-04-24 12:06 - 2014-04-24 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT2014-04-24 12:06 - 2014-04-24 12:06 - 00000000 ____D () C:\Program Files (x86)\ERUNT2014-04-24 12:00 - 2014-04-24 12:00 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Sirly\Desktop\rkill.exe2014-04-24 11:38 - 2014-04-24 11:38 - 00024505 _____ () C:\Users\Beta\Documents\CisReport_x64_v7.0.317799.4142_20140424-113807.zip2014-04-24 11:38 - 2014-04-24 11:38 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\WinRAR2014-04-22 22:17 - 2014-04-21 17:46 - 00047601 _____ () C:\Windows\iis7.log2014-04-22 22:16 - 2014-04-14 18:49 - 00313636 _____ () C:\Windows\system32\Drivers\fvstore.dat2014-04-22 22:16 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv2014-04-22 12:18 - 2014-04-18 19:49 - 00000000 ____D () C:\Users\Beta\AppData\Local\Turbine2014-04-21 20:18 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache2014-04-21 17:48 - 2014-02-10 18:11 - 00843060 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI2014-04-21 17:48 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\system32\msmq2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\system32\BestPractices2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\inetpub2014-04-21 17:45 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games2014-04-21 17:45 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files\Microsoft Games2014-04-21 17:29 - 2014-04-21 17:29 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Mozilla2014-04-21 17:29 - 2014-04-21 17:29 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Mozilla2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\ATI2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Local\ATI2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Local\AMD2014-04-21 14:42 - 2014-04-21 14:37 - 00014830 _____ () C:\Users\Administrator\Downloads\Addition.txt2014-04-21 14:42 - 2014-04-21 14:36 - 00057207 _____ () C:\Users\Administrator\Downloads\FRST.txt2014-04-21 14:25 - 2014-04-21 14:25 - 02061312 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe2014-04-21 14:08 - 2014-04-21 14:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Adobe2014-04-21 14:08 - 2014-04-18 17:17 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe2014-04-21 11:46 - 2014-04-21 11:46 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia2014-04-21 11:46 - 2014-04-21 11:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Macromedia2014-04-21 11:44 - 2014-04-21 11:44 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Mozilla2014-04-21 11:44 - 2014-04-21 11:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Mozilla2014-04-21 11:37 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF2014-04-21 11:15 - 2014-04-21 11:15 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieUserList2014-04-21 11:15 - 2014-04-21 11:15 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieSiteList2014-04-21 11:09 - 2014-04-21 11:09 - 00058016 _____ () C:\Users\Sirly\AppData\Local\GDIPFONTCACHEV1.DAT2014-04-21 11:09 - 2014-04-21 11:09 - 00001413 _____ () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ____D () C:\Users\Sirly\AppData\Local\VirtualStore2014-04-19 00:25 - 2014-04-19 00:25 - 00000000 ____D () C:\Users\Beta\AppData\Local\Macromedia2014-04-18 22:12 - 2014-04-18 22:12 - 00000000 __SHD () C:\Users\Beta\AppData\Local\EmieUserList2014-04-18 22:12 - 2014-04-18 22:12 - 00000000 __SHD () C:\Users\Beta\AppData\Local\EmieSiteList2014-04-18 22:04 - 2014-04-18 20:13 - 00000000 ____D () C:\Users\Sirly\Documents\InfiniteCrisis2014-04-18 20:54 - 2014-04-18 20:54 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Macromedia2014-04-18 20:14 - 2014-04-18 20:13 - 00000000 ____D () C:\Users\Sirly\AppData\Local\InfiniteCrisis2014-04-18 20:13 - 2014-04-18 20:13 - 00000000 __SHD () C:\Users\Sirly\AppData\Local\EmieUserList2014-04-18 20:13 - 2014-04-18 20:13 - 00000000 __SHD () C:\Users\Sirly\AppData\Local\EmieSiteList2014-04-18 20:13 - 2014-04-18 20:12 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Turbine2014-04-18 20:12 - 2014-04-18 19:52 - 00000000 ____D () C:\Users\Beta\Documents\InfiniteCrisis2014-04-18 19:52 - 2014-04-18 19:51 - 00000000 ____D () C:\Users\Beta\AppData\Local\InfiniteCrisis2014-04-18 18:01 - 2014-04-18 18:01 - 00000020 ___SH () C:\Users\Sirly\ntuser.ini2014-04-18 17:56 - 2014-04-18 17:56 - 00000000 ____D () C:\Users\Beta\AppData\Local\AMD2014-04-18 17:53 - 2014-04-18 17:53 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Mozilla2014-04-18 17:53 - 2014-04-18 17:53 - 00000000 ____D () C:\Users\Beta\AppData\Local\Mozilla2014-04-18 17:52 - 2014-04-18 17:52 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Macromedia2014-04-18 17:52 - 2014-04-18 17:52 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\LolClient2014-04-18 17:46 - 2014-04-18 17:46 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\ATI2014-04-18 17:46 - 2014-04-18 17:46 - 00000000 ____D () C:\Users\Beta\AppData\Local\ATI2014-04-18 17:41 - 2014-04-18 17:41 - 00058016 _____ () C:\Users\Beta\AppData\Local\GDIPFONTCACHEV1.DAT2014-04-18 17:41 - 2014-04-18 17:41 - 00001413 _____ () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2014-04-18 17:41 - 2014-04-18 17:41 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-04-18 17:41 - 2014-04-18 17:41 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2014-04-18 17:41 - 2014-04-18 17:41 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Adobe2014-04-18 17:41 - 2014-04-18 17:40 - 00000000 ____D () C:\Users\Beta2014-04-18 17:40 - 2014-04-18 17:40 - 00000020 ___SH () C:\Users\Beta\ntuser.ini2014-04-18 17:40 - 2014-04-18 17:40 - 00000000 ____D () C:\Users\Beta\AppData\Local\VirtualStore2014-04-18 17:30 - 2014-02-21 19:37 - 00000000 ____D () C:\Windows\system32\appmgmt2014-04-18 17:26 - 2014-04-18 17:13 - 00004040 __RSH () C:\ProgramData\ntuser.pol2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\ATI2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Local\ATI2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Local\AMD2014-04-18 17:17 - 2014-04-18 17:17 - 00058016 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT2014-04-18 17:17 - 2014-04-18 17:17 - 00001409 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2014-04-18 17:17 - 2014-04-18 17:17 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ____D () C:\Users\Administrator2014-04-18 17:17 - 2009-07-13 21:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk2014-04-18 17:10 - 2009-07-13 20:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy2014-04-18 15:13 - 2014-03-29 23:50 - 00275712 _____ () C:\Windows\system32\FNTCACHE.DAT2014-04-18 15:10 - 2014-04-14 18:18 - 00000000 ____D () C:\ProgramData\Comodo2014-04-18 15:04 - 2014-02-11 16:52 - 00000000 ____D () C:\Riot Games2014-04-18 14:03 - 2014-04-14 18:13 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-04-18 14:03 - 2014-04-14 18:13 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-04-18 14:03 - 2014-04-14 18:13 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-04-18 12:26 - 2014-04-18 12:16 - 00000000 ____D () C:\ProgramData\Adobe2014-04-18 12:17 - 2014-04-18 12:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk2014-04-18 12:16 - 2014-04-18 12:16 - 00000000 ____D () C:\Program Files (x86)\Adobe2014-04-18 03:10 - 2014-04-17 21:12 - 00000000 ____D () C:\Program Files (x86)\InfiniteCrisis2014-04-17 23:14 - 2014-04-17 23:14 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk2014-04-17 23:14 - 2014-04-17 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2014-04-17 23:14 - 2014-04-17 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-04-17 21:13 - 2014-04-17 21:12 - 00010123 _____ () C:\Windows\DirectX.log2014-04-17 21:12 - 2014-04-17 21:12 - 00000000 ____D () C:\ProgramData\Turbine2014-04-17 21:12 - 2014-04-17 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis2014-04-17 15:57 - 2014-02-21 21:39 - 00000000 ____D () C:\Windows\System32\Tasks\Games2014-04-17 15:22 - 2014-04-17 15:22 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-04-17 15:22 - 2014-04-17 15:22 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-04-16 14:12 - 2014-03-25 20:22 - 00738472 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys2014-04-16 14:12 - 2014-03-25 20:22 - 00105552 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys2014-04-16 14:12 - 2014-03-25 20:22 - 00048360 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys2014-04-16 14:12 - 2014-03-25 20:22 - 00023168 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys2014-04-14 18:55 - 2009-07-13 22:08 - 00032574 _____ () C:\Windows\Tasks\SCHEDLGU.TXT2014-04-14 18:49 - 2014-04-14 18:49 - 00000000 ____D () C:\VTRoot2014-04-14 18:39 - 2014-04-14 18:39 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO2014-04-14 18:39 - 2014-04-14 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO2014-04-14 18:39 - 2014-04-14 18:38 - 00000000 ___SD () C:\ProgramData\Shared Space2014-04-14 18:37 - 2014-04-14 18:37 - 00000000 ____D () C:\Program Files\COMODO2014-04-14 18:31 - 2014-04-14 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition2014-04-14 18:31 - 2014-04-14 18:29 - 00000000 ____D () C:\Program Files\Bitdefender2014-04-14 18:20 - 2014-04-14 18:20 - 00000000 ____D () C:\ProgramData\Comodo Downloader2014-04-10 14:45 - 2014-03-03 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype2014-04-10 14:45 - 2014-03-03 18:46 - 00000000 ____D () C:\ProgramData\Skype2014-04-09 22:34 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions2014-04-09 22:02 - 2014-02-10 19:10 - 00000000 ____D () C:\Windows\system32\MRT2014-04-09 22:01 - 2014-02-10 19:10 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-03-31 09:35 - 2010-11-20 20:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe==================== Bamital & volsnap Check =================C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legitLastRegBack: 2014-04-29 13:12==================== End Of Log ============================ I got it to work. The cause was comodo on game mode. Link to post Share on other sites More sharing options...
Brett1337Vierra Posted April 30, 2014 Author ID:825647 Share Posted April 30, 2014 Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2014Ran by Sirly at 2014-04-30 11:59:18Running from C:\Users\Sirly\DesktopBoot Mode: Normal============================================================================== Security Center ========================AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}AS: COMODO Antivirus (Disabled - Out of date) {0C2D2636-923D-EE52-2A83-E643204A8275}FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}==================== Installed Programs ======================Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)AMD Accelerated Video Transcoding (Version: 12.10.100.30313 - Advanced Micro Devices, Inc.) HiddenAMD Catalyst Install Manager (HKLM\...\{9D5A28E4-6AC3-DD51-C1FA-A8698E91ECBE}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)AMD Fuel (Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) HiddenAMD Steady Video Plug-In (Version: 2.06.0000 - AMD) HiddenAMD VISION Engine Control Center (x32 Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) HiddenAtheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.15.16 - Atheros Communications Inc.)Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)Catalyst Control Center InstallProxy (x32 Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) HiddenCatalyst Control Center Localization All (x32 Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Chinese Standard (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Chinese Traditional (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Czech (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Danish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Dutch (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help English (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Finnish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help French (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help German (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Greek (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Hungarian (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Italian (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Japanese (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Korean (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Norwegian (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Polish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Portuguese (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Russian (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Spanish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Swedish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Thai (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Turkish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hiddenccc-utility64 (Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) HiddenCOMODO Firewall (HKLM\...\{D32EF4F9-1506-434E-A813-3D4C0AA50300}) (Version: 7.0.53315.4132 - COMODO Security Solutions Inc.)ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer)Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)InfiniteCrisis_410193F41CAE (HKLM-x32\...\InfiniteCrisis_410193F41CAE) (Version: - Turbine, Inc)League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)League of Legends (x32 Version: 3.0.0 - Riot Games) HiddenLG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.8.1 - LG Electronics)Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) HiddenMozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR)Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)VT Hash Check 1.42 (HKLM-x32\...\{1E579B65-503B-4184-B481-5138124BEE1D}_is1) (Version: 1.42 - Boredom Software)WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)==================== Restore Points =========================22-04-2014 00:34:27 Lag redection regedit22-04-2014 00:44:45 Windows Modules Installer23-04-2014 05:00:18 Windows Update25-04-2014 17:53:43 Installed LG United Mobile Driver26-04-2014 17:21:27 Windows Update29-04-2014 04:01:39 Installed Atheros Communications Inc.® AR81Family Gigabit/Fast]áu!==================== Hosts content: ==========================2009-07-13 19:34 - 2014-04-25 18:23 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts127.0.0.1 localhost==================== Scheduled Tasks (whitelisted) =============Task: {57A80709-F66B-4C5A-B80C-1D7B04103FCC} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)Task: {BD18720E-EE08-40A8-B3BD-6006DAD46DC7} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)==================== Loaded Modules (whitelisted) =============2014-04-14 18:31 - 2013-03-19 12:07 - 00696632 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll2014-04-14 18:31 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll2013-03-14 00:41 - 2013-03-14 00:41 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll2012-09-23 14:53 - 2012-09-23 14:53 - 00748544 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll2012-09-23 14:53 - 2012-09-23 14:53 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll2013-03-14 00:41 - 2013-03-14 00:41 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll2014-02-10 18:03 - 2013-11-22 19:34 - 08266456 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe2013-03-14 00:41 - 2013-03-14 00:41 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll2014-02-10 18:03 - 2013-11-01 17:31 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll==================== Alternate Data Streams (whitelisted) =========AlternateDataStreams: C:\Users\Administrator\Downloads\FRST64.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\AdwCleaner.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\ComboFix.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\FRST64.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\JRT.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\mbam-check-2.1.0.0002.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\mbam-clean-2.0.2.0.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\mbam-setup-consumer-2.0.2.1007.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\mbar-1.07.0.1009.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\rkill.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\RogueKillerX64.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\SecurityCheck.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\TFC.exe:BDU==================== Safe Mode (whitelisted) ======================================= Disabled items from MSCONFIG ==============MSCONFIG\Services: MpsSvc => 2MSCONFIG\Services: WinDefend => 2MSCONFIG\Services: WMPNetworkSvc => 3==================== Faulty Device Manager Devices ================================= Event log errors: =========================Application errors:==================Error: (04/30/2014 11:36:29 AM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (04/29/2014 10:27:47 AM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (04/29/2014 10:15:01 AM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (04/28/2014 08:52:38 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (04/28/2014 01:48:03 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (04/28/2014 00:41:23 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (04/28/2014 00:19:59 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003System errors:=============Error: (04/30/2014 11:35:09 AM) (Source: Service Control Manager) (User: )Description: The following boot-start or system-start driver(s) failed to load:cdromMicrosoft Office Sessions:=========================Error: (04/30/2014 11:36:29 AM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (04/29/2014 10:27:47 AM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (04/29/2014 10:15:01 AM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (04/28/2014 08:52:38 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (04/28/2014 01:48:03 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (04/28/2014 00:41:23 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (04/28/2014 00:19:59 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003CodeIntegrity Errors:=================================== Date: 2014-04-25 18:19:32.173 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-04-25 18:19:32.127 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.==================== Memory info ===========================Percentage of memory in use: 20%Total physical RAM: 7657.54 MBAvailable physical RAM: 6081.39 MBTotal Pagefile: 15313.25 MBAvailable Pagefile: 13543.08 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.85 MB==================== Drives ================================Drive c: () (Fixed) (Total:186.31 GB) (Free:135.65 GB) NTFS ==>[Drive with boot components (obtained from BCD)]==================== MBR & Partition Table ==========================================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 186 GB) (Disk ID: 00037BA0)Partition 1: (Active) - (Size=186 GB) - (Type=07 NTFS)==================== End Of Log ============================ Link to post Share on other sites More sharing options...
Brett1337Vierra Posted April 30, 2014 Author ID:825649 Share Posted April 30, 2014 This one is to largeCheckResults.txt Link to post Share on other sites More sharing options...
Brett1337Vierra Posted April 30, 2014 Author ID:825653 Share Posted April 30, 2014 Malwarebytes Anti-Malwarewww.malwarebytes.orgScan Date: 4/30/2014Scan Time: 12:16:19 PMLogfile:Administrator: YesVersion: 2.00.2.1007Malware Database: v2014.04.30.10Rootkit Database: v2014.03.27.01License: PremiumMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: EnabledOS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: SirlyScan Type: Threat ScanResult: CompletedObjects Scanned: 313375Time Elapsed: 8 min, 22 secMemory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: EnabledProcesses: 0(No malicious items detected)Modules: 0(No malicious items detected)Registry Keys: 0(No malicious items detected)Registry Values: 0(No malicious items detected)Registry Data: 0(No malicious items detected)Folders: 0(No malicious items detected)Files: 0(No malicious items detected)Physical Sectors: 0(No malicious items detected)(end) Link to post Share on other sites More sharing options...
Brett1337Vierra Posted April 30, 2014 Author ID:825659 Share Posted April 30, 2014 Now malwarebytes will not activate file system protection and website protection. Please help. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 1, 2014 Root Admin ID:825781 Share Posted May 1, 2014 Please visit this webpage and read the ComboFix User's Guide:Once you've read the article and are ready to use the program you can download it directly from the link below.Important! - Please make sure you save combofix to your desktop and do not run it from your browserDirect download link for: ComboFix.exePlease make sure you disable your security applications before running ComboFix.Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.Please attach that log file to your next reply.If needed the file can be located here: C:\combofix.txtNOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer. Link to post Share on other sites More sharing options...
Brett1337Vierra Posted May 1, 2014 Author ID:825904 Share Posted May 1, 2014 ComboFix 14-04-30.01 - Sirly 05/01/2014 9:27.2.4 - x64Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.7658.6003 [GMT -7:00]Running from: c:\users\Sirly\Desktop\ComboFix.exeAV: Bitdefender Antivirus Free Edition *Disabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}SP: Bitdefender Antivirus Free Edition *Disabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point..((((((((((((((((((((((((( Files Created from 2014-04-01 to 2014-05-01 )))))))))))))))))))))))))))))))..2014-05-01 16:44 . 2014-05-01 16:44 -------- d-----w- c:\users\Default\AppData\Local\temp2014-04-29 17:18 . 2014-04-17 12:31 10651704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F55CBAFA-D3A6-4FEA-878A-522970583828}\mpengine.dll2014-04-29 04:02 . 2014-04-29 04:02 -------- d-----w- c:\windows\SysWow64\Atheros_L1e2014-04-28 20:49 . 2014-04-30 19:14 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware2014-04-25 21:16 . 2014-04-25 21:17 -------- d-----w- C:\AdwCleaner2014-04-25 17:54 . 2012-07-03 18:58 31744 ----a-w- c:\windows\system32\drivers\lgandnetadb.sys2014-04-25 17:54 . 2012-07-03 18:50 36352 ----a-w- c:\windows\system32\drivers\lgandnetmodem64.sys2014-04-25 17:54 . 2012-07-03 18:50 29184 ----a-w- c:\windows\system32\drivers\lgandnetdiag64.sys2014-04-25 17:53 . 2014-04-25 17:53 -------- d-----w- c:\program files (x86)\LG Electronics2014-04-25 14:16 . 2014-04-25 14:16 -------- d-----w- c:\windows\ERUNT2014-04-24 20:19 . 2014-04-24 20:19 -------- d-----w- c:\program files (x86)\Boredom Software2014-04-24 19:06 . 2014-04-24 19:06 -------- d-----w- c:\program files (x86)\ERUNT2014-04-22 19:05 . 2012-06-01 05:39 14848 ----a-w- c:\windows\system32\wamregps.dll2014-04-22 19:05 . 2012-06-01 05:36 192000 ----a-w- c:\windows\system32\iisRtl.dll2014-04-22 19:05 . 2012-06-01 05:35 60928 ----a-w- c:\windows\system32\ahadmin.dll2014-04-22 19:05 . 2012-06-01 05:34 55296 ----a-w- c:\windows\system32\admwprox.dll2014-04-22 19:05 . 2012-06-01 05:33 16896 ----a-w- c:\windows\system32\iisreset.exe2014-04-22 19:05 . 2012-06-01 04:37 154624 ----a-w- c:\windows\SysWow64\iisRtl.dll2014-04-22 19:05 . 2012-06-01 04:35 50688 ----a-w- c:\windows\SysWow64\admwprox.dll2014-04-22 19:05 . 2012-06-01 04:34 15360 ----a-w- c:\windows\SysWow64\iisreset.exe2014-04-22 19:05 . 2012-06-01 05:36 11264 ----a-w- c:\windows\system32\iisrstap.dll2014-04-22 19:05 . 2012-06-01 04:40 10752 ----a-w- c:\windows\SysWow64\wamregps.dll2014-04-22 19:05 . 2012-06-01 04:37 8192 ----a-w- c:\windows\SysWow64\iisrstap.dll2014-04-22 19:05 . 2012-06-01 04:35 26624 ----a-w- c:\windows\SysWow64\ahadmin.dll2014-04-22 00:45 . 2014-05-01 16:16 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin2014-04-22 00:45 . 2014-04-22 00:45 -------- d-----w- c:\windows\SysWow64\BestPractices2014-04-22 00:45 . 2014-04-22 00:45 -------- d-----w- c:\windows\system32\msmq2014-04-22 00:45 . 2014-04-22 00:45 -------- d-----w- c:\windows\system32\BestPractices2014-04-22 00:45 . 2014-04-22 00:45 -------- d-----w- C:\inetpub2014-04-21 21:36 . 2014-04-30 19:05 -------- d-----w- C:\FRST2014-04-19 01:01 . 2014-04-28 05:44 -------- d-----w- c:\users\Sirly2014-04-19 00:40 . 2014-04-19 00:41 -------- d-----w- c:\users\Beta2014-04-19 00:17 . 2014-04-19 00:17 -------- d-----w- c:\users\Administrator2014-04-18 19:16 . 2014-04-18 19:16 -------- d-----w- c:\program files (x86)\Common Files\Adobe2014-04-18 06:14 . 2014-04-18 06:14 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service2014-04-18 04:13 . 2008-10-15 13:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll2014-04-18 04:12 . 2005-12-06 01:09 3815120 ----a-w- c:\windows\system32\d3dx9_28.dll2014-04-18 04:12 . 2005-07-23 02:59 3807440 ----a-w- c:\windows\system32\d3dx9_27.dll2014-04-18 04:12 . 2005-05-26 22:34 3767504 ----a-w- c:\windows\system32\d3dx9_26.dll2014-04-18 04:12 . 2005-05-26 22:34 2297552 ----a-w- c:\windows\SysWow64\d3dx9_26.dll2014-04-18 04:12 . 2005-03-19 00:19 3823312 ----a-w- c:\windows\system32\d3dx9_25.dll2014-04-18 04:12 . 2005-02-06 02:45 3544272 ----a-w- c:\windows\system32\d3dx9_24.dll2014-04-18 04:12 . 2014-04-18 04:12 -------- d-----w- c:\programdata\Turbine2014-04-18 04:12 . 2014-04-18 10:10 -------- d-----w- c:\program files (x86)\InfiniteCrisis2014-04-17 22:22 . 2014-04-17 22:22 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2014-04-17 22:22 . 2014-04-17 22:22 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2014-04-15 01:49 . 2014-04-15 01:49 -------- d-----w- C:\VTRoot2014-04-15 01:38 . 2014-04-15 01:39 -------- d-s---w- c:\programdata\Shared Space2014-04-15 01:37 . 2014-04-15 01:37 -------- d-----w- c:\program files\COMODO2014-04-15 01:31 . 2013-04-17 21:59 593144 ----a-w- c:\windows\system32\drivers\avckf.sys2014-04-15 01:31 . 2013-04-17 21:59 718840 ----a-w- c:\windows\system32\drivers\avc3.sys2014-04-15 01:29 . 2014-04-15 01:31 -------- d-----w- c:\program files\Bitdefender2014-04-15 01:29 . 2013-04-22 20:21 148696 ----a-w- c:\windows\system32\drivers\gzflt.sys2014-04-15 01:29 . 2013-05-28 19:12 382536 ----a-w- c:\windows\system32\drivers\trufos.sys2014-04-15 01:20 . 2014-04-15 01:20 -------- d-----w- c:\programdata\Comodo Downloader2014-04-15 01:18 . 2014-04-18 22:10 -------- d-----w- c:\programdata\Comodo2014-04-15 01:13 . 2014-04-28 20:45 -------- d-----w- c:\program files (x86)\Mbam22014-04-15 01:13 . 2014-04-18 21:03 63704 ----a-w- c:\windows\system32\drivers\mwac.sys2014-04-15 01:13 . 2014-04-18 21:03 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys2014-04-15 01:13 . 2014-04-18 21:03 25816 ----a-w- c:\windows\system32\drivers\mbam.sys2014-04-09 19:04 . 2014-01-29 02:32 116736 ----a-w- c:\windows\system32\drivers\UMDF\WUDFUsbccidDriver.dll...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2014-04-30 19:29 . 2014-03-26 19:46 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys2014-04-16 21:12 . 2014-03-26 03:22 48360 ----a-w- c:\windows\system32\drivers\cmdhlp.sys2014-04-16 21:12 . 2014-03-26 03:22 105552 ----a-w- c:\windows\system32\drivers\inspect.sys2014-04-16 21:12 . 2014-03-26 03:22 738472 ----a-w- c:\windows\system32\drivers\cmdguard.sys2014-04-16 21:12 . 2014-03-26 03:22 23168 ----a-w- c:\windows\system32\drivers\cmderd.sys2014-04-10 05:01 . 2014-02-11 02:10 90655440 ----a-w- c:\windows\system32\MRT.exe2014-03-31 16:35 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe2014-03-26 03:22 . 2014-03-26 03:22 43216 ----a-w- c:\windows\system32\cmdcsr.dll2014-03-26 03:22 . 2014-03-26 03:22 363504 ----a-w- c:\windows\SysWow64\guard32.dll2014-03-26 03:22 . 2014-03-26 03:22 453680 ----a-w- c:\windows\system32\guard64.dll2014-03-26 03:22 . 2014-03-26 03:22 45784 ----a-w- c:\windows\system32\cmdkbd64.dll2014-03-26 03:22 . 2014-03-26 03:22 352984 ----a-w- c:\windows\system32\cmdvrt64.dll2014-03-26 03:22 . 2014-03-26 03:22 284888 ----a-w- c:\windows\SysWow64\cmdvrt32.dll2014-03-26 03:22 . 2014-03-26 03:22 40664 ----a-w- c:\windows\SysWow64\cmdkbd32.dll2014-03-04 09:17 . 2014-04-09 19:04 44032 ----a-w- c:\windows\apppatch\acwow64.dll2014-03-02 04:22 . 2014-03-02 04:22 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll2014-03-02 04:22 . 2014-03-02 04:22 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll2014-03-02 04:22 . 2014-03-02 04:22 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll2014-02-27 22:19 . 2014-02-27 22:19 194048 ----a-w- c:\windows\SysWow64\elshyph.dll2014-02-27 22:19 . 2014-02-27 22:19 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll2014-02-27 22:19 . 2014-02-27 22:19 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe2014-02-27 22:19 . 2014-02-27 22:19 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe2014-02-27 22:19 . 2014-02-27 22:19 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll2014-02-27 22:19 . 2014-02-27 22:19 62464 ----a-w- c:\windows\SysWow64\tdc.ocx2014-02-27 22:19 . 2014-02-27 22:19 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll2014-02-27 22:19 . 2014-02-27 22:19 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll2014-02-27 22:19 . 2014-02-27 22:19 36352 ----a-w- c:\windows\SysWow64\imgutil.dll2014-02-27 22:19 . 2014-02-27 22:19 337408 ----a-w- c:\windows\SysWow64\html.iec2014-02-27 22:19 . 2014-02-27 22:19 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll2014-02-27 22:19 . 2014-02-27 22:19 235008 ----a-w- c:\windows\system32\elshyph.dll2014-02-27 22:19 . 2014-02-27 22:19 182272 ----a-w- c:\windows\SysWow64\msls31.dll2014-02-27 22:19 . 2014-02-27 22:19 151552 ----a-w- c:\windows\SysWow64\iexpress.exe2014-02-27 22:19 . 2014-02-27 22:19 139264 ----a-w- c:\windows\SysWow64\wextract.exe2014-02-27 22:19 . 2014-02-27 22:19 13312 ----a-w- c:\windows\SysWow64\mshta.exe2014-02-27 22:19 . 2014-02-27 22:19 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll2014-02-27 22:19 . 2014-02-27 22:19 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll2014-02-27 22:19 . 2014-02-27 22:19 942592 ----a-w- c:\windows\system32\jsIntl.dll2014-02-27 22:19 . 2014-02-27 22:19 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe2014-02-27 22:19 . 2014-02-27 22:19 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe2014-02-27 22:19 . 2014-02-27 22:19 84992 ----a-w- c:\windows\system32\mshtmled.dll2014-02-27 22:19 . 2014-02-27 22:19 83968 ----a-w- c:\windows\system32\MshtmlDac.dll2014-02-27 22:19 . 2014-02-27 22:19 81408 ----a-w- c:\windows\system32\icardie.dll2014-02-27 22:19 . 2014-02-27 22:19 774144 ----a-w- c:\windows\system32\jscript.dll2014-02-27 22:19 . 2014-02-27 22:19 77312 ----a-w- c:\windows\system32\tdc.ocx2014-02-27 22:19 . 2014-02-27 22:19 62464 ----a-w- c:\windows\system32\pngfilt.dll2014-02-27 22:19 . 2014-02-27 22:19 616104 ----a-w- c:\windows\system32\ieapfltr.dat2014-02-27 22:19 . 2014-02-27 22:19 52224 ----a-w- c:\windows\system32\msfeedsbs.dll2014-02-27 22:19 . 2014-02-27 22:19 48640 ----a-w- c:\windows\system32\mshtmler.dll2014-02-27 22:19 . 2014-02-27 22:19 48128 ----a-w- c:\windows\system32\imgutil.dll2014-02-27 22:19 . 2014-02-27 22:19 413696 ----a-w- c:\windows\system32\html.iec2014-02-27 22:19 . 2014-02-27 22:19 30208 ----a-w- c:\windows\system32\licmgr10.dll2014-02-27 22:19 . 2014-02-27 22:19 263376 ----a-w- c:\windows\system32\iedkcs32.dll2014-02-27 22:19 . 2014-02-27 22:19 247808 ----a-w- c:\windows\system32\msls31.dll2014-02-27 22:19 . 2014-02-27 22:19 243200 ----a-w- c:\windows\system32\webcheck.dll2014-02-27 22:19 . 2014-02-27 22:19 235520 ----a-w- c:\windows\system32\url.dll2014-02-27 22:19 . 2014-02-27 22:19 167424 ----a-w- c:\windows\system32\iexpress.exe2014-02-27 22:19 . 2014-02-27 22:19 147968 ----a-w- c:\windows\system32\occache.dll2014-02-27 22:19 . 2014-02-27 22:19 143872 ----a-w- c:\windows\system32\wextract.exe2014-02-27 22:19 . 2014-02-27 22:19 13824 ----a-w- c:\windows\system32\mshta.exe2014-02-27 22:19 . 2014-02-27 22:19 135680 ----a-w- c:\windows\system32\iepeers.dll2014-02-27 22:19 . 2014-02-27 22:19 13312 ----a-w- c:\windows\system32\msfeedssync.exe2014-02-27 22:19 . 2014-02-27 22:19 131072 ----a-w- c:\windows\system32\IEAdvpack.dll2014-02-27 22:19 . 2014-02-27 22:19 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll2014-02-27 22:19 . 2014-02-27 22:19 105984 ----a-w- c:\windows\system32\iesysprep.dll2014-02-27 22:19 . 2014-02-27 22:19 101376 ----a-w- c:\windows\system32\inseng.dll2014-02-11 02:51 . 2014-02-11 02:51 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll2014-02-11 02:51 . 2014-02-11 02:51 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll2014-02-11 02:51 . 2014-02-11 02:51 648192 ----a-w- c:\windows\system32\d3d10level9.dll2014-02-11 02:51 . 2014-02-11 02:51 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll2014-02-11 02:51 . 2014-02-11 02:51 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll2014-02-11 02:51 . 2014-02-11 02:51 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll2014-02-11 02:51 . 2014-02-11 02:51 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll2014-02-11 02:51 . 2014-02-11 02:51 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll2014-02-11 02:51 . 2014-02-11 02:51 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll2014-02-11 02:51 . 2014-02-11 02:51 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll2014-02-11 02:51 . 2014-02-11 02:51 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll2014-02-11 02:51 . 2014-02-11 02:51 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll2014-02-11 02:51 . 2014-02-11 02:51 363008 ----a-w- c:\windows\system32\dxgi.dll2014-02-11 02:51 . 2014-02-11 02:51 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll2014-02-11 02:51 . 2014-02-11 02:51 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll2014-02-11 02:51 . 2014-02-11 02:51 333312 ----a-w- c:\windows\system32\d3d10_1core.dll2014-02-11 02:51 . 2014-02-11 02:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll2014-02-11 02:51 . 2014-02-11 02:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll2014-02-11 02:51 . 2014-02-11 02:51 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll2014-02-11 02:51 . 2014-02-11 02:51 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll2014-02-11 02:51 . 2014-02-11 02:51 296960 ----a-w- c:\windows\system32\d3d10core.dll2014-02-11 02:51 . 2014-02-11 02:51 293376 ----a-w- c:\windows\SysWow64\dxgi.dll2014-02-11 02:51 . 2014-02-11 02:51 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll2014-02-11 02:51 . 2014-02-11 02:51 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll2014-02-11 02:51 . 2014-02-11 02:51 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll2014-02-11 02:51 . 2014-02-11 02:51 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll2014-02-11 02:51 . 2014-02-11 02:51 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll2014-02-11 02:51 . 2014-02-11 02:51 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll2014-02-11 02:51 . 2014-02-11 02:51 221184 ----a-w- c:\windows\system32\UIAnimation.dll2014-02-11 02:51 . 2014-02-11 02:51 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll2014-02-11 02:51 . 2014-02-11 02:51 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll2014-02-11 02:51 . 2014-02-11 02:51 194560 ----a-w- c:\windows\system32\d3d10_1.dll2014-02-11 02:51 . 2014-02-11 02:51 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll2014-02-11 02:51 . 2014-02-11 02:51 1682432 ----a-w- c:\windows\system32\XpsPrint.dll2014-02-11 02:51 . 2014-02-11 02:51 1643520 ----a-w- c:\windows\system32\DWrite.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-14 642656]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk - c:\program files (x86)\NETGEAR\WNA3100\WNA3100.exe [2014-2-10 8266456].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0)"DisableCAD"= 1 (0x1).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]"LoadAppInit_DLLs"=1 (0x1).[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]@="".R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]R2 WSWNA3100;WSWNA3100;c:\program files (x86)\NETGEAR\WNA3100\WifiSvc.exe;c:\program files (x86)\NETGEAR\WNA3100\WifiSvc.exe [x]R3 andnetadb;ADB Interface DriverNet;c:\windows\system32\Drivers\lgandnetadb.sys;c:\windows\SYSNATIVE\Drivers\lgandnetadb.sys [x]R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]R3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;c:\windows\system32\DRIVERS\lgandnetndis64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetndis64.sys [x]R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]R3 pneteth;PdaNet Broadband;c:\windows\system32\DRIVERS\pneteth.sys;c:\windows\SYSNATIVE\DRIVERS\pneteth.sys [x]R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]R3 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys;c:\windows\SYSNATIVE\DRIVERS\scmndisp.sys [x]S1 bdfwfpf;bdfwfpf;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [x]S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]S1 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]S2 gzserv;Bitdefender Antivirus Free Edition;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe [x]S2 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\DRIVERS\bcmwlhigh664.sys;c:\windows\SYSNATIVE\DRIVERS\bcmwlhigh664.sys [x]S3 HPKBx64;HP Keyboard Smart Card Driver;c:\windows\system32\DRIVERS\HPKBx64.sys;c:\windows\SYSNATIVE\DRIVERS\HPKBx64.sys [x]S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]..[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]iissvcs REG_MULTI_SZ w3svc wasapphost REG_MULTI_SZ apphostsvc..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2014-03-26 1275608]"MsmqIntCert"="mqrt.dll" [2010-11-21 247808].------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmmLocal Page = c:\windows\SysWOW64\blank.htmTCP: DhcpNameServer = 192.168.1.1FF - ProfilePath - c:\users\Sirly\AppData\Roaming\Mozilla\Firefox\Profiles\jvy1qi3l.default-1398738901204\.- - - - ORPHANS REMOVED - - - -.ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)AddRemove-{8e70e4e1-06d7-470b-9f74-a51bef21088e} - c:\programdata\Package Cache\{8e70e4e1-06d7-470b-9f74-a51bef21088e}\vcredist_x86.exe.."ImagePath"="\"c:\program files\COMODO\COMODO Internet Security\cmdagent.exe\"""Filename"="HKLM\SYSTEM\ControlSet001\services\MBAMWebAccessControl\ImagePath""ImagePath"="\"c:\program files\COMODO\COMODO Internet Security\cmdagent.exe\"""Filename"="HKLM\SYSTEM\ControlSet001\services\MBAMWebAccessControl\ImagePath""DeviceName"="HKLM\SYSTEM\ControlSet001\services\MBAMWebAccessControl\ImagePath".--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Installer\Sym_Cam\CIS]"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Configurations]"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Data]"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Options]"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\.[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\.[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\.Completion time: 2014-05-01 09:52:23ComboFix-quarantined-files.txt 2014-05-01 16:52ComboFix2.txt 2014-04-26 01:34.Pre-Run: 146,804,121,600 bytes freePost-Run: 146,588,532,736 bytes free.- - End Of File - - 7C786C7CC2D05981F29F27B74B76BA6AA36C5E4F47E84449FF07ED3517B43A31 Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 2, 2014 Root Admin ID:826051 Share Posted May 2, 2014 Please use the MBAM CLEAN removal but do not reinstall MBAM just yet. Then restart the computer and let me know what issues you're still seeing or having. Link to post Share on other sites More sharing options...
Brett1337Vierra Posted May 2, 2014 Author ID:826101 Share Posted May 2, 2014 Seems ok Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 2, 2014 Root Admin ID:826104 Share Posted May 2, 2014 Please restart the computer 2 times. Then run the following for me. Please download MiniToolBox save it to your desktop and run it.Checkmark the following check-boxes:Flush DNS Report IE Proxy Settings Reset IE Proxy Settings Report FF Proxy Settings Reset FF Proxy Settings List content of Hosts List IP configuration List Winsock Entries List last 10 Event Viewer log List Installed Programs List Devices List Users, Partitions and Memory size. List Minidump FilesClick Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.Note: When using Reset FF Proxy Settings option Firefox should be closed. Link to post Share on other sites More sharing options...
Brett1337Vierra Posted May 2, 2014 Author ID:826290 Share Posted May 2, 2014 Here it isResult.txt Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 3, 2014 Root Admin ID:826397 Share Posted May 3, 2014 Please visit this Microsoft lik and run their automated fix. It should correct these errorsError: (05/02/2014 10:51:08 AM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Event ID 10 is logged in the Application log Then run this other one for the cdrom errorError: (05/02/2014 10:49:47 AM) (Source: Service Control Manager) (User: )Description: The following boot-start or system-start driver(s) failed to load:cdromEvent ID 7000 or 7026 is logged in the System log on a computer that is running Windows 7 Once that is complete then restart the computer 2 more times again and run FRST again but make sure ADDITION is checked and post back both new logs. Please download Farbar Recovery Scan Tool and save it to your desktop.Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bitDouble-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply as well. Link to post Share on other sites More sharing options...
Brett1337Vierra Posted May 3, 2014 Author ID:826585 Share Posted May 3, 2014 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2014Ran by Sirly (administrator) on VITTORIO-PC on 03-05-2014 10:17:48Running from C:\Users\Sirly\DesktopWindows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: NormalThe only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe(AMD) C:\Windows\System32\atiesrxx.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe(AMD) C:\Windows\System32\atieclxx.exe(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe(Microsoft Corporation) C:\Windows\System32\mqsvc.exe(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe==================== Registry (Whitelisted) ==================HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-25] (COMODO)HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dllHKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-14] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-20] (Adobe Systems Incorporated)HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTIONHKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTIONWinlogon\Notify\ScCertProp: wlnotify.dll [X]Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnkShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()==================== Internet (Whitelisted) ====================HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3E51F0CA5363CF01HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-USStartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exeBHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No FileHandler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1FireFox:========FF ProfilePath: C:\Users\Sirly\AppData\Roaming\Mozilla\Firefox\Profiles\jvy1qi3l.default-1398738901204FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)==================== Services (Whitelisted) =================R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-14] (Advanced Micro Devices, Inc.)R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-20] (Microsoft Corporation)R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)S2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] ()==================== Drivers (Whitelisted) ====================S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2012-07-03] (Google Inc)S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2012-11-02] (BitDefender)R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-04-16] (COMODO)R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2014-04-16] (COMODO)R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)R3 HPKBx64; C:\Windows\System32\DRIVERS\HPKBx64.sys [57856 2013-03-19] (Hewlett-Packard Company)R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105552 2014-04-16] (COMODO)R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104560 2012-04-25] (Qualcomm Atheros Co., Ltd.)R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]S3 catchme; \??\C:\ComboFix\catchme.sys [X]S2 mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [X]S3 VGPU; System32\drivers\rdvgkmd.sys [X]S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]==================== NetSvcs (Whitelisted) ======================================= One Month Created Files and Folders ========2014-05-03 10:06 - 2014-05-03 10:06 - 02062336 _____ (Farbar) C:\Users\Sirly\Desktop\FRST64.exe2014-05-02 22:00 - 2014-04-29 07:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-05-02 22:00 - 2014-04-29 06:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-05-02 22:00 - 2014-04-29 05:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-05-02 22:00 - 2014-04-29 05:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-05-02 11:10 - 2014-05-02 11:15 - 00054331 _____ () C:\Users\Sirly\Desktop\Result.txt2014-05-02 11:08 - 2014-05-02 11:08 - 00982016 _____ (Farbar) C:\Users\Sirly\Desktop\MiniToolBox.exe2014-05-01 18:39 - 2014-05-01 18:39 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Comodo2014-05-01 10:42 - 2014-05-01 10:42 - 00000000 ____D () C:\Users\Beta\AppData\Local\Adobe2014-05-01 09:52 - 2014-05-01 09:52 - 00025186 _____ () C:\ComboFix.txt2014-05-01 09:19 - 2014-05-01 09:19 - 05197895 ____R (Swearware) C:\Users\Sirly\Desktop\ComboFix.exe2014-04-30 12:09 - 2014-04-30 12:09 - 00018141 _____ () C:\Users\Sirly\Desktop\CheckResults.txt2014-04-30 11:58 - 2014-05-03 10:17 - 00008271 _____ () C:\Users\Sirly\Desktop\FRST.txt2014-04-30 11:56 - 2014-05-03 10:12 - 00018711 _____ () C:\Users\Sirly\Desktop\Addition.txt2014-04-29 10:21 - 2014-04-29 10:22 - 17290592 _____ (Malwarebytes Corporation ) C:\Users\Sirly\Desktop\mbam-setup-consumer-2.0.2.1007.exe2014-04-29 10:20 - 2014-04-29 10:20 - 00315392 _____ (Malwarebytes Corporation) C:\Users\Sirly\Desktop\mbam-clean-2.0.2.0.exe2014-04-29 10:19 - 2014-04-29 10:19 - 01673896 _____ (Malwarebytes Corporation) C:\Users\Sirly\Desktop\mbam-check-2.1.0.0002.exe2014-04-28 21:02 - 2014-04-28 21:02 - 00000000 ____D () C:\Windows\SysWOW64\Atheros_L1e2014-04-28 19:35 - 2014-04-28 19:35 - 00000000 ____D () C:\Users\Sirly\Desktop\Old Firefox Data2014-04-28 15:26 - 2014-04-28 15:26 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Adobe2014-04-28 12:55 - 2014-04-28 12:55 - 00854355 _____ () C:\Users\Sirly\Desktop\SecurityCheck.exe2014-04-28 12:16 - 2014-04-28 12:16 - 00000629 _____ () C:\Users\Sirly\Desktop\JRT.txt2014-04-27 21:30 - 2014-04-27 21:30 - 01016261 _____ (Thisisu) C:\Users\Sirly\Desktop\JRT.exe2014-04-27 21:16 - 2014-04-27 21:16 - 00448512 _____ (OldTimer Tools) C:\Users\Sirly\Desktop\TFC.exe2014-04-25 17:58 - 2011-06-25 23:45 - 00256000 _____ () C:\Windows\PEV.exe2014-04-25 17:58 - 2010-11-07 10:20 - 00208896 _____ () C:\Windows\MBR.exe2014-04-25 17:58 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe2014-04-25 17:58 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe2014-04-25 17:58 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe2014-04-25 17:58 - 2000-08-30 17:00 - 00098816 _____ () C:\Windows\sed.exe2014-04-25 17:58 - 2000-08-30 17:00 - 00080412 _____ () C:\Windows\grep.exe2014-04-25 17:58 - 2000-08-30 17:00 - 00068096 _____ () C:\Windows\zip.exe2014-04-25 17:56 - 2014-05-01 09:52 - 00000000 ____D () C:\Qoobox2014-04-25 14:16 - 2014-04-25 14:17 - 00000000 ____D () C:\AdwCleaner2014-04-25 12:09 - 2014-04-25 12:12 - 10303344 _____ () C:\Users\Beta\Downloads\Kit_Kat_Xperience.zip2014-04-25 11:00 - 2014-04-25 11:24 - 436903589 _____ () C:\Users\Beta\Downloads\Samurai_4-9-2014.zip2014-04-25 10:54 - 2012-07-03 11:58 - 00031744 _____ (Google Inc) C:\Windows\system32\Drivers\lgandnetadb.sys2014-04-25 10:54 - 2012-07-03 11:50 - 00036352 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetmodem64.sys2014-04-25 10:54 - 2012-07-03 11:50 - 00029184 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetdiag64.sys2014-04-25 10:53 - 2014-04-25 10:53 - 00000000 ____D () C:\Program Files (x86)\LG Electronics2014-04-25 10:49 - 2013-02-25 18:01 - 00000000 ____D () C:\Users\Beta\Desktop\spirited_away2014-04-25 07:16 - 2014-04-25 07:16 - 00000000 ____D () C:\Windows\ERUNT2014-04-25 07:03 - 2014-04-25 07:13 - 00000000 ____D () C:\Users\Sirly\Desktop\mbar2014-04-25 07:03 - 2014-04-25 07:03 - 01365865 _____ () C:\Users\Sirly\Desktop\AdwCleaner.exe2014-04-25 07:02 - 2014-04-25 07:03 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Sirly\Desktop\mbar-1.07.0.1009.exe2014-04-24 13:33 - 2014-04-24 13:34 - 00000000 ____D () C:\Users\Sirly\Desktop\GrantPerms642014-04-24 13:21 - 2014-04-24 13:21 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Boredom Software2014-04-24 13:19 - 2014-04-24 13:19 - 00000000 ____D () C:\Program Files (x86)\Boredom Software2014-04-24 13:17 - 2014-04-24 13:17 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\WinRAR2014-04-24 13:03 - 2014-04-24 13:03 - 00002956 _____ () C:\Users\Sirly\Desktop\RKreport[0]_S_04242014_130356.txt2014-04-24 12:41 - 2014-04-24 12:41 - 00000000 ____D () C:\Users\Sirly\AppData\Local\CrashDumps2014-04-24 12:27 - 2014-04-24 12:27 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Macromedia2014-04-24 12:20 - 2014-04-24 13:00 - 00000000 ____D () C:\Users\Sirly\Desktop\RK_Quarantine2014-04-24 12:19 - 2014-04-24 12:19 - 04527616 _____ () C:\Users\Sirly\Desktop\RogueKillerX64.exe2014-04-24 12:07 - 2014-04-25 18:27 - 00000000 ____D () C:\Windows\ERDNT2014-04-24 12:06 - 2014-04-24 12:06 - 00000924 _____ () C:\Users\Sirly\Desktop\NTREGOPT.lnk2014-04-24 12:06 - 2014-04-24 12:06 - 00000924 _____ () C:\Users\Administrator\Desktop\NTREGOPT.lnk2014-04-24 12:06 - 2014-04-24 12:06 - 00000905 _____ () C:\Users\Sirly\Desktop\ERUNT.lnk2014-04-24 12:06 - 2014-04-24 12:06 - 00000905 _____ () C:\Users\Administrator\Desktop\ERUNT.lnk2014-04-24 12:06 - 2014-04-24 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT2014-04-24 12:06 - 2014-04-24 12:06 - 00000000 ____D () C:\Program Files (x86)\ERUNT2014-04-24 12:01 - 2014-04-25 08:06 - 00002522 _____ () C:\Users\Sirly\Desktop\Rkill.txt2014-04-24 12:00 - 2014-04-24 12:00 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Sirly\Desktop\rkill.exe2014-04-24 11:38 - 2014-04-24 11:38 - 00024505 _____ () C:\Users\Beta\Documents\CisReport_x64_v7.0.317799.4142_20140424-113807.zip2014-04-24 11:38 - 2014-04-24 11:38 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\WinRAR2014-04-22 12:05 - 2012-05-31 22:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll2014-04-22 12:05 - 2012-05-31 22:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll2014-04-22 12:05 - 2012-05-31 22:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll2014-04-22 12:05 - 2012-05-31 22:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll2014-04-22 12:05 - 2012-05-31 22:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll2014-04-22 12:05 - 2012-05-31 22:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe2014-04-22 12:05 - 2012-05-31 21:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll2014-04-22 12:05 - 2012-05-31 21:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll2014-04-22 12:05 - 2012-05-31 21:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll2014-04-22 12:05 - 2012-05-31 21:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll2014-04-22 12:05 - 2012-05-31 21:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll2014-04-22 12:05 - 2012-05-31 21:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe2014-04-21 17:46 - 2014-04-22 22:17 - 00047601 _____ () C:\Windows\iis7.log2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\system32\msmq2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\system32\BestPractices2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\inetpub2014-04-21 17:29 - 2014-04-21 17:29 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Mozilla2014-04-21 17:29 - 2014-04-21 17:29 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Mozilla2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\ATI2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Local\ATI2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Local\AMD2014-04-21 14:37 - 2014-04-21 14:42 - 00014830 _____ () C:\Users\Administrator\Downloads\Addition.txt2014-04-21 14:36 - 2014-05-03 10:17 - 00000000 ____D () C:\FRST2014-04-21 14:36 - 2014-04-21 14:42 - 00057207 _____ () C:\Users\Administrator\Downloads\FRST.txt2014-04-21 14:25 - 2014-04-21 14:25 - 02061312 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe2014-04-21 14:08 - 2014-04-21 14:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Adobe2014-04-21 11:46 - 2014-04-21 11:46 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia2014-04-21 11:46 - 2014-04-21 11:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Macromedia2014-04-21 11:44 - 2014-04-21 11:44 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Mozilla2014-04-21 11:44 - 2014-04-21 11:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Mozilla2014-04-21 11:15 - 2014-04-21 11:15 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieUserList2014-04-21 11:15 - 2014-04-21 11:15 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieSiteList2014-04-21 11:09 - 2014-04-21 11:09 - 00058016 _____ () C:\Users\Sirly\AppData\Local\GDIPFONTCACHEV1.DAT2014-04-21 11:09 - 2014-04-21 11:09 - 00001413 _____ () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ____D () C:\Users\Sirly\AppData\Local\VirtualStore2014-04-19 00:25 - 2014-04-19 00:25 - 00000000 ____D () C:\Users\Beta\AppData\Local\Macromedia2014-04-18 22:12 - 2014-04-18 22:12 - 00000000 __SHD () C:\Users\Beta\AppData\Local\EmieUserList2014-04-18 22:12 - 2014-04-18 22:12 - 00000000 __SHD () C:\Users\Beta\AppData\Local\EmieSiteList2014-04-18 20:54 - 2014-04-18 20:54 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Macromedia2014-04-18 20:13 - 2014-04-28 15:26 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Adobe2014-04-18 20:13 - 2014-04-18 22:04 - 00000000 ____D () C:\Users\Sirly\Documents\InfiniteCrisis2014-04-18 20:13 - 2014-04-18 20:14 - 00000000 ____D () C:\Users\Sirly\AppData\Local\InfiniteCrisis2014-04-18 20:13 - 2014-04-18 20:13 - 00000000 __SHD () C:\Users\Sirly\AppData\Local\EmieUserList2014-04-18 20:13 - 2014-04-18 20:13 - 00000000 __SHD () C:\Users\Sirly\AppData\Local\EmieSiteList2014-04-18 20:12 - 2014-04-18 20:13 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Turbine2014-04-18 19:52 - 2014-04-18 20:12 - 00000000 ____D () C:\Users\Beta\Documents\InfiniteCrisis2014-04-18 19:51 - 2014-04-18 19:52 - 00000000 ____D () C:\Users\Beta\AppData\Local\InfiniteCrisis2014-04-18 19:49 - 2014-04-22 12:18 - 00000000 ____D () C:\Users\Beta\AppData\Local\Turbine2014-04-18 18:01 - 2014-05-02 22:15 - 00000000 ____D () C:\Users\Sirly2014-04-18 18:01 - 2014-04-18 18:01 - 00000020 ___SH () C:\Users\Sirly\ntuser.ini2014-04-18 18:01 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories2014-04-18 18:01 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance2014-04-18 17:56 - 2014-04-18 17:56 - 00000000 ____D () C:\Users\Beta\AppData\Local\AMD2014-04-18 17:53 - 2014-04-18 17:53 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Mozilla2014-04-18 17:53 - 2014-04-18 17:53 - 00000000 ____D () C:\Users\Beta\AppData\Local\Mozilla2014-04-18 17:52 - 2014-04-18 17:52 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Macromedia2014-04-18 17:52 - 2014-04-18 17:52 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\LolClient2014-04-18 17:46 - 2014-04-18 17:46 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\ATI2014-04-18 17:46 - 2014-04-18 17:46 - 00000000 ____D () C:\Users\Beta\AppData\Local\ATI2014-04-18 17:41 - 2014-05-01 10:42 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Adobe2014-04-18 17:41 - 2014-04-18 17:41 - 00058016 _____ () C:\Users\Beta\AppData\Local\GDIPFONTCACHEV1.DAT2014-04-18 17:41 - 2014-04-18 17:41 - 00001413 _____ () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2014-04-18 17:41 - 2014-04-18 17:41 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-04-18 17:41 - 2014-04-18 17:41 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2014-04-18 17:40 - 2014-04-18 17:41 - 00000000 ____D () C:\Users\Beta2014-04-18 17:40 - 2014-04-18 17:40 - 00000020 ___SH () C:\Users\Beta\ntuser.ini2014-04-18 17:40 - 2014-04-18 17:40 - 00000000 ____D () C:\Users\Beta\AppData\Local\VirtualStore2014-04-18 17:40 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories2014-04-18 17:40 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\ATI2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Local\ATI2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Local\AMD2014-04-18 17:17 - 2014-04-21 14:08 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe2014-04-18 17:17 - 2014-04-18 17:17 - 00058016 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT2014-04-18 17:17 - 2014-04-18 17:17 - 00001409 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2014-04-18 17:17 - 2014-04-18 17:17 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ____D () C:\Users\Administrator2014-04-18 17:17 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories2014-04-18 17:17 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance2014-04-18 17:13 - 2014-04-18 17:26 - 00004040 __RSH () C:\ProgramData\ntuser.pol2014-04-18 12:17 - 2014-04-18 12:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk2014-04-18 12:16 - 2014-04-18 12:26 - 00000000 ____D () C:\ProgramData\Adobe2014-04-18 12:16 - 2014-04-18 12:16 - 00000000 ____D () C:\Program Files (x86)\Adobe2014-04-17 23:14 - 2014-05-03 09:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2014-04-17 23:14 - 2014-05-03 09:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-04-17 23:14 - 2014-04-17 23:14 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk2014-04-17 21:14 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll2014-04-17 21:14 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll2014-04-17 21:14 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll2014-04-17 21:14 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll2014-04-17 21:14 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll2014-04-17 21:14 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll2014-04-17 21:14 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll2014-04-17 21:14 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll2014-04-17 21:14 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll2014-04-17 21:14 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll2014-04-17 21:14 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll2014-04-17 21:14 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll2014-04-17 21:14 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll2014-04-17 21:14 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll2014-04-17 21:14 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll2014-04-17 21:14 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll2014-04-17 21:14 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll2014-04-17 21:14 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll2014-04-17 21:14 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll2014-04-17 21:14 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll2014-04-17 21:14 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll2014-04-17 21:14 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll2014-04-17 21:14 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll2014-04-17 21:14 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll2014-04-17 21:14 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll2014-04-17 21:14 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll2014-04-17 21:14 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll2014-04-17 21:14 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll2014-04-17 21:14 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll2014-04-17 21:14 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll2014-04-17 21:14 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll2014-04-17 21:14 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll2014-04-17 21:14 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll2014-04-17 21:14 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll2014-04-17 21:14 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll2014-04-17 21:14 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll2014-04-17 21:14 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll2014-04-17 21:14 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll2014-04-17 21:14 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll2014-04-17 21:14 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll2014-04-17 21:14 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll2014-04-17 21:14 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll2014-04-17 21:14 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll2014-04-17 21:14 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll2014-04-17 21:14 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll2014-04-17 21:14 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll2014-04-17 21:14 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll2014-04-17 21:14 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll2014-04-17 21:14 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll2014-04-17 21:14 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll2014-04-17 21:14 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll2014-04-17 21:14 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll2014-04-17 21:13 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll2014-04-17 21:13 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll2014-04-17 21:13 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll2014-04-17 21:13 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll2014-04-17 21:13 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll2014-04-17 21:13 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll2014-04-17 21:13 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll2014-04-17 21:13 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll2014-04-17 21:13 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll2014-04-17 21:13 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll2014-04-17 21:13 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll2014-04-17 21:13 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll2014-04-17 21:13 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll2014-04-17 21:13 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll2014-04-17 21:13 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll2014-04-17 21:13 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll2014-04-17 21:13 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll2014-04-17 21:13 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll2014-04-17 21:13 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll2014-04-17 21:13 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll2014-04-17 21:13 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll2014-04-17 21:13 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll2014-04-17 21:13 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll2014-04-17 21:13 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll2014-04-17 21:13 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll2014-04-17 21:13 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll2014-04-17 21:13 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll2014-04-17 21:13 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll2014-04-17 21:13 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll2014-04-17 21:13 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll2014-04-17 21:13 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll2014-04-17 21:13 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll2014-04-17 21:13 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll2014-04-17 21:13 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll2014-04-17 21:13 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll2014-04-17 21:13 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll2014-04-17 21:13 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll2014-04-17 21:13 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll2014-04-17 21:13 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll2014-04-17 21:13 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll2014-04-17 21:13 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll2014-04-17 21:13 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll2014-04-17 21:13 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll2014-04-17 21:13 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll2014-04-17 21:13 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll2014-04-17 21:13 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll2014-04-17 21:13 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll2014-04-17 21:13 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll2014-04-17 21:13 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll2014-04-17 21:13 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll2014-04-17 21:13 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll2014-04-17 21:13 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll2014-04-17 21:13 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll2014-04-17 21:13 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll2014-04-17 21:13 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll2014-04-17 21:13 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll2014-04-17 21:13 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll2014-04-17 21:13 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll2014-04-17 21:13 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll2014-04-17 21:13 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll2014-04-17 21:13 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll2014-04-17 21:13 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll2014-04-17 21:13 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll2014-04-17 21:13 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll2014-04-17 21:13 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll2014-04-17 21:13 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll2014-04-17 21:13 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll2014-04-17 21:13 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll2014-04-17 21:13 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll2014-04-17 21:13 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll2014-04-17 21:13 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll2014-04-17 21:13 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll2014-04-17 21:13 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll2014-04-17 21:13 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll2014-04-17 21:13 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll2014-04-17 21:13 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll2014-04-17 21:13 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll2014-04-17 21:13 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll2014-04-17 21:13 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll2014-04-17 21:13 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll2014-04-17 21:13 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll2014-04-17 21:13 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll2014-04-17 21:13 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll2014-04-17 21:13 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll2014-04-17 21:13 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll2014-04-17 21:13 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll2014-04-17 21:13 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll2014-04-17 21:13 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll2014-04-17 21:13 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll2014-04-17 21:13 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll2014-04-17 21:13 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll2014-04-17 21:13 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll2014-04-17 21:13 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll2014-04-17 21:13 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll2014-04-17 21:13 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll2014-04-17 21:13 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll2014-04-17 21:13 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll2014-04-17 21:13 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll2014-04-17 21:13 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll2014-04-17 21:13 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll2014-04-17 21:13 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll2014-04-17 21:13 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll2014-04-17 21:13 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll2014-04-17 21:13 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll2014-04-17 21:13 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll2014-04-17 21:13 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll2014-04-17 21:13 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll2014-04-17 21:13 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll2014-04-17 21:13 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll2014-04-17 21:13 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll2014-04-17 21:13 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll2014-04-17 21:13 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll2014-04-17 21:13 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll2014-04-17 21:13 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll2014-04-17 21:12 - 2014-04-18 03:10 - 00000000 ____D () C:\Program Files (x86)\InfiniteCrisis2014-04-17 21:12 - 2014-04-17 21:13 - 00010123 _____ () C:\Windows\DirectX.log2014-04-17 21:12 - 2014-04-17 21:12 - 00000000 ____D () C:\ProgramData\Turbine2014-04-17 21:12 - 2014-04-17 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis2014-04-17 21:12 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll2014-04-17 21:12 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll2014-04-17 21:12 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll2014-04-17 21:12 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll2014-04-17 21:12 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll2014-04-17 21:12 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll2014-04-17 21:12 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll2014-04-17 21:12 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll2014-04-17 21:12 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll2014-04-17 21:12 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll2014-04-17 15:22 - 2014-04-17 15:22 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-04-17 15:22 - 2014-04-17 15:22 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-04-14 18:49 - 2014-04-22 22:16 - 00313636 _____ () C:\Windows\system32\Drivers\fvstore.dat2014-04-14 18:49 - 2014-04-14 18:49 - 00000000 ____D () C:\VTRoot2014-04-14 18:39 - 2014-04-14 18:39 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO2014-04-14 18:39 - 2014-04-14 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO2014-04-14 18:38 - 2014-04-14 18:39 - 00000000 ___SD () C:\ProgramData\Shared Space2014-04-14 18:37 - 2014-04-14 18:37 - 00000000 ____D () C:\Program Files\COMODO2014-04-14 18:31 - 2014-04-14 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition2014-04-14 18:31 - 2013-04-17 14:59 - 00718840 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys2014-04-14 18:31 - 2013-04-17 14:59 - 00593144 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys2014-04-14 18:29 - 2014-04-14 18:31 - 00000000 ____D () C:\Program Files\Bitdefender2014-04-14 18:29 - 2013-05-28 12:12 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys2014-04-14 18:29 - 2013-04-22 13:21 - 00148696 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys2014-04-14 18:20 - 2014-04-14 18:20 - 00000000 ____D () C:\ProgramData\Comodo Downloader2014-04-14 18:18 - 2014-04-18 15:10 - 00000000 ____D () C:\ProgramData\Comodo2014-04-14 18:10 - 2014-05-01 21:11 - 00338276 _____ () C:\Windows\PFRO.log2014-04-09 22:32 - 2014-03-06 02:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-04-09 22:32 - 2014-03-06 01:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-04-09 22:32 - 2014-03-06 01:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-04-09 22:32 - 2014-03-06 01:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-04-09 22:32 - 2014-03-06 01:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-04-09 22:32 - 2014-03-06 01:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-04-09 22:32 - 2014-03-06 01:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-04-09 22:32 - 2014-03-06 01:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-04-09 22:32 - 2014-03-06 01:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-04-09 22:32 - 2014-03-06 01:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-04-09 22:32 - 2014-03-06 01:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-04-09 22:32 - 2014-03-06 01:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-04-09 22:32 - 2014-03-06 01:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-04-09 22:32 - 2014-03-06 01:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-04-09 22:32 - 2014-03-06 01:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-04-09 22:32 - 2014-03-06 01:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-04-09 22:32 - 2014-03-06 01:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-04-09 22:32 - 2014-03-06 01:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-04-09 22:32 - 2014-03-06 00:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-04-09 22:32 - 2014-03-06 00:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-04-09 22:32 - 2014-03-06 00:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-04-09 22:32 - 2014-03-06 00:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-04-09 22:32 - 2014-03-06 00:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-04-09 22:32 - 2014-03-06 00:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-04-09 22:32 - 2014-03-06 00:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-04-09 22:32 - 2014-03-06 00:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-04-09 22:32 - 2014-03-06 00:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-04-09 22:32 - 2014-03-06 00:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-04-09 22:32 - 2014-03-06 00:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-04-09 22:32 - 2014-03-06 00:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-04-09 22:32 - 2014-03-06 00:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-04-09 22:32 - 2014-03-06 00:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-04-09 22:32 - 2014-03-06 00:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-04-09 22:32 - 2014-03-06 00:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-04-09 22:32 - 2014-03-05 23:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-04-09 22:32 - 2014-03-05 23:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-04-09 22:32 - 2014-03-05 23:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-04-09 22:32 - 2014-03-05 23:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-04-09 22:32 - 2014-03-05 23:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-04-09 22:32 - 2014-03-05 22:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-04-09 22:32 - 2014-03-05 22:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-04-09 22:32 - 2014-03-05 22:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-04-09 22:32 - 2014-03-05 22:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-04-09 22:32 - 2014-03-05 22:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-04-09 12:04 - 2014-03-04 02:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll2014-04-09 12:04 - 2014-03-04 02:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll2014-04-09 12:04 - 2014-03-04 02:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2014-04-09 12:04 - 2014-03-04 02:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll2014-04-09 12:04 - 2014-03-04 02:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll2014-04-09 12:04 - 2014-03-04 02:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2014-04-09 12:04 - 2014-03-04 02:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll2014-04-09 12:04 - 2014-03-04 02:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2014-04-09 12:04 - 2014-03-04 02:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2014-04-09 12:04 - 2014-03-04 01:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2014-04-09 12:04 - 2014-03-04 01:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2014-04-09 12:04 - 2014-02-03 19:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys2014-04-09 12:04 - 2014-02-03 19:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys2014-04-09 12:04 - 2014-02-03 19:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys2014-04-09 12:04 - 2014-02-03 19:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll2014-04-09 12:04 - 2014-02-03 19:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll2014-04-09 12:04 - 2014-01-23 19:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys==================== One Month Modified Files and Folders =======2014-05-03 10:17 - 2014-04-30 11:58 - 00008271 _____ () C:\Users\Sirly\Desktop\FRST.txt2014-05-03 10:17 - 2014-04-21 14:36 - 00000000 ____D () C:\FRST2014-05-03 10:17 - 2014-03-29 23:50 - 00010751 _____ () C:\Windows\setupact.log2014-05-03 10:17 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-05-03 10:17 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\inetsrv2014-05-03 10:13 - 2014-03-26 14:14 - 01539658 _____ () C:\Windows\WindowsUpdate.log2014-05-03 10:12 - 2014-04-30 11:56 - 00018711 _____ () C:\Users\Sirly\Desktop\Addition.txt2014-05-03 10:07 - 2009-07-13 21:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-05-03 10:07 - 2009-07-13 21:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-05-03 10:06 - 2014-05-03 10:06 - 02062336 _____ (Farbar) C:\Users\Sirly\Desktop\FRST64.exe2014-05-03 10:05 - 2009-07-13 22:13 - 00891324 _____ () C:\Windows\system32\PerfStringBackup.INI2014-05-03 09:59 - 2014-04-17 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2014-05-03 09:59 - 2014-04-17 23:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-05-02 22:15 - 2014-04-18 18:01 - 00000000 ____D () C:\Users\Sirly2014-05-02 11:15 - 2014-05-02 11:10 - 00054331 _____ () C:\Users\Sirly\Desktop\Result.txt2014-05-02 11:08 - 2014-05-02 11:08 - 00982016 _____ (Farbar) C:\Users\Sirly\Desktop\MiniToolBox.exe2014-05-01 21:11 - 2014-04-14 18:10 - 00338276 _____ () C:\Windows\PFRO.log2014-05-01 18:39 - 2014-05-01 18:39 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Comodo2014-05-01 10:42 - 2014-05-01 10:42 - 00000000 ____D () C:\Users\Beta\AppData\Local\Adobe2014-05-01 10:42 - 2014-04-18 17:41 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Adobe2014-05-01 09:52 - 2014-05-01 09:52 - 00025186 _____ () C:\ComboFix.txt2014-05-01 09:52 - 2014-04-25 17:56 - 00000000 ____D () C:\Qoobox2014-05-01 09:45 - 2009-07-13 19:34 - 00000215 _____ () C:\Windows\system.ini2014-05-01 09:19 - 2014-05-01 09:19 - 05197895 ____R (Swearware) C:\Users\Sirly\Desktop\ComboFix.exe2014-04-30 12:09 - 2014-04-30 12:09 - 00018141 _____ () C:\Users\Sirly\Desktop\CheckResults.txt2014-04-29 10:22 - 2014-04-29 10:21 - 17290592 _____ (Malwarebytes Corporation ) C:\Users\Sirly\Desktop\mbam-setup-consumer-2.0.2.1007.exe2014-04-29 10:20 - 2014-04-29 10:20 - 00315392 _____ (Malwarebytes Corporation) C:\Users\Sirly\Desktop\mbam-clean-2.0.2.0.exe2014-04-29 10:19 - 2014-04-29 10:19 - 01673896 _____ (Malwarebytes Corporation) C:\Users\Sirly\Desktop\mbam-check-2.1.0.0002.exe2014-04-29 07:01 - 2014-05-02 22:00 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-04-29 06:40 - 2014-05-02 22:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-04-29 05:48 - 2014-05-02 22:00 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-04-29 05:34 - 2014-05-02 22:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-04-28 21:02 - 2014-04-28 21:02 - 00000000 ____D () C:\Windows\SysWOW64\Atheros_L1e2014-04-28 21:01 - 2014-02-10 18:03 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2014-04-28 19:35 - 2014-04-28 19:35 - 00000000 ____D () C:\Users\Sirly\Desktop\Old Firefox Data2014-04-28 15:26 - 2014-04-28 15:26 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Adobe2014-04-28 15:26 - 2014-04-18 20:13 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Adobe2014-04-28 12:55 - 2014-04-28 12:55 - 00854355 _____ () C:\Users\Sirly\Desktop\SecurityCheck.exe2014-04-28 12:16 - 2014-04-28 12:16 - 00000629 _____ () C:\Users\Sirly\Desktop\JRT.txt2014-04-27 21:30 - 2014-04-27 21:30 - 01016261 _____ (Thisisu) C:\Users\Sirly\Desktop\JRT.exe2014-04-27 21:16 - 2014-04-27 21:16 - 00448512 _____ (OldTimer Tools) C:\Users\Sirly\Desktop\TFC.exe2014-04-25 18:27 - 2014-04-24 12:07 - 00000000 ____D () C:\Windows\ERDNT2014-04-25 18:22 - 2009-07-13 19:34 - 52166656 _____ () C:\Windows\system32\config\SOFTWARE.bak2014-04-25 18:22 - 2009-07-13 19:34 - 19136512 _____ () C:\Windows\system32\config\SYSTEM.bak2014-04-25 18:22 - 2009-07-13 19:34 - 00786432 _____ () C:\Windows\system32\config\DEFAULT.bak2014-04-25 18:22 - 2009-07-13 19:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak2014-04-25 18:22 - 2009-07-13 19:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak2014-04-25 14:17 - 2014-04-25 14:16 - 00000000 ____D () C:\AdwCleaner2014-04-25 12:12 - 2014-04-25 12:09 - 10303344 _____ () C:\Users\Beta\Downloads\Kit_Kat_Xperience.zip2014-04-25 11:24 - 2014-04-25 11:00 - 436903589 _____ () C:\Users\Beta\Downloads\Samurai_4-9-2014.zip2014-04-25 10:53 - 2014-04-25 10:53 - 00000000 ____D () C:\Program Files (x86)\LG Electronics2014-04-25 08:06 - 2014-04-24 12:01 - 00002522 _____ () C:\Users\Sirly\Desktop\Rkill.txt2014-04-25 07:16 - 2014-04-25 07:16 - 00000000 ____D () C:\Windows\ERUNT2014-04-25 07:13 - 2014-04-25 07:03 - 00000000 ____D () C:\Users\Sirly\Desktop\mbar2014-04-25 07:03 - 2014-04-25 07:03 - 01365865 _____ () C:\Users\Sirly\Desktop\AdwCleaner.exe2014-04-25 07:03 - 2014-04-25 07:02 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Sirly\Desktop\mbar-1.07.0.1009.exe2014-04-24 13:34 - 2014-04-24 13:33 - 00000000 ____D () C:\Users\Sirly\Desktop\GrantPerms642014-04-24 13:21 - 2014-04-24 13:21 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Boredom Software2014-04-24 13:19 - 2014-04-24 13:19 - 00000000 ____D () C:\Program Files (x86)\Boredom Software2014-04-24 13:17 - 2014-04-24 13:17 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\WinRAR2014-04-24 13:03 - 2014-04-24 13:03 - 00002956 _____ () C:\Users\Sirly\Desktop\RKreport[0]_S_04242014_130356.txt2014-04-24 13:00 - 2014-04-24 12:20 - 00000000 ____D () C:\Users\Sirly\Desktop\RK_Quarantine2014-04-24 12:41 - 2014-04-24 12:41 - 00000000 ____D () C:\Users\Sirly\AppData\Local\CrashDumps2014-04-24 12:27 - 2014-04-24 12:27 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Macromedia2014-04-24 12:19 - 2014-04-24 12:19 - 04527616 _____ () C:\Users\Sirly\Desktop\RogueKillerX64.exe2014-04-24 12:06 - 2014-04-24 12:06 - 00000924 _____ () C:\Users\Sirly\Desktop\NTREGOPT.lnk2014-04-24 12:06 - 2014-04-24 12:06 - 00000924 _____ () C:\Users\Administrator\Desktop\NTREGOPT.lnk2014-04-24 12:06 - 2014-04-24 12:06 - 00000905 _____ () C:\Users\Sirly\Desktop\ERUNT.lnk2014-04-24 12:06 - 2014-04-24 12:06 - 00000905 _____ () C:\Users\Administrator\Desktop\ERUNT.lnk2014-04-24 12:06 - 2014-04-24 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT2014-04-24 12:06 - 2014-04-24 12:06 - 00000000 ____D () C:\Program Files (x86)\ERUNT2014-04-24 12:00 - 2014-04-24 12:00 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Sirly\Desktop\rkill.exe2014-04-24 11:38 - 2014-04-24 11:38 - 00024505 _____ () C:\Users\Beta\Documents\CisReport_x64_v7.0.317799.4142_20140424-113807.zip2014-04-24 11:38 - 2014-04-24 11:38 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\WinRAR2014-04-22 22:17 - 2014-04-21 17:46 - 00047601 _____ () C:\Windows\iis7.log2014-04-22 22:16 - 2014-04-14 18:49 - 00313636 _____ () C:\Windows\system32\Drivers\fvstore.dat2014-04-22 22:16 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv2014-04-22 12:18 - 2014-04-18 19:49 - 00000000 ____D () C:\Users\Beta\AppData\Local\Turbine2014-04-21 20:18 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache2014-04-21 17:48 - 2014-02-10 18:11 - 00843060 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI2014-04-21 17:48 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\system32\msmq2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\Windows\system32\BestPractices2014-04-21 17:45 - 2014-04-21 17:45 - 00000000 ____D () C:\inetpub2014-04-21 17:45 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games2014-04-21 17:45 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files\Microsoft Games2014-04-21 17:29 - 2014-04-21 17:29 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Mozilla2014-04-21 17:29 - 2014-04-21 17:29 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Mozilla2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\ATI2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Local\ATI2014-04-21 15:40 - 2014-04-21 15:40 - 00000000 ____D () C:\Users\Sirly\AppData\Local\AMD2014-04-21 14:42 - 2014-04-21 14:37 - 00014830 _____ () C:\Users\Administrator\Downloads\Addition.txt2014-04-21 14:42 - 2014-04-21 14:36 - 00057207 _____ () C:\Users\Administrator\Downloads\FRST.txt2014-04-21 14:25 - 2014-04-21 14:25 - 02061312 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe2014-04-21 14:08 - 2014-04-21 14:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Adobe2014-04-21 14:08 - 2014-04-18 17:17 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe2014-04-21 11:46 - 2014-04-21 11:46 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia2014-04-21 11:46 - 2014-04-21 11:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Macromedia2014-04-21 11:44 - 2014-04-21 11:44 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Mozilla2014-04-21 11:44 - 2014-04-21 11:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Mozilla2014-04-21 11:37 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF2014-04-21 11:15 - 2014-04-21 11:15 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieUserList2014-04-21 11:15 - 2014-04-21 11:15 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieSiteList2014-04-21 11:09 - 2014-04-21 11:09 - 00058016 _____ () C:\Users\Sirly\AppData\Local\GDIPFONTCACHEV1.DAT2014-04-21 11:09 - 2014-04-21 11:09 - 00001413 _____ () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ___RD () C:\Users\Sirly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2014-04-21 11:09 - 2014-04-21 11:09 - 00000000 ____D () C:\Users\Sirly\AppData\Local\VirtualStore2014-04-19 00:25 - 2014-04-19 00:25 - 00000000 ____D () C:\Users\Beta\AppData\Local\Macromedia2014-04-18 22:12 - 2014-04-18 22:12 - 00000000 __SHD () C:\Users\Beta\AppData\Local\EmieUserList2014-04-18 22:12 - 2014-04-18 22:12 - 00000000 __SHD () C:\Users\Beta\AppData\Local\EmieSiteList2014-04-18 22:04 - 2014-04-18 20:13 - 00000000 ____D () C:\Users\Sirly\Documents\InfiniteCrisis2014-04-18 20:54 - 2014-04-18 20:54 - 00000000 ____D () C:\Users\Sirly\AppData\Roaming\Macromedia2014-04-18 20:14 - 2014-04-18 20:13 - 00000000 ____D () C:\Users\Sirly\AppData\Local\InfiniteCrisis2014-04-18 20:13 - 2014-04-18 20:13 - 00000000 __SHD () C:\Users\Sirly\AppData\Local\EmieUserList2014-04-18 20:13 - 2014-04-18 20:13 - 00000000 __SHD () C:\Users\Sirly\AppData\Local\EmieSiteList2014-04-18 20:13 - 2014-04-18 20:12 - 00000000 ____D () C:\Users\Sirly\AppData\Local\Turbine2014-04-18 20:12 - 2014-04-18 19:52 - 00000000 ____D () C:\Users\Beta\Documents\InfiniteCrisis2014-04-18 19:52 - 2014-04-18 19:51 - 00000000 ____D () C:\Users\Beta\AppData\Local\InfiniteCrisis2014-04-18 18:01 - 2014-04-18 18:01 - 00000020 ___SH () C:\Users\Sirly\ntuser.ini2014-04-18 17:56 - 2014-04-18 17:56 - 00000000 ____D () C:\Users\Beta\AppData\Local\AMD2014-04-18 17:53 - 2014-04-18 17:53 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Mozilla2014-04-18 17:53 - 2014-04-18 17:53 - 00000000 ____D () C:\Users\Beta\AppData\Local\Mozilla2014-04-18 17:52 - 2014-04-18 17:52 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\Macromedia2014-04-18 17:52 - 2014-04-18 17:52 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\LolClient2014-04-18 17:46 - 2014-04-18 17:46 - 00000000 ____D () C:\Users\Beta\AppData\Roaming\ATI2014-04-18 17:46 - 2014-04-18 17:46 - 00000000 ____D () C:\Users\Beta\AppData\Local\ATI2014-04-18 17:41 - 2014-04-18 17:41 - 00058016 _____ () C:\Users\Beta\AppData\Local\GDIPFONTCACHEV1.DAT2014-04-18 17:41 - 2014-04-18 17:41 - 00001413 _____ () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2014-04-18 17:41 - 2014-04-18 17:41 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-04-18 17:41 - 2014-04-18 17:41 - 00000000 ___RD () C:\Users\Beta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2014-04-18 17:41 - 2014-04-18 17:40 - 00000000 ____D () C:\Users\Beta2014-04-18 17:40 - 2014-04-18 17:40 - 00000020 ___SH () C:\Users\Beta\ntuser.ini2014-04-18 17:40 - 2014-04-18 17:40 - 00000000 ____D () C:\Users\Beta\AppData\Local\VirtualStore2014-04-18 17:30 - 2014-02-21 19:37 - 00000000 ____D () C:\Windows\system32\appmgmt2014-04-18 17:26 - 2014-04-18 17:13 - 00004040 __RSH () C:\ProgramData\ntuser.pol2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\ATI2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Local\ATI2014-04-18 17:22 - 2014-04-18 17:22 - 00000000 ____D () C:\Users\Administrator\AppData\Local\AMD2014-04-18 17:17 - 2014-04-18 17:17 - 00058016 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT2014-04-18 17:17 - 2014-04-18 17:17 - 00001409 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2014-04-18 17:17 - 2014-04-18 17:17 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2014-04-18 17:17 - 2014-04-18 17:17 - 00000000 ____D () C:\Users\Administrator2014-04-18 17:17 - 2009-07-13 21:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk2014-04-18 17:10 - 2009-07-13 20:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy2014-04-18 15:13 - 2014-03-29 23:50 - 00275712 _____ () C:\Windows\system32\FNTCACHE.DAT2014-04-18 15:10 - 2014-04-14 18:18 - 00000000 ____D () C:\ProgramData\Comodo2014-04-18 15:04 - 2014-02-11 16:52 - 00000000 ____D () C:\Riot Games2014-04-18 12:26 - 2014-04-18 12:16 - 00000000 ____D () C:\ProgramData\Adobe2014-04-18 12:17 - 2014-04-18 12:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk2014-04-18 12:16 - 2014-04-18 12:16 - 00000000 ____D () C:\Program Files (x86)\Adobe2014-04-18 03:10 - 2014-04-17 21:12 - 00000000 ____D () C:\Program Files (x86)\InfiniteCrisis2014-04-17 23:14 - 2014-04-17 23:14 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk2014-04-17 21:13 - 2014-04-17 21:12 - 00010123 _____ () C:\Windows\DirectX.log2014-04-17 21:12 - 2014-04-17 21:12 - 00000000 ____D () C:\ProgramData\Turbine2014-04-17 21:12 - 2014-04-17 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis2014-04-17 15:57 - 2014-02-21 21:39 - 00000000 ____D () C:\Windows\System32\Tasks\Games2014-04-17 15:22 - 2014-04-17 15:22 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-04-17 15:22 - 2014-04-17 15:22 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-04-16 14:12 - 2014-03-25 20:22 - 00738472 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys2014-04-16 14:12 - 2014-03-25 20:22 - 00105552 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys2014-04-16 14:12 - 2014-03-25 20:22 - 00048360 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys2014-04-16 14:12 - 2014-03-25 20:22 - 00023168 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys2014-04-14 18:55 - 2009-07-13 22:08 - 00032574 _____ () C:\Windows\Tasks\SCHEDLGU.TXT2014-04-14 18:49 - 2014-04-14 18:49 - 00000000 ____D () C:\VTRoot2014-04-14 18:39 - 2014-04-14 18:39 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO2014-04-14 18:39 - 2014-04-14 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO2014-04-14 18:39 - 2014-04-14 18:38 - 00000000 ___SD () C:\ProgramData\Shared Space2014-04-14 18:37 - 2014-04-14 18:37 - 00000000 ____D () C:\Program Files\COMODO2014-04-14 18:31 - 2014-04-14 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition2014-04-14 18:31 - 2014-04-14 18:29 - 00000000 ____D () C:\Program Files\Bitdefender2014-04-14 18:20 - 2014-04-14 18:20 - 00000000 ____D () C:\ProgramData\Comodo Downloader2014-04-10 14:45 - 2014-03-03 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype2014-04-10 14:45 - 2014-03-03 18:46 - 00000000 ____D () C:\ProgramData\Skype2014-04-09 22:34 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions2014-04-09 22:02 - 2014-02-10 19:10 - 00000000 ____D () C:\Windows\system32\MRT2014-04-09 22:01 - 2014-02-10 19:10 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe==================== Bamital & volsnap Check =================C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legitLastRegBack: 2014-04-29 13:12==================== End Of Log ============================ Link to post Share on other sites More sharing options...
Brett1337Vierra Posted May 3, 2014 Author ID:826586 Share Posted May 3, 2014 Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2014Ran by Sirly at 2014-05-03 10:18:34Running from C:\Users\Sirly\DesktopBoot Mode: Normal============================================================================== Security Center ========================AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}AS: COMODO Antivirus (Disabled - Out of date) {0C2D2636-923D-EE52-2A83-E643204A8275}FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}==================== Installed Programs ======================Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)AMD Accelerated Video Transcoding (Version: 12.10.100.30313 - Advanced Micro Devices, Inc.) HiddenAMD Catalyst Install Manager (HKLM\...\{9D5A28E4-6AC3-DD51-C1FA-A8698E91ECBE}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)AMD Fuel (Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) HiddenAMD Steady Video Plug-In (Version: 2.06.0000 - AMD) HiddenAMD VISION Engine Control Center (x32 Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) HiddenAtheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.15.16 - Atheros Communications Inc.)Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)Catalyst Control Center InstallProxy (x32 Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) HiddenCatalyst Control Center Localization All (x32 Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Chinese Standard (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Chinese Traditional (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Czech (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Danish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Dutch (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help English (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Finnish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help French (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help German (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Greek (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Hungarian (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Italian (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Japanese (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Korean (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Norwegian (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Polish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Portuguese (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Russian (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Spanish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Swedish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Thai (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) HiddenCCC Help Turkish (x32 Version: 2013.0313.2329.40379 - Advanced Micro Devices, Inc.) Hiddenccc-utility64 (Version: 2013.0313.2330.40379 - Advanced Micro Devices, Inc.) HiddenCOMODO Firewall (HKLM\...\{D32EF4F9-1506-434E-A813-3D4C0AA50300}) (Version: 7.0.53315.4132 - COMODO Security Solutions Inc.)ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer)Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)InfiniteCrisis_410193F41CAE (HKLM-x32\...\InfiniteCrisis_410193F41CAE) (Version: - Turbine, Inc)League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)League of Legends (x32 Version: 3.0.0 - Riot Games) HiddenLG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.8.1 - LG Electronics)Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) HiddenMozilla Firefox 29.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 en-US)) (Version: 29.0 - Mozilla)Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR)Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)VT Hash Check 1.42 (HKLM-x32\...\{1E579B65-503B-4184-B481-5138124BEE1D}_is1) (Version: 1.42 - Boredom Software)WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)==================== Restore Points =========================25-04-2014 17:53:43 Installed LG United Mobile Driver26-04-2014 17:21:27 Windows Update29-04-2014 04:01:39 Installed Atheros Communications Inc.® AR81Family Gigabit/Fast]áu!01-05-2014 16:24:16 ComboFix created restore point02-05-2014 17:54:30 Windows Update03-05-2014 05:00:12 Windows Update03-05-2014 17:04:20 Installed Microsoft Fix it 5068803-05-2014 17:05:49 Installed Microsoft Fix it 50656==================== Hosts content: ==========================2009-07-13 19:34 - 2014-04-25 18:23 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts127.0.0.1 localhost==================== Scheduled Tasks (whitelisted) =============Task: {57A80709-F66B-4C5A-B80C-1D7B04103FCC} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)Task: {BD18720E-EE08-40A8-B3BD-6006DAD46DC7} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)==================== Loaded Modules (whitelisted) =============2014-04-14 18:31 - 2013-03-19 12:07 - 00696632 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll2014-04-14 18:31 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll2013-03-14 00:41 - 2013-03-14 00:41 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll2012-09-23 14:53 - 2012-09-23 14:53 - 00748544 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll2012-09-23 14:53 - 2012-09-23 14:53 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll2013-03-14 00:41 - 2013-03-14 00:41 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll2014-02-10 18:03 - 2013-11-22 19:34 - 08266456 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe2014-02-10 18:03 - 2013-11-01 17:31 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll==================== Alternate Data Streams (whitelisted) =========AlternateDataStreams: C:\Users\Administrator\Downloads\FRST64.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\AdwCleaner.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\ComboFix.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\FRST64.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\JRT.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\mbam-check-2.1.0.0002.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\mbam-clean-2.0.2.0.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\mbam-setup-consumer-2.0.2.1007.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\mbar-1.07.0.1009.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\MiniToolBox.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\rkill.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\RogueKillerX64.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\SecurityCheck.exe:BDUAlternateDataStreams: C:\Users\Sirly\Desktop\TFC.exe:BDU==================== Safe Mode (whitelisted) ======================================= Disabled items from MSCONFIG ==============MSCONFIG\Services: MpsSvc => 2MSCONFIG\Services: WinDefend => 2MSCONFIG\Services: WMPNetworkSvc => 3==================== Faulty Device Manager Devices =============Name: Printer Port (LPT1)Description: Printer PortClass Guid: {4d36e978-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard port types)Service: ParportProblem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)Resolution: The start type for this driver is set to disabled in the registry.Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.==================== Event log errors: =========================Application errors:==================Error: (05/03/2014 10:01:19 AM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (05/02/2014 10:10:39 PM) (Source: ESENT) (User: )Description: WinMail (4360) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.Error: (05/02/2014 10:10:38 PM) (Source: ESENT) (User: )Description: WinMail (3996) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.Error: (05/02/2014 10:09:51 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (05/02/2014 10:51:08 AM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (05/01/2014 09:13:20 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (05/01/2014 09:18:23 AM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (05/01/2014 08:46:49 AM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (04/30/2014 03:10:36 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (04/30/2014 00:37:43 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003System errors:=============Error: (05/03/2014 10:16:44 AM) (Source: Service Control Manager) (User: )Description: The mbamchameleon service failed to start due to the following error:%%2Error: (05/03/2014 10:14:42 AM) (Source: Service Control Manager) (User: )Description: The mbamchameleon service failed to start due to the following error:%%2Error: (05/03/2014 10:00:23 AM) (Source: Service Control Manager) (User: )Description: The following boot-start or system-start driver(s) failed to load:cdromError: (05/03/2014 09:59:55 AM) (Source: Service Control Manager) (User: )Description: The mbamchameleon service failed to start due to the following error:%%2Error: (05/02/2014 10:08:38 PM) (Source: Service Control Manager) (User: )Description: The following boot-start or system-start driver(s) failed to load:cdromError: (05/02/2014 10:08:05 PM) (Source: Service Control Manager) (User: )Description: The mbamchameleon service failed to start due to the following error:%%2Error: (05/02/2014 10:49:47 AM) (Source: Service Control Manager) (User: )Description: The following boot-start or system-start driver(s) failed to load:cdromError: (05/02/2014 10:49:23 AM) (Source: Service Control Manager) (User: )Description: The mbamchameleon service failed to start due to the following error:%%2Error: (05/01/2014 09:11:59 PM) (Source: Service Control Manager) (User: )Description: The following boot-start or system-start driver(s) failed to load:cdromError: (05/01/2014 09:11:34 PM) (Source: Service Control Manager) (User: )Description: The mbamchameleon service failed to start due to the following error:%%2Microsoft Office Sessions:=========================Error: (05/03/2014 10:01:19 AM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (05/02/2014 10:10:39 PM) (Source: ESENT)(User: )Description: WinMail4360WindowsMail0:Error: (05/02/2014 10:10:38 PM) (Source: ESENT)(User: )Description: WinMail3996WindowsMail0:Error: (05/02/2014 10:09:51 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (05/02/2014 10:51:08 AM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (05/01/2014 09:13:20 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (05/01/2014 09:18:23 AM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (05/01/2014 08:46:49 AM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (04/30/2014 03:10:36 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (04/30/2014 00:37:43 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003CodeIntegrity Errors:=================================== Date: 2014-04-25 18:19:32.173 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-04-25 18:19:32.127 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.==================== Memory info ===========================Percentage of memory in use: 18%Total physical RAM: 7657.54 MBAvailable physical RAM: 6224.63 MBTotal Pagefile: 15313.25 MBAvailable Pagefile: 13784.44 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.83 MB==================== Drives ================================Drive c: () (Fixed) (Total:186.31 GB) (Free:139.92 GB) NTFS ==>[Drive with boot components (obtained from BCD)]==================== MBR & Partition Table ==========================================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 186 GB) (Disk ID: 00037BA0)Partition 1: (Active) - (Size=186 GB) - (Type=07 NTFS)==================== End Of Log ============================ Sorry it took so long Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 5, 2014 Root Admin ID:827117 Share Posted May 5, 2014 Well that did not seem to correct those issues but they're not malware related was just hoping to fix them. So how is the computer running now?Are there still any issues with MBAM or malware in general that you're seeing? Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted June 6, 2014 Root Admin ID:838471 Share Posted June 6, 2014 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts