cydrobolt

Okay, thanks

Ever since I have uninstalled Comodo Firewall (I now use Windows Firewall), Malwarebytes is popping up, telling me it has blocked an incoming request to skype from a potentially malicious IP. I looked up the IP, and it comes from Nigeria. Should I be worried, or is this normal? Detection, 4/14/2014 6:32:20 PM, SYSTEM, ONYX, Protection, Malicious Website Protection, IP, 41.203.69.5, 34364, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe,

Yes, I'm still using Comodo Firewall. Perhaps I should start using Comodo CIS again. Any other suggestions would be greatly appreciated.

Do the logs show any problems? Based on what AdvancedSetup and John said, I think I'll revert to Comodo CIS. I got rid of CIS because it was causing me problems (delayed AV start). Do you guys have any recommendations?

2014-02-17 16:56 - 2010-05-26 12:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll 2014-02-17 16:56 - 2010-02-04 11:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll 2014-02-17 16:56 - 2010-02-04 11:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll 2014-02-17 16:56 - 2010-02-04 11:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll 2014-02-17 16:56 - 2010-02-04 11:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll 2014-02-17 16:56 - 2010-02-04 11:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll 2014-02-17 16:56 - 2010-02-04 11:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll 2014-02-17 16:56 - 2010-02-04 11:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll 2014-02-17 16:56 - 2010-02-04 11:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll 2014-02-17 16:56 - 2009-09-04 18:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll 2014-02-17 16:56 - 2009-09-04 18:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll 2014-02-17 16:56 - 2009-09-04 18:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll 2014-02-17 16:56 - 2009-09-04 18:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll 2014-02-17 16:56 - 2009-09-04 18:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll 2014-02-17 16:56 - 2009-09-04 18:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll 2014-02-17 16:56 - 2009-09-04 18:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll 2014-02-17 16:56 - 2009-09-04 18:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll 2014-02-17 16:56 - 2009-09-04 18:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll 2014-02-17 16:56 - 2009-09-04 18:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll 2014-02-17 16:56 - 2009-09-04 18:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll 2014-02-17 16:56 - 2009-09-04 18:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll 2014-02-17 16:56 - 2009-09-04 18:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll 2014-02-17 16:56 - 2009-09-04 18:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll 2014-02-17 16:56 - 2009-03-16 15:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll 2014-02-17 16:56 - 2009-03-16 15:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll 2014-02-17 16:56 - 2009-03-16 15:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll 2014-02-17 16:56 - 2009-03-16 15:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll 2014-02-17 16:56 - 2009-03-16 15:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll 2014-02-17 16:56 - 2009-03-16 15:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll 2014-02-17 16:56 - 2009-03-09 16:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll 2014-02-17 16:56 - 2009-03-09 16:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll 2014-02-17 16:56 - 2009-03-09 16:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll 2014-02-17 16:56 - 2009-03-09 16:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll 2014-02-17 16:56 - 2008-10-27 11:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll 2014-02-17 16:56 - 2008-10-27 11:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll 2014-02-17 16:56 - 2008-10-27 11:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll 2014-02-17 16:56 - 2008-10-27 11:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll 2014-02-17 16:56 - 2008-10-27 11:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll 2014-02-17 16:56 - 2008-10-27 11:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll 2014-02-17 16:56 - 2008-10-27 11:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll 2014-02-17 16:56 - 2008-10-27 11:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll 2014-02-17 16:56 - 2008-10-10 05:52 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll 2014-02-17 16:56 - 2008-10-10 05:52 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll 2014-02-17 16:56 - 2008-10-10 05:52 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll 2014-02-17 16:56 - 2008-10-10 05:52 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll 2014-02-17 16:56 - 2008-10-10 05:52 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll 2014-02-17 16:56 - 2008-10-10 05:52 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll 2014-02-17 16:56 - 2008-07-31 11:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll 2014-02-17 16:56 - 2008-07-31 11:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll 2014-02-17 16:56 - 2008-07-31 11:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll 2014-02-17 16:56 - 2008-07-31 11:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll 2014-02-17 16:56 - 2008-07-31 11:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll 2014-02-17 16:56 - 2008-07-31 11:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll 2014-02-17 16:56 - 2008-07-10 12:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll 2014-02-17 16:56 - 2008-07-10 12:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll 2014-02-17 16:56 - 2008-07-10 12:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll 2014-02-17 16:56 - 2008-07-10 12:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll 2014-02-17 16:56 - 2008-07-10 12:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll 2014-02-17 16:56 - 2008-07-10 12:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll 2014-02-17 16:55 - 2014-02-17 16:56 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx 2014-02-17 16:54 - 2014-02-17 16:54 - 00292184 _____ (Microsoft Corporation) C:\Users\Chaoyi\Downloads\dxwebsetup.exe 2014-02-17 16:53 - 2014-02-17 16:54 - 01005302 _____ () C:\Users\Chaoyi\Downloads\d3dx9_24.zip 2014-02-17 16:29 - 2014-03-11 20:57 - 00000000 ____D () C:\Users\Chaoyi\AppData\Local\Deployment 2014-02-16 21:43 - 2014-02-16 21:43 - 00000549 _____ () C:\Users\Chaoyi\Downloads\OpenWithNotepad.zip 2014-02-16 21:04 - 2014-02-16 21:04 - 00000000 ____D () C:\Program Files\Classic Shell 2014-02-16 21:02 - 2014-02-16 21:02 - 05631168 _____ (IvoSoft) C:\Users\Chaoyi\Downloads\ClassicShellSetup_4_0_4.exe 2014-02-16 17:51 - 2014-02-16 17:51 - 00001453 _____ () C:\Users\Jun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-02-16 17:51 - 2014-02-16 17:51 - 00000020 ___SH () C:\Users\Jun\ntuser.ini 2014-02-16 14:35 - 2014-02-16 14:35 - 00000000 __SHD () C:\Recovery 2014-02-16 14:35 - 2014-02-16 12:02 - 00000000 ___DC () C:\WINDOWS\Panther 2014-02-16 14:34 - 2014-02-16 14:34 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll 2014-02-16 14:34 - 2014-02-16 14:34 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-02-16 14:34 - 2014-02-16 14:34 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-02-16 14:34 - 2014-02-16 14:34 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe 2014-02-16 14:33 - 2014-02-16 14:33 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe 2014-02-16 14:33 - 2014-02-16 14:33 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe 2014-02-16 14:32 - 2014-02-16 14:32 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2014-02-16 14:32 - 2014-02-16 14:32 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-02-16 14:32 - 2014-02-16 14:32 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-02-16 14:32 - 2014-02-16 14:32 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-02-16 14:32 - 2014-02-16 14:32 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2014-02-16 14:32 - 2014-02-16 14:32 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-02-16 14:32 - 2014-02-16 14:32 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-02-16 14:32 - 2014-02-16 14:32 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-02-16 14:32 - 2014-02-16 14:32 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-02-16 14:30 - 2014-02-16 14:30 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms 2014-02-16 14:30 - 2014-02-16 14:30 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms 2014-02-16 14:29 - 2014-02-16 14:29 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2014-02-16 14:29 - 2014-02-16 14:29 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2014-02-16 14:29 - 2014-02-16 14:29 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2014-02-16 14:29 - 2014-02-16 14:29 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2014-02-16 14:29 - 2014-02-16 14:29 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys 2014-02-16 14:29 - 2014-02-16 14:29 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2014-02-16 14:29 - 2014-02-16 14:29 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys 2014-02-16 14:28 - 2014-02-16 14:28 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2014-02-16 14:28 - 2014-02-16 14:28 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2014-02-16 14:27 - 2014-02-16 14:27 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2014-02-16 14:27 - 2014-02-16 14:27 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2014-02-16 14:27 - 2014-02-16 14:27 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2014-02-16 14:27 - 2014-02-16 14:27 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2014-02-16 14:27 - 2014-02-16 14:27 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2014-02-16 14:27 - 2014-02-16 14:27 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2014-02-16 14:27 - 2014-02-16 14:27 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2014-02-16 14:27 - 2014-02-16 14:27 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2014-02-16 14:27 - 2014-02-16 14:27 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys 2014-02-16 14:27 - 2014-02-16 14:27 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2014-02-16 14:27 - 2014-02-16 14:27 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2014-02-16 14:27 - 2014-02-16 14:27 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll 2014-02-16 14:26 - 2014-02-16 14:26 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff 2014-02-16 14:25 - 2014-02-16 14:25 - 00000000 ____D () C:\Program Files\Reference Assemblies 2014-02-16 14:25 - 2014-02-16 14:25 - 00000000 ____D () C:\Program Files\MSBuild 2014-02-16 14:25 - 2014-02-16 14:25 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies 2014-02-16 14:25 - 2014-02-16 14:25 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2014-02-16 14:25 - 2012-07-23 13:35 - 00079528 ____R (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amd_sata.sys 2014-02-16 14:25 - 2012-07-23 13:35 - 00026280 ____R (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amd_xata.sys 2014-02-16 14:24 - 2013-08-03 00:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2014-02-16 14:24 - 2013-08-03 00:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2014-02-16 14:24 - 2013-08-03 00:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2014-02-16 14:24 - 2013-08-03 00:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2014-02-16 14:24 - 2013-08-03 00:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2014-02-16 14:24 - 2013-08-03 00:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2014-02-16 12:04 - 2014-03-14 15:15 - 00000000 __RDO () C:\Users\Chaoyi\SkyDrive 2014-02-16 12:02 - 2014-02-16 12:02 - 00001453 _____ () C:\Users\Chaoyi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-02-16 12:02 - 2014-02-16 12:02 - 00000258 __RSH () C:\ProgramData\ntuser.pol 2014-02-16 12:02 - 2014-02-16 12:02 - 00000020 ___SH () C:\Users\Chaoyi\ntuser.ini 2014-02-16 11:57 - 2014-03-14 16:33 - 01743547 _____ () C:\WINDOWS\WindowsUpdate.log 2014-02-16 11:56 - 2014-02-16 11:56 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat 2014-02-16 11:45 - 2014-02-16 11:45 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help 2014-02-16 11:45 - 2014-02-16 11:45 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help 2014-02-16 11:42 - 2014-02-16 11:42 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate 2014-02-16 11:40 - 2014-03-12 15:46 - 00000000 ____D () C:\Users\Chaoyi 2014-02-16 11:40 - 2014-02-16 17:51 - 00000000 ____D () C:\Users\Jun 2014-02-16 11:40 - 2014-02-16 11:56 - 00036198 _____ () C:\WINDOWS\diagwrn.xml 2014-02-16 11:40 - 2014-02-16 11:56 - 00036198 _____ () C:\WINDOWS\diagerr.xml 2014-02-16 11:40 - 2014-02-16 11:41 - 00000000 ___RD () C:\Users\Jun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-02-16 11:40 - 2014-02-16 11:41 - 00000000 ___RD () C:\Users\Chaoyi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-02-16 11:40 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Jun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-02-16 11:40 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Jun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-02-16 11:40 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Chaoyi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-02-16 11:40 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Chaoyi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-02-16 11:40 - 2013-08-22 11:36 - 00000000 ____D () C:\Users\Jun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-02-16 11:40 - 2013-08-22 11:36 - 00000000 ____D () C:\Users\Chaoyi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-02-16 11:37 - 2014-02-16 11:37 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM 2014-02-16 11:37 - 2014-02-16 11:37 - 00000000 ____D () C:\Program Files\Realtek 2014-02-16 11:37 - 2014-02-16 11:37 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies 2014-02-16 11:37 - 2014-02-16 11:37 - 00000000 ____D () C:\Program Files\ASUS 2014-02-16 11:37 - 2014-02-16 11:37 - 00000000 ____D () C:\Program Files\AMD 2014-02-16 11:37 - 2014-02-16 11:37 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin 2014-02-16 10:34 - 2014-02-16 11:56 - 00006670 _____ () C:\WINDOWS\comsetup.log 2014-02-14 13:55 - 2014-02-14 13:57 - 11990847 _____ () C:\Users\Chaoyi\Downloads\sa-mp-0.3z-R1-install.exe ==================== One Month Modified Files and Folders ======= 2014-03-14 17:44 - 2014-03-14 17:43 - 00018539 _____ () C:\Users\Chaoyi\Downloads\FRST.txt 2014-03-14 17:43 - 2014-03-14 17:42 - 00000000 ____D () C:\FRST 2014-03-14 17:41 - 2014-03-14 17:41 - 02157056 _____ (Farbar) C:\Users\Chaoyi\Downloads\FRST64.exe 2014-03-14 17:40 - 2014-03-14 17:40 - 00036923 _____ () C:\Users\Chaoyi\Desktop\CheckResults.txt 2014-03-14 17:38 - 2014-03-14 17:38 - 00688992 _____ (Swearware) C:\Users\Chaoyi\Downloads\dds.com 2014-03-14 17:38 - 2014-03-14 17:38 - 00353352 _____ (Malwarebytes Corporation) C:\Users\Chaoyi\Downloads\mbam-check-2.0.0.1000.exe 2014-03-14 17:37 - 2014-03-14 17:37 - 00688992 _____ (Swearware) C:\Users\Chaoyi\Downloads\dds.scr 2014-03-14 17:37 - 2014-01-01 12:53 - 00000000 ____D () C:\Users\Chaoyi\AppData\Roaming\Skype 2014-03-14 17:34 - 2014-01-01 01:18 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-03-14 17:22 - 2014-01-02 19:23 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2003096260-2618070249-4292722047-1002UA.job 2014-03-14 17:19 - 2014-01-01 13:13 - 00000000 ____D () C:\Users\Chaoyi\.VirtualBox 2014-03-14 17:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-03-14 16:53 - 2014-01-01 13:19 - 00000000 ____D () C:\Users\Chaoyi\AppData\Roaming\.minecraft 2014-03-14 16:33 - 2014-02-16 11:57 - 01743547 _____ () C:\WINDOWS\WindowsUpdate.log 2014-03-14 15:56 - 2014-01-03 19:01 - 00000000 ____D () C:\Users\Chaoyi\AppData\Roaming\ClassicShell 2014-03-14 15:39 - 2013-12-30 19:54 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2003096260-2618070249-4292722047-1002 2014-03-14 15:34 - 2014-01-01 01:19 - 00002210 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-03-14 15:34 - 2014-01-01 01:18 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-03-14 15:22 - 2014-01-02 19:23 - 00000884 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2003096260-2618070249-4292722047-1002Core.job 2014-03-14 15:15 - 2014-02-16 12:04 - 00000000 __RDO () C:\Users\Chaoyi\SkyDrive 2014-03-13 19:07 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-03-13 18:22 - 2014-01-02 22:00 - 00000600 _____ () C:\Users\Chaoyi\AppData\Roaming\winscp.rnd 2014-03-13 17:40 - 2014-03-13 17:39 - 00017375 _____ () C:\Users\Chaoyi\Downloads\mod-spamhaus-0.7.tar.gz 2014-03-13 15:58 - 2014-01-10 17:19 - 00000000 ____D () C:\Users\Chaoyi\AppData\Roaming\FileZilla 2014-03-12 21:46 - 2013-11-14 03:28 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-03-12 21:42 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-03-12 21:42 - 2013-08-22 10:44 - 00476560 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-03-12 21:41 - 2013-08-22 09:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI 2014-03-12 21:40 - 2014-03-01 08:57 - 00020282 _____ () C:\WINDOWS\system32\Drivers\fvstore.dat 2014-03-12 21:38 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-03-12 21:38 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-03-12 21:38 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender 2014-03-12 21:38 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-03-12 17:34 - 2014-02-03 16:01 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-03-12 17:31 - 2014-03-12 17:31 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-12 17:31 - 2014-03-12 17:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-03-12 15:46 - 2014-03-12 15:46 - 00000000 ____D () C:\Users\Chaoyi\pip 2014-03-12 15:46 - 2014-02-16 11:40 - 00000000 ____D () C:\Users\Chaoyi 2014-03-12 15:43 - 2014-03-12 15:43 - 00840846 _____ () C:\Users\Chaoyi\setuptools-3.1.zip 2014-03-12 15:42 - 2014-03-12 15:42 - 00000000 ____D () C:\Users\Chaoyi\AppData\Local\.distlib 2014-03-12 15:42 - 2014-03-09 09:52 - 00000000 ____D () C:\Python27 2014-03-11 21:41 - 2014-01-02 22:37 - 00000000 ____D () C:\Users\Chaoyi\AppData\Roaming\vlc 2014-03-11 21:41 - 2014-01-01 23:43 - 00000000 ____D () C:\Users\Chaoyi\AppData\Roaming\GitHub 2014-03-11 21:39 - 2014-01-01 23:43 - 00000000 ____D () C:\Users\Chaoyi\AppData\Local\GitHub 2014-03-11 21:32 - 2014-01-03 14:37 - 00000000 ____D () C:\Users\Chaoyi\.idlerc 2014-03-11 20:57 - 2014-02-17 16:29 - 00000000 ____D () C:\Users\Chaoyi\AppData\Local\Deployment 2014-03-11 16:43 - 2014-01-01 21:06 - 00000000 ____D () C:\Users\Chaoyi\node_modules 2014-03-11 16:43 - 2014-01-01 21:06 - 00000000 ____D () C:\Users\Chaoyi\AppData\Roaming\npm-cache 2014-03-11 15:17 - 2014-01-25 08:48 - 00000000 ____D () C:\Users\Chaoyi\AppData\Roaming\Mozilla 2014-03-10 23:08 - 2014-01-04 05:19 - 00000000 ____D () C:\Users\Jun\AppData\Roaming\ClassicShell 2014-03-10 22:43 - 2013-12-31 18:29 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2003096260-2618070249-4292722047-1003 2014-03-10 17:41 - 2013-08-22 10:46 - 00328269 _____ () C:\WINDOWS\setupact.log 2014-03-08 08:16 - 2014-01-01 13:47 - 01474832 _____ () C:\WINDOWS\system32\Drivers\sfi.dat 2014-03-07 17:51 - 2014-03-07 17:51 - 04822473 _____ (Tim Kosse) C:\Users\Chaoyi\Downloads\FileZilla_3.7.4.1_win32-setup.exe 2014-03-07 14:25 - 2014-03-07 14:25 - 06468040 _____ () C:\Users\Chaoyi\Downloads\The_New_Bitdefender_SPT.exe 2014-03-07 14:25 - 2014-03-07 14:25 - 00000000 ____D () C:\ProgramData\Dumps 2014-03-06 16:54 - 2014-03-06 16:54 - 00201226 _____ () C:\ProgramData\1394137572.bdinstall.bin 2014-03-06 16:51 - 2014-03-06 16:50 - 00002842 _____ () C:\WINDOWS\system32\lic2.xml16654 2014-03-06 16:50 - 2014-03-06 16:48 - 00000000 ____D () C:\Program Files\Bitdefender 2014-03-06 16:48 - 2014-03-06 16:26 - 00000000 ____D () C:\Users\Chaoyi\AppData\Roaming\QuickScan 2014-03-06 16:26 - 2014-03-06 16:26 - 10447328 _____ () C:\Users\Chaoyi\Downloads\Antivirus_Free_Edition_x64.exe 2014-03-06 16:25 - 2014-03-06 16:25 - 00162208 _____ () C:\Users\Chaoyi\Downloads\Antivirus_Free_Edition.exe 2014-03-04 19:33 - 2014-03-04 19:33 - 00060150 _____ () C:\Users\Chaoyi\Downloads\polr-0.15-RC1.zip 2014-03-04 19:00 - 2014-03-04 19:00 - 44275037 _____ (Igor Pavlov) C:\Users\Chaoyi\Downloads\DevKit-mingw64-64-4.7.2-20130224-1432-sfx.exe 2014-03-04 18:53 - 2013-08-22 11:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-03-04 18:53 - 2013-08-22 11:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-04 18:52 - 2014-03-04 18:52 - 00000000 ____D () C:\Users\Chaoyi\AppData\Roaming\Sublime Text 2 2014-03-04 18:50 - 2014-03-04 18:50 - 06513608 _____ ( ) C:\Users\Chaoyi\Downloads\Sublime Text 2.0.2 x64 Setup.exe 2014-03-03 15:25 - 2014-01-08 18:29 - 00000000 ____D () C:\Users\Chaoyi\AppData\Roaming\TS3Client 2014-03-03 10:53 - 2014-03-03 10:53 - 00000000 ____D () C:\Users\Chaoyi\AppData\Roaming\Composer 2014-03-03 10:53 - 2014-03-03 10:53 - 00000000 ____D () C:\Users\Chaoyi\AppData\Local\Composer 2014-03-03 09:28 - 2014-03-03 09:28 - 00000000 ____D () C:\Users\Chaoyi\Desktop\ircii 2014-03-03 09:21 - 2014-03-03 09:21 - 00002713 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-03-03 09:21 - 2014-03-03 09:21 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-03 09:21 - 2014-03-03 09:21 - 00000000 ____D () C:\Users\Chaoyi\AppData\Local\Skype 2014-03-03 09:21 - 2014-01-01 12:53 - 00000000 ____D () C:\ProgramData\Skype 2014-03-01 10:08 - 2014-02-26 22:35 - 00000718 _____ () C:\Users\Public\Desktop\Cygwin64 Terminal.lnk 2014-03-01 09:40 - 2014-03-01 09:40 - 00000000 ____D () C:\Users\Chaoyi\Downloads\eclipse-standard-luna-M5-win32-x86_64 2014-03-01 09:34 - 2014-03-01 09:32 - 212358569 _____ () C:\Users\Chaoyi\Downloads\eclipse-standard-luna-M5-win32-x86_64.zip 2014-03-01 09:24 - 2014-03-01 09:24 - 02433949 _____ () C:\Users\Chaoyi\Downloads\External_Python (1).zip 2014-03-01 08:57 - 2014-03-01 08:57 - 05509039 _____ ( ) C:\Users\Chaoyi\Downloads\BluelineFull.exe 2014-03-01 08:57 - 2014-03-01 08:57 - 00000000 ___HD () C:\VTRoot 2014-03-01 02:05 - 2014-03-12 16:36 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-03-01 00:58 - 2014-03-12 16:36 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-03-01 00:30 - 2014-03-12 16:36 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-03-01 00:17 - 2014-03-12 16:36 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-02-28 23:54 - 2014-03-12 16:36 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-02-28 23:47 - 2014-03-12 16:36 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-02-28 23:42 - 2014-03-12 16:36 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-02-28 23:18 - 2014-03-12 16:36 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-02-28 23:14 - 2014-03-12 16:36 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-02-28 23:10 - 2014-03-12 16:36 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-02-28 23:03 - 2014-03-12 16:36 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-02-28 22:57 - 2014-03-12 16:36 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-02-28 22:38 - 2014-03-12 16:36 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-02-28 22:32 - 2014-03-12 16:36 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-02-28 22:27 - 2014-03-12 16:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-02-28 22:25 - 2014-03-12 16:36 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-02-28 22:25 - 2014-03-12 16:36 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-02-28 21:34 - 2014-02-28 21:34 - 02433949 _____ () C:\Users\Chaoyi\Downloads\External_Python.zip 2014-02-28 19:38 - 2014-02-26 21:09 - 00000968 _____ () C:\Users\Chaoyi\Downloads\setup.log 2014-02-28 19:38 - 2014-02-26 21:09 - 00000242 _____ () C:\Users\Chaoyi\Downloads\setup.log.full 2014-02-26 21:08 - 2014-02-26 21:08 - 00778752 _____ () C:\Users\Chaoyi\Downloads\setup-x86_64.exe 2014-02-23 21:24 - 2014-02-23 21:24 - 00000000 ____D () C:\Users\Jun\AppData\Roaming\Malwarebytes 2014-02-23 18:32 - 2013-12-30 19:42 - 00000000 ____D () C:\Users\Chaoyi\AppData\Local\Packages 2014-02-21 20:48 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-02-18 16:37 - 2014-02-18 16:37 - 00003633 _____ () C:\Users\Chaoyi\Downloads\LCPDFR 1.0 Taser Data Files (1).zip 2014-02-17 20:53 - 2014-02-17 20:53 - 00514013 _____ () C:\Users\Chaoyi\Downloads\NhYC.txt 2014-02-17 17:58 - 2014-02-17 17:58 - 04714971 _____ () C:\Users\Chaoyi\Downloads\dfsetup217.zip 2014-02-17 16:59 - 2014-02-17 16:59 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll 2014-02-17 16:59 - 2014-02-17 16:59 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll 2014-02-17 16:59 - 2014-02-17 16:59 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll 2014-02-17 16:59 - 2014-02-17 16:59 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll 2014-02-17 16:59 - 2014-02-17 16:59 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll 2014-02-17 16:59 - 2014-02-17 16:59 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll 2014-02-17 16:59 - 2014-02-17 16:59 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe 2014-02-17 16:59 - 2014-02-17 16:59 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe 2014-02-17 16:59 - 2014-02-17 16:59 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe 2014-02-17 16:59 - 2014-02-17 16:59 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll 2014-02-17 16:59 - 2014-02-17 16:59 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll 2014-02-17 16:59 - 2014-02-17 16:59 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll 2014-02-17 16:59 - 2014-02-17 16:59 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll 2014-02-17 16:59 - 2014-02-17 16:59 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll 2014-02-17 16:56 - 2014-02-17 16:55 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx 2014-02-17 16:54 - 2014-02-17 16:54 - 00292184 _____ (Microsoft Corporation) C:\Users\Chaoyi\Downloads\dxwebsetup.exe 2014-02-17 16:54 - 2014-02-17 16:53 - 01005302 _____ () C:\Users\Chaoyi\Downloads\d3dx9_24.zip 2014-02-16 21:43 - 2014-02-16 21:43 - 00000549 _____ () C:\Users\Chaoyi\Downloads\OpenWithNotepad.zip 2014-02-16 21:04 - 2014-02-16 21:04 - 00000000 ____D () C:\Program Files\Classic Shell 2014-02-16 21:03 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\restore 2014-02-16 21:02 - 2014-02-16 21:02 - 05631168 _____ (IvoSoft) C:\Users\Chaoyi\Downloads\ClassicShellSetup_4_0_4.exe 2014-02-16 17:52 - 2013-12-31 18:23 - 00000000 ____D () C:\Users\Jun\AppData\Local\Packages 2014-02-16 17:51 - 2014-02-16 17:51 - 00001453 _____ () C:\Users\Jun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-02-16 17:51 - 2014-02-16 17:51 - 00000020 ___SH () C:\Users\Jun\ntuser.ini 2014-02-16 17:51 - 2014-02-16 11:40 - 00000000 ____D () C:\Users\Jun 2014-02-16 17:51 - 2013-12-31 18:23 - 00000000 ___RD () C:\Users\Jun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-02-16 17:51 - 2013-12-31 18:23 - 00000000 ___RD () C:\Users\Jun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-02-16 14:35 - 2014-02-16 14:35 - 00000000 __SHD () C:\Recovery 2014-02-16 14:34 - 2014-02-16 14:34 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll 2014-02-16 14:34 - 2014-02-16 14:34 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-02-16 14:34 - 2014-02-16 14:34 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-02-16 14:34 - 2014-02-16 14:34 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll 2014-02-16 14:34 - 2013-08-22 11:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template 2014-02-16 14:33 - 2014-02-16 14:33 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe 2014-02-16 14:33 - 2014-02-16 14:33 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll 2014-02-16 14:33 - 2014-02-16 14:33 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe 2014-02-16 14:33 - 2014-02-16 14:33 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe 2014-02-16 14:32 - 2014-02-16 14:32 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2014-02-16 14:32 - 2014-02-16 14:32 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-02-16 14:32 - 2014-02-16 14:32 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-02-16 14:32 - 2014-02-16 14:32 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-02-16 14:32 - 2014-02-16 14:32 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2014-02-16 14:32 - 2014-02-16 14:32 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-02-16 14:32 - 2014-02-16 14:32 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-02-16 14:32 - 2014-02-16 14:32 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-02-16 14:32 - 2014-02-16 14:32 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-02-16 14:32 - 2014-02-16 14:32 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2014-02-16 14:31 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-02-16 14:30 - 2014-02-16 14:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-02-16 14:30 - 2014-02-16 14:30 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-02-16 14:30 - 2014-02-16 14:30 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms 2014-02-16 14:30 - 2014-02-16 14:30 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms 2014-02-16 14:30 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\MediaViewer 2014-02-16 14:30 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\FileManager 2014-02-16 14:30 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Camera 2014-02-16 14:29 - 2014-02-16 14:29 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2014-02-16 14:29 - 2014-02-16 14:29 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2014-02-16 14:29 - 2014-02-16 14:29 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2014-02-16 14:29 - 2014-02-16 14:29 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2014-02-16 14:29 - 2014-02-16 14:29 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys 2014-02-16 14:29 - 2014-02-16 14:29 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2014-02-16 14:29 - 2014-02-16 14:29 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll 2014-02-16 14:29 - 2014-02-16 14:29 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys 2014-02-16 14:28 - 2014-02-16 14:28 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2014-02-16 14:28 - 2014-02-16 14:28 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2014-02-16 14:27 - 2014-02-16 14:27 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2014-02-16 14:27 - 2014-02-16 14:27 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2014-02-16 14:27 - 2014-02-16 14:27 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2014-02-16 14:27 - 2014-02-16 14:27 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2014-02-16 14:27 - 2014-02-16 14:27 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2014-02-16 14:27 - 2014-02-16 14:27 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2014-02-16 14:27 - 2014-02-16 14:27 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2014-02-16 14:27 - 2014-02-16 14:27 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2014-02-16 14:27 - 2014-02-16 14:27 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys 2014-02-16 14:27 - 2014-02-16 14:27 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2014-02-16 14:27 - 2014-02-16 14:27 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2014-02-16 14:27 - 2014-02-16 14:27 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll 2014-02-16 14:27 - 2014-02-16 14:27 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll 2014-02-16 14:26 - 2014-02-16 14:26 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff 2014-02-16 14:25 - 2014-02-16 14:25 - 00000000 ____D () C:\Program Files\Reference Assemblies 2014-02-16 14:25 - 2014-02-16 14:25 - 00000000 ____D () C:\Program Files\MSBuild 2014-02-16 14:25 - 2014-02-16 14:25 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies 2014-02-16 14:25 - 2014-02-16 14:25 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2014-02-16 12:02 - 2014-02-16 14:35 - 00000000 ___DC () C:\WINDOWS\Panther 2014-02-16 12:02 - 2014-02-16 12:02 - 00001453 _____ () C:\Users\Chaoyi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-02-16 12:02 - 2014-02-16 12:02 - 00000258 __RSH () C:\ProgramData\ntuser.pol 2014-02-16 12:02 - 2014-02-16 12:02 - 00000020 ___SH () C:\Users\Chaoyi\ntuser.ini 2014-02-16 12:02 - 2013-12-30 19:43 - 00000000 ___RD () C:\Users\Chaoyi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-02-16 12:02 - 2013-12-30 19:43 - 00000000 ___RD () C:\Users\Chaoyi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-02-16 11:56 - 2014-02-16 11:56 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat 2014-02-16 11:56 - 2014-02-16 11:40 - 00036198 _____ () C:\WINDOWS\diagwrn.xml 2014-02-16 11:56 - 2014-02-16 11:40 - 00036198 _____ () C:\WINDOWS\diagerr.xml 2014-02-16 11:56 - 2014-02-16 10:34 - 00006670 _____ () C:\WINDOWS\comsetup.log 2014-02-16 11:56 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Registration 2014-02-16 11:52 - 2013-08-22 11:36 - 00000000 __RSD () C:\WINDOWS\Media 2014-02-16 11:52 - 2013-08-22 11:36 - 00000000 __RHD () C:\Users\Public\Libraries 2014-02-16 11:49 - 2014-01-13 20:18 - 00000000 ____D () C:\Users\Chaoyi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.0.0-p353-x64 2014-02-16 11:49 - 2014-01-08 18:28 - 00000000 ____D () C:\Users\Chaoyi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2014-02-16 11:49 - 2014-01-05 14:35 - 00000000 ____D () C:\Users\Chaoyi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 2 2014-02-16 11:49 - 2014-01-01 23:43 - 00000000 ____D () C:\Users\Chaoyi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc 2014-02-16 11:49 - 2013-12-30 20:41 - 00000000 ____D () C:\Users\Chaoyi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js 2014-02-16 11:49 - 2013-11-14 03:17 - 00000000 ____D () C:\WINDOWS\ShellNew 2014-02-16 11:49 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep 2014-02-16 11:49 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2014-02-16 11:49 - 2012-11-29 13:48 - 00000000 ____D () C:\WINDOWS\nl 2014-02-16 11:49 - 2012-11-29 13:47 - 00000000 ____D () C:\WINDOWS\it 2014-02-16 11:49 - 2012-11-29 13:47 - 00000000 ____D () C:\WINDOWS\fr 2014-02-16 11:49 - 2012-11-29 13:47 - 00000000 ____D () C:\WINDOWS\es 2014-02-16 11:49 - 2012-11-29 13:47 - 00000000 ____D () C:\WINDOWS\el 2014-02-16 11:49 - 2012-11-29 13:47 - 00000000 ____D () C:\WINDOWS\de 2014-02-16 11:49 - 2012-11-29 13:46 - 00000000 ____D () C:\WINDOWS\en 2014-02-16 11:49 - 2012-11-29 11:39 - 00000000 ____D () C:\WINDOWS\en-GB 2014-02-16 11:49 - 2012-11-29 11:35 - 00000000 ____D () C:\WINDOWS\SysWOW64\OEM 2014-02-16 11:45 - 2014-02-16 11:45 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help 2014-02-16 11:45 - 2014-02-16 11:45 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help 2014-02-16 11:45 - 2013-08-22 11:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log 2014-02-16 11:45 - 2012-07-26 01:37 - 00000000 ____D () C:\Users\Default.migrated 2014-02-16 11:44 - 2013-11-14 03:14 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm 2014-02-16 11:44 - 2013-11-14 03:14 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN 2014-02-16 11:44 - 2013-11-14 03:14 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep 2014-02-16 11:44 - 2013-11-14 03:14 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr 2014-02-16 11:44 - 2013-11-14 03:14 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2014-02-16 11:44 - 2013-11-14 03:14 - 00000000 ____D () C:\WINDOWS\system32\winrm 2014-02-16 11:44 - 2013-11-14 03:14 - 00000000 ____D () C:\WINDOWS\system32\WCN 2014-02-16 11:44 - 2013-11-14 03:14 - 00000000 ____D () C:\WINDOWS\system32\slmgr 2014-02-16 11:44 - 2013-11-14 03:14 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts 2014-02-16 11:44 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore 2014-02-16 11:44 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI 2014-02-16 11:44 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz 2014-02-16 11:44 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME 2014-02-16 11:44 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns 2014-02-16 11:44 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform 2014-02-16 11:44 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\spool 2014-02-16 11:44 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\NDF 2014-02-16 11:44 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\MUI 2014-02-16 11:44 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\IME 2014-02-16 11:44 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions 2014-02-16 11:44 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI 2014-02-16 11:44 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe 2014-02-16 11:44 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism 2014-02-16 11:44 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\oobe 2014-02-16 11:44 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\Dism 2014-02-16 11:44 - 2012-11-29 11:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer 2014-02-16 11:43 - 2013-11-14 03:17 - 00000000 ____D () C:\Program Files\Windows Journal 2014-02-16 11:43 - 2013-08-22 11:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker 2014-02-16 11:43 - 2013-08-22 11:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar 2014-02-16 11:43 - 2013-08-22 11:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar 2014-02-16 11:43 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel 2014-02-16 11:43 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\IME 2014-02-16 11:43 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Help 2014-02-16 11:43 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer 2014-02-16 11:43 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Common Files\System 2014-02-16 11:43 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-02-16 11:43 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer 2014-02-16 11:43 - 2012-11-29 14:02 - 00000000 ____D () C:\ProgramData\PRICache 2014-02-16 11:42 - 2014-02-16 11:42 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate 2014-02-16 11:42 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery 2014-02-16 11:42 - 2012-07-26 04:12 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy 2014-02-16 11:41 - 2014-02-16 11:40 - 00000000 ___RD () C:\Users\Jun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-02-16 11:41 - 2014-02-16 11:40 - 00000000 ___RD () C:\Users\Chaoyi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-02-16 11:37 - 2014-02-16 11:37 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM 2014-02-16 11:37 - 2014-02-16 11:37 - 00000000 ____D () C:\Program Files\Realtek 2014-02-16 11:37 - 2014-02-16 11:37 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies 2014-02-16 11:37 - 2014-02-16 11:37 - 00000000 ____D () C:\Program Files\ASUS 2014-02-16 11:37 - 2014-02-16 11:37 - 00000000 ____D () C:\Program Files\AMD 2014-02-16 11:37 - 2014-02-16 11:37 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin 2014-02-16 11:37 - 2014-01-19 09:32 - 00000000 ____D () C:\AMD 2014-02-16 11:36 - 2013-11-14 03:20 - 00000808 _____ () C:\WINDOWS\PFRO.log 2014-02-16 11:36 - 2013-08-22 09:36 - 00000000 __RHD () C:\Users\Default 2014-02-16 11:19 - 2013-01-18 01:32 - 01916949 _____ () C:\WINDOWS\WindowsUpdate (1).log 2014-02-16 10:03 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent 2014-02-15 08:30 - 2014-01-01 03:07 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-02-15 08:29 - 2014-01-01 03:07 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-02-14 19:27 - 2014-01-01 13:50 - 00000000 ____D () C:\Users\Chaoyi\VirtualBox VMs 2014-02-14 13:57 - 2014-02-14 13:55 - 11990847 _____ () C:\Users\Chaoyi\Downloads\sa-mp-0.3z-R1-install.exe 2014-02-12 16:29 - 2014-01-01 01:18 - 00003894 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2014-02-12 16:29 - 2014-01-01 01:18 - 00003658 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys [2014-03-12 16:35] - [2014-01-31 12:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02 LastRegBack: 2014-03-13 18:49 ==================== End Of Log ============================

==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programs\Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 71.242.0.12 Chrome: ======= CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll () CHR Plugin: (Google Talk Plugin) - C:\Users\Chaoyi\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Java Platform SE 7 U51) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Users\Chaoyi\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Chaoyi\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Chaoyi\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) CHR Plugin: (Microsoft Office 2010) - D:\Programs\Office\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - D:\Programs\Office\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Extension: (Tank Hero: Laser Wars (Web)) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkkneogpiampdcpgceflcjjmghppmmn [2014-01-01] CHR Extension: (Google Docs) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-01] CHR Extension: (Google Drive) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-01] CHR Extension: (Last.fm free music player) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbncpldmanoknoahidbgmkgobgmhnafh [2014-01-01] CHR Extension: (Web Developer) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2014-01-01] CHR Extension: (WOT) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-01-01] CHR Extension: (YouTube) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-01] CHR Extension: (Hide My Ass! Web Proxy) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgnmcnlncejehjlnhaglpnoolgbflbd [2014-01-01] CHR Extension: (Google Search) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-01] CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2014-01-01] CHR Extension: (Nitrous.IO) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efdcneeepllhjlbejkfnaolelbpdacai [2014-01-01] CHR Extension: (Ratchet & Clank Future 2) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhfomhehcinmhgnlhdpghklkjgppdmn [2014-02-17] CHR Extension: (PanicButton) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm [2014-01-01] CHR Extension: (HTTPS Everywhere) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-02-07] CHR Extension: (AdBlock) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-01] CHR Extension: (Cut the Rope) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2014-01-01] CHR Extension: (LastPass: Free Password Manager) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-01-01] CHR Extension: (Grey Minimalist) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hibnimblojplfbdgeebipbioedefogoi [2014-01-01] CHR Extension: (Google Keep) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2014-01-01] CHR Extension: (Google Voice (by Google)) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2014-01-01] CHR Extension: (Cloud9) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbdmccoknlfggadpfkmcpnamfnbkmkcp [2014-01-01] CHR Extension: (Google Wallet) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-01] CHR Extension: (Instagram for Chrome) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2014-01-01] CHR Extension: (Gmail) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-01] CHR Extension: (Secure Shell) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhechapfaindjhompbnflcldabbghjo [2014-01-01] CHR Extension: (Canvas Rider) - C:\Users\Chaoyi\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2014-01-01] ==================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.) R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6254152 2013-10-20] (COMODO) S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [164056 2013-09-24] (COMODO) R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S3 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC) S3 wampapache; D:\wamp\bin\apache\apache2.4.4\bin\httpd.exe [24576 2013-06-23] (Apache Software Foundation) S3 wampmysqld; D:\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe [12867584 2013-06-23] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices) S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] () R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek ) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender) U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2012-11-02] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider) R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL) R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2013-09-24] (COMODO) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [715824 2013-11-14] (COMODO) R1 cmdhlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38072 2013-09-24] (COMODO) R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation) R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [118400 2013-09-24] (COMODO) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-02-16] (Microsoft Corporation) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation) S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-02-16] (Microsoft Corporation) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation) S3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2010-08-03] (The OpenVPN Project) R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-14 17:43 - 2014-03-14 17:44 - 00018539 _____ () C:\Users\Chaoyi\Downloads\FRST.txt 2014-03-14 17:42 - 2014-03-14 17:43 - 00000000 ____D () C:\FRST 2014-03-14 17:41 - 2014-03-14 17:41 - 02157056 _____ (Farbar) C:\Users\Chaoyi\Downloads\FRST64.exe 2014-03-14 17:40 - 2014-03-14 17:40 - 00036923 _____ () C:\Users\Chaoyi\Desktop\CheckResults.txt 2014-03-14 17:38 - 2014-03-14 17:38 - 00688992 _____ (Swearware) C:\Users\Chaoyi\Downloads\dds.com 2014-03-14 17:38 - 2014-03-14 17:38 - 00353352 _____ (Malwarebytes Corporation) C:\Users\Chaoyi\Downloads\mbam-check-2.0.0.1000.exe 2014-03-14 17:37 - 2014-03-14 17:37 - 00688992 _____ (Swearware) C:\Users\Chaoyi\Downloads\dds.scr 2014-03-13 17:41 - 2008-11-03 06:44 - 00061440 _____ () C:\Users\Chaoyi\Downloads\mod-spamhaus-0.7.tar 2014-03-13 17:41 - 2008-11-03 06:43 - 00000000 ____D () C:\Users\Chaoyi\Downloads\mod-spamhaus 2014-03-13 17:39 - 2014-03-13 17:40 - 00017375 _____ () C:\Users\Chaoyi\Downloads\mod-spamhaus-0.7.tar.gz 2014-03-12 17:31 - 2014-03-12 17:31 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-12 17:31 - 2014-03-12 17:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-03-12 16:36 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-03-12 16:36 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-03-12 16:36 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-03-12 16:36 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-03-12 16:36 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-03-12 16:36 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-03-12 16:36 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-03-12 16:36 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-03-12 16:36 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-03-12 16:36 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-03-12 16:36 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-03-12 16:36 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-03-12 16:36 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-03-12 16:36 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-03-12 16:36 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-03-12 16:36 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-03-12 16:36 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-03-12 16:36 - 2014-01-31 12:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2014-03-12 16:36 - 2014-01-31 09:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2014-03-12 16:36 - 2014-01-29 04:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-03-12 16:36 - 2014-01-27 11:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2014-03-12 16:36 - 2014-01-27 11:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2014-03-12 16:36 - 2013-12-21 10:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2014-03-12 16:36 - 2013-12-20 06:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2014-03-12 16:36 - 2013-12-20 06:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2014-03-12 16:35 - 2014-02-10 23:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-03-12 16:35 - 2014-02-10 22:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2014-03-12 16:35 - 2014-02-10 22:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2014-03-12 16:35 - 2014-01-31 12:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2014-03-12 16:35 - 2014-01-31 12:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2014-03-12 16:35 - 2014-01-31 05:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll 2014-03-12 16:35 - 2014-01-29 05:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2014-03-12 16:35 - 2014-01-29 04:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2014-03-12 16:35 - 2014-01-29 04:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2014-03-12 16:35 - 2014-01-29 04:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2014-03-12 16:35 - 2014-01-29 03:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2014-03-12 16:35 - 2014-01-29 03:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2014-03-12 16:35 - 2014-01-29 03:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2014-03-12 16:35 - 2014-01-29 02:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll 2014-03-12 16:35 - 2014-01-28 20:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2014-03-12 16:35 - 2014-01-27 15:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2014-03-12 16:35 - 2014-01-27 15:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll 2014-03-12 16:35 - 2014-01-27 15:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2014-03-12 16:35 - 2014-01-27 14:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2014-03-12 16:35 - 2014-01-27 14:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2014-03-12 16:35 - 2014-01-27 14:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll 2014-03-12 16:35 - 2014-01-27 14:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2014-03-12 16:35 - 2014-01-27 14:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll 2014-03-12 16:35 - 2014-01-27 13:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll 2014-03-12 16:35 - 2014-01-27 13:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll 2014-03-12 16:35 - 2014-01-27 13:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll 2014-03-12 16:35 - 2014-01-27 07:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2014-03-12 16:35 - 2014-01-17 19:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2014-03-12 16:35 - 2014-01-17 17:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2014-03-12 16:35 - 2013-12-21 04:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll 2014-03-12 16:35 - 2013-10-30 20:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2014-03-12 16:35 - 2013-10-30 20:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys 2014-03-12 16:35 - 2013-10-30 20:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2014-03-12 15:46 - 2014-03-12 15:46 - 00000000 ____D () C:\Users\Chaoyi\pip 2014-03-12 15:43 - 2014-03-12 15:43 - 00840846 _____ () C:\Users\Chaoyi\setuptools-3.1.zip 2014-03-12 15:42 - 2014-03-12 15:42 - 00000000 ____D () C:\Users\Chaoyi\AppData\Local\.distlib 2014-03-09 09:52 - 2014-03-12 15:42 - 00000000 ____D () C:\Python27 2014-03-07 17:51 - 2014-03-07 17:51 - 04822473 _____ (Tim Kosse) C:\Users\Chaoyi\Downloads\FileZilla_3.7.4.1_win32-setup.exe 2014-03-07 14:25 - 2014-03-07 14:25 - 06468040 _____ () C:\Users\Chaoyi\Downloads\The_New_Bitdefender_SPT.exe 2014-03-07 14:25 - 2014-03-07 14:25 - 00000000 ____D () C:\ProgramData\Dumps 2014-03-06 16:54 - 2014-03-06 16:54 - 00201226 _____ () C:\ProgramData\1394137572.bdinstall.bin 2014-03-06 16:50 - 2014-03-06 16:51 - 00002842 _____ () C:\WINDOWS\system32\lic2.xml16654 2014-03-06 16:50 - 2009-07-15 02:21 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll 2014-03-06 16:49 - 2013-04-17 15:59 - 00718840 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys 2014-03-06 16:49 - 2013-04-17 15:59 - 00593144 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys 2014-03-06 16:49 - 2012-11-02 15:17 - 00261056 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys 2014-03-06 16:48 - 2014-03-06 16:50 - 00000000 ____D () C:\Program Files\Bitdefender 2014-03-06 16:48 - 2013-05-28 13:12 - 00382536 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys 2014-03-06 16:48 - 2013-04-22 14:21 - 00148696 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys 2014-03-06 16:26 - 2014-03-06 16:48 - 00000000 ____D () C:\Users\Chaoyi\AppData\Roaming\QuickScan 2014-03-06 16:26 - 2014-03-06 16:26 - 10447328 _____ () C:\Users\Chaoyi\Downloads\Antivirus_Free_Edition_x64.exe 2014-03-06 16:25 - 2014-03-06 16:25 - 00162208 _____ () C:\Users\Chaoyi\Downloads\Antivirus_Free_Edition.exe 2014-03-04 19:33 - 2014-03-04 19:33 - 00060150 _____ () C:\Users\Chaoyi\Downloads\polr-0.15-RC1.zip 2014-03-04 19:00 - 2014-03-04 19:00 - 44275037 _____ (Igor Pavlov) C:\Users\Chaoyi\Downloads\DevKit-mingw64-64-4.7.2-20130224-1432-sfx.exe 2014-03-04 18:52 - 2014-03-04 18:52 - 00000000 ____D () C:\Users\Chaoyi\AppData\Roaming\Sublime Text 2 2014-03-04 18:50 - 2014-03-04 18:50 - 06513608 _____ ( ) C:\Users\Chaoyi\Downloads\Sublime Text 2.0.2 x64 Setup.exe 2014-03-03 10:53 - 2014-03-03 10:53 - 00000000 ____D () C:\Users\Chaoyi\AppData\Roaming\Composer 2014-03-03 10:53 - 2014-03-03 10:53 - 00000000 ____D () C:\Users\Chaoyi\AppData\Local\Composer 2014-03-03 09:28 - 2014-03-03 09:28 - 00000000 ____D () C:\Users\Chaoyi\Desktop\ircii 2014-03-03 09:21 - 2014-03-03 09:21 - 00002713 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-03-03 09:21 - 2014-03-03 09:21 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-03 09:21 - 2014-03-03 09:21 - 00000000 ____D () C:\Users\Chaoyi\AppData\Local\Skype 2014-03-01 09:40 - 2014-03-01 09:40 - 00000000 ____D () C:\Users\Chaoyi\Downloads\eclipse-standard-luna-M5-win32-x86_64 2014-03-01 09:32 - 2014-03-01 09:34 - 212358569 _____ () C:\Users\Chaoyi\Downloads\eclipse-standard-luna-M5-win32-x86_64.zip 2014-03-01 09:24 - 2014-03-01 09:24 - 02433949 _____ () C:\Users\Chaoyi\Downloads\External_Python (1).zip 2014-03-01 08:57 - 2014-03-12 21:40 - 00020282 _____ () C:\WINDOWS\system32\Drivers\fvstore.dat 2014-03-01 08:57 - 2014-03-01 08:57 - 05509039 _____ ( ) C:\Users\Chaoyi\Downloads\BluelineFull.exe 2014-03-01 08:57 - 2014-03-01 08:57 - 00000000 ___HD () C:\VTRoot 2014-02-28 21:34 - 2014-02-28 21:34 - 02433949 _____ () C:\Users\Chaoyi\Downloads\External_Python.zip 2014-02-26 22:35 - 2014-03-01 10:08 - 00000718 _____ () C:\Users\Public\Desktop\Cygwin64 Terminal.lnk 2014-02-26 21:09 - 2014-02-28 19:38 - 00000968 _____ () C:\Users\Chaoyi\Downloads\setup.log 2014-02-26 21:09 - 2014-02-28 19:38 - 00000242 _____ () C:\Users\Chaoyi\Downloads\setup.log.full 2014-02-26 21:08 - 2014-02-26 21:08 - 00778752 _____ () C:\Users\Chaoyi\Downloads\setup-x86_64.exe 2014-02-23 21:24 - 2014-02-23 21:24 - 00000000 ____D () C:\Users\Jun\AppData\Roaming\Malwarebytes 2014-02-18 16:37 - 2014-02-18 16:37 - 00003633 _____ () C:\Users\Chaoyi\Downloads\LCPDFR 1.0 Taser Data Files (1).zip 2014-02-17 20:53 - 2014-02-17 20:53 - 00514013 _____ () C:\Users\Chaoyi\Downloads\NhYC.txt 2014-02-17 17:58 - 2014-02-17 17:58 - 04714971 _____ () C:\Users\Chaoyi\Downloads\dfsetup217.zip 2014-02-17 16:59 - 2014-02-17 16:59 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll 2014-02-17 16:59 - 2014-02-17 16:59 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll 2014-02-17 16:59 - 2014-02-17 16:59 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll 2014-02-17 16:59 - 2014-02-17 16:59 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll 2014-02-17 16:59 - 2014-02-17 16:59 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll 2014-02-17 16:59 - 2014-02-17 16:59 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll 2014-02-17 16:59 - 2014-02-17 16:59 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe 2014-02-17 16:59 - 2014-02-17 16:59 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe 2014-02-17 16:59 - 2014-02-17 16:59 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe 2014-02-17 16:59 - 2014-02-17 16:59 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll 2014-02-17 16:59 - 2014-02-17 16:59 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll 2014-02-17 16:59 - 2014-02-17 16:59 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll 2014-02-17 16:59 - 2014-02-17 16:59 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll 2014-02-17 16:59 - 2014-02-17 16:59 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll 2014-02-17 16:56 - 2010-06-02 05:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll 2014-02-17 16:56 - 2010-06-02 05:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll 2014-02-17 16:56 - 2010-05-26 12:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll 2014-02-17 16:56 - 2010-05-26 12:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll (still too long, posting in another post)

I get the following when I try to run DDS (tried both .scr and .com). I am currently using Windows 8.1 http://imgur.com/y67WpOw MBAMCheck Logs: mbam-check result log version: 2.0.0.1000 Malwarebytes Version: REG_SZ 1.75.0.1300 Date Log Created: 03/14/14Time Log Created: 17:40:05 User Account type: Administrator 64 bit Operating System Product Name: REG_SZ Windows 8.1 Current Build Number: 9200 Current Version Number: 6.2 Current CSDVersion: Proxy Status: No proxy is Set LAN Settings:============= only 'Automatically detect settings' is selected SystemPartition:================ HKEY_LOCAL_MACHINE\SYSTEM\Setup\SystemPartition REG_SZ \Device\HarddiskVolume2 Balloon Tips Status:==================== Enabled Time Format Settings:===================== Should be:h:mm:ss ttAM PM : Currently:REG_SZ h:mm:ss ttREG_SZ AMREG_SZ PMREG_SZ : Language and Regional Settings:=============================== ACP: Language is English (United States)MACCP: Language is English (United States)OEMCP: Language is English (United States) Startup Folders for Error_Expanding_Variables Check:==================================================== All Users Startup Folder Exists.Current User's Startup Folder Exists. Terminal Services Status for (null) entries in PM logs and GetUserToken errors:=============================================================================== TERMService:==============Type : 32State : 1 (The service is not running.) (State is stopped)WIN32_EXIT_CODE : 1077SERVICE_EXIT_CODE : 0CHECKPOINT : 0WAIT_HINT : 0 TermService Start is set to: 3 (Manual Startup) Compatibility Flag Settings (Any MBAM file listings should be removed):======================================================================= HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\LayersD:\Chaoyi\GTA IV\Grand Theft Auto IV\GTAIV.exeREG_SZ ~ RUNASADMIN Malwarebytes Anti-Malware Shell Extension Block Check:====================================================== MBAM Startup Entries: =====================HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunHKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnceHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Service and Driver Status:========================== MBAMProtector:==============Type : 2State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)WIN32_EXIT_CODE : 0SERVICE_EXIT_CODE : 0CHECKPOINT : 0WAIT_HINT : 0 MBAMService:==============Type : 16State : 4 (The service is running.)WIN32_EXIT_CODE : 0SERVICE_EXIT_CODE : 0CHECKPOINT : 0WAIT_HINT : 0 MBAMScheduler:==============Type : 16State : 4 (The service is running.)WIN32_EXIT_CODE : 0SERVICE_EXIT_CODE : 0CHECKPOINT : 0WAIT_HINT : 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon MBAMProtector Registry Values:============================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtectorWOW64 REG_DWORD 1Type REG_DWORD 2Start REG_DWORD 3ErrorControl REG_DWORD 1ImagePath REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sysDisplayName REG_SZ MBAMProtectorGroup REG_SZ FSFilter Anti-VirusDependOnService REG_MULTI_SZ FltMgr HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\InstancesDefaultInstance REG_SZ MBAMProtector InstanceHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector InstanceAltitude REG_SZ 328800Flags REG_DWORD 0MBAMService Registry Values:============================ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMServiceWOW64 REG_DWORD 1Description REG_SZ Malwarebytes Anti-Malware serviceDelayedAutostart REG_DWORD 0Type REG_DWORD 16Start REG_DWORD 2ErrorControl REG_DWORD 1ImagePath REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"DisplayName REG_SZ MBAMServiceDependOnService REG_MULTI_SZ MBAMProtector ObjectName REG_SZ LocalSystemMBAMScheduler Registry Values:============================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMSchedulerWOW64 REG_DWORD 1Description REG_SZ Malwarebytes Anti-Malware schedulerType REG_DWORD 16Start REG_DWORD 2ErrorControl REG_DWORD 1ImagePath REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"DisplayName REG_SZ MBAMSchedulerObjectName REG_SZ LocalSystem MBAM DLL's and Runtime Files:============================= HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid(Default): REG_SZ vbAccelerator Grid ControlHKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid\Clsid(Default): REG_SZ {C5DA1F2B-B2BF-4DFC-BC9A-439133543A67} HKEY_CLASSES_ROOT\SSubTimer6.GSubclass(Default): REG_SZ SSubTimer6.GSubclassHKEY_CLASSES_ROOT\SSubTimer6.GSubclass\Clsid(Default): REG_SZ {71A27032-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\SSubTimer6.CTimer(Default): REG_SZ SSubTimer6.CTimerHKEY_CLASSES_ROOT\SSubTimer6.CTimer\Clsid(Default): REG_SZ {71A27034-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\SSubTimer6.ISubclass(Default): REG_SZ SSubTimer6.ISubclassHKEY_CLASSES_ROOT\SSubTimer6.ISubclass\Clsid(Default): REG_SZ {71A2702F-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}(Default): REG_SZ SSubTimer6.ISubclassHKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented CategoriesHKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\ProgID(Default): REG_SZ SSubTimer6.ISubclassHKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\ProgrammableHKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\TypeLib(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\VERSION(Default): REG_SZ 1.0 HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}(Default): REG_SZ SSubTimer6.GSubclassHKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented CategoriesHKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dllThreadingModel REG_SZ ApartmentHKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\ProgID(Default): REG_SZ SSubTimer6.GSubclassHKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\ProgrammableHKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\TypeLib(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\VERSION(Default): REG_SZ 1.0 HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}(Default): REG_SZ SSubTimer6.CTimerHKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented CategoriesHKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dllThreadingModel REG_SZ ApartmentHKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\ProgID(Default): REG_SZ SSubTimer6.CTimerHKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\ProgrammableHKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\TypeLib(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\VERSION(Default): REG_SZ 1.0 HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1(Default): REG_SZ vbAccelerator VB6 SGrid Control 2.0HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocxHKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS(Default): REG_SZ 2HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-MalwareHKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1(Default): REG_SZ vbAccelerator VB6 SGrid Control 2.0HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocxHKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS(Default): REG_SZ 2HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-MalwareHKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0(Default): REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix)HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dllHKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS(Default): REG_SZ 0HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-MalwareHKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0(Default): REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix)HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dllHKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS(Default): REG_SZ 0HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-MalwareHKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}(Default): REG_SZ _ISubclassHKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32(Default): REG_SZ {00020424-0000-0000-C000-000000000046}HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}Version REG_SZ 1.0HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}(Default): REG_SZ ISubclassHKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid(Default): REG_SZ {00020424-0000-0000-C000-000000000046}HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32(Default): REG_SZ {00020424-0000-0000-C000-000000000046}HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}Version REG_SZ 1.0HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}(Default): REG_SZ __CTimerHKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32(Default): REG_SZ {00020420-0000-0000-C000-000000000046}HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}Version REG_SZ 1.0HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}(Default): REG_SZ CTimerHKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid(Default): REG_SZ {00020420-0000-0000-C000-000000000046}HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32(Default): REG_SZ {00020420-0000-0000-C000-000000000046}HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}Version REG_SZ 1.0HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}(Default): REG_SZ __vbalGridHKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32(Default): REG_SZ {00020420-0000-0000-C000-000000000046}HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib(Default): REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A}Version REG_SZ 1.1HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}(Default): REG_SZ vbalGridHKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid(Default): REG_SZ {00020420-0000-0000-C000-000000000046}HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32(Default): REG_SZ {00020420-0000-0000-C000-000000000046}HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib(Default): REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A}Version REG_SZ 1.1MBAM Registry Settings and License Info:======================================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malwareadvancedheuristics REG_DWORD 1downloadprogram REG_DWORD 1hidereg REG_DWORD 0detectp2p REG_DWORD 0detectpum REG_DWORD 1detectpup REG_DWORD 2updatewarn REG_DWORD 1updatewarndays REG_DWORD 2useproxy REG_DWORD 0useauthentication REG_DWORD 0contextmenu REG_DWORD 1reportthreats REG_DWORD 1startwithwindows REG_DWORD 1startfsdisabled REG_DWORD 0startipdisabled REG_DWORD 0silentipmode REG_DWORD 0autoquarantine REG_DWORD 1notifyinstallprogram REG_DWORD 1trialpromptshown REG_DWORD 0autoquarantinenotify REG_DWORD 1alwaysscanarchives REG_DWORD 1InstallPath REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malwaredbdate REG_SZ Fri, 14 Mar 2014 19:19:36 GMTdbversion REG_SZ v2014.03.14.07programversion REG_SZ 1.75.0.1300programbuild REG_SZ consumerID XXXXX-XXXXX This is hidden data.Key XXXX-XXXX-XXXX-XXXX This is hidden data.SchedulerQueue REG_MULTI_SZ 1052673, 0, 0, 20, 0 | 30359501, 1082120703 HKEY_CURRENT_USER\SOFTWARE\Malwarebytes' Anti-Malwarealwaysscanfiles REG_DWORD 1alwaysscanheuristics REG_DWORD 1alwaysscanmemory REG_DWORD 1alwaysscanregistry REG_DWORD 1alwaysscanstartups REG_DWORD 1autosavelog REG_DWORD 1openlog REG_DWORD 1defaultscan REG_DWORD 0terminateie REG_DWORD 0Language REG_SZ English.lngselectedrives REG_SZ C:\|D:\|HKEY_USERS\S-1-5-18\SOFTWARE\Malwarebytes' Anti-Malwarealwaysscanfiles REG_DWORD 1alwaysscanheuristics REG_DWORD 1alwaysscanmemory REG_DWORD 1alwaysscanregistry REG_DWORD 1alwaysscanstartups REG_DWORD 1autosavelog REG_DWORD 1openlog REG_DWORD 1defaultscan REG_DWORD 0terminateie REG_DWORD 0HKEY_USERS\.DEFAULT\SOFTWARE\Malwarebytes' Anti-Malwarealwaysscanfiles REG_DWORD 1alwaysscanheuristics REG_DWORD 1alwaysscanmemory REG_DWORD 1alwaysscanregistry REG_DWORD 1alwaysscanstartups REG_DWORD 1autosavelog REG_DWORD 1openlog REG_DWORD 1defaultscan REG_DWORD 0terminateie REG_DWORD 0 HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1Inno Setup: Setup Version REG_SZ 5.5.3-dev (a)Inno Setup: App Path REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-MalwareInstallLocation REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\Inno Setup: Icon Group REG_SZ Malwarebytes' Anti-MalwareInno Setup: User REG_SZ ChaoyiInno Setup: Selected Tasks REG_DWORD 0Inno Setup: Deselected Tasks REG_SZ desktopicon,quicklaunchiconInno Setup: Language REG_SZ EnglishDisplayName REG_SZ Malwarebytes Anti-Malware version 1.75.0.1300DisplayIcon REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeUninstallString REG_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"QuietUninstallString REG_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" /SILENTDisplayVersion REG_SZ 1.75.0.1300Publisher REG_SZ Malwarebytes CorporationURLInfoAbout REG_SZ http://www.malwarebytes.orgNoModify REG_DWORD 1NoRepair REG_DWORD 1InstallDate REG_SZ 20140106MajorVersion REG_DWORD 1MinorVersion REG_DWORD 75EstimatedSize REG_DWORD 19815Pending File Rename Operations: ================================If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation. Scheduler Queue:================ Scheduled Item: Update Schedule Options: | Realtime | Silent Start Time: Realtime Repeating Every: 20 Recover if missed by: 0 Context Menu Entries:===================== HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3} HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3} HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt(Default): REG_SZ MBAMShlExt ClassHKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer(Default): REG_SZ MBAMExt.MBAMShlExt.1HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1(Default): REG_SZ MBAMShlExt ClassHKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3} HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}(Default): REG_SZ IMBAMShlExtHKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32(Default): REG_SZ {00020424-0000-0000-C000-000000000046}HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib(Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}Version REG_SZ 1.0HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}(Default): REG_SZ MBAMShlExt ClassHKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dllThreadingModel REG_SZ ApartmentHKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID(Default): REG_SZ MBAMExt.MBAMShlExt.1HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib(Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID(Default): REG_SZ MBAMExt.MBAMShlExt HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0(Default): REG_SZ MBAMExt 1.0 Type LibraryHKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win64(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dllHKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS(Default): REG_SZ 0HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-MalwareHKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0(Default): REG_SZ MBAMExt 1.0 Type LibraryHKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win64(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dllHKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS(Default): REG_SZ 0HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware MBAM Drivers:============= C:\WINDOWS\system32\drivers\mbam.sys File Size: 25928 BYTES FileVersion: 1.60.2.0 Required Dependencies:====================== BFE:==============Type : 32State : 4 (The service is running.)WIN32_EXIT_CODE : 0SERVICE_EXIT_CODE : 0CHECKPOINT : 0WAIT_HINT : 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFEDisplayName REG_SZ @%SystemRoot%\system32\bfe.dll,-1001ErrorControl REG_DWORD 1Group REG_SZ NetworkProviderImagePath REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetworkStart REG_DWORD 2Type REG_DWORD 32Description REG_SZ @%SystemRoot%\system32\bfe.dll,-1002DependOnService REG_MULTI_SZ RpcSsWfpLwfs ObjectName REG_SZ NT AUTHORITY\LocalServiceServiceSidType REG_DWORD 3RequiredPrivileges REG_MULTI_SZ SeAuditPrivilege FailureActions REG_BINARY Binary Data HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\ParametersServiceDllUnloadOnStop REG_DWORD 1ServiceMain REG_SZ BfeServiceMainServiceDll REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll fltmgr:==============Type : 2State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)WIN32_EXIT_CODE : 0SERVICE_EXIT_CODE : 0CHECKPOINT : 0WAIT_HINT : 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgrAttachWhenLoaded REG_DWORD 1DisplayName REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001ErrorControl REG_DWORD 3Group REG_SZ FSFilter InfrastructureImagePath REG_EXPAND_SZ system32\drivers\fltmgr.sysStart REG_DWORD 0Tag REG_DWORD 1Type REG_DWORD 2Description REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000C:\WINDOWS\system32\drivers\fltmgr.sys File Size: 358752 BYTES FileVersion: 6.3.9600.16384C:\WINDOWS\SysWOW64\mscomctl.ocx File Size: 1070152 BYTES FileVersion: 6.1.98.34C:\WINDOWS\SysWOW64\olepro32.dll File Size: 80384 BYTES FileVersion: 6.3.9600.16384 List of MBAM Related Directories:================================= C:\Program Files (x86)\Malwarebytes' Anti-Malware7z.dll File Size: 914432 BYTES FileVersion: 9.20.0.0changes.txt File Size: 200 BYTESlicense.rtf File Size: 17916 BYTESmbam.chm File Size: 474148 BYTESmbam.dll File Size: 527944 BYTES FileVersion: 1.70.0.0mbam.exe File Size: 887432 BYTES FileVersion: 1.75.0.1mbamcore.dll File Size: 1127496 BYTES FileVersion: 1.70.0.0mbamext.dll File Size: 95304 BYTES FileVersion: 1.70.0.0mbamgui.exe File Size: 532040 BYTES FileVersion: 1.70.0.0mbamnet.dll File Size: 2191944 BYTES FileVersion: 1.70.0.0mbampt.exe File Size: 40008 BYTES FileVersion: 1.70.0.0mbamscheduler.exe File Size: 418376 BYTES FileVersion: 1.70.0.0mbamservice.exe File Size: 701512 BYTES FileVersion: 1.70.0.0mbamtoast.dll File Size: 74312 BYTES FileVersion: 1.70.0.0ssubtmr6.dll File Size: 46416 BYTES FileVersion: 1.1.0.3unins000.dat File Size: 15834 BYTESunins000.exe File Size: 712264 BYTES FileVersion: 51.52.0.0unins000.msg File Size: 11277 BYTESvbalsgrid6.ocx File Size: 496976 BYTES FileVersion: 2.0.0.40 C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleonchameleon.chm File Size: 186068 BYTESfirefox.com File Size: 218184 BYTESfirefox.exe File Size: 218184 BYTESfirefox.pif File Size: 218184 BYTESfirefox.scr File Size: 218184 BYTESiexplore.exe File Size: 218184 BYTESmbam-chameleon.com File Size: 218184 BYTESmbam-chameleon.exe File Size: 218184 BYTESmbam-chameleon.pif File Size: 218184 BYTESmbam-chameleon.scr File Size: 218184 BYTESmbam-killer.exe File Size: 896072 BYTESrundll32.exe File Size: 218184 BYTESsvchost.exe File Size: 218184 BYTESwinlogon.exe File Size: 218184 BYTES C:\Program Files (x86)\Malwarebytes' Anti-Malware\Languagesarabic.lng File Size: 21894 BYTESbelarusian.lng File Size: 26884 BYTESbosnian.lng File Size: 27108 BYTESbulgarian.lng File Size: 27574 BYTEScatalan.lng File Size: 28252 BYTESchineseSI.lng File Size: 11024 BYTESchineseTR.lng File Size: 11952 BYTEScroatian.lng File Size: 26670 BYTESczech.lng File Size: 24874 BYTESdanish.lng File Size: 26582 BYTESdutch.lng File Size: 28342 BYTESenglish.lng File Size: 24542 BYTESestonian.lng File Size: 25146 BYTESfinnish.lng File Size: 25950 BYTESfrench.lng File Size: 29830 BYTESgerman.lng File Size: 29894 BYTESgreek.lng File Size: 29300 BYTEShebrew.lng File Size: 19362 BYTEShungarian.lng File Size: 28666 BYTESindonesian.lng File Size: 26854 BYTESitalian.lng File Size: 28194 BYTESjapanese.lng File Size: 16266 BYTESkorean.lng File Size: 14188 BYTESlatvian.lng File Size: 27100 BYTESlithuanian.lng File Size: 27838 BYTESnorwegian.lng File Size: 25116 BYTESpolish.lng File Size: 26644 BYTESportugueseBR.lng File Size: 28654 BYTESportuguesePT.lng File Size: 29062 BYTESromanian.lng File Size: 28290 BYTESrussian.lng File Size: 27302 BYTESserbian.lng File Size: 26804 BYTESslovak.lng File Size: 25644 BYTESslovenian.lng File Size: 24852 BYTESspanish.lng File Size: 30060 BYTESswedish.lng File Size: 25992 BYTESthai.lng File Size: 26092 BYTESturkish.lng File Size: 25876 BYTESvietnamese.lng File Size: 29528 BYTES C:\Users\Chaoyi\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware C:\Users\Chaoyi\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logsmbam-log-2014-01-11 (11-26-23).txt File Size: 1894 BYTESmbam-log-2014-01-23 (17-12-18).txt File Size: 1896 BYTESmbam-log-2014-02-24 (15-37-02).txt File Size: 1878 BYTESmbam-log-2014-02-24 (16-51-19).txt File Size: 1880 BYTESmbam-log-2014-02-24 (17-31-15).txt File Size: 1866 BYTES C:\Users\Chaoyi\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malwarerules.ref File Size: 7345016 BYTES C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configurationbuild.conf File Size: 140 BYTESconfig.conf File Size: 4076 BYTEScustom.conf File Size: 20 BYTESdatabase.conf File Size: 432 BYTEShtml.conf File Size: 2904 BYTESlocal.conf File Size: 812 BYTESmanifest.conf File Size: 1752 BYTESmessaging.conf File Size: 1430 BYTESnews.conf File Size: 265 BYTES C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logsprotection-log-2014-01-06.txt File Size: 2158 BYTESprotection-log-2014-01-07.txt File Size: 2158 BYTESprotection-log-2014-01-09.txt File Size: 996 BYTESprotection-log-2014-01-10.txt File Size: 3616 BYTESprotection-log-2014-01-11.txt File Size: 11728 BYTESprotection-log-2014-01-12.txt File Size: 1506 BYTESprotection-log-2014-01-13.txt File Size: 25406 BYTESprotection-log-2014-01-14.txt File Size: 996 BYTESprotection-log-2014-01-15.txt File Size: 652 BYTESprotection-log-2014-01-16.txt File Size: 996 BYTESprotection-log-2014-01-17.txt File Size: 690 BYTESprotection-log-2014-01-18.txt File Size: 2406 BYTESprotection-log-2014-01-19.txt File Size: 2402 BYTESprotection-log-2014-01-20.txt File Size: 6218 BYTESprotection-log-2014-01-21.txt File Size: 1456 BYTESprotection-log-2014-01-22.txt File Size: 2994 BYTESprotection-log-2014-01-23.txt File Size: 22526 BYTESprotection-log-2014-01-24.txt File Size: 34482 BYTESprotection-log-2014-01-25.txt File Size: 4208 BYTESprotection-log-2014-01-26.txt File Size: 996 BYTESprotection-log-2014-01-27.txt File Size: 2152 BYTESprotection-log-2014-01-29.txt File Size: 996 BYTESprotection-log-2014-01-31.txt File Size: 996 BYTESprotection-log-2014-02-03.txt File Size: 1236 BYTESprotection-log-2014-02-07.txt File Size: 4332 BYTESprotection-log-2014-02-08.txt File Size: 2646 BYTESprotection-log-2014-02-09.txt File Size: 472 BYTESprotection-log-2014-02-10.txt File Size: 996 BYTESprotection-log-2014-02-11.txt File Size: 2166 BYTESprotection-log-2014-02-14.txt File Size: 1704 BYTESprotection-log-2014-02-16.txt File Size: 4164 BYTESprotection-log-2014-02-18.txt File Size: 912 BYTESprotection-log-2014-02-21.txt File Size: 1998 BYTESprotection-log-2014-02-23.txt File Size: 6726 BYTESprotection-log-2014-02-24.txt File Size: 11732 BYTESprotection-log-2014-02-25.txt File Size: 12072 BYTESprotection-log-2014-02-26.txt File Size: 13174 BYTESprotection-log-2014-02-27.txt File Size: 11000 BYTESprotection-log-2014-02-28.txt File Size: 13234 BYTESprotection-log-2014-03-01.txt File Size: 26510 BYTESprotection-log-2014-03-02.txt File Size: 12226 BYTESprotection-log-2014-03-03.txt File Size: 26804 BYTESprotection-log-2014-03-04.txt File Size: 10338 BYTESprotection-log-2014-03-05.txt File Size: 8648 BYTESprotection-log-2014-03-06.txt File Size: 13174 BYTESprotection-log-2014-03-07.txt File Size: 15480 BYTESprotection-log-2014-03-08.txt File Size: 18610 BYTESprotection-log-2014-03-09.txt File Size: 15622 BYTESprotection-log-2014-03-10.txt File Size: 14074 BYTESprotection-log-2014-03-11.txt File Size: 11770 BYTESprotection-log-2014-03-12.txt File Size: 8568 BYTESprotection-log-2014-03-13.txt File Size: 10742 BYTESprotection-log-2014-03-14.txt File Size: 3446 BYTES C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine ===============================================================END OF FILE FRST: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014Ran by Chaoyi (administrator) on ONYX on 14-03-2014 17:43:35Running from C:\Users\Chaoyi\DownloadsWindows 8.1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version:Download link for 64-Bit Version:Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe(AMD) C:\WINDOWS\system32\atiesrxx.exe(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE(AMD) C:\WINDOWS\system32\atieclxx.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe(Microsoft Corporation) C:\Windows\System32\skydrive.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Oracle Corporation) D:\Programs\Netbeans 8.0\NetBeans 8.0 Beta\bin\netbeans64.exe(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe() D:\Chaoyi\hexchat\hexchat.exe(Don HO don.h@free.fr) C:\Users\Chaoyi\Downloads\npp.6.5.3.bin\notepad++.exe(Google) C:\Users\Chaoyi\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\WINDOWS\SysWOW64\NOTEPAD.EXE ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2012-08-07] (Realtek Semiconductor)HKLM\...\Run: [Classic Start Menu] - C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-29] (ASUSTek Computer Inc.)HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)HKU\S-1-5-21-2003096260-2618070249-4292722047-1002\...\Run: [Google Update] - C:\Users\Chaoyi\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-01-02] (Google Inc.) Continues on next post (too long) Addition.txt

I cannot add exceptions on the Free version. Also, the problems persist even if BD is closed.

I am using BD free. If there is not a solution, I'll uninstall BD and get CIS again.

I don't want to uninstall Malwarebytes, though (I bought pro)

Hello. I have recently installed Bitdefender on my PC (comodo & MBAM were having problems). I uninstalled Comodo CIS and got Bitdefender Free AV. After installing BD, some programs wouldn't run correctly. They produce an error about a certain BD module. I emailed BD Support, and they told me that MBAM was interfering with their product.

Anyone?

A protection log 2013/12/20 15:23:12 -0500 FAMILY Chaoyi MESSAGE Executing scheduled update: On Reboot2013/12/20 15:23:24 -0500 FAMILY Chaoyi MESSAGE Starting protection2013/12/20 15:23:24 -0500 FAMILY Chaoyi MESSAGE Protection started successfully2013/12/20 15:23:24 -0500 FAMILY Chaoyi MESSAGE Starting IP protection2013/12/20 15:23:44 -0500 FAMILY Chaoyi MESSAGE IP Protection started successfully2013/12/20 15:26:43 -0500 FAMILY Chaoyi MESSAGE Executing scheduled update: On Reboot2013/12/20 15:26:58 -0500 FAMILY Chaoyi MESSAGE Starting protection2013/12/20 15:26:58 -0500 FAMILY Chaoyi MESSAGE Protection started successfully2013/12/20 15:26:58 -0500 FAMILY Chaoyi MESSAGE Starting IP protection2013/12/20 15:27:14 -0500 FAMILY Chaoyi MESSAGE IP Protection started successfully2013/12/20 15:31:16 -0500 FAMILY Chaoyi MESSAGE Executing scheduled update: On Reboot2013/12/20 15:31:29 -0500 FAMILY Chaoyi MESSAGE Starting protection2013/12/20 15:31:29 -0500 FAMILY Chaoyi MESSAGE Protection started successfully2013/12/20 15:31:29 -0500 FAMILY Chaoyi MESSAGE Starting IP protection2013/12/20 15:31:48 -0500 FAMILY Chaoyi MESSAGE IP Protection started successfully2013/12/20 15:33:35 -0500 FAMILY Chaoyi MESSAGE Starting database refresh2013/12/20 15:33:35 -0500 FAMILY Chaoyi MESSAGE Stopping IP protection2013/12/20 15:33:35 -0500 FAMILY Chaoyi MESSAGE Scheduled update executed successfully: database updated from version v2013.12.19.11 to version v2013.12.20.072013/12/20 15:33:36 -0500 FAMILY Chaoyi MESSAGE IP Protection stopped successfully2013/12/20 15:33:44 -0500 FAMILY Chaoyi MESSAGE Database refreshed successfully2013/12/20 15:33:44 -0500 FAMILY Chaoyi MESSAGE Starting IP protection2013/12/20 15:33:57 -0500 FAMILY Chaoyi MESSAGE IP Protection started successfully another log 2013/07/17 08:18:00 -0400 FAMILY Chaoyi MESSAGE Starting protection2013/07/17 08:18:00 -0400 FAMILY Chaoyi MESSAGE Protection started successfully2013/07/17 08:18:00 -0400 FAMILY Chaoyi MESSAGE Starting IP protection2013/07/17 08:18:25 -0400 FAMILY Chaoyi MESSAGE IP Protection started successfully2013/07/17 08:45:23 -0400 FAMILY Chaoyi IP-BLOCK 66.150.164.227 (Type: outgoing, Port: 62983, Process: hl2.exe)2013/07/17 08:45:23 -0400 FAMILY Chaoyi IP-BLOCK 66.150.164.227 (Type: outgoing, Port: 62983, Process: hl2.exe)2013/07/17 08:45:23 -0400 FAMILY Chaoyi IP-BLOCK 66.150.164.227 (Type: outgoing, Port: 62983, Process: hl2.exe)2013/07/17 08:45:23 -0400 FAMILY Chaoyi IP-BLOCK 66.150.164.227 (Type: outgoing, Port: 62983, Process: hl2.exe)2013/07/17 08:45:39 -0400 FAMILY Chaoyi IP-BLOCK 88.86.119.233 (Type: outgoing, Port: 62983, Process: hl2.exe)2013/07/17 08:45:39 -0400 FAMILY Chaoyi IP-BLOCK 88.86.119.233 (Type: outgoing, Port: 62983, Process: hl2.exe)2013/07/17 08:45:39 -0400 FAMILY Chaoyi IP-BLOCK 88.86.119.233 (Type: outgoing, Port: 62983, Process: hl2.exe)2013/07/17 08:45:48 -0400 FAMILY Chaoyi IP-BLOCK 91.211.116.14 (Type: outgoing, Port: 62983, Process: hl2.exe)2013/07/17 08:45:48 -0400 FAMILY Chaoyi IP-BLOCK 91.211.116.14 (Type: outgoing, Port: 62983, Process: hl2.exe)2013/07/17 08:45:48 -0400 FAMILY Chaoyi IP-BLOCK 91.211.116.14 (Type: outgoing, Port: 62983, Process: hl2.exe)2013/07/17 08:45:48 -0400 FAMILY Chaoyi IP-BLOCK 91.211.116.14 (Type: outgoing, Port: 62983, Process: hl2.exe)2013/07/17 08:45:48 -0400 FAMILY Chaoyi IP-BLOCK 91.211.116.14 (Type: outgoing, Port: 62983, Process: hl2.exe)2013/07/17 08:45:48 -0400 FAMILY Chaoyi IP-BLOCK 83.222.109.45 (Type: outgoing, Port: 62983, Process: hl2.exe)2013/07/17 08:45:49 -0400 FAMILY Chaoyi IP-BLOCK 83.222.109.45 (Type: outgoing, Port: 62983, Process: hl2.exe)2013/07/17 09:02:50 -0400 FAMILY Chaoyi IP-BLOCK 66.150.164.27 (Type: outgoing, Port: 64618, Process: hl2.exe)2013/07/17 09:02:50 -0400 FAMILY Chaoyi IP-BLOCK 66.150.164.129 (Type: outgoing, Port: 64618, Process: hl2.exe)2013/07/17 09:02:50 -0400 FAMILY Chaoyi IP-BLOCK 66.150.164.227 (Type: outgoing, Port: 64618, Process: hl2.exe)2013/07/17 09:02:50 -0400 FAMILY Chaoyi IP-BLOCK 66.150.164.33 (Type: outgoing, Port: 64618, Process: hl2.exe)2013/07/17 09:02:50 -0400 FAMILY Chaoyi IP-BLOCK 66.150.164.227 (Type: outgoing, Port: 64618, Process: hl2.exe)2013/07/17 09:10:39 -0400 FAMILY Chaoyi IP-BLOCK 66.150.164.27 (Type: outgoing, Port: 62918, Process: hl2.exe)2013/07/17 09:10:39 -0400 FAMILY Chaoyi IP-BLOCK 66.150.164.129 (Type: outgoing, Port: 62918, Process: hl2.exe)2013/07/17 09:10:39 -0400 FAMILY Chaoyi IP-BLOCK 66.150.164.227 (Type: outgoing, Port: 62918, Process: hl2.exe)2013/07/17 09:10:39 -0400 FAMILY Chaoyi IP-BLOCK 66.150.164.33 (Type: outgoing, Port: 62918, Process: hl2.exe)2013/07/17 09:10:39 -0400 FAMILY Chaoyi IP-BLOCK 66.150.164.227 (Type: outgoing, Port: 62918, Process: hl2.exe)2013/07/17 09:20:38 -0400 FAMILY Chaoyi MESSAGE Executing scheduled update: Hourly | Silent2013/07/17 09:21:41 -0400 FAMILY Chaoyi MESSAGE Scheduled update executed successfully: database updated from version v2013.07.16.08 to version v2013.07.17.042013/07/17 09:21:42 -0400 FAMILY Chaoyi MESSAGE Starting database refresh2013/07/17 09:21:42 -0400 FAMILY Chaoyi MESSAGE Stopping IP protection2013/07/17 09:21:43 -0400 FAMILY Chaoyi MESSAGE IP Protection stopped successfully2013/07/17 09:22:25 -0400 FAMILY Chaoyi MESSAGE Database refreshed successfully2013/07/17 09:22:25 -0400 FAMILY Chaoyi MESSAGE Starting IP protection2013/07/17 09:24:00 -0400 FAMILY Chaoyi MESSAGE IP Protection started successfully2013/07/17 09:32:00 -0400 FAMILY Chaoyi MESSAGE Executing scheduled scan: Flash Scan | Daily | Silent | -remove | -terminate | -log2013/07/17 09:32:02 -0400 FAMILY Chaoyi MESSAGE Scheduled scan executed successfully2013/07/17 10:16:27 -0400 FAMILY Chaoyi MESSAGE Executing scheduled update: Hourly | Silent2013/07/17 10:16:35 -0400 FAMILY Chaoyi MESSAGE Database already up-to-date2013/07/17 11:04:30 -0400 FAMILY Chaoyi MESSAGE Executing scheduled update: Hourly | Silent2013/07/17 11:04:50 -0400 FAMILY Chaoyi MESSAGE Starting database refresh2013/07/17 11:04:50 -0400 FAMILY Chaoyi MESSAGE Stopping IP protection2013/07/17 11:04:50 -0400 FAMILY Chaoyi MESSAGE Scheduled update executed successfully: database updated from version v2013.07.17.04 to version v2013.07.17.052013/07/17 11:04:51 -0400 FAMILY Chaoyi MESSAGE IP Protection stopped successfully2013/07/17 11:05:00 -0400 FAMILY Chaoyi MESSAGE Database refreshed successfully2013/07/17 11:05:00 -0400 FAMILY Chaoyi MESSAGE Starting IP protection2013/07/17 11:05:15 -0400 FAMILY Chaoyi MESSAGE IP Protection started successfully2013/07/17 12:05:23 -0400 FAMILY Chaoyi MESSAGE Executing scheduled update: Hourly | Silent2013/07/17 12:05:31 -0400 FAMILY Chaoyi MESSAGE Database already up-to-date2013/07/17 12:06:05 -0400 FAMILY Chaoyi IP-BLOCK 66.150.164.129 (Type: outgoing, Port: 49954, Process: hl2.exe)2013/07/17 12:06:05 -0400 FAMILY Chaoyi IP-BLOCK 66.150.164.227 (Type: outgoing, Port: 49954, Process: hl2.exe)2013/07/17 12:06:05 -0400 FAMILY Chaoyi IP-BLOCK 66.150.164.227 (Type: outgoing, Port: 49954, Process: hl2.exe)2013/07/17 12:06:05 -0400 FAMILY Chaoyi IP-BLOCK 66.150.164.59 (Type: outgoing, Port: 49954, Process: hl2.exe)2013/07/17 12:06:06 -0400 FAMILY Chaoyi IP-BLOCK 66.150.164.227 (Type: outgoing, Port: 49954, Process: hl2.exe)2013/07/17 12:06:06 -0400 FAMILY Chaoyi IP-BLOCK 66.150.164.227 (Type: outgoing, Port: 49954, Process: hl2.exe)2013/07/17 12:25:19 -0400 FAMILY Chaoyi IP-BLOCK 117.21.224.24 (Type: outgoing, Port: 56813, Process: avastsvc.exe)2013/07/17 12:25:19 -0400 FAMILY Chaoyi IP-BLOCK 117.21.224.24 (Type: outgoing, Port: 56814, Process: avastsvc.exe)2013/07/17 12:27:22 -0400 FAMILY Chaoyi IP-BLOCK 117.21.224.24 (Type: outgoing, Port: 56871, Process: avastsvc.exe)2013/07/17 12:27:22 -0400 FAMILY Chaoyi IP-BLOCK 117.21.224.24 (Type: outgoing, Port: 56872, Process: avastsvc.exe)2013/07/17 12:58:32 -0400 FAMILY Chaoyi MESSAGE Executing scheduled update: Hourly | Silent2013/07/17 12:59:07 -0400 FAMILY Chaoyi MESSAGE Starting database refresh2013/07/17 12:59:07 -0400 FAMILY Chaoyi MESSAGE Stopping IP protection2013/07/17 12:59:07 -0400 FAMILY Chaoyi MESSAGE Scheduled update executed successfully: database updated from version v2013.07.17.05 to version v2013.07.17.062013/07/17 12:59:08 -0400 FAMILY Chaoyi MESSAGE IP Protection stopped successfully2013/07/17 12:59:37 -0400 FAMILY Chaoyi MESSAGE Database refreshed successfully2013/07/17 12:59:37 -0400 FAMILY Chaoyi MESSAGE Starting IP protection2013/07/17 13:00:03 -0400 FAMILY Chaoyi MESSAGE IP Protection started successfully2013/07/17 13:57:39 -0400 FAMILY Chaoyi MESSAGE Executing scheduled update: Hourly | Silent2013/07/17 13:57:45 -0400 FAMILY Chaoyi MESSAGE Database already up-to-date2013/07/17 15:19:22 -0400 FAMILY Chaoyi MESSAGE Executing scheduled update: Hourly | Silent2013/07/17 15:19:52 -0400 FAMILY Chaoyi MESSAGE Scheduled update executed successfully: database updated from version v2013.07.17.06 to version v2013.07.17.072013/07/17 15:19:52 -0400 FAMILY Chaoyi MESSAGE Starting database refresh2013/07/17 15:19:52 -0400 FAMILY Chaoyi MESSAGE Stopping IP protection2013/07/17 15:19:52 -0400 FAMILY Chaoyi MESSAGE IP Protection stopped successfully2013/07/17 15:20:03 -0400 FAMILY Chaoyi MESSAGE Database refreshed successfully2013/07/17 15:20:03 -0400 FAMILY Chaoyi MESSAGE Starting IP protection2013/07/17 15:20:18 -0400 FAMILY Chaoyi MESSAGE IP Protection started successfully2013/07/17 16:05:06 -0400 FAMILY Chaoyi MESSAGE Executing scheduled update: Hourly | Silent2013/07/17 16:05:09 -0400 FAMILY Chaoyi MESSAGE Database already up-to-date2013/07/17 18:24:54 -0400 FAMILY (null) MESSAGE Executing scheduled update: Hourly | Silent2013/07/17 19:30:24 -0400 FAMILY (null) MESSAGE Starting database refresh2013/07/17 19:30:24 -0400 FAMILY (null) MESSAGE Stopping IP protection2013/07/17 19:30:24 -0400 FAMILY (null) MESSAGE Scheduled update executed successfully: database updated from version v2013.07.17.07 to version v2013.07.17.082013/07/17 19:30:25 -0400 FAMILY (null) MESSAGE IP Protection stopped successfully2013/07/17 19:30:42 -0400 FAMILY Jun MESSAGE Database refreshed successfully2013/07/17 19:30:42 -0400 FAMILY Jun MESSAGE Starting IP protection2013/07/17 19:31:50 -0400 FAMILY Jun MESSAGE IP Protection started successfully2013/07/17 20:15:57 -0400 FAMILY Jun MESSAGE Executing scheduled update: Hourly | Silent2013/07/17 20:17:24 -0400 FAMILY Jun MESSAGE Scheduled update executed successfully: database updated from version v2013.07.17.08 to version v2013.07.17.092013/07/17 20:17:24 -0400 FAMILY Jun MESSAGE Starting database refresh2013/07/17 20:17:24 -0400 FAMILY Jun MESSAGE Stopping IP protection2013/07/17 20:17:25 -0400 FAMILY Jun MESSAGE IP Protection stopped successfully2013/07/17 20:17:37 -0400 FAMILY Jun MESSAGE Database refreshed successfully2013/07/17 20:17:37 -0400 FAMILY Jun MESSAGE Starting IP protection2013/07/17 20:17:53 -0400 FAMILY Jun MESSAGE IP Protection started successfully2013/07/17 22:16:27 -0400 FAMILY Jun MESSAGE Executing scheduled update: Hourly | Silent2013/07/17 22:16:32 -0400 FAMILY Jun MESSAGE Database already up-to-date attach.txt CheckResults.txt dds.txt

I've gotten Malwarebytes PRO and Comodo CIS around the same time. CIS 5 never had problems with MBAM, but after their 6.0 update, MBAM caused delayed execution of CIS and many other problems with the software. I reinstalled CIS many times, but the problem persists. I also had problems logging in or displaying the desktop. After I disabled MBAM Update, many of those problems were resolved. After I disabled MBAM, everything seems a lot better now. No more delayed start/logon problems.

Malwarebytes Antimalware constantly takes up about 40% CPU, causing my computer to respond very very slowly. It's becoming an issue because it's interfering with my computer running. How do I stop this?