Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"Drive operating normally but running out of space"


  • This topic is locked This topic is locked
24 replies to this topic

#1 GabrielP

GabrielP

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Apalachicola Fl.
  • Local time:05:52 PM

Posted 01 December 2014 - 02:07 AM

Message appears 2-3 times a day yet all indications are that there is ample space,ran combo,ranDDS.Hope I have done all this right will check back in after work in the morning and thanks to all the responders...DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 11.0.9600.17420  BrowserJavaVersion: 10.71.2
Run by Gabriel at 1:45:39 on 2014-12-01
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8074.5091 [GMT -5:00]
.
AV: Bitdefender Antivirus Free Edition *Enabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Bitdefender Antivirus Free Edition *Enabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\AlienRespawn\sftservice.EXE
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Alienware\Command Center\AlienFusionService.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\igfxEM.exe
C:\Windows\system32\igfxHK.exe
C:\Windows\system32\igfxTray.exe
C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe
C:\SkinPack\AlienwareDock\AlienwareDock.exe
C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Alienware\Command Center\AlienFusionController.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Advanced System Optimizer 3\SystemProtector.exe
C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\AlienRespawn\TOASTER.EXE
C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Gabriel\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\program files (x86)\opera\26.0.1656.24\opera.exe
C:\program files (x86)\opera\26.0.1656.24\opera_crashreporter.exe
C:\program files (x86)\opera\26.0.1656.24\opera.exe
C:\program files (x86)\opera\26.0.1656.24\opera.exe
C:\program files (x86)\opera\26.0.1656.24\opera.exe
C:\program files (x86)\opera\26.0.1656.24\opera.exe
C:\program files (x86)\opera\26.0.1656.24\opera.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [CursorXP] C:\Program Files (x86)\CursorXP\CursorXP.exe
uRun: [HP ENVY 4500 series (NET)] "C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN45H1318H05X4:NW" -scfn "HP ENVY 4500 series (NET)" -AutoStart 1
uRun: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
uRun: [MotoCast] "C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk"
mRun: [AlienwareOn-ScreenDisplay] C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ALIENW~1.LNK - C:\SkinPack\AlienwareDock\AlienwareDock.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Refresh.lnk - C:\Windows\Alienware Skin Pack\Tools\Refresh.cmd
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\YzShadow.lnk - C:\Windows\Alienware Skin Pack\YzShadow\YzShadow.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
LSP: %windir%\system32\vsocklib.dll
Trusted Zone: dell.com
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{3F4645D8-63C7-421A-BA01-02BD2953008F} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{75B24881-A15C-44CE-8BB7-8CCAE866C955} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{75B24881-A15C-44CE-8BB7-8CCAE866C955}\14A74756368602C496D696475646 : DHCPNameServer = 209.18.47.61 209.18.47.62
SSODL: WebCheck - <orphaned>
SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll
x64-mStart Page = about:blank
x64-Run: [Command Center Controllers] "C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe"
x64-IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
x64-SSODL: WebCheck - <orphaned>
x64-STS: CThemeResourceChangerObject Class - {F791A188-699D-4FD4-955A-EB59E89B1907} - C:\SkinPack\ThemeResourceChanger.dll
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2014-11-23 718840]
R0 EMSC;COMPAL Embedded System Control;C:\Windows\System32\drivers\EMSC.sys [2009-6-26 16752]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-9-5 16152]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2013-12-10 32544]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2014-9-25 22128]
R0 vsock;vSockets Driver;C:\Windows\System32\drivers\vsock.sys [2014-9-30 73296]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [2014-11-23 121928]
R1 GUBootStartup;GUBootStartup;C:\Windows\System32\drivers\GUBootStartup.sys [2014-9-25 20160]
R1 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2014-11-23 148696]
R1 nvkflt;nvkflt;C:\Windows\System32\drivers\nvkflt.sys [2013-12-10 300320]
R2 AlienFusionService;Alienware Fusion Service;C:\Program Files\Alienware\Command Center\AlienFusionService.exe [2011-1-13 15296]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-1-9 659968]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-3-27 1014096]
R2 DeviceMonitorService;DeviceMonitorService;C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [2012-9-8 87992]
R2 gzserv;Bitdefender Antivirus Free Edition;C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [2014-11-23 69368]
R2 igfxCUIService1.0.0.0;Intel® HD Graphics Control Panel Service;C:\Windows\System32\igfxCUIService.exe [2014-5-21 314696]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-27 1871160]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-27 968504]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\AlienRespawn\SftService.exe [2014-9-5 1692480]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-11-29 4799760]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-1-9 195584]
R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2014-11-23 593144]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-3-27 1304912]
R3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\System32\drivers\btmaud.sys [2013-7-22 88376]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2012-2-13 95232]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2012-2-13 747008]
R3 cthda;Sound Core3D(CtHda.sys);C:\Windows\System32\drivers\cthda.sys [2012-3-27 1052760]
R3 dcdbas;System Management Driver;C:\Windows\System32\drivers\dcdbas64.sys [2014-9-14 38472]
R3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2012-3-21 60928]
R3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT);C:\Windows\System32\drivers\ICCWDT.sys [2010-8-18 26136]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-11-24 454416]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-9-5 356120]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-9-5 787736]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2014-9-5 108656]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-11-27 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-11-27 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-11-27 63704]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2014-10-2 359128]
R3 ST_ACCEL;STMicroelectronics Accelerometer Service;C:\Windows\System32\drivers\ST_ACCEL.sys [2014-9-12 67184]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 Sentinel64;Sentinel64;C:\Windows\System32\drivers\sentinel64.sys [2014-9-25 145448]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-1-9 195584]
S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2009-1-29 6144]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-9-25 1431888]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-23 114688]
S3 motandroidusb;Mot ADB Interface Driver;C:\Windows\System32\drivers\motoandroid.sys [2009-7-10 31744]
S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2011-4-4 21504]
S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2009-1-29 9216]
S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2010-4-1 26624]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-2-26 273168]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-11 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-11 180736]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-9-25 19456]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]
S3 SIMG WiHD;SIMG WiHD;C:\Program Files (x86)\Silicon Image\WiHD Config\SiBeamSuspendResume.exe [2012-4-9 8192]
S3 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-9-25 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-9-25 30208]
S3 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2014-2-27 906432]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-9-12 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S3 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-2-26 2669840]
S4 ASO3DiskOptimizer;ASO3DiskOptimizer;C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe [2014-11-23 264512]
S4 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-3-27 1104208]
S4 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-1-17 135952]
S4 CtHdaSvc;Sound Core3D Service;C:\Windows\SysWOW64\CtHdaSvc.exe [2012-3-27 122880]
S4 DellDigitalDelivery;Alienware Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2014-4-10 202248]
S4 DraftSight API Service;DraftSight API Service;C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2014-6-14 123392]
S4 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-10 627936]
S4 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2014-9-10 65657]
.
=============== File Associations ===============
.
FileExt: .scr: DWGTrueViewScriptFile=C:\Windows\System32\notepad.exe "%1"
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2014-11-30 19:41:01 -------- d-----w- C:\ProgramData\Oracle
2014-11-30 19:40:54 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-11-30 19:14:58 -------- d-----w- C:\Users\Gabriel\My Backup Files
2014-11-30 19:09:36 -------- d-----w- C:\Users\Gabriel\AppData\Roaming\PCDr
2014-11-30 19:07:14 -------- d-----w- C:\ProgramData\PCDr
2014-11-29 21:19:30 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-11-29 21:14:13 -------- d-----w- C:\ProgramData\Systweak
2014-11-29 21:14:08 -------- d-----w- C:\Users\Gabriel\AppData\Roaming\Systweak
2014-11-29 21:13:56 -------- d-sh--w- C:\$RECYCLE.BIN
2014-11-29 20:52:21 98816 ----a-w- C:\Windows\sed.exe
2014-11-29 20:52:21 256000 ----a-w- C:\Windows\PEV.exe
2014-11-29 20:52:21 208896 ----a-w- C:\Windows\MBR.exe
2014-11-29 20:52:16 -------- d-----w- C:\ComboFix
2014-11-29 20:35:51 290304 ----a-w- C:\Windows\SysWow64\subinacl.exe
2014-11-29 20:35:49 -------- d-----w- C:\Program Files\Common Files\Microsoft
2014-11-29 20:35:49 -------- d-----w- C:\Program Files\Adware-Removal-Tool
2014-11-29 16:33:49 5341024 ----a-r- C:\Program Files (x86)\TeamViewer_Service.exe
2014-11-29 16:33:49 4671328 ----a-r- C:\Program Files (x86)\TeamViewer_Desktop.exe
2014-11-29 16:33:49 13542240 ----a-r- C:\Program Files (x86)\TeamViewer.exe
2014-11-28 03:22:09 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-11-28 03:21:57 96472 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-28 03:21:57 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-11-28 03:21:57 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-28 02:48:33 -------- d-----w- C:\Users\Gabriel\AppData\Roaming\Malwarebytes
2014-11-28 02:48:16 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-11-27 23:30:30 -------- dc-h--w- C:\ProgramData\{1C533CDB-BAC7-4600-B3DE-0B628D9AC643}
2014-11-27 20:38:17 -------- d-----w- C:\Program Files (x86)\7tsp
2014-11-27 18:00:26 -------- d-----w- C:\Users\Gabriel\AppData\Local\SoftThinks
2014-11-27 16:18:17 -------- d-----w- C:\ProgramData\Stardock
2014-11-26 19:56:26 48128 ----a-w- C:\Windows\System32\wbload.dll
2014-11-26 19:56:23 -------- d-----w- C:\Program Files (x86)\Stardock
2014-11-25 16:08:51 -------- d-----w- C:\SkinPack
2014-11-24 15:04:27 1668 ----a-w- C:\Windows\System32\ASOROSet.bin
2014-11-24 14:57:41 -------- d-----w- C:\Users\Gabriel\Intel
2014-11-24 14:49:28 454416 ----a-w- C:\Windows\System32\drivers\IntcDAud.sys
2014-11-24 14:44:33 9890008 ----a-w- C:\Windows\SysWow64\RsCRIcon.dll
2014-11-24 14:44:33 -------- d-----w- C:\Program Files (x86)\Realtek
2014-11-24 14:42:48 -------- d-----w- C:\temp
2014-11-24 04:04:25 -------- d-----w- C:\Program Files\Theme Resource Changer
2014-11-23 16:51:53 718840 ----a-w- C:\Windows\System32\drivers\avc3.sys
2014-11-23 16:51:53 593144 ----a-w- C:\Windows\System32\drivers\avckf.sys
2014-11-23 16:48:06 -------- d-----w- C:\Program Files\Bitdefender
2014-11-23 16:47:52 382536 ----a-w- C:\Windows\System32\drivers\trufos.sys
2014-11-23 16:47:52 148696 ----a-w- C:\Windows\System32\drivers\gzflt.sys
2014-11-23 16:28:52 19776 ----a-w- C:\Windows\System32\roboot64.exe
2014-11-23 16:28:49 -------- d-----w- C:\Program Files (x86)\Advanced System Optimizer 3
2014-11-23 16:01:28 -------- d-----w- C:\Program Files (x86)\Scan2CADv8
2014-11-23 16:00:56 -------- d-----w- C:\Windows\Scan2CAD v8
2014-11-23 07:43:51 -------- d-----w- C:\Users\Gabriel\AppData\Roaming\MotoCast
2014-11-23 05:23:27 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-11-23 05:17:41 -------- d-----w- C:\ProgramData\bdch
2014-11-23 05:14:21 -------- d-----w- C:\Program Files\Alienware
2014-11-23 05:11:43 -------- d-----w- C:\Users\Gabriel\.gstreamer-0.10
2014-11-23 05:11:37 -------- d-----w- C:\Users\Gabriel\AppData\Local\Motorola
2014-11-23 05:11:31 -------- d-----w- C:\ProgramData\Nero
2014-11-23 05:11:31 -------- d-----w- C:\Program Files (x86)\Motorola Media Link
2014-11-23 05:09:07 -------- d-----w- C:\Program Files (x86)\Oracle
.
==================== Find3M  ====================
.
2014-11-28 00:56:09 43249664 ----a-w- C:\Windows\System32\imageres.dll
2014-11-28 00:09:05 43231744 ----a-w- C:\Windows\SysWow64\imageres.dll
2014-11-28 00:09:05 2226688 ----a-w- C:\Windows\SysWow64\authui.dll
2014-11-28 00:09:04 2362368 ----a-w- C:\Windows\System32\authui.dll
2014-11-26 15:50:33 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-26 15:50:33 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-11-24 01:56:02 332288 ----a-w- C:\Windows\System32\uxtheme.dll
2014-11-24 01:55:59 2851840 ----a-w- C:\Windows\System32\themeui.dll
2014-11-24 01:55:56 44544 ----a-w- C:\Windows\System32\themeservice.dll
2014-11-11 03:08:52 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-11 03:08:48 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-11 02:44:32 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-11 02:44:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-06 04:04:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-06 04:03:50 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-06 03:47:03 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-06 03:46:12 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-06 03:46:12 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-06 03:44:28 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-06 03:30:22 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-11-06 03:30:08 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-06 03:29:18 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-06 03:28:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-06 03:23:57 6040064 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-06 03:20:18 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-06 03:13:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-06 03:13:36 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-06 03:12:44 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-06 03:10:58 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-06 03:07:29 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-06 02:59:36 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-11-06 02:58:38 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-06 02:42:36 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-06 02:39:39 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-06 02:38:25 2124288 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-06 02:21:49 4298240 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-06 02:21:25 2051072 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-06 02:20:37 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-06 02:17:24 2365440 ----a-w- C:\Windows\System32\wininet.dll
2014-11-06 01:52:35 1892864 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-05 17:56:54 304640 ----a-w- C:\Windows\System32\generaltel.dll
2014-11-05 17:56:36 228864 ----a-w- C:\Windows\System32\aepdu.dll
2014-11-05 17:52:22 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-16 18:29:21 20160 ----a-w- C:\Windows\System32\drivers\GUBootStartup.sys
2014-10-15 02:33:15 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-10-03 00:07:13 74703 ----a-w- C:\Windows\SysWow64\mfc45.dat
2014-10-01 04:44:32 483840 ----a-w- C:\Windows\SysWow64\SWFLASH6.OCX
2014-09-30 04:35:25 925184 ----a-w- C:\Windows\expstart.exe
2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-24 01:14:01 376832 ----a-w- C:\Windows\SysWow64\MPIWIN32.DLL
2014-09-19 09:42:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-09-19 09:42:51 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-09-19 09:42:49 342016 ----a-w- C:\Windows\System32\schannel.dll
2014-09-19 09:42:47 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-09-19 09:42:47 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2014-09-19 09:42:41 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-09-19 09:23:55 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-09-19 09:23:52 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-09-19 09:23:49 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-09-19 09:23:46 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-09-19 09:23:45 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-09-19 09:23:36 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-09-14 20:51:48 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-09-11 05:10:21 451 ----a-w- C:\Windows\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-09-09 22:11:04 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-09 21:47:10 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-09-05 02:11:09 6584320 ----a-w- C:\Windows\System32\mstscax.dll
2014-09-05 01:52:41 5703168 ----a-w- C:\Windows\SysWow64\mstscax.dll
2014-09-04 05:23:20 424448 ----a-w- C:\Windows\System32\rastls.dll
2014-09-04 05:04:15 372736 ----a-w- C:\Windows\SysWow64\rastls.dll
.
============= FINISH:  1:45:56.15 ===============
 


BC AdBot (Login to Remove)

 


m

#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:52 PM

Posted 06 December 2014 - 02:10 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/558209 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,580 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:52 PM

Posted 16 December 2014 - 12:10 PM

Greetings GabrielP and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please run the below for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop <<< Important
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 GabrielP

GabrielP
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Apalachicola Fl.
  • Local time:05:52 PM

Posted 17 December 2014 - 10:54 AM

Hi Gary, I am Gabriel. I am getting an application error when I try to run FRST. (Exeption EAccess violation in module ERUNT.EXE @00003A62.  Access violation @address0403a62 in module ERUNT.exe. Read of address 0069005c) I am attaching summary zip! Thanks for your patience with me and you help I am usually very good at taking care of my system(s) I however cannot isolate my current situation. ALL of your help is greatly received!Attached File  Summary.zip   67.91KB   1 downloads



#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,580 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:52 PM

Posted 17 December 2014 - 11:02 AM

Hi Gabriel,

 

Attempt to complete the FRST scan despite the error.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 GabrielP

GabrielP
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Apalachicola Fl.
  • Local time:05:52 PM

Posted 18 December 2014 - 07:46 AM

Gary despite my efforts I still cannot get the application to FRST run... tried older version as well

 



#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,580 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:52 PM

Posted 18 December 2014 - 10:06 AM

This error happens on occasion but typically the program will run in spite of the error. Can you tell me what happens after you try to continue to run FRST?

We are going to attempt a workaround. Please do this.

===================================================

Farbar's Recovery Scan Tool in Recovery Environment

--------------------

For this step you will need a USB flash drive and start on a clean computer.
  • Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
===================================================

Entering into the System Recovery Options

Option #1

To enter System Recovery Options in Windows 8:Option #2

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
Option #3

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next
===================================================

Running Farbar's Recovery Scan Tool in System Recovery
  • Once you are in the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • In the command window type in Notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select Computer and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter Note: Replace letter e with the drive letter of your flash drive.[/b]
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 GabrielP

GabrielP
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Apalachicola Fl.
  • Local time:05:52 PM

Posted 19 December 2014 - 08:40 AM

Gary, I managed FRST in safe mode but It will not let me copy and paste in reply...



#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,580 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:52 PM

Posted 19 December 2014 - 10:09 AM

Can you attach the files to your reply?


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#10 GabrielP

GabrielP
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Apalachicola Fl.
  • Local time:05:52 PM

Posted 19 December 2014 - 10:13 AM

Okay was not sure of the procedure.Attached File  FRST.txt   69.01KB   1 downloads 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
Ran by Gabriel (administrator) on GABRIEL-ALIEN on 19-12-2014 08:24:00
Running from C:\Users\Gabriel\Desktop
Loaded Profile: Gabriel (Available profiles: Gabriel & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\userinit.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13256 2011-01-13] (Microsoft)
HKLM-x32\...\Run: [AlienwareOn-ScreenDisplay] => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe [1546096 2011-11-03] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKU\S-1-5-21-3096153285-3196402840-3417424134-1000\...\Run: [CursorXP] => C:\Program Files (x86)\CursorXP\CursorXP.exe [140288 2005-01-19] ( )
HKU\S-1-5-21-3096153285-3196402840-3417424134-1000\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett-Packard Co.)
HKU\S-1-5-21-3096153285-3196402840-3417424134-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-10-13] (Glarysoft Ltd)
HKU\S-1-5-21-3096153285-3196402840-3417424134-1000\...\Run: [MotoCast] => C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk [2057 2014-11-23] ()
HKU\S-1-5-21-3096153285-3196402840-3417424134-1000\...\RunOnce: [Adobe Speed Launcher] => 1418910324
HKU\S-1-5-21-3096153285-3196402840-3417424134-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe [855216 2014-12-10] (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AlienwareDock.lnk
ShortcutTarget: AlienwareDock.lnk -> C:\SkinPack\AlienwareDock\AlienwareDock.exe (Stardock)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Refresh.lnk
ShortcutTarget: Refresh.lnk -> C:\Windows\Alienware Skin Pack\Tools\Refresh.cmd (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\YzShadow.lnk
ShortcutTarget: YzShadow.lnk -> C:\Windows\Alienware Skin Pack\YzShadow\YzShadow.exe (No File)
SSODL-x32: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
BootExecute: autocheck autochk * 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3096153285-3196402840-3417424134-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3096153285-3196402840-3417424134-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9aer3qq5.default
FF Homepage: about:home|about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 ASO3DiskOptimizer; C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe [264512 2014-10-08] (Systweak Software, (www.systweak.com))
S2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [124928 2014-10-21] (Creative Technology Ltd)
S4 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2014-06-14] (Dassault Systèmes) [File not signed]
S2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
S4 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
S3 SIMG WiHD; C:\Program Files (x86)\Silicon Image\WiHD Config\SiBeamSuspendResume.exe [8192 2012-04-09] () [File not signed]
S2 Themes; C:\Windows\system32\themeservice.dll [44544 2014-11-23] (Microsoft Corporation) [File not signed]
S3 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2012-11-02] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
S1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [88376 2013-07-22] (Motorola Solutions, Inc.)
S3 cthda; C:\Windows\System32\drivers\cthda.sys [1066752 2014-10-21] (Creative Technology Ltd)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [38472 2011-02-02] (Dell Inc.)
S1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2014-10-16] (Glarysoft Ltd)
S1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-19] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
S2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
S3 NSNDIS5; C:\Windows\SysWOW64\NSNDIS5.SYS [17280 2004-03-23] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-12-10] (NVIDIA Corporation)
S2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [67184 2012-01-03] (STMicroelectronics)
S0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2099-09-11 07:31 - 27957-09-11 07:31 - 00003120 _____ () C:\Windows\SysWOW64\ALLFSAF14a.ocx
2014-12-19 08:24 - 2014-12-19 08:24 - 00011503 _____ () C:\Users\Gabriel\Desktop\FRST.txt
2014-12-18 21:23 - 2014-12-18 21:23 - 00368821 _____ () C:\Users\Gabriel\Documents\fsu 6x4.6.txt
2014-12-18 20:46 - 2014-12-18 20:46 - 00362863 _____ () C:\Users\Gabriel\Documents\fsu5.8x4.5.txt
2014-12-18 20:32 - 2014-12-18 20:32 - 00415001 _____ () C:\Users\Gabriel\Documents\fsu4.5x3.5.txt
2014-12-18 16:49 - 2014-12-18 16:49 - 00295232 _____ () C:\Users\Gabriel\Documents\shrimp3 12x8.txt
2014-12-18 16:39 - 2014-12-18 16:39 - 00098559 _____ () C:\Users\Gabriel\Documents\shrimp basket3
2014-12-18 16:36 - 2014-12-18 16:35 - 00000468 _____ () C:\Users\Gabriel\Documents\shrimp2.jpg.lnk
2014-12-18 11:05 - 2014-12-18 11:05 - 00099407 _____ () C:\Users\Gabriel\Documents\SHRIMP 12X8 V.txt
2014-12-18 10:00 - 2014-12-18 10:26 - 00089505 _____ () C:\Users\Gabriel\Documents\SHRIMP BASKET2
2014-12-18 08:37 - 2014-12-18 08:41 - 00224733 _____ () C:\Users\Gabriel\Documents\SHRIMP BASKET 9.75X6.5.txt
2014-12-18 08:13 - 2014-12-18 08:19 - 00094740 _____ () C:\Users\Gabriel\Documents\SHRIMP BASKET
2014-12-18 08:03 - 2014-12-18 08:01 - 00024392 _____ () C:\Users\Gabriel\Documents\SHRIMP_vectorized.png.lnk
2014-12-17 19:56 - 2014-12-13 00:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 19:56 - 2014-12-12 22:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-17 19:13 - 2014-12-17 19:11 - 00000468 _____ () C:\Users\Gabriel\Documents\indian.jpeg.lnk
2014-12-17 19:05 - 2014-12-17 19:03 - 00000444 _____ () C:\Users\Gabriel\Documents\owl.jpg.lnk
2014-12-17 18:49 - 2014-12-17 18:49 - 00432750 _____ () C:\Users\Gabriel\Documents\eagle in flight_vectorized.bmp
2014-12-17 14:07 - 2014-12-17 15:10 - 00000000 ____D () C:\Users\Gabriel\Downloads\Windows 7 x32 x64 + Windows Vista x32 x64 Recovery Discs (4in1)
2014-12-17 13:22 - 2014-12-17 13:38 - 00000000 ____D () C:\Users\Gabriel\Downloads\USB Vista Emergency Repair Disk
2014-12-17 10:54 - 2014-12-17 10:59 - 00000000 ____D () C:\Users\Gabriel\Desktop\FRST-OlderVersion
2014-12-17 10:37 - 2014-12-17 10:37 - 00069544 _____ () C:\Users\Gabriel\Desktop\Summary.zip
2014-12-17 10:29 - 2014-12-19 08:24 - 00000000 ____D () C:\FRST
2014-12-17 10:29 - 2014-12-17 10:54 - 02121216 _____ (Farbar) C:\Users\Gabriel\Desktop\FRST64.exe
2014-12-17 09:44 - 2014-12-17 09:44 - 00371856 _____ () C:\Users\Gabriel\Documents\MEXICO PELICAN 12X8.txt
2014-12-17 09:33 - 2014-12-17 09:33 - 01599718 _____ () C:\Users\Gabriel\Documents\MEXICO BEACH PELICAN_vectorized.bmp
2014-12-17 09:30 - 2014-12-17 09:30 - 00081175 _____ () C:\Users\Gabriel\Documents\MEXICO BEACH PELICAN
2014-12-16 21:06 - 2014-12-16 21:06 - 00119279 _____ () C:\Users\Gabriel\Documents\new mexico 3x3.txt
2014-12-16 21:02 - 2014-12-16 21:02 - 00149686 _____ () C:\Users\Gabriel\Documents\newmexico_vectorized.bmp
2014-12-16 20:16 - 2014-12-16 20:16 - 00122355 _____ () C:\Users\Gabriel\Documents\BRENDA 17W.txt
2014-12-16 19:38 - 2014-12-16 19:38 - 00189101 _____ () C:\Users\Gabriel\Documents\BRENDA 30W.txt
2014-12-16 19:30 - 2014-12-16 19:30 - 01208742 _____ () C:\Users\Gabriel\Documents\BRENDAS KITCHEN_vectorized.bmp
2014-12-16 19:11 - 2014-12-16 19:12 - 01208742 _____ () C:\Users\Gabriel\Documents\BRENDA_vectorized.bmp
2014-12-16 19:07 - 2014-12-16 19:13 - 01224054 _____ () C:\Users\Gabriel\Documents\BRENDA.bmp
2014-12-16 19:05 - 2014-12-16 19:05 - 00041367 _____ () C:\Users\Gabriel\Documents\BRENDAS
2014-12-16 14:19 - 2014-12-16 14:19 - 00311899 _____ () C:\Users\Gabriel\Documents\PORT PELICAN 12WX8H.txt
2014-12-16 13:11 - 2014-12-16 13:11 - 00187831 _____ () C:\Users\Gabriel\Documents\PORT ST.JOE 12W8H.txt
2014-12-16 13:07 - 2014-12-16 13:07 - 01599718 _____ () C:\Users\Gabriel\Documents\PORT ST, JOE_vectorized.bmp
2014-12-16 13:04 - 2014-12-16 13:04 - 00065508 _____ () C:\Users\Gabriel\Documents\PORT ST, JOE
2014-12-16 12:10 - 2014-12-16 12:10 - 00212626 _____ () C:\Users\Gabriel\Documents\Mexico dolphin 12hx8w.txt
2014-12-16 12:08 - 2014-12-16 12:08 - 00212626 _____ () C:\Users\Gabriel\Documents\dolphin 12hx8w.txt
2014-12-16 11:54 - 2014-12-16 11:54 - 00009974 _____ () C:\Users\Gabriel\Documents\mexico scan.tif
2014-12-16 11:48 - 2014-12-16 11:50 - 01599718 _____ () C:\Users\Gabriel\Documents\MEXICO BEACH_vectorized 2.bmp
2014-12-16 11:45 - 2014-12-16 11:45 - 01599718 _____ () C:\Users\Gabriel\Documents\MEXICO BEACH_vectorized.bmp
2014-12-16 11:38 - 2014-12-16 11:38 - 00069846 _____ () C:\Users\Gabriel\Documents\mexico beach 2
2014-12-15 15:35 - 2014-12-15 15:43 - 00000000 ____D () C:\Users\Gabriel\.gimp-2.8
2014-12-15 15:29 - 2014-12-15 15:31 - 00000000 ____D () C:\Users\Gabriel\AppData\Roaming\MAGIX
2014-12-15 15:29 - 2014-12-15 15:31 - 00000000 ____D () C:\ProgramData\MAGIX
2014-12-15 15:29 - 2014-12-15 15:29 - 00000000 ____D () C:\Users\Gabriel\AppData\Local\Xara
2014-12-15 15:29 - 2014-12-15 15:29 - 00000000 ____D () C:\ProgramData\Xara
2014-12-15 15:24 - 2014-12-15 15:24 - 00000000 ____D () C:\Users\Gabriel\AppData\Roaming\WinRAR
2014-12-15 15:23 - 2014-12-18 08:43 - 00000000 ____D () C:\Program Files\WinRAR
2014-12-15 15:20 - 2014-12-15 15:20 - 00000896 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-12-15 15:19 - 2014-12-15 15:20 - 00000000 ____D () C:\Program Files\GIMP 2
2014-12-15 15:18 - 2014-12-15 15:19 - 00000000 ____D () C:\Users\Gabriel\Downloads\WinRAR x64 (64 bit) v5.01 Final + KeyReg [ChattChitto RG]
2014-12-15 15:08 - 2014-12-15 15:14 - 00000000 ____D () C:\Users\Gabriel\Downloads\Xara Designer Pro  X9 v9.2.3.29638 (x86) Incl Crack [TorDigger]
2014-12-15 14:58 - 2014-12-15 14:59 - 00000000 ____D () C:\Users\Gabriel\Downloads\Riffstation Guitar Software v1.4.0.0-RaBBiT [deepstatus][h33t][1337x][flashtorrents]
2014-12-15 14:55 - 2014-12-15 14:55 - 00478264 _____ () C:\Users\Gabriel\Downloads\Xara_Page_.exe
2014-12-15 14:45 - 2014-12-15 14:45 - 00001246 _____ () C:\Users\Gabriel\AppData\Local\recently-used.xbel
2014-12-15 14:01 - 2014-12-15 14:01 - 00385189 _____ () C:\Users\Gabriel\Documents\SEAL 6X5.3.txt
2014-12-15 12:44 - 2014-12-15 12:44 - 00587030 _____ () C:\Users\Gabriel\Documents\port-of-port-st-joe_vectorized.bmp
2014-12-15 11:50 - 2014-12-16 11:36 - 00075142 _____ () C:\Users\Gabriel\Documents\MEXICO BEACH
2014-12-15 11:15 - 2014-12-15 11:30 - 00000000 ____D () C:\Users\Gabriel\AppData\Roaming\SmartDraw
2014-12-15 11:15 - 2014-12-15 11:15 - 00000000 ____D () C:\Users\Gabriel\AppData\System
2014-12-15 11:15 - 2014-12-15 11:15 - 00000000 ____D () C:\Users\Gabriel\AppData\Local\SmartDraw
2014-12-15 11:08 - 2014-12-15 13:51 - 00000000 ____D () C:\SmartDraw CI
2014-12-15 11:08 - 2014-12-15 11:08 - 00506952 _____ () C:\Users\Gabriel\Downloads\smartdraw_XK_ZI86J_A_setup.exe
2014-12-14 17:37 - 2014-12-14 17:37 - 00000000 ____D () C:\Windows\rescache
2014-12-14 16:25 - 2014-12-14 16:25 - 00000000 ____D () C:\Users\Gabriel\AppData\Roaming\NeroDigital™
2014-12-14 16:21 - 2014-12-14 16:36 - 00000000 ____D () C:\Users\Gabriel\AppData\Local\Nero
2014-12-14 16:21 - 2014-12-14 16:21 - 00000000 ____D () C:\Users\Gabriel\AppData\Local\Nero_AG
2014-12-14 16:18 - 2014-12-14 16:18 - 00000000 ____D () C:\Users\Gabriel\AppData\Roaming\Nero
2014-12-14 14:27 - 2014-12-14 14:29 - 00000000 ____D () C:\Users\Gabriel\Downloads\The.Theory.of.Everything.2014.720p.HC.WEBRip.XviD.MP3-RARBG
2014-12-14 14:26 - 2014-12-14 14:26 - 00016976 _____ () C:\Users\Gabriel\Downloads\The.Theory.of.Everything.2014.720p.HC.WEBRip.XviD.MP3-RARBG.torrent
2014-12-14 14:21 - 2014-12-14 14:21 - 00000000 ____D () C:\Users\Public\Creative
2014-12-14 14:20 - 2014-12-14 14:20 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-14 13:46 - 2014-10-17 21:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-14 13:46 - 2014-10-17 20:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-14 13:46 - 2014-07-06 21:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-14 13:46 - 2014-07-06 21:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-14 13:46 - 2014-07-06 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-14 13:46 - 2014-07-06 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-14 13:46 - 2014-07-06 20:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-14 13:46 - 2014-07-06 20:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-14 13:46 - 2014-07-06 20:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-14 13:46 - 2014-07-06 20:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-13 04:51 - 2014-12-13 04:51 - 00335887 _____ () C:\Users\Gabriel\Documents\apalach paradise w15.4xh3.875.txt
2014-12-13 04:45 - 2014-12-13 04:45 - 00475266 _____ () C:\Users\Gabriel\Documents\apalchicola paradise_vectorized.bmp
2014-12-13 04:44 - 2014-12-13 04:44 - 00480054 _____ () C:\Users\Gabriel\Documents\apalchicola paradise.bmp
2014-12-13 04:14 - 2014-12-13 04:14 - 00442983 _____ () C:\Users\Gabriel\Documents\seal 9x9.txt
2014-12-13 03:32 - 2014-12-13 03:32 - 00231670 _____ () C:\Users\Gabriel\Downloads\mermaid art_vectorized.bmp
2014-12-12 21:46 - 2014-12-12 21:46 - 00433495 _____ () C:\Users\Gabriel\Documents\GATORS 9.5X9.5.txt
2014-12-12 20:44 - 2014-12-12 20:44 - 00527378 _____ () C:\Users\Gabriel\Documents\GATOR 10X10.txt
2014-12-12 13:55 - 2014-12-12 13:56 - 00000000 ____D () C:\Users\Gabriel\Downloads\Johnny Cash 16 Greatest Hits 320k
2014-12-12 13:55 - 2014-12-12 13:55 - 00021811 _____ () C:\Users\Gabriel\Downloads\Johnny+Cash+16+Greatest+Hits+320k.torrent
2014-12-12 13:20 - 2014-12-12 13:20 - 00038912 _____ () C:\Users\Gabriel\Downloads\workorder.xls
2014-12-12 13:17 - 2014-12-12 13:17 - 00046893 _____ () C:\Users\Gabriel\Downloads\TS103463097.dotx
2014-12-11 15:35 - 2014-12-11 15:35 - 00403892 _____ () C:\Users\Gabriel\Documents\gators 6x6.txt
2014-12-10 22:32 - 2014-12-10 22:34 - 00000000 ____D () C:\Users\Gabriel\Downloads\Prometheus (2012)
2014-12-10 15:34 - 2014-12-10 15:34 - 00663383 _____ () C:\Users\Gabriel\Documents\lightouse 13x5.txt
2014-12-10 15:34 - 2014-12-10 15:34 - 00663383 _____ () C:\Users\Gabriel\Documents\lighthouse13x5.txt
2014-12-10 15:19 - 2014-12-10 15:19 - 00798555 _____ () C:\Users\Gabriel\Documents\lighthouse16hx6w.txt
2014-12-10 14:29 - 2014-12-10 14:29 - 00001037 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
2014-12-10 14:26 - 2014-12-10 14:29 - 00000000 ____D () C:\Program Files (x86)\Inkscape
2014-12-10 14:23 - 2014-12-10 14:25 - 34573304 _____ (inkscape.org) C:\Users\Gabriel\Downloads\Inkscape-0.48.5-1-win32.exe
2014-12-10 00:59 - 2014-12-03 21:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 00:59 - 2014-12-03 21:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 00:59 - 2014-12-03 21:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 00:59 - 2014-12-03 21:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 00:59 - 2014-12-03 21:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 00:59 - 2014-12-03 21:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 00:59 - 2014-12-03 21:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 00:59 - 2014-12-01 18:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 00:58 - 2014-11-26 20:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 00:58 - 2014-11-26 20:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 00:58 - 2014-11-21 22:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 00:58 - 2014-11-21 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 00:58 - 2014-11-21 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 00:58 - 2014-11-21 21:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 00:58 - 2014-11-21 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 00:58 - 2014-11-21 21:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 00:58 - 2014-11-21 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 00:58 - 2014-11-21 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 00:58 - 2014-11-21 21:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 00:58 - 2014-11-21 21:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 00:58 - 2014-11-21 21:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 00:58 - 2014-11-21 21:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 00:58 - 2014-11-21 21:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 00:58 - 2014-11-21 21:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 00:58 - 2014-11-21 21:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 00:58 - 2014-11-21 21:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 00:58 - 2014-11-21 21:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 00:58 - 2014-11-21 21:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 00:58 - 2014-11-21 21:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 00:58 - 2014-11-21 21:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 00:58 - 2014-11-21 21:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 00:58 - 2014-11-21 21:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 00:58 - 2014-11-21 21:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 00:58 - 2014-11-21 21:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 00:58 - 2014-11-21 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 00:58 - 2014-11-21 21:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 00:58 - 2014-11-21 21:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 00:58 - 2014-11-21 20:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 00:58 - 2014-11-21 20:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 00:58 - 2014-11-21 20:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 00:58 - 2014-11-21 20:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 00:58 - 2014-11-21 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 00:58 - 2014-11-21 20:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 00:58 - 2014-11-21 20:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 00:58 - 2014-11-21 20:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 00:58 - 2014-11-21 20:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 00:58 - 2014-11-21 20:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 00:58 - 2014-11-21 20:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 00:58 - 2014-11-21 20:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 00:58 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 00:58 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 00:58 - 2014-11-21 20:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 00:58 - 2014-11-21 20:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 00:58 - 2014-11-21 20:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 00:58 - 2014-11-21 20:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 00:58 - 2014-11-21 20:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 00:58 - 2014-11-21 20:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 00:58 - 2014-11-21 20:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 00:58 - 2014-11-21 20:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 00:58 - 2014-11-21 20:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 00:58 - 2014-11-21 19:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 00:58 - 2014-11-21 19:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 00:58 - 2014-11-10 22:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 00:58 - 2014-11-10 21:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 00:58 - 2014-11-10 20:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 00:53 - 2014-11-07 22:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 00:53 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 00:53 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 00:53 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 00:53 - 2014-10-02 21:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 00:53 - 2014-10-02 21:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 00:53 - 2014-10-02 21:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 00:53 - 2014-10-02 21:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 00:53 - 2014-10-02 21:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 00:53 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 00:53 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 00:53 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 00:53 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 00:53 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 19:28 - 2014-12-09 19:28 - 00267062 _____ () C:\Users\Gabriel\Documents\Gators paint_vectorized.bmp
2014-12-09 17:27 - 2014-12-09 17:27 - 00417268 _____ () C:\Users\Gabriel\Documents\transformer14.5wx9.5h.txt
2014-12-09 17:21 - 2014-12-09 17:23 - 01599718 _____ () C:\Users\Gabriel\Documents\2transformer poster_vectorized wb.bmp
2014-12-09 17:06 - 2014-12-09 17:16 - 00085014 _____ () C:\Users\Gabriel\Documents\transformer poster
2014-12-09 16:04 - 2014-12-12 15:48 - 00000000 ____D () C:\Users\Gabriel\AppData\Roaming\TurboMeeting
2014-12-09 15:43 - 2014-12-09 15:43 - 01209726 _____ () C:\Users\Gabriel\Documents\Apalachicola seal_vectorized.bmp
2014-12-09 14:56 - 2014-12-09 14:56 - 00121510 _____ () C:\Users\Gabriel\Documents\alex law law firm7.75x5h.txt
2014-12-09 14:52 - 2014-12-09 14:52 - 01599718 _____ () C:\Users\Gabriel\Documents\alex law firm_vectorized.bmp
2014-12-09 14:50 - 2014-12-09 14:50 - 00049950 _____ () C:\Users\Gabriel\Documents\alex law firm
2014-12-09 12:40 - 2014-12-09 12:40 - 00422641 _____ () C:\Users\Gabriel\Documents\Apalach fish para 16wx4h.txt
2014-12-09 12:35 - 2014-12-09 12:39 - 00475266 _____ () C:\Users\Gabriel\Documents\paradise crop2_vectorized.bmp
2014-12-09 12:29 - 2014-12-09 12:29 - 00421753 _____ () C:\Users\Gabriel\Downloads\paradise crop.dxf
2014-12-08 11:52 - 2014-12-08 11:52 - 00619273 _____ () C:\Users\Gabriel\Documents\the truth1 18wx12h.txt
2014-12-08 11:38 - 2014-12-08 11:38 - 00165713 _____ () C:\Users\Gabriel\Documents\the truth no image
2014-12-08 10:50 - 2014-12-08 11:48 - 01599718 _____ () C:\Users\Gabriel\Documents\the truth 2_vectorized.bmp
2014-12-07 20:40 - 2014-12-07 20:54 - 00000000 ____D () C:\Users\Gabriel\Downloads\Gravity (2013)
2014-12-07 14:37 - 2014-12-08 11:43 - 00194250 _____ () C:\Users\Gabriel\Documents\the truth 2
2014-12-07 12:37 - 2014-12-07 14:05 - 00153553 _____ () C:\Users\Gabriel\Documents\st.george11wx7.3h.txt
2014-12-07 11:13 - 2014-12-07 13:29 - 00082284 _____ () C:\Users\Gabriel\Documents\st. george poster
2014-12-07 11:08 - 2014-12-07 11:08 - 01565142 _____ () C:\Users\Gabriel\Documents\dolphins2_vectorized no background.bmp
2014-12-07 10:29 - 2014-12-12 15:42 - 00000501 _____ () C:\Users\Gabriel\Documents\shrimp.jpg.lnk
2014-12-05 20:58 - 2014-12-05 21:01 - 00000000 ____D () C:\Users\Gabriel\Downloads\The Judge (2014) 720p HC WEB-DL AC-3 x264 - LOKI
2014-12-05 20:01 - 2014-12-05 21:00 - 00000000 ____D () C:\Users\Gabriel\Downloads\District 9 (2009) DVDRip XviD-MAXSPEED
2014-12-05 17:40 - 2014-12-05 17:40 - 01709208 _____ () C:\Users\Gabriel\Downloads\tyrannosaurus-rex-puzzle-3d.snapshot.3 (1).zip
2014-12-05 16:46 - 2014-12-05 16:47 - 01709208 _____ () C:\Users\Gabriel\Downloads\tyrannosaurus-rex-puzzle-3d.snapshot.3.zip
2014-12-05 15:35 - 2014-12-05 15:34 - 00000554 _____ () C:\Users\Gabriel\Documents\mermaid art.jpg.lnk
2014-12-04 21:17 - 2014-12-04 21:23 - 00000000 ____D () C:\Users\Gabriel\Downloads\The Purge Anarchy (2014)
2014-12-04 19:35 - 2014-12-04 19:36 - 00000000 ____D () C:\Users\Gabriel\Downloads\The Congress (2013)
2014-12-04 19:34 - 2014-12-04 19:34 - 00009488 _____ () C:\Users\Gabriel\Downloads\The+Congress+%282013%29+A-Gazi.torrent
2014-12-04 11:57 - 2014-12-04 11:57 - 00438054 _____ () C:\Users\Gabriel\Documents\eagle in flight.bmp
2014-12-03 19:10 - 2014-12-03 19:40 - 00000000 ____D () C:\Users\Gabriel\Downloads\Guardians of the Galaxy (2014)
2014-12-03 13:03 - 2014-12-03 13:03 - 00518454 _____ () C:\Users\Gabriel\Downloads\harley davidson motor skull_vectorized.bmp
2014-12-03 12:23 - 2014-12-03 12:23 - 00368254 _____ () C:\Users\Gabriel\Downloads\19119-harley-davidson-motorcycles-skull_vectorized.bmp
2014-12-03 12:19 - 2014-12-03 12:18 - 00004486 _____ () C:\Users\Gabriel\Documents\harley eagle
2014-12-03 12:18 - 2014-12-03 12:18 - 00004486 _____ () C:\Users\Gabriel\Downloads\harley eagle
2014-12-03 10:52 - 2014-12-09 12:06 - 00475266 _____ () C:\Users\Gabriel\Downloads\paradise crop_vectorized.bmp
2014-12-02 22:53 - 2014-12-02 23:31 - 00000000 ____D () C:\Users\Gabriel\Downloads\Avatar Extended Collectors Edition (2009)
2014-12-02 14:53 - 2014-12-02 14:53 - 00517535 ____N () C:\Users\Gabriel\Documents\HARLEY 11HX8.6W.txt
2014-12-02 14:52 - 2014-12-02 14:50 - 00355074 _____ () C:\Users\Gabriel\Documents\HarleyDavidson_logo_vectorized.bmp
2014-12-02 14:50 - 2014-12-02 14:50 - 00355074 _____ () C:\Users\Gabriel\Downloads\HarleyDavidson_logo_vectorized.bmp
2014-12-01 20:41 - 2014-12-01 21:10 - 735993856 _____ () C:\Users\Gabriel\Downloads\Serenity[2005][Aka.Firefly]DvDrip[Eng]-aXXo.avi
2014-12-01 01:45 - 2014-12-01 01:45 - 00026708 _____ () C:\Users\Gabriel\Desktop\dds.txt
2014-12-01 01:45 - 2014-12-01 01:45 - 00005847 _____ () C:\Users\Gabriel\Desktop\attach.txt
2014-12-01 01:44 - 2014-12-01 01:44 - 00688992 ____R (Swearware) C:\Users\Gabriel\Downloads\dds.com
2014-11-30 22:09 - 2014-11-30 22:09 - 00000000 ____D () C:\Users\Gabriel\Downloads\Sunshine[2007]DvDrip[Eng]-aXXo
2014-11-30 14:41 - 2014-11-30 14:41 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-30 14:40 - 2014-11-30 14:40 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-30 14:40 - 2014-11-30 14:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-11-30 14:40 - 2014-11-30 14:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-11-30 14:40 - 2014-11-30 14:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-30 14:40 - 2014-11-30 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-30 14:40 - 2014-11-30 14:40 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-30 14:14 - 2014-11-30 14:14 - 00000000 ____D () C:\Users\Gabriel\My Backup Files
2014-11-30 14:09 - 2014-11-30 14:10 - 00000000 ____D () C:\Users\Gabriel\AppData\Roaming\PCDr
2014-11-30 14:07 - 2014-12-01 01:51 - 00000000 ____D () C:\ProgramData\PCDr
2014-11-29 20:10 - 2014-11-29 20:10 - 00000000 ____D () C:\Users\Gabriel\Downloads\The Man From Earth[2007]DvDrip AC3[Eng]-FXG
2014-11-29 16:19 - 2014-11-29 18:32 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-11-29 16:16 - 2014-11-29 18:32 - 00000000 ____D () C:\Users\Gabriel\Desktop\mbar
2014-11-29 16:15 - 2014-11-29 16:16 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Gabriel\Downloads\mbar-1.08.2.1001.exe
2014-11-29 16:14 - 2014-12-19 08:10 - 00000000 ____D () C:\Users\Gabriel\AppData\Roaming\Systweak
2014-11-29 16:14 - 2014-12-19 08:10 - 00000000 ____D () C:\ProgramData\Systweak
2014-11-29 16:14 - 2014-12-15 15:57 - 00161168 _____ () C:\Users\Gabriel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-29 15:52 - 2014-11-29 16:08 - 00000000 ____D () C:\ComboFix
2014-11-29 15:52 - 2011-06-26 01:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-29 15:52 - 2010-11-07 12:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-29 15:52 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-29 15:52 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-29 15:52 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-29 15:52 - 2000-08-30 19:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-29 15:52 - 2000-08-30 19:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-29 15:52 - 2000-08-30 19:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-29 15:51 - 2014-11-29 16:01 - 00000000 ____D () C:\Qoobox
2014-11-29 15:49 - 2014-11-29 15:50 - 05599228 ____R (Swearware) C:\Users\Gabriel\Downloads\ComboFix.exe
2014-11-29 15:47 - 2014-11-29 15:47 - 00001749 _____ () C:\Users\Gabriel\Desktop\JRT.txt
2014-11-29 15:43 - 2014-11-29 15:43 - 01707646 _____ (Thisisu) C:\Users\Gabriel\Downloads\JRT.exe
2014-11-29 15:35 - 2014-11-29 15:41 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2014-11-29 15:35 - 2014-11-29 15:35 - 00753184 _____ () C:\Users\Gabriel\Downloads\Adware-Removal-Tool-v3.9.1.exe
2014-11-29 15:35 - 2014-11-29 15:35 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2014-11-29 15:07 - 2014-11-29 15:36 - 32507072 _____ (Microsoft Corporation) C:\Users\Gabriel\Downloads\Windows-KB890830-x64-V5.18.exe
2014-11-29 12:09 - 2014-11-25 16:36 - 00635494 _____ () C:\Users\Gabriel\Documents\sea turtle2_vectorized.bmp
2014-11-29 12:08 - 2014-11-29 12:05 - 00003763 _____ () C:\Users\Gabriel\Documents\turtle13d(8) - Copy.BMP.lnk
2014-11-29 11:45 - 2014-11-29 11:45 - 00000700 _____ () C:\Users\Gabriel\Documents\Gabriel - Shortcut.lnk
2014-11-29 11:33 - 2014-11-29 11:31 - 13542240 ____R (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer.exe
2014-11-29 11:33 - 2014-11-29 11:31 - 05341024 ____R (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer_Service.exe
2014-11-29 11:33 - 2014-11-29 11:31 - 04671328 ____R (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer_Desktop.exe
2014-11-29 11:32 - 2014-11-29 20:52 - 00001104 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-11-29 11:29 - 2014-11-29 11:30 - 00000000 ____D () C:\Users\Gabriel\Downloads\[Team Viewer Premium 9.0.24482] [Final + Crack]
2014-11-29 00:21 - 2014-11-29 00:21 - 00000000 ____D () C:\Users\Gabriel\Downloads\Space.Station.76.2014.HDRip.XViD-juggs[ETRG]
2014-11-28 13:54 - 2014-11-28 13:54 - 00000105 _____ () C:\Windows\Mach3.INI
2014-11-28 12:23 - 2014-11-28 20:28 - 00000026 _____ () C:\Windows\ESS_v10h2d1a.INI
2014-11-27 22:22 - 2014-12-19 07:09 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-27 22:21 - 2014-12-04 17:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-27 22:21 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-27 22:21 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-27 21:48 - 2014-11-27 22:22 - 00000000 ____D () C:\Users\Gabriel\AppData\Roaming\Malwarebytes
2014-11-27 21:48 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-27 21:46 - 2014-11-27 21:47 - 00000000 ____D () C:\Users\Gabriel\Downloads\Malwarebytes Anti-Malware PRO 1.65.0.1400 - Final - FULL  with Key [h33t][iahq76]
2014-11-27 21:44 - 2014-11-27 22:08 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Gabriel\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-27 20:23 - 2014-11-27 20:23 - 00000000 ____D () C:\Users\Gabriel\Downloads\World War Z (2013)
2014-11-27 19:53 - 2009-09-19 08:16 - 00000000 ____D () C:\Users\Gabriel\Downloads\png
2014-11-27 19:50 - 2011-09-16 10:46 - 00000000 ____D () C:\Users\Gabriel\Downloads\Alienware_Invader_Icon_Pack_by_sharegraphic.com
2014-11-27 19:46 - 2014-11-27 19:47 - 00000000 ____D () C:\Users\Gabriel\Downloads\Reflexion
2014-11-27 19:41 - 2014-11-27 19:41 - 00001067 _____ () C:\Users\Gabriel\Downloads\Alienware_Invader_Icon_Pack (1).rar.lnk
2014-11-27 19:29 - 2014-11-27 19:31 - 08289276 _____ () C:\Users\Gabriel\Downloads\Alienware_Invader_Icon_Pack (1).rar
2014-11-27 19:21 - 2014-11-27 19:39 - 00000000 ____D () C:\Users\Gabriel\Downloads\Alienware Invader theme for windows 7 {H33T}{projectmyskills}
2014-11-27 19:09 - 2014-11-27 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkinPack
2014-11-27 18:30 - 2014-11-27 18:30 - 00000000 __HDC () C:\ProgramData\{1C533CDB-BAC7-4600-B3DE-0B628D9AC643}
2014-11-27 18:30 - 2014-11-27 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2014-11-27 18:29 - 2014-11-27 18:29 - 00000000 ____D () C:\Users\Gabriel\Downloads\Stardock Icon Packager 5.0+crack{fiesta569}
2014-11-27 17:31 - 2014-11-27 17:35 - 24743106 _____ () C:\Users\Gabriel\Downloads\vlc-2.1.5-win32.exe
2014-11-27 17:05 - 2014-11-27 17:05 - 01031560 _____ ( ) C:\Users\Gabriel\Downloads\iconpackager.exe
2014-11-27 17:05 - 2014-11-27 17:05 - 01031560 _____ ( ) C:\Users\Gabriel\Downloads\iconpackager (1).exe
2014-11-27 16:45 - 2014-11-27 16:49 - 27062434 _____ () C:\Users\Gabriel\Downloads\Reflexion.zip
2014-11-27 16:20 - 2014-11-27 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cut3D 1.11
2014-11-27 15:49 - 2014-11-27 16:07 - 26362810 _____ () C:\Users\Gabriel\Downloads\SkinPack_Alienware_3.0.zip
2014-11-27 15:44 - 2014-12-03 19:13 - 00000000 ____D () C:\Users\Gabriel\Downloads\Vector Magic Desktop Edition 1.15
2014-11-27 15:38 - 2014-11-27 15:38 - 00000000 ____D () C:\Program Files (x86)\7tsp
2014-11-27 15:10 - 2014-11-27 15:10 - 00003106 _____ () C:\Windows\System32\Tasks\{3813D564-DF8C-4CB1-B4B3-EF547FE144EC}
2014-11-27 13:54 - 2014-12-15 18:37 - 00045672 _____ () C:\Windows\PFRO.log
2014-11-27 13:02 - 2014-11-27 13:02 - 00028386 _____ () C:\Windows\RPSETUP.EXE.LOG
2014-11-27 13:00 - 2014-12-18 08:45 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-11-27 13:00 - 2014-12-18 08:45 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-11-27 13:00 - 2014-11-30 14:14 - 00000000 ____D () C:\Users\Gabriel\AppData\Local\SoftThinks
2014-11-27 12:47 - 2014-12-18 08:43 - 00001279 _____ () C:\Windows\setupact.log
2014-11-27 12:47 - 2014-11-27 12:47 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-27 12:36 - 2014-12-18 08:45 - 00003108 _____ () C:\Windows\System32\Tasks\ASO-System Protector_startup
2014-11-27 11:18 - 2014-11-27 14:14 - 00000000 ____D () C:\ProgramData\Stardock
2014-11-26 18:27 - 2014-11-26 18:36 - 00000000 ____D () C:\Users\Gabriel\Downloads\Autumn Blood (2013)
2014-11-26 18:05 - 2014-11-26 18:05 - 01754454 _____ () C:\Users\Gabriel\Downloads\thepearl_vectorized.bmp
2014-11-26 14:59 - 2014-11-26 15:35 - 00047541 _____ () C:\Users\Gabriel\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe
2014-11-26 14:56 - 2014-11-27 19:00 - 00000000 ____D () C:\Program Files (x86)\Stardock
2014-11-26 14:56 - 2014-11-26 14:56 - 02359350 _____ () C:\Windows\Invader1024.bmp
2014-11-26 14:56 - 2014-11-26 14:56 - 00000000 ____D () C:\Users\Public\Documents\Stardock
2014-11-26 14:56 - 2008-06-20 13:31 - 00048128 _____ () C:\Windows\system32\wbload.dll
2014-11-26 14:54 - 2014-11-26 14:55 - 00540672 _____ (Chip Digital GmbH) C:\Users\Gabriel\Downloads\openoffice-4-0-1.exe
2014-11-26 09:13 - 2014-11-26 09:13 - 00652374 _____ () C:\Users\Gabriel\Documents\cross for headstone.bmp
2014-11-25 18:38 - 2014-11-25 18:38 - 00151734 _____ () C:\Users\Gabriel\Downloads\compass rose 1.bmp
2014-11-25 18:35 - 2014-11-25 18:35 - 00151734 _____ () C:\Users\Gabriel\Downloads\compass rose_vectorized.bmp
2014-11-25 16:36 - 2014-11-25 16:36 - 00635494 _____ () C:\Users\Gabriel\Downloads\sea turtle2_vectorized.bmp
2014-11-25 11:14 - 2014-11-28 12:09 - 00000026 _____ () C:\Windows\ESS_v10r2d1d.INI
2014-11-25 11:08 - 2014-11-27 19:09 - 00000000 ____D () C:\SkinPack
2014-11-25 10:49 - 2014-11-27 19:56 - 43249664 _____ (Microsoft Corporation) C:\Windows\system32\imageres.dll
2014-11-25 10:49 - 2014-11-27 19:09 - 02362368 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-11-25 10:49 - 2014-11-27 15:14 - 00000000 ____D () C:\Program Files (x86)\Skin Pack
2014-11-25 10:49 - 2011-02-25 01:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-11-25 10:49 - 2010-11-20 22:24 - 01866240 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-11-25 10:49 - 2010-11-20 22:24 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-11-25 10:49 - 2010-11-20 22:24 - 00749568 _____ (Microsoft Corporation) C:\Windows\system32\batmeter.dll
2014-11-25 10:49 - 2010-11-20 22:24 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-11-25 10:49 - 2010-11-20 22:23 - 01808384 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2014-11-25 10:49 - 2010-11-20 22:23 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-11-25 10:49 - 2009-07-13 20:28 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\imagesp1.dll
2014-11-25 10:33 - 2014-11-25 10:48 - 23421087 _____ () C:\Users\Gabriel\Downloads\SkinPack_Alienred_3.0.zip
2014-11-24 23:02 - 2014-11-27 14:14 - 00000000 ____D () C:\Users\Gabriel\Downloads\How.to.Train.Your.Dragon.2.2014.BRRip.XviD-SaM[ETRG]
2014-11-24 21:02 - 2014-11-24 21:02 - 00001148 _____ () C:\Users\UpdatusUser\Desktop\PhotoVCarve.lnk
2014-11-24 21:02 - 2014-11-24 21:02 - 00000000 ____D () C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoVCarve
2014-11-24 10:04 - 2014-11-24 10:07 - 00001668 _____ () C:\Windows\system32\ASOROSet.bin
2014-11-24 09:58 - 2014-11-24 09:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ICCWDT_01009.Wdf
2014-11-24 09:57 - 2014-11-24 09:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-11-24 09:57 - 2014-11-24 09:57 - 00000000 ____D () C:\Users\Gabriel\Intel
2014-11-24 09:49 - 2014-09-29 11:16 - 00454416 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2014-11-24 09:44 - 2014-11-24 09:44 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-11-24 09:44 - 2014-01-27 13:39 - 09890008 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2014-11-24 09:42 - 2014-11-24 10:00 - 00000000 ____D () C:\temp
2014-11-23 23:04 - 2014-11-27 14:14 - 00000000 ____D () C:\Program Files\Theme Resource Changer
2014-11-23 23:04 - 2014-11-23 23:04 - 00000000 ____D () C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Theme Resource Changer X64 v1.0
2014-11-23 20:53 - 2014-11-23 20:53 - 00000000 ____D () C:\Users\Gabriel\Downloads\Alienware Evolution
2014-11-23 20:44 - 2014-11-23 20:44 - 00001885 _____ () C:\Users\Gabriel\Documents\ALIENWARE WITH R2 MOTHER AND UPGRADES.txt
2014-11-23 19:38 - 2014-11-27 15:22 - 00000022 _____ () C:\Users\Gabriel\Downloads\Alienware Evolution.zip
2014-11-23 19:28 - 2014-11-23 19:28 - 01029888 _____ ( ) C:\Users\Gabriel\Downloads\FileOpenerSetup.exe
2014-11-23 11:51 - 2014-11-23 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2014-11-23 11:51 - 2013-04-17 17:59 - 00718840 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-11-23 11:51 - 2013-04-17 17:59 - 00593144 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-11-23 11:48 - 2014-11-23 11:51 - 00000000 ____D () C:\Program Files\Bitdefender
2014-11-23 11:47 - 2013-05-28 15:12 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-11-23 11:47 - 2013-04-22 16:21 - 00148696 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-11-23 11:43 - 2014-12-17 08:45 - 00003840 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1416761011
2014-11-23 11:43 - 2014-11-23 11:43 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-11-23 11:40 - 2014-11-23 11:40 - 00683672 _____ (Opera Software) C:\Users\Gabriel\Downloads\Opera_NI_stable.exe
2014-11-23 11:38 - 2014-11-23 11:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scan2CAD v8
2014-11-23 11:29 - 2014-12-14 09:58 - 00000464 _____ () C:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job
2014-11-23 11:29 - 2014-11-23 11:31 - 00000434 _____ () C:\Windows\Tasks\ASO-OneClickCare.job
2014-11-23 11:29 - 2014-11-23 11:29 - 00003338 _____ () C:\Windows\System32\Tasks\ASO-AutoCheckUpdate7Days
2014-11-23 11:29 - 2014-11-23 11:29 - 00003308 _____ () C:\Windows\System32\Tasks\ASO-OneClickCare
2014-11-23 11:28 - 2014-11-27 14:14 - 00000000 ____D () C:\Program Files (x86)\Advanced System Optimizer 3
2014-11-23 11:28 - 2014-11-23 11:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3
2014-11-23 11:28 - 2014-10-08 19:40 - 00019776 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-11-23 11:01 - 2014-11-29 12:16 - 00000000 ____D () C:\Program Files (x86)\Scan2CADv8
2014-11-23 11:01 - 2014-11-23 11:38 - 00000000 ____D () C:\Users\Gabriel\Documents\Scan2CADv8
2014-11-23 11:00 - 2014-11-27 14:14 - 00000000 ____D () C:\Windows\Scan2CAD v8
2014-11-23 02:43 - 2014-12-19 08:17 - 00000000 ____D () C:\Users\Gabriel\AppData\Roaming\MotoCast
2014-11-23 00:27 - 2014-10-13 21:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-23 00:27 - 2014-10-13 21:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-23 00:27 - 2014-10-13 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-23 00:27 - 2014-10-13 20:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-23 00:27 - 2014-10-13 20:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-23 00:23 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-23 00:23 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-23 00:23 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-23 00:23 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-23 00:23 - 2014-10-24 20:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-23 00:23 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-23 00:23 - 2014-10-17 21:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-23 00:23 - 2014-10-17 20:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-23 00:23 - 2014-10-13 21:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-23 00:23 - 2014-10-13 21:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-23 00:23 - 2014-10-13 21:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-23 00:23 - 2014-10-13 20:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-23 00:23 - 2014-10-13 20:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-23 00:23 - 2014-10-13 20:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-23 00:23 - 2014-10-09 19:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-23 00:23 - 2014-10-02 21:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-23 00:23 - 2014-10-02 21:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-23 00:23 - 2014-10-02 21:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-23 00:23 - 2014-10-02 21:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-23 00:23 - 2014-10-02 21:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-23 00:23 - 2014-10-02 20:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-23 00:23 - 2014-10-02 20:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-23 00:23 - 2014-10-02 20:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-23 00:23 - 2014-09-19 04:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-23 00:23 - 2014-09-19 04:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-23 00:23 - 2014-09-19 04:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-23 00:23 - 2014-09-19 04:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-23 00:23 - 2014-09-19 04:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-23 00:23 - 2014-09-19 04:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-23 00:23 - 2014-09-19 04:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-23 00:23 - 2014-09-19 04:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-23 00:23 - 2014-09-19 04:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-23 00:23 - 2014-09-19 04:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-23 00:23 - 2014-09-19 04:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-23 00:23 - 2014-09-19 04:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-23 00:23 - 2014-08-21 01:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-23 00:23 - 2014-08-21 01:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-23 00:23 - 2014-08-21 01:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-23 00:23 - 2014-08-21 01:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-23 00:23 - 2014-08-11 21:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-23 00:23 - 2014-08-11 20:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-23 00:18 - 2014-11-23 00:18 - 00000000 ____D () C:\Users\Gabriel\Documents\AlienFX
2014-11-23 00:17 - 2014-11-23 00:17 - 00000000 ____D () C:\ProgramData\bdch
2014-11-23 00:14 - 2014-11-23 00:14 - 00000000 ____D () C:\Program Files\Alienware
2014-11-23 00:11 - 2014-12-18 08:45 - 00000000 ____D () C:\Users\Gabriel\.gstreamer-0.10
2014-11-23 00:11 - 2014-12-14 16:17 - 00000000 ____D () C:\ProgramData\Nero
2014-11-23 00:11 - 2014-11-23 00:11 - 00003454 _____ () C:\Windows\System32\Tasks\MotoCast Update
2014-11-23 00:11 - 2014-11-23 00:11 - 00000000 ____D () C:\Users\Gabriel\AppData\Local\Motorola
2014-11-23 00:11 - 2014-11-23 00:11 - 00000000 ____D () C:\Program Files (x86)\Motorola Media Link
2014-11-23 00:10 - 2014-11-23 00:10 - 00000000 ____D () C:\ProgramData\Sun
2014-11-23 00:10 - 2014-11-23 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Mobility
2014-11-23 00:09 - 2014-11-23 00:09 - 00000000 ____D () C:\Program Files (x86)\Oracle
2014-11-23 00:03 - 2014-11-23 00:11 - 59533616 _____ () C:\Users\Gabriel\Downloads\Alienware_Command-Center-Not_A00_R296137.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-19 08:17 - 2014-09-10 14:03 - 00000000 ____D () C:\Users\Gabriel\AppData\Roaming\uTorrent
2014-12-19 08:17 - 2014-09-05 22:13 - 01418889 _____ () C:\Windows\WindowsUpdate.log
2014-12-19 08:13 - 2009-07-14 00:13 - 00785446 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-19 07:50 - 2014-09-14 01:18 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-18 21:50 - 2014-09-05 22:14 - 00000000 ____D () C:\Program Files (x86)\AlienRespawn
2014-12-18 14:00 - 2014-09-10 13:08 - 00003460 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-12-18 09:06 - 2009-07-13 23:45 - 00027744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-18 09:06 - 2009-07-13 23:45 - 00027744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-18 08:46 - 2014-09-25 20:38 - 00000336 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2014-12-18 08:43 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-18 08:13 - 2014-09-25 19:50 - 01778176 ___SH () C:\Users\Gabriel\Documents\Thumbs.db
2014-12-17 10:22 - 2014-09-25 21:45 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-17 08:45 - 2014-09-10 13:42 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-15 18:38 - 2009-07-13 23:45 - 00565632 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-15 15:35 - 2014-09-09 17:57 - 00000000 ____D () C:\Users\Gabriel
2014-12-15 12:42 - 2014-10-14 16:47 - 00000000 ____D () C:\Program Files\Blender Foundation
2014-12-15 01:10 - 2014-09-18 01:11 - 00000000 ____D () C:\Users\Gabriel\AppData\Roaming\vlc
2014-12-14 14:39 - 2014-09-09 18:19 - 00007619 _____ () C:\Users\Gabriel\AppData\Local\resmon.resmoncfg
2014-12-14 14:22 - 2014-09-25 19:35 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-12-14 14:22 - 2014-09-25 19:35 - 00000000 ____D () C:\Windows\system32\NV
2014-12-14 14:20 - 2014-09-11 00:09 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-14 14:20 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-14 14:20 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-14 13:50 - 2014-09-10 23:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-14 13:49 - 2014-09-10 23:00 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-11 12:47 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-10 14:45 - 2014-10-07 17:16 - 00000000 ____D () C:\Users\Gabriel\AppData\Roaming\inkscape
2014-12-10 01:50 - 2014-09-14 01:18 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 01:50 - 2014-09-14 01:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 01:50 - 2014-09-14 01:18 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-09 10:28 - 2014-09-25 20:38 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-12-07 11:15 - 2014-10-16 13:09 - 00173056 ____H () C:\Users\Gabriel\Downloads\photothumb.db
2014-11-30 14:16 - 2014-10-02 18:55 - 00000000 ____D () C:\Users\Gabriel\AppData\Local\Deployment
2014-11-29 17:09 - 2014-09-10 13:02 - 00000000 ____D () C:\Users\Gabriel\AppData\Local\Apps\2.0
2014-11-29 16:13 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\security
2014-11-29 16:04 - 2009-07-13 21:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-28 00:02 - 2014-09-29 23:47 - 00003234 _____ () C:\Windows\System32\Tasks\SidebarExecute
2014-11-27 23:42 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Globalization
2014-11-27 21:48 - 2014-09-18 14:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-27 19:54 - 2014-09-15 22:37 - 00000000 ____D () C:\Users\Gabriel\AppData\Roaming\TeamViewer
2014-11-27 19:09 - 2014-09-10 16:28 - 02226688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-11-27 19:09 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Cursors
2014-11-27 19:09 - 2009-07-13 18:42 - 43231744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imageres.dll
2014-11-27 14:40 - 2012-08-23 22:14 - 00000000 ____D () C:\Program Files (x86)\Dell Datasafe Local Backup
2014-11-27 14:14 - 2014-10-18 16:17 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-11-27 14:14 - 2014-10-18 16:17 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-11-27 14:14 - 2014-10-16 18:42 - 00000000 ____D () C:\Program Files (x86)\Vector Magic
2014-11-27 14:14 - 2014-10-16 13:08 - 00000000 ____D () C:\Program Files (x86)\PhotoScape
2014-11-27 14:14 - 2014-10-13 18:00 - 00000000 ____D () C:\Users\Gabriel\Downloads\The.Hornets.Nest.2014.BRRip.x264-RARBG
2014-11-27 14:14 - 2014-10-13 17:36 - 00000000 ____D () C:\Users\Gabriel\Downloads\Hellion.2014.LiMiTED.DVDRip.x264-LPD[rarbg]
2014-11-27 14:14 - 2014-10-06 16:25 - 00000000 ____D () C:\Mach3
2014-11-27 14:14 - 2014-10-02 19:35 - 00000000 ____D () C:\Windows\SysWOW64\sda
2014-11-27 14:14 - 2014-09-30 23:58 - 00000000 ____D () C:\Program Files (x86)\Cut3D 1.11
2014-11-27 14:14 - 2014-09-30 23:45 - 00000000 ____D () C:\Program Files (x86)\PhotoVCarve
2014-11-27 14:14 - 2014-09-30 00:00 - 00000000 ____D () C:\Users\Gabriel\AppData\Local\Stardock
2014-11-27 14:14 - 2014-09-30 00:00 - 00000000 ____D () C:\Program Files (x86)\CursorXP
2014-11-27 14:14 - 2014-09-21 22:24 - 00000000 ____D () C:\Program Files (x86)\RAR Password Cracker
2014-11-27 14:14 - 2014-09-17 23:27 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-11-27 14:14 - 2014-09-17 23:26 - 00000000 ____D () C:\Program Files\Wireshark
2014-11-27 14:14 - 2014-09-14 22:30 - 00000000 ____D () C:\Program Files (x86)\Network Stumbler
2014-11-27 14:14 - 2014-09-14 21:57 - 00000000 ____D () C:\Windows\SysWOW64\QCA
2014-11-27 14:14 - 2014-09-14 01:18 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-11-27 14:14 - 2014-09-14 01:18 - 00000000 ____D () C:\Windows\system32\Macromed
2014-11-27 14:14 - 2014-09-12 15:30 - 00000000 ____D () C:\Windows\Mach3
2014-11-27 14:14 - 2014-09-11 15:12 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-11-27 14:14 - 2014-09-11 13:18 - 00000000 ____D () C:\Program Files (x86)\Alienware On-Screen Display
2014-11-27 14:14 - 2014-09-11 10:14 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-11-27 14:14 - 2014-09-11 10:13 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-11-27 14:14 - 2014-09-10 15:23 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-11-27 14:14 - 2014-09-10 13:18 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2014-11-27 14:14 - 2014-09-10 13:08 - 00000000 ____D () C:\Program Files\AlienAutopsy
2014-11-27 14:14 - 2014-09-05 22:12 - 00000000 ____D () C:\Windows\SysWOW64\Atheros_L1e
2014-11-27 14:14 - 2010-11-21 02:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-11-27 14:14 - 2010-11-21 02:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-11-27 14:14 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-11-27 14:14 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-11-27 14:14 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-27 14:14 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-11-27 14:14 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Recovery
2014-11-27 14:14 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-11-27 14:14 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Speech
2014-11-27 14:14 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-11-27 14:14 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\com
2014-11-27 14:14 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-11-27 14:14 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\servicing
2014-11-27 14:14 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2014-11-27 13:52 - 2014-09-05 22:51 - 00000000 __SHD () C:\System Recovery
2014-11-27 13:52 - 2009-07-13 21:34 - 00000459 _____ () C:\Windows\win.ini
2014-11-27 12:24 - 2014-10-16 12:38 - 00000000 ____D () C:\Program Files (x86)\Pixia ver. 6
2014-11-27 12:24 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-11-27 11:55 - 2014-09-09 18:56 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-11-27 11:55 - 2014-09-09 18:56 - 00001908 _____ () C:\Windows\diagerr.xml
2014-11-25 11:06 - 2014-10-07 22:39 - 00000000 ____D () C:\Users\Gabriel\AppData\Roaming\VMware
2014-11-25 11:06 - 2014-10-07 22:39 - 00000000 ____D () C:\Users\Gabriel\AppData\Local\VMware
2014-11-24 10:07 - 2009-07-13 21:34 - 65273856 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-11-24 10:07 - 2009-07-13 21:34 - 21757952 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-11-24 10:07 - 2009-07-13 21:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-11-24 10:05 - 2009-07-13 21:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-11-24 09:58 - 2014-09-05 22:11 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-11-24 09:57 - 2014-09-05 22:12 - 00000000 ____D () C:\ProgramData\Intel
2014-11-24 09:57 - 2014-09-05 22:12 - 00000000 ____D () C:\Program Files\Intel
2014-11-24 09:10 - 2014-09-29 16:17 - 00000000 ___DC () C:\Users\Gabriel\AppData\Local\MigWiz
2014-11-24 08:29 - 2014-10-01 16:11 - 00000000 ____D () C:\Users\Gabriel\AppData\Roaming\Foxit Software
2014-11-23 20:56 - 2009-07-13 18:55 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-11-23 20:55 - 2010-11-20 22:23 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2014-11-23 20:55 - 2009-07-13 18:54 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\themeservice.dll
2014-11-23 11:48 - 2014-09-11 14:55 - 00000000 ____D () C:\Users\Gabriel\AppData\Roaming\QuickScan
2014-11-23 11:45 - 2014-10-17 15:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-23 00:15 - 2014-09-05 22:12 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-23 00:14 - 2014-09-10 13:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alienware
2014-11-23 00:13 - 2014-09-23 20:14 - 00000000 ____D () C:\Users\Gabriel\AppData\Local\Downloaded Installations
2014-11-23 00:11 - 2014-09-10 00:32 - 00000000 ____D () C:\ProgramData\Motorola
2014-11-23 00:11 - 2014-09-10 00:30 - 00000000 ____D () C:\Program Files (x86)\Motorola Mobility
2014-11-23 00:11 - 2014-09-10 00:30 - 00000000 ____D () C:\Program Files (x86)\Motorola
2014-11-23 00:11 - 2014-09-10 00:29 - 00000000 ____D () C:\Users\Gabriel\AppData\Roaming\Motorola
2014-11-22 23:51 - 2014-10-25 14:49 - 00004114 _____ () C:\WirelessDiagLog.csv

Files to move or delete:
====================
C:\ProgramData\sdpsenv.dat


Some content of TEMP:
====================
C:\Users\Gabriel\AppData\Local\Temp\Runner2.exe
C:\Users\Gabriel\AppData\Local\Temp\Runner4.exe
C:\Users\Gabriel\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll
C:\Users\Gabriel\AppData\Local\Temp\ttv.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 03:46

==================== End Of Log ============================


Edited by Oh My!, 19 December 2014 - 10:18 AM.
Posted FRST


#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,580 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:52 PM

Posted 19 December 2014 - 10:44 AM

Hi Gabriel,
 
There is evidence of several pirated/cracked programs on your computer. In order to continue receiving assistance I am going to ask you to fully uninstall those programs and let me know when that has been accomplished. As long as those illegal and untrustworthy programs are on your computer it potentially compromises our ability to bring your computer back to health.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#12 GabrielP

GabrielP
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Apalachicola Fl.
  • Local time:05:52 PM

Posted 19 December 2014 - 11:24 AM

Can you please tell me which ones to uninstall/remove? 



#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,580 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:52 PM

Posted 19 December 2014 - 11:29 AM

2014-11-29 11:29 - 2014-11-29 11:30 - 00000000 ____D () C:\Users\Gabriel\Downloads\[Team Viewer Premium 9.0.24482] [Final + Crack]
2014-11-27 21:46 - 2014-11-27 21:47 - 00000000 ____D () C:\Users\Gabriel\Downloads\Malwarebytes Anti-Malware PRO 1.65.0.1400 - Final - FULL with Key [h33t][iahq76]
2014-11-27 18:29 - 2014-11-27 18:29 - 00000000 ____D () C:\Users\Gabriel\Downloads\Stardock Icon Packager 5.0+crack{fiesta569}
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 GabrielP

GabrielP
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Apalachicola Fl.
  • Local time:05:52 PM

Posted 19 December 2014 - 11:44 AM

Okay Gary, I uninstalled thru control panel...was that the only three??



#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,580 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:52 PM

Posted 19 December 2014 - 12:23 PM

Those were the 3 that caught my eye. You would probably know better than I would....

Please consider and do this. Run FRST in Safe Mode if necessary.

===================================================

P2P Warning

--------------------

Going over your logs I noticed that you have µTorrent installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities. .

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------

  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt

HKU\S-1-5-21-3096153285-3196402840-3417424134-1000\...\RunOnce: [Adobe Speed Launcher] => 1418910324
ShortcutTarget: Refresh.lnk -> C:\Windows\Alienware Skin Pack\Tools\Refresh.cmd (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\YzShadow.lnk
ShortcutTarget: YzShadow.lnk -> C:\Windows\Alienware Skin Pack\YzShadow\YzShadow.exe (No File)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3096153285-3196402840-3417424134-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
2099-09-11 07:31 - 27957-09-11 07:31 - 00003120 _____ () C:\Windows\SysWOW64\ALLFSAF14a.ocx
C:\ProgramData\sdpsenv.dat
C:\Users\Gabriel\AppData\Local\Temp\Runner2.exe
C:\Users\Gabriel\AppData\Local\Temp\Runner4.exe
C:\Users\Gabriel\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll
C:\Users\Gabriel\AppData\Local\Temp\ttv.exe
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:

  • Fixlog
  • How is the computer performance?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users