DesertDogg

hello having some problems heres the reports FRST.txt Addition.txt

Thank you so much for the help

Results of screen317's Security Check version 0.99.73 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! ESET NOD32 Antivirus 6.0 Windows Defender Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Adobe Flash Player 11.8.800.94 Adobe Reader XI Mozilla Firefox (23.0.1) ````````Process Check: objlist.exe by Laurent```````` ESET NOD32 Antivirus egui.exe ESET NOD32 Antivirus ekrn.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` Thanks, sorry for the delay. It seems to be ok but when I rebooted the cpu tried to do a boot defragment or something from glary utilities thaty I didnt initiate. Not sure how to read this report.

Done, here is the log. How does it look? Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-09-2013 Ran by Gabe at 2013-09-11 06:13:53 Run:1 Running from C:\Users\Gabe\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporatio BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) C:\Users\Gabe\AppData\Local\Temp\0222411378878482mcinst.exe C:\Users\Gabe\AppData\Local\Temp\022241~1.EXE C:\Users\Gabe\AppData\Local\Temp\dlm5D8C.tmp\AdvancedScantoPDFFree.exe C:\Users\Gabe\AppData\Local\Temp\fp_pl_pfs_installer.exe C:\Users\Gabe\AppData\Local\Temp\GLFAF29.EXE C:\Users\Gabe\AppData\Local\Temp\GLFC820.EXE C:\Users\Gabe\AppData\Local\Temp\mpsetup.exe C:\Users\Gabe\AppData\Local\Temp\oi_{684560FE-6968-42F9-846C-5B6C16643EF9}.exe C:\Users\Gabe\AppData\Local\Temp\Quarantine.exe C:\Users\Gabe\Downloads\cbsidlm-cbsi127-KMPlayer-SEO-10659939.exe C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Advanced_Scan_to_PDF_Free-SEO-75738710.exe C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Download_App-BP-75864009.exe C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Pazera_Free_MP4_to_AVI_Converter-SEO-10784027.exe C:\Users\Gabe\Downloads\cbsidlm-tr1_14-3GP_Player-SEO-10881638.exe C:\Users\Gabe\Downloads\cbsidlm-tr1_14-JGSScan-ORG-10267419.exe C:\Users\Gabe\Downloads\KMPlayer_3.6.0.87.exe FF Extension: No Name - C:\Program Files\McAfee\MSK FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank MountPoints2: {03119575-fc2b-11e2-be6a-806e6f6e6963} - "D:\SETUP.EXE" ProxyServer: 127.0.0.1:48627 S2 0222411378878482mcinstcleanup; C:\Users\Gabe\AppData\Local\Temp\022241~1.EXE [834664 2013-07-30] (McAfee, Inc.) S2 mfevtp; "C:\Windows\system32\mfevtps.exe" [x] S4 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [x] SearchScopes: HKCU - {4372E590-7695-4EC2-97A9-962BD3B31DC6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASAJS SearchScopes: HKLM - DefaultScope value is missing. ***************** HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found. HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found. HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully. "C:\Users\Gabe\AppData\Local\Temp\0222411378878482mcinst.exe" => File/Directory not found. "C:\Users\Gabe\AppData\Local\Temp\022241~1.EXE" => File/Directory not found. C:\Users\Gabe\AppData\Local\Temp\dlm5D8C.tmp\AdvancedScantoPDFFree.exe => Moved successfully. C:\Users\Gabe\AppData\Local\Temp\fp_pl_pfs_installer.exe => Moved successfully. C:\Users\Gabe\AppData\Local\Temp\GLFAF29.EXE => Moved successfully. C:\Users\Gabe\AppData\Local\Temp\GLFC820.EXE => Moved successfully. C:\Users\Gabe\AppData\Local\Temp\mpsetup.exe => Moved successfully. C:\Users\Gabe\AppData\Local\Temp\oi_{684560FE-6968-42F9-846C-5B6C16643EF9}.exe => Moved successfully. C:\Users\Gabe\AppData\Local\Temp\Quarantine.exe => Moved successfully. C:\Users\Gabe\Downloads\cbsidlm-cbsi127-KMPlayer-SEO-10659939.exe => Moved successfully. C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Advanced_Scan_to_PDF_Free-SEO-75738710.exe => Moved successfully. C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Download_App-BP-75864009.exe => Moved successfully. C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Pazera_Free_MP4_to_AVI_Converter-SEO-10784027.exe => Moved successfully. C:\Users\Gabe\Downloads\cbsidlm-tr1_14-3GP_Player-SEO-10881638.exe => Moved successfully. C:\Users\Gabe\Downloads\cbsidlm-tr1_14-JGSScan-ORG-10267419.exe => Moved successfully. C:\Users\Gabe\Downloads\KMPlayer_3.6.0.87.exe => Moved successfully. C:\Program Files\McAfee\MSK not found. HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2 => Key deleted successfully. C:\Windows\SysWOW64\npDeployJava1.dll => Moved successfully. HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2 => Key not found. C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll not found. HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2 => Key deleted successfully. C:\Windows\system32\npDeployJava1.dll => Moved successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoActiveDesktop => Value deleted successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{03119575-fc2b-11e2-be6a-806e6f6e6963} => Key deleted successfully. HKCR\CLSID\{03119575-fc2b-11e2-be6a-806e6f6e6963} => Key not found. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully. 0222411378878482mcinstcleanup => Service not found. mfevtp => Service not found. mfefire => Service not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4372E590-7695-4EC2-97A9-962BD3B31DC6} => Key deleted successfully. HKCR\CLSID\{4372E590-7695-4EC2-97A9-962BD3B31DC6} => Key not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. ==== End of Fixlog ====

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-09-2013 Ran by Gabe at 2013-09-11 02:03:27 Running from C:\Users\Gabe\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94) Adobe Reader XI (11.0.03) MUI (x32 Version: 11.0.03) AntiLogger (x32 Version: 1.9.3.502) AntiLogger (x32) Apple Application Support (x32 Version: 2.1.7) Audacity 2.0.3 (x32 Version: 2.0.3) ERUNT 1.1j (x32) ESET NOD32 Antivirus (Version: 6.0.316.0) ESET Online Scanner v3 (x32) Glary Utilities 3.9 (x32 Version: 3.9.0.137) Harmony Browser Plug-in (x32 Version: 2.0) Hotspot Shield 3.13 (x32 Version: 3.13) Intel® Management Engine Components (x32 Version: 8.1.0.1281) Intel® Processor Graphics (x32 Version: 9.17.10.2963) Intel® PROSet/Wireless NFC Software (Version: 1.1.1.002) Intel® Rapid Storage Technology (x32 Version: 11.6.0.1030) Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149) Intel® Trusted Connect Service Client (Version: 1.24.738.1) KeyCrypt SDK version 1.6.1.246 (x32 Version: 1.6.1.246) Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft Office (x32 Version: 15.0.4454.1510) Microsoft Report Viewer Redistributable 2005 (x32 Version: 8.0.50727.42) Microsoft Report Viewer Redistributable 2005 (x32) Microsoft Silverlight (Version: 5.1.20125.0) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106) Movie Studio Platinum 12.0 (64-bit) (Version: 12.0.756) Mozilla Firefox 23.0.1 (x86 en-US) (x32 Version: 23.0.1) MSVCRT Redists (Version: 1.0) Networkx64 (Version: 1.0.0) NVIDIA Control Panel 311.46 (Version: 311.46) NVIDIA Graphics Driver 311.46 (Version: 311.46) NVIDIA Install Application (Version: 2.1002.109.706) NVIDIA Optimus 1.11.3 (Version: 1.11.3) NVIDIA PhysX (x32 Version: 9.12.1031) NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031) NVIDIA Update Components (Version: 1.11.3) PlayMemories Home (x32 Version: 7.0.02.14060) Process Hacker 2.31 (r5355) (Version: 2.31.0.5355) Proxify Tray Application version 1.0.8.0 (x32 Version: 1.0.8.0) QuickTime (x32 Version: 7.72.80.56) Realtek Ethernet Controller Driver (x32 Version: 8.10.1226.2012) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6895) Realtek PCIE Card Reader (x32 Version: 6.2.9200.28135) Shared C Run-time for x64 (Version: 10.0.0) Synaptics Pointing Device Driver (Version: 16.4.0.1) The KMPlayer (remove only) (x32 Version: 3.6.0.87) VAIO Movie Creator (x32 Version: 4.1.01.15140) Who Is On My Wifi version 2.1.7 (x32 Version: 2.1.7) WinAce Archiver (x32 Version: 2.69) Winamp (x32 Version: 5.65 ) Winamp Detector Plug-in (HKCU Version: 1.0.0.1) Winamp Essentials Pack (x32 Version: v5.64) Yahoo! Messenger (x32) Yahoo! Toolbar (x32) ==================== Restore Points ========================= 23-08-2013 04:40:49 Removed VAIO First Logon Setup Tool 04-09-2013 05:55:15 Scheduled Checkpoint 08-09-2013 14:17:26 Removed VAIO Easy Connect. 11-09-2013 03:45:44 Malwarebytes Anti-Rootkit Restore Point ==================== Hosts content: ========================== 2012-07-25 22:26 - 2012-07-25 22:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-25] (Microsoft Corporation) Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical Task: {1512017D-D898-4D3A-AAD6-BA5ADA05B6BC} - System32\Tasks\VaioRegistrationDesktopTask => C:\Program Files\Sony\VAIO Registration\Sony.VAIO.Desktop.RegistrationTask.exe [2012-08-09] (Sony) Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\System32\sysmain.dll [2013-05-03] (Microsoft Corporation) Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance Task: {22A6F687-35EF-443E-B1BF-8EE7D9B943AF} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\WSClient.dll [2012-09-19] (Microsoft Corporation) Task: {24DB440A-2AA6-4B5A-AAC9-080DFDE57700} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup Task: {263BFA26-C253-4887-B4D5-EFED40F334D1} - System32\Tasks\GlaryInitialize 3 => C:\Program Files (x86)\Glary Utilities 3\Initialize.exe [2013-08-20] (Glarysoft Ltd) Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem Task: {3D5AAA45-F954-4E6A-984D-2181BED5C309} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3684579750-837988229-3943600733-1002 Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation) Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required Task: {61B0D0DE-0EB4-4EDA-A894-A85CF2B01B12} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-25] (Microsoft Corporation) Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-19] (Microsoft Corporation) Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode) Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\WSClient.dll [2012-09-19] (Microsoft Corporation) Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\System32\Windows.Storage.ApplicationData.dll [2012-07-25] (Microsoft Corporation) Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork Task: {D6A7F05B-63D4-4253-B241-5BDCCA176EC7} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => Sc.exe start wuauserv Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical Task: {DD092B2B-9EE8-4A98-A22C-F1880DB0DF95} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-19] (Microsoft Corporation) Task: {EAD237E7-D276-4257-9F16-51DF41548733} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\System32\Startupscan.dll [2012-07-25] (Microsoft Corporation) Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM Task: {F517077F-AA0A-4CDA-B0D5-B992ADAA4F14} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-03-13] (Synaptics Incorporated) Task: C:\Windows\Tasks\GlaryInitialize 3.job => C:\Program Files (x86)\Glary Utilities 3\Initialize.exe ==================== Loaded Modules (whitelisted) ============= 2013-03-14 14:11 - 2013-03-13 21:33 - 01049840 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll 2013-03-14 14:11 - 2013-03-13 21:38 - 00254704 _____ (Synaptics Incorporated) C:\Windows\SYSTEM32\SynTPAPI.dll 2013-08-03 04:40 - 2013-05-02 19:45 - 01107440 _____ (NVIDIA Corporation) C:\Windows\SYSTEM32\nvumdshimx.dll 2013-08-03 04:40 - 2013-05-02 19:43 - 00245872 _____ (NVIDIA Corporation) C:\Windows\SYSTEM32\nvinitx.dll 2013-03-11 15:49 - 2013-03-08 00:04 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll 2013-08-03 04:36 - 2013-05-06 18:13 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2013-08-03 04:36 - 2013-05-06 18:13 - 03693640 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2013-03-14 12:21 - 2013-03-13 20:33 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrENU.lrc 2013-03-14 12:21 - 2013-03-13 20:31 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2013-03-21 15:20 - 2013-03-21 15:20 - 00123776 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ToastNotify.dll 2013-03-21 15:20 - 2013-03-21 15:20 - 00254080 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiHips.dll 2013-03-21 15:20 - 2013-03-21 15:20 - 00691288 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll 2013-03-21 15:19 - 2013-03-21 15:19 - 00355008 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll 2013-03-21 15:19 - 2013-03-21 15:19 - 00123752 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll 2013-03-21 15:19 - 2013-03-21 15:19 - 00119144 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll 2013-03-21 15:20 - 2013-03-21 15:20 - 01653320 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll 2013-03-21 15:20 - 2013-03-21 15:20 - 01010624 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll 2013-03-21 15:20 - 2013-03-21 15:20 - 00111416 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll 2013-08-20 02:19 - 2013-08-20 02:19 - 00037664 _____ (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\Languages.dll 2013-08-20 02:18 - 2013-08-20 02:18 - 00020256 _____ (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\BootTime.dll 2013-08-20 02:19 - 2013-08-20 02:19 - 00827168 _____ (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\LockDll.dll 2013-08-20 02:18 - 2013-08-20 02:18 - 00493344 _____ (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\CheckUpdate.dll 2013-08-20 02:20 - 2013-08-20 02:20 - 00178464 _____ (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\settings.dll 2013-08-20 02:20 - 2013-08-20 02:20 - 00194848 _____ (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\RestoreCenter.dll 2013-08-20 02:21 - 2013-08-20 02:21 - 00255776 _____ (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\TracksEraser.dll 2013-08-20 02:21 - 2013-08-20 02:21 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 3\zlib1.dll 2013-08-20 02:18 - 2013-08-20 02:18 - 00068384 _____ (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\Backup.dll 2013-08-20 02:19 - 2013-08-20 02:19 - 00097568 _____ (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\Log.dll 2013-08-20 02:20 - 2013-08-20 02:20 - 00067360 _____ (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\ObjectAdmin.dll 2013-09-10 07:08 - 2012-06-27 07:18 - 00839680 _____ () C:\Program Files (x86)\IO3O LLC\Who Is On My Wifi\System.Data.SQLite.dll 2012-07-26 01:14 - 2013-06-27 15:05 - 14375800 _____ (Adobe Systems, Inc.) C:\Windows\SYSTEM32\Macromed\Flash\Flash.ocx 2013-09-10 07:08 - 2009-05-04 14:22 - 00151040 _____ (http://sharppcap.sf.net) C:\Program Files (x86)\IO3O LLC\Who Is On My Wifi\SharpPcap.dll 2013-08-17 01:37 - 2013-08-17 01:37 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========== ==================== Faulty Device Manager Devices ============= Name: Bluetooth Device (RFCOMM Protocol TDI) Description: Bluetooth Device (RFCOMM Protocol TDI) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: RFCOMM Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Bluetooth Device (Personal Area Network) Description: Bluetooth Device (Personal Area Network) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: BthPan Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (09/11/2013 01:37:20 AM) (Source: Microsoft-Windows-User Profiles Service) (User: SysAdmin) Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off. Error: (09/11/2013 01:37:20 AM) (Source: Microsoft-Windows-User Profiles Service) (User: SysAdmin) Description: Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on. Error: (09/11/2013 01:07:06 AM) (Source: Microsoft-Windows-User Profiles Service) (User: SysAdmin) Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off. Error: (09/11/2013 01:07:06 AM) (Source: Microsoft-Windows-User Profiles Service) (User: SysAdmin) Description: Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on. Error: (09/10/2013 10:48:46 PM) (Source: McLogEvent) (User: NT AUTHORITY) Description: 1 Error: (09/10/2013 10:48:46 PM) (Source: McLogEvent) (User: NT AUTHORITY) Description: 0x7eThe specified module could not be found. Error: (09/10/2013 10:16:55 PM) (Source: Microsoft-Windows-User Profiles Service) (User: SysAdmin) Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off. Error: (09/10/2013 10:16:55 PM) (Source: Microsoft-Windows-User Profiles Service) (User: SysAdmin) Description: Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on. Error: (09/10/2013 10:12:26 PM) (Source: EventSystem) (User: ) Description: 800706e5EventSystem.EventSubscription{D2D9D1BD-A036-4BCF-8DA7-ED916C08B2F6}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}Explorer Error: (09/10/2013 09:23:31 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. System errors: ============= Error: (09/11/2013 01:37:20 AM) (Source: Service Control Manager) (User: ) Description: The NVIDIA Update Service Daemon service failed to start due to the following error: %%2 Error: (09/11/2013 01:07:07 AM) (Source: Service Control Manager) (User: ) Description: The NVIDIA Update Service Daemon service failed to start due to the following error: %%2 Error: (09/10/2013 10:47:26 PM) (Source: Service Control Manager) (User: ) Description: The Process creation detector. service failed to start due to the following error: %%1275 Error: (09/10/2013 10:47:26 PM) (Source: Application Popup) (User: ) Description: \??\C:\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys Error: (09/10/2013 10:45:48 PM) (Source: Service Control Manager) (User: ) Description: The ESET Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (09/10/2013 10:23:01 PM) (Source: mbamchameleon) (User: ) Description: \Device\HarddiskVolume5\PROGRA~2\MCAFEE\SITEAD~1\SAUI.EXE Error: (09/10/2013 10:23:01 PM) (Source: mbamchameleon) (User: ) Description: \??\c:\PROGRA~2\mcafee\SITEAD~1\saui.exe Error: (09/10/2013 10:19:11 PM) (Source: mbamchameleon) (User: ) Description: \Device\HarddiskVolume5\PROGRAM FILES\COMMON FILES\MCAFEE\CORE\MCHOST.EXE Error: (09/10/2013 10:19:11 PM) (Source: mbamchameleon) (User: ) Description: \??\C:\Program Files\Common Files\McAfee\Core\mchost.exe Error: (09/10/2013 10:17:24 PM) (Source: mbamchameleon) (User: ) Description: \Device\HarddiskVolume5\PROGRAM FILES\COMMON FILES\MCAFEE\CORE\MCHOST.EXE Microsoft Office Sessions: ========================= Error: (09/11/2013 01:37:20 AM) (Source: Microsoft-Windows-User Profiles Service)(User: SysAdmin) Description: Error: (09/11/2013 01:37:20 AM) (Source: Microsoft-Windows-User Profiles Service)(User: SysAdmin) Description: Error: (09/11/2013 01:07:06 AM) (Source: Microsoft-Windows-User Profiles Service)(User: SysAdmin) Description: Error: (09/11/2013 01:07:06 AM) (Source: Microsoft-Windows-User Profiles Service)(User: SysAdmin) Description: Error: (09/10/2013 10:48:46 PM) (Source: McLogEvent)(User: NT AUTHORITY) Description: 1 Error: (09/10/2013 10:48:46 PM) (Source: McLogEvent)(User: NT AUTHORITY) Description: 0x7eThe specified module could not be found. Error: (09/10/2013 10:16:55 PM) (Source: Microsoft-Windows-User Profiles Service)(User: SysAdmin) Description: Error: (09/10/2013 10:16:55 PM) (Source: Microsoft-Windows-User Profiles Service)(User: SysAdmin) Description: Error: (09/10/2013 10:12:26 PM) (Source: EventSystem)(User: ) Description: 800706e5EventSystem.EventSubscription{D2D9D1BD-A036-4BCF-8DA7-ED916C08B2F6}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}Explorer Error: (09/10/2013 09:23:31 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Gabe\Desktop\esetsmartinstaller_enu.exe CodeIntegrity Errors: =================================== Date: 2013-09-10 22:47:26.632 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-09-10 19:36:25.786 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-09-08 16:29:56.647 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-09-08 07:16:03.419 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-08-22 21:38:41.484 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 14% Total physical RAM: 12166.8 MB Available physical RAM: 10373.82 MB Total Pagefile: 13062.8 MB Available Pagefile: 11153.14 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:899.57 GB) (Free:477.06 GB) NTFS Drive d: (OFFICE14) (CDROM) (Total:2.35 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 932 GB) (Disk ID: 6AD751D9) Partition: GPT Partition Type ==================== End Of Log ============================

==================== One Month Modified Files and Folders ======= 2013-09-11 02:02 - 2013-08-09 11:40 - 00000000 ____D C:\wifidata 2013-09-11 02:02 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\system32\sru 2013-09-11 01:55 - 2013-08-07 16:14 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3684579750-837988229-3943600733-1002 2013-09-11 01:51 - 2013-08-22 07:54 - 00000348 _____ C:\Windows\Tasks\GlaryInitialize 3.job 2013-09-11 01:50 - 2013-08-22 07:54 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 3 2013-09-11 01:39 - 2012-07-26 00:28 - 00848230 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-11 01:35 - 2012-07-26 00:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-11 01:16 - 2013-09-11 01:16 - 03191888 _____ (McAfee, Inc.) C:\Users\Gabe\Desktop\MCPR.exe 2013-09-11 01:16 - 2013-08-03 04:00 - 01234136 _____ C:\Windows\WindowsUpdate.log 2013-09-11 01:04 - 2013-09-08 07:58 - 00008044 _____ C:\Windows\PFRO.log 2013-09-10 23:46 - 2013-09-10 23:46 - 00030839 _____ C:\Users\Gabe\Desktop\Addition.txt 2013-09-10 23:45 - 2013-09-10 23:45 - 00000000 ____D C:\FRST 2013-09-10 23:45 - 2013-09-10 23:44 - 01949408 _____ (Farbar) C:\Users\Gabe\Desktop\FRST64.exe 2013-09-10 22:48 - 2012-07-26 01:12 - 00000000 ___HD C:\Windows\ELAMBKUP 2013-09-10 22:45 - 2013-09-10 22:45 - 00000000 ____D C:\Program Files\ESET 2013-09-10 22:41 - 2013-09-10 22:41 - 01415824 _____ (ESET) C:\Users\Gabe\Desktop\eset_nod32_antivirus_live_installer.exe 2013-09-10 22:39 - 2013-09-10 20:20 - 00000000 ____D C:\Users\Gabe\Desktop\mbar 2013-09-10 22:13 - 2012-07-25 22:26 - 00262144 ___SH C:\Windows\system32\config\BBI 2013-09-10 21:23 - 2013-09-10 21:23 - 02347384 _____ (ESET) C:\Users\Gabe\Desktop\esetsmartinstaller_enu.exe 2013-09-10 21:23 - 2013-09-10 21:23 - 00000000 ____D C:\Program Files (x86)\ESET 2013-09-10 21:22 - 2012-07-25 22:26 - 00262144 ___SH C:\Windows\system32\config\ELAM 2013-09-10 21:16 - 2013-09-10 21:05 - 00000000 ____D C:\AdwCleaner 2013-09-10 21:04 - 2013-09-10 21:04 - 01037278 _____ C:\Users\Gabe\Desktop\AdwCleaner.exe 2013-09-10 21:01 - 2013-09-10 21:01 - 00002162 _____ C:\Users\Gabe\Desktop\JRT.txt 2013-09-10 20:59 - 2013-09-10 20:09 - 00000000 ____D C:\Users\Gabe\Desktop\RK_Quarantine 2013-09-10 20:53 - 2013-09-10 08:03 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield 2013-09-10 20:51 - 2013-09-10 20:51 - 00000000 ____D C:\Windows\ERUNT 2013-09-10 20:50 - 2013-09-10 20:50 - 01029490 _____ (Thisisu) C:\Users\Gabe\Desktop\JRT.exe 2013-09-10 20:46 - 2013-09-10 20:05 - 00002424 _____ C:\Users\Gabe\Desktop\Rkill.txt 2013-09-10 20:20 - 2013-09-10 20:20 - 12907592 _____ (Malwarebytes Corp.) C:\Users\Gabe\Desktop\mbar-1.07.0.1005.exe 2013-09-10 20:17 - 2013-09-10 20:17 - 03788288 _____ C:\Users\Gabe\Desktop\RogueKillerX64(1).exe 2013-09-10 20:12 - 2013-09-10 20:12 - 00001771 _____ C:\Users\Gabe\Desktop\RKreport[0]_S_09102013_201228.txt 2013-09-10 20:07 - 2013-09-10 20:07 - 03788288 _____ C:\Users\Gabe\Desktop\RogueKillerX64.exe 2013-09-10 20:07 - 2013-09-10 20:07 - 00000924 _____ C:\Users\Tiffany\Desktop\NTREGOPT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000924 _____ C:\Users\Gabe\Desktop\NTREGOPT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000924 _____ C:\Users\fbwuser\Desktop\NTREGOPT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000905 _____ C:\Users\Tiffany\Desktop\ERUNT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000905 _____ C:\Users\Gabe\Desktop\ERUNT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000905 _____ C:\Users\fbwuser\Desktop\ERUNT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000000 ____D C:\Windows\ERDNT 2013-09-10 20:07 - 2013-09-10 20:06 - 00000000 ____D C:\Program Files (x86)\ERUNT 2013-09-10 20:06 - 2013-09-10 20:06 - 00791393 _____ (Lars Hederer ) C:\Users\Gabe\Desktop\erunt-setup.exe 2013-09-10 20:05 - 2013-09-10 20:05 - 01898112 _____ (Bleeping Computer, LLC) C:\Users\Gabe\Desktop\rkill.exe 2013-09-10 20:05 - 2013-09-10 20:05 - 00000000 ____D C:\Users\Gabe\Desktop\rkill 2013-09-10 19:40 - 2013-09-10 19:40 - 00024917 _____ C:\Users\Gabe\Desktop\DDS 10 Sep 13.txt 2013-09-10 19:38 - 2013-09-10 19:35 - 00024917 _____ C:\Users\Gabe\Desktop\dds.txt 2013-09-10 19:38 - 2013-09-10 19:35 - 00012515 _____ C:\Users\Gabe\Desktop\attach.txt 2013-09-10 19:36 - 2013-08-09 12:20 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\uTorrent 2013-09-10 19:34 - 2013-09-10 19:34 - 00688992 ____R (Swearware) C:\Users\Gabe\Desktop\dds.scr 2013-09-10 09:11 - 2013-09-10 09:11 - 05312512 _____ C:\Users\Gabe\Documents\proof.evtx 2013-09-10 09:11 - 2013-09-10 09:11 - 00000000 ____D C:\Users\Gabe\Documents\LocaleMetaData 2013-09-10 08:29 - 2013-09-10 08:29 - 00312280 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-10 08:29 - 2013-09-10 08:20 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK 2013-09-10 08:24 - 2013-09-10 08:24 - 00049240 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\AntiLog64.sys 2013-09-10 08:24 - 2013-09-10 08:24 - 00000913 _____ C:\Users\Public\Desktop\AntiLogger.lnk 2013-09-10 08:24 - 2013-09-10 08:24 - 00000000 ____D C:\Program Files (x86)\AntiLogger 2013-09-10 08:24 - 2013-09-10 08:23 - 00000000 ____D C:\Users\Gabe\AppData\Local\Zemana 2013-09-10 08:23 - 2013-09-10 08:23 - 00000000 ____D C:\Windows\SysWOW64\ZALSDK_uninst 2013-09-10 08:22 - 2013-09-10 08:21 - 21264112 _____ (Zemana Ltd. ) C:\Users\Gabe\Downloads\Zemana_AntiLogger_1.9.3.502.exe 2013-09-10 08:20 - 2013-09-10 08:20 - 00000000 ____D C:\Users\Gabe\AppData\Local\AntiLogger Free 2013-09-10 08:19 - 2013-09-10 08:19 - 04322816 _____ (Zemana Ltd. ) C:\Users\Gabe\Downloads\AntiLoggerFree_Setup_1.6.2.245.exe 2013-09-10 08:04 - 2013-09-10 08:04 - 00001120 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk 2013-09-10 08:03 - 2013-09-10 08:03 - 00583584 _____ C:\Users\Gabe\Downloads\hotspotshield-setup.exe 2013-09-10 08:03 - 2013-09-10 08:03 - 00000020 ___SH C:\Users\fbwuser\ntuser.ini 2013-09-10 07:08 - 2013-09-10 07:08 - 00002107 _____ C:\Users\Public\Desktop\Who Is On My Wifi.lnk 2013-09-10 07:08 - 2013-09-10 07:08 - 00000000 ____D C:\Program Files (x86)\IO3O LLC 2013-09-10 07:08 - 2013-08-09 11:39 - 05228920 _____ (IO3O LLC ) C:\Users\Gabe\Downloads\mywifi.exe 2013-09-08 16:32 - 2013-09-08 16:28 - 767623168 ____R C:\Users\Gabe\Downloads\14.0.4734.1000_ProfessionalPlus_volume_x86_en-us.iso 2013-09-08 16:31 - 2013-08-07 16:12 - 00000000 ____D C:\Users\Gabe\AppData\Local\Sony Corporation 2013-09-08 16:31 - 2013-08-03 04:47 - 00000000 ____D C:\Program Files (x86)\Sony 2013-09-08 16:04 - 2013-09-08 16:04 - 00000000 ____H C:\Users\Gabe\Documents\Default.rdp 2013-09-08 11:03 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\rescache 2013-09-08 10:36 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\WinStore 2013-09-08 10:36 - 2012-07-26 01:12 - 00000000 ____D C:\Program Files\Windows Defender 2013-09-08 10:36 - 2012-07-26 01:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2013-09-08 10:36 - 2012-07-25 22:38 - 00000000 ____D C:\Windows\system32\oobe 2013-09-08 09:41 - 2013-09-08 09:41 - 16243768 _____ C:\Users\Gabe\Downloads\Glary_Utilities_v3.9.1.exe 2013-09-08 08:26 - 2013-08-07 16:53 - 00000000 ____D C:\Windows\system32\MRT 2013-09-08 08:25 - 2013-08-07 16:53 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-09-08 07:20 - 2013-08-03 05:22 - 00000000 ____D C:\Program Files (x86)\CyberLink 2013-09-08 07:20 - 2013-08-03 04:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-09-08 07:08 - 2012-08-02 18:59 - 00000000 ____D C:\Windows\Panther 2013-09-08 06:54 - 2013-08-07 17:13 - 00000022 _____ C:\Windows\Model.txt 2013-09-08 03:25 - 2013-09-08 03:25 - 00000000 ____D C:\Users\Gabe\AppData\Local\Apps\2.0 2013-09-07 09:18 - 2013-09-07 09:18 - 01448299 _____ C:\Users\Gabe\Downloads\213991775063143-SURROUND-20130820164851.3gp 2013-09-07 09:15 - 2013-09-07 09:15 - 02896534 _____ C:\Users\Gabe\Downloads\213991775063143-SURROUND-20130821123433.3gp 2013-09-07 09:15 - 2013-09-07 09:14 - 00475112 _____ C:\Users\Gabe\Downloads\213991775063143-SURROUND-20130822103012.3gp 2013-09-07 09:12 - 2013-09-07 09:12 - 02896534 _____ C:\Users\Gabe\Downloads\213991775063143-SURROUND-20130822123215.3gp 2013-09-07 08:43 - 2013-09-07 08:43 - 00356352 _____ C:\Users\Gabe\Downloads\log.xls 2013-09-07 08:43 - 2013-09-07 08:43 - 00064000 _____ C:\Users\Gabe\Downloads\contact.xls 2013-09-07 08:43 - 2013-09-07 08:43 - 00040448 _____ C:\Users\Gabe\Downloads\logcall.xls 2013-09-05 17:36 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\AUInstallAgent 2013-09-04 14:58 - 2013-09-04 14:58 - 00894600 _____ (CNET Download.com) C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Advanced_Scan_to_PDF_Free-SEO-75738710.exe 2013-09-04 14:49 - 2013-09-04 14:39 - 00000000 ____D C:\Program Files (x86)\JGS-Scan 2013-09-04 14:38 - 2013-09-04 14:39 - 00737280 _____ (Indigo Rose Corporation) C:\Windows\iun6002.exe 2013-09-04 14:38 - 2013-09-04 14:38 - 04907960 _____ () C:\Users\Gabe\Downloads\JGS-Scan3.exe 2013-09-04 14:37 - 2013-09-04 14:37 - 00584600 _____ C:\Users\Gabe\Downloads\cbsidlm-tr1_14-JGSScan-ORG-10267419.exe 2013-09-04 14:35 - 2013-08-07 16:08 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Adobe 2013-09-03 19:08 - 2013-09-03 19:07 - 00000000 ____D C:\Program Files\stinger 2013-09-03 19:07 - 2013-09-03 19:07 - 00000000 ____D C:\Stinger_Quarantine 2013-09-03 19:06 - 2013-09-03 19:06 - 04900592 _____ (McAfee, Inc.) C:\Users\Gabe\Downloads\McAfeeSetup-Serial.exe 2013-09-03 18:57 - 2013-09-03 18:57 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\DiskDefrag 2013-08-26 08:14 - 2013-08-17 22:52 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Audacity 2013-08-26 06:15 - 2013-08-26 06:13 - 116778590 _____ C:\Users\Gabe\Downloads\GET A LIFE 1627.mp4 2013-08-26 06:11 - 2013-08-26 06:10 - 78900943 _____ C:\Users\Gabe\Downloads\SACKCHASING COUGAR.mp4 2013-08-26 06:10 - 2013-08-26 06:09 - 89449556 _____ C:\Users\Gabe\Downloads\PL1300.mp4 2013-08-26 06:10 - 2013-08-26 06:09 - 60828557 _____ C:\Users\Gabe\Downloads\WORTHLESS LOSER.mp4 2013-08-26 06:09 - 2013-08-26 06:09 - 76704889 _____ C:\Users\Gabe\Downloads\LIVING WITH PARENTS AT 40.mp4 2013-08-26 06:04 - 2013-08-26 06:03 - 53457437 _____ C:\Users\Gabe\Downloads\FD1902.mp4 2013-08-26 06:04 - 2013-08-26 06:03 - 35874577 _____ C:\Users\Gabe\Downloads\FD1750WW.mp4 2013-08-26 06:03 - 2013-08-26 06:03 - 35874577 _____ C:\Users\Gabe\Downloads\FFFF.mp4 2013-08-26 06:03 - 2013-08-26 06:03 - 35874577 _____ C:\Users\Gabe\Downloads\FD175022.mp4 2013-08-26 06:03 - 2013-08-26 06:02 - 20270529 _____ C:\Users\Gabe\Downloads\FD2000-FINISH.mp4 2013-08-26 05:58 - 2013-08-26 05:58 - 44342458 _____ C:\Users\Gabe\Downloads\11.mp4 2013-08-26 05:58 - 2013-08-26 05:58 - 35874577 _____ C:\Users\Gabe\Downloads\FD1750.mp4 2013-08-26 05:58 - 2013-08-26 05:58 - 34018519 _____ C:\Users\Gabe\Downloads\FD1705.mp4 2013-08-26 05:58 - 2013-08-26 05:57 - 40459964 _____ C:\Users\Gabe\Downloads\1.mp4 2013-08-26 05:53 - 2013-08-26 05:52 - 40459964 _____ C:\Users\Gabe\Downloads\FD21AUG1530.mp4 2013-08-26 05:52 - 2013-08-26 05:52 - 39933685 _____ C:\Users\Gabe\Downloads\FD21AUG1430.mp4 2013-08-26 05:52 - 2013-08-26 05:51 - 54647286 _____ C:\Users\Gabe\Downloads\My New Clip33.mp4 2013-08-26 05:49 - 2013-08-26 05:49 - 39940067 _____ C:\Users\Gabe\Downloads\FD21AUG1310.mp4 2013-08-26 05:49 - 2013-08-26 05:48 - 39142968 _____ C:\Users\Gabe\Downloads\FrontDoor21Aug1215.mp4 2013-08-26 05:32 - 2013-08-26 05:31 - 54647286 _____ C:\Users\Gabe\Downloads\Front Door 21August.mp4 2013-08-26 05:31 - 2013-08-26 05:30 - 58247011 _____ C:\Users\Gabe\Downloads\BR13AUG1510.mp4 2013-08-26 05:30 - 2013-08-26 05:30 - 40918583 _____ C:\Users\Gabe\Downloads\BR13AUG1415.mp4 2013-08-26 05:30 - 2013-08-20 12:20 - 63503421 _____ C:\Users\Gabe\Downloads\BR13AUG1330.mp4 2013-08-26 05:15 - 2013-08-25 13:39 - 00000000 ____D C:\Users\Gabe\Documents\NACI_data 2013-08-25 22:21 - 2013-08-25 13:39 - 00072588 _____ C:\Users\Gabe\Documents\NACI.aup 2013-08-25 14:03 - 2013-08-25 14:03 - 00000000 ____D C:\Users\Gabe\AppData\Local\Apple Computer 2013-08-25 13:18 - 2013-08-25 13:16 - 236588638 _____ C:\Users\Gabe\Documents\NACI.wav 2013-08-25 13:11 - 2013-08-20 13:22 - 00000000 ____D C:\Users\Public\CyberLink 2013-08-25 11:10 - 2013-08-25 11:10 - 00000000 ____D C:\Users\Gabe\Downloads\MP_ROOT 2013-08-24 12:52 - 2013-08-20 15:10 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software 2013-08-24 12:52 - 2013-08-20 15:09 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\NCH Software 2013-08-24 05:36 - 2013-08-22 07:55 - 00000075 _____ C:\DiskDefrag.log 2013-08-24 02:04 - 2013-08-03 04:53 - 00000000 ____D C:\Program Files\Sony 2013-08-23 12:34 - 2013-08-23 12:34 - 00461312 _____ C:\Users\Gabe\Downloads\1.xls 2013-08-23 12:30 - 2013-08-23 11:49 - 00191488 _____ C:\Users\Gabe\Downloads\213991775063143LOCATION.xls 2013-08-23 12:07 - 2013-08-23 12:07 - 00461312 _____ C:\Users\Gabe\Downloads\213991775063143SMS.xls 2013-08-23 12:07 - 2013-08-23 12:07 - 00047616 _____ C:\Users\Gabe\Downloads\213991775063143CALL.xls 2013-08-23 02:06 - 2013-08-20 12:40 - 00000000 ____D C:\Users\Gabe\Downloads\CyberLink Power Director 11 Ultra DeLtA Sn1p3r 2013-08-22 22:12 - 2013-08-22 22:12 - 00685123 _____ C:\Users\Gabe\Downloads\213991775063143-CALL-20130819081157-6029782496.3gp 2013-08-22 22:12 - 2013-08-22 22:12 - 00087795 _____ C:\Users\Gabe\Downloads\213991775063143-CALL-20130814211449-6025732886.3gp 2013-08-22 21:47 - 2013-08-08 01:25 - 00000000 ____D C:\Users\Tiffany\AppData\Local\Sony Corporation 2013-08-22 21:47 - 2013-08-03 04:47 - 00000000 ____D C:\Windows\System32\Tasks\Sony Corporation 2013-08-22 09:34 - 2013-08-08 01:36 - 00007616 _____ C:\Users\Gabe\AppData\Local\resmon.resmoncfg 2013-08-22 09:22 - 2013-08-22 09:21 - 00000000 ____D C:\Users\Gabe\Documents\Cinematic_Music_Group-Big_K.R.I.T-King_Remembered_In_Time 2013-08-22 09:08 - 2013-08-22 09:08 - 00000000 ____D C:\Users\Gabe\AppData\Local\Macromedia 2013-08-22 09:08 - 2013-08-07 21:28 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Mozilla 2013-08-22 08:45 - 2013-08-13 01:46 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Yahoo! 2013-08-22 08:45 - 2013-08-10 23:59 - 00000000 ____D C:\Users\Gabe\Documents\Sony PMB 2013-08-22 08:45 - 2013-08-08 01:20 - 00000000 ____D C:\Users\Tiffany 2013-08-22 08:45 - 2013-08-07 17:33 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Sony 2013-08-22 08:45 - 2013-08-07 16:07 - 00000000 ____D C:\Users\Gabe 2013-08-22 08:44 - 2013-08-22 06:52 - 00000000 ____D C:\Program Files (x86)\WinAce 2013-08-22 08:44 - 2013-08-20 13:14 - 00000000 ____D C:\Program Files (x86)\QuickTime 2013-08-22 08:44 - 2013-08-08 08:32 - 00000000 ____D C:\Program Files (x86)\The KMPlayer 2013-08-22 08:44 - 2012-07-26 01:12 - 00000000 __SHD C:\Program Files\Windows Sidebar 2013-08-22 08:44 - 2012-07-25 22:37 - 00000000 __RHD C:\Users\Default 2013-08-22 08:43 - 2013-08-03 04:22 - 00000000 ____D C:\Intel 2013-08-22 08:00 - 2013-08-09 03:48 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Winamp 2013-08-22 07:55 - 2013-08-22 07:55 - 00002622 _____ C:\Windows\System32\Tasks\GlaryInitialize 3 2013-08-22 07:55 - 2013-08-22 07:55 - 00001080 _____ C:\Users\Public\Desktop\Glary Utilities 3.lnk 2013-08-22 07:54 - 2013-08-22 07:54 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\GlarySoft 2013-08-22 07:47 - 2013-08-22 07:47 - 16136496 _____ C:\Users\Gabe\Downloads\gu3setup.exe 2013-08-22 06:52 - 2013-08-22 06:52 - 04042444 _____ (e-merge GmbH) C:\Users\Gabe\Downloads\wace269i.exe 2013-08-22 06:52 - 2013-08-22 06:52 - 00000951 _____ C:\Users\Public\Desktop\WinAce Archiver.lnk 2013-08-22 06:49 - 2013-08-22 06:49 - 00862521 _____ C:\Users\Gabe\Downloads\videosnarf-0.63.tar.gz 2013-08-22 04:44 - 2013-08-22 04:44 - 00582605 _____ C:\Users\Gabe\Downloads\Winamp_Essentials_6_7_8_9_10_11_12_13_14.exe 2013-08-22 04:44 - 2013-08-09 03:48 - 00000000 ____D C:\Program Files (x86)\Winamp 2013-08-21 01:47 - 2013-08-21 01:47 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Apple Computer 2013-08-20 15:11 - 2013-08-20 15:04 - 00000000 ____D C:\Users\Gabe\Documents\Audio from Tim Mcgraw Burglary 2013-08-20 15:09 - 2013-08-20 15:09 - 00502848 _____ (NCH Software) C:\Users\Gabe\Downloads\switchsetup.exe 2013-08-20 14:56 - 2013-08-20 14:53 - 470418208 _____ C:\Users\Gabe\Downloads\PowerDirector_3026_GM6_Trial_Trial_VDE130619-02.exe 2013-08-20 14:45 - 2013-08-20 14:45 - 00894600 _____ (CNET Download.com) C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Download_App-BP-75864009.exe 2013-08-20 14:18 - 2013-08-20 14:18 - 00979928 _____ (CyberLink) C:\Users\Gabe\Downloads\CyberLink_PowerDirector_Downloader.exe 2013-08-20 13:22 - 2013-08-20 13:22 - 00000000 ____D C:\Users\Gabe\Documents\CyberLink 2013-08-20 13:20 - 2013-08-20 13:20 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\CyberLink 2013-08-20 13:14 - 2013-08-20 13:14 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk 2013-08-20 12:37 - 2013-08-20 12:35 - 00838896 _____ C:\Users\Gabe\Downloads\LR13AUG0330.mp4.sfk 2013-08-20 12:37 - 2013-08-20 12:32 - 00886196 _____ C:\Users\Gabe\Downloads\10aug1921.mp4.sfk 2013-08-20 12:29 - 2013-08-07 17:33 - 00000000 ____D C:\Users\Gabe\AppData\Local\Sony 2013-08-20 12:18 - 2013-08-20 12:17 - 52289079 _____ C:\Users\Gabe\Downloads\BR13AUG1240 (Part 1 of 2).mp4 2013-08-20 12:18 - 2013-08-20 12:17 - 31723429 _____ C:\Users\Gabe\Downloads\BR13AUG1240 (Part 2 of 2).mp4 2013-08-20 10:41 - 2013-08-13 01:44 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2013-08-20 10:40 - 2013-08-03 04:44 - 00000000 ____D C:\Program Files\Common Files\Sony Shared 2013-08-20 07:46 - 2013-08-18 07:05 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Process Hacker 2 2013-08-20 07:11 - 2013-08-19 17:40 - 00000032 _____ C:\Users\Gabe\AppData\Roaming\mbam.context.scan 2013-08-20 07:02 - 2013-08-20 07:02 - 00204568 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2013-08-20 07:02 - 2013-08-20 07:02 - 00103576 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2013-08-20 02:21 - 2013-08-22 07:55 - 00117024 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe 2013-08-20 02:08 - 2013-08-20 02:05 - 43723137 _____ C:\Users\Gabe\Downloads\LR13AUG0515.mp4 2013-08-20 02:05 - 2013-08-20 01:58 - 44618151 _____ C:\Users\Gabe\Downloads\LR13AUG0420.mp4 2013-08-20 02:05 - 2013-08-20 01:56 - 57036111 _____ C:\Users\Gabe\Downloads\LR13AUG0325.mp4 2013-08-20 02:02 - 2013-08-20 01:52 - 75121062 _____ C:\Users\Gabe\Downloads\LR13AUG0330.mp4 2013-08-20 01:58 - 2013-08-20 01:51 - 57036111 _____ C:\Users\Gabe\Downloads\LR13AUG0235.mp4 2013-08-20 01:49 - 2013-08-20 01:42 - 90665926 _____ C:\Users\Gabe\Downloads\LR13AUG0146.mp4 2013-08-20 01:37 - 2013-08-20 01:35 - 28597549 _____ C:\Users\Gabe\Downloads\BR13AUG0132 (Part 1 of 2).mp4 2013-08-20 01:35 - 2013-08-20 01:35 - 00000000 _____ C:\Users\Gabe\Downloads\BR13AUG1332 (Part 2 of 2).mp4 2013-08-19 13:50 - 2013-08-19 13:50 - 00685123 _____ C:\Users\Gabe\Downloads\CC.3gp 2013-08-19 13:49 - 2013-08-19 13:49 - 00650639 _____ C:\Users\Gabe\Downloads\DAD.3gp 2013-08-19 13:47 - 2013-08-19 13:47 - 01457652 _____ (Repair Video, Inc. ) C:\Users\Gabe\Desktop\asf_avi_rm_wmv_repair.exe 2013-08-18 23:44 - 2013-08-18 23:44 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-08-18 23:44 - 2013-08-18 23:44 - 00000291 _____ C:\AdwCleaner[s2].txt 2013-08-18 23:44 - 2013-08-18 23:44 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Malwarebytes 2013-08-18 23:44 - 2013-08-18 23:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-18 23:44 - 2013-08-18 23:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Gabe\Downloads\mbam-setup-1.75.0.1300.exe 2013-08-18 10:46 - 2013-08-18 10:45 - 52273262 _____ C:\Users\Gabe\Downloads\10aug2155.mp4 2013-08-18 10:45 - 2013-08-18 10:45 - 05730942 _____ C:\Users\Gabe\Downloads\item.mp4 2013-08-18 07:11 - 2013-08-18 07:11 - 00002006 _____ C:\AdwCleaner[s1].txt 2013-08-18 07:09 - 2013-08-18 07:09 - 00891115 _____ C:\Users\Gabe\Downloads\SecurityCheck.exe 2013-08-18 07:07 - 2013-08-18 07:07 - 00000000 _____ C:\Windows\SysWOW64\FAPB4C8.tmp 2013-08-18 07:07 - 2013-08-18 07:07 - 00000000 _____ C:\Windows\SysWOW64\FAPB080.tmp 2013-08-18 07:07 - 2013-08-18 07:07 - 00000000 _____ C:\Windows\SysWOW64\FAP79BE.tmp 2013-08-18 07:03 - 2013-08-18 07:03 - 00001841 _____ C:\Users\Gabe\Desktop\Process Hacker 2.lnk 2013-08-18 07:03 - 2013-08-18 07:03 - 00000000 ____D C:\Program Files\Process Hacker 2 2013-08-17 23:04 - 2013-08-17 22:56 - 96836088 _____ C:\Users\Gabe\Downloads\10aug2004.avi 2013-08-17 22:55 - 2013-08-17 22:55 - 00894600 _____ (CNET Download.com) C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Pazera_Free_MP4_to_AVI_Converter-SEO-10784027.exe 2013-08-17 22:52 - 2013-08-17 22:52 - 00001007 _____ C:\Users\Gabe\Desktop\Audacity.lnk 2013-08-17 22:52 - 2013-08-17 22:52 - 00000000 ____D C:\Program Files (x86)\Audacity 2013-08-17 22:52 - 2013-08-17 22:51 - 21281052 _____ (Audacity Team ) C:\Users\Gabe\Downloads\audacity-win-2.0.3.exe 2013-08-17 22:50 - 2013-08-17 22:50 - 01856092 _____ (wj32 ) C:\Users\Gabe\Downloads\processhacker-2.31-setup.exe 2013-08-17 20:15 - 2013-08-17 20:15 - 01618718 _____ (UpsideOut, Inc. ) C:\Users\Gabe\Downloads\ProxifySetup.exe 2013-08-17 20:15 - 2013-08-17 20:15 - 00001199 _____ C:\Users\Public\Desktop\Proxify Tray Application.lnk 2013-08-17 20:15 - 2013-08-17 20:15 - 00000000 ____D C:\Program Files (x86)\Proxify Tray Application 2013-08-17 19:37 - 2013-08-17 19:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-08-17 15:14 - 2013-08-17 15:13 - 68162708 _____ C:\Users\Gabe\Downloads\10aug2133.mp4 2013-08-17 15:13 - 2013-08-17 15:13 - 68174687 _____ C:\Users\Gabe\Downloads\10aug1921.mp4 2013-08-17 15:13 - 2013-08-17 15:12 - 52554458 _____ C:\Users\Gabe\Downloads\10aug2112.mp4 2013-08-17 15:09 - 2013-08-17 15:08 - 68020484 _____ C:\Users\Gabe\Downloads\10aug20041.mp4 2013-08-17 15:08 - 2013-08-17 15:07 - 47703588 _____ C:\Users\Gabe\Downloads\10aug2006.mp4 2013-08-17 15:07 - 2013-08-17 15:06 - 68020484 _____ C:\Users\Gabe\Downloads\10aug2004.mp4 2013-08-17 14:15 - 2013-08-17 14:15 - 68020484 _____ C:\Users\Gabe\Downloads\22222.mp4 2013-08-17 14:14 - 2013-08-17 14:14 - 47703588 _____ C:\Users\Gabe\Downloads\10Augbedroom.mp4 2013-08-17 14:11 - 2013-08-17 14:11 - 68020484 _____ C:\Users\Gabe\Downloads\My New Clipjjj.mp4 2013-08-17 13:58 - 2013-08-17 13:57 - 68020484 _____ C:\Users\Gabe\Downloads\10aug20101.mp4 2013-08-17 13:56 - 2013-08-17 13:56 - 35517108 _____ C:\Users\Gabe\Downloads\19aug7pm.mp4 2013-08-17 06:46 - 2013-08-17 06:46 - 08163216 _____ C:\Users\Gabe\Downloads\12AUG2149.mp4 2013-08-17 06:45 - 2013-08-17 06:45 - 07722827 _____ C:\Users\Gabe\Downloads\15AUG1717.mp4 2013-08-17 06:45 - 2013-08-17 06:44 - 144556875 _____ C:\Users\Gabe\Downloads\7AUG1133.mp4 2013-08-17 06:43 - 2013-08-17 06:43 - 10074467 _____ C:\Users\Gabe\Downloads\7AUG1852.mp4 2013-08-17 06:42 - 2013-08-17 06:42 - 07572170 _____ C:\Users\Gabe\Downloads\3AUG.mp4 2013-08-17 06:37 - 2013-08-17 06:36 - 57246322 _____ C:\Users\Gabe\Downloads\10AUG2010(2).mp4 2013-08-17 06:36 - 2013-08-17 06:35 - 57246322 _____ C:\Users\Gabe\Downloads\10AUG2010.mp4 2013-08-17 06:35 - 2013-08-17 06:35 - 06246836 _____ C:\Users\Gabe\Downloads\12AUG0615.mp4 2013-08-17 06:35 - 2013-08-17 06:33 - 57246322 _____ C:\Users\Gabe\Downloads\46.mp4 2013-08-17 06:34 - 2013-08-17 06:34 - 08811349 _____ C:\Users\Gabe\Downloads\10AUG1923.mp4 2013-08-17 05:45 - 2013-08-17 05:45 - 24192489 _____ C:\Users\Gabe\Downloads\45.mp4 2013-08-17 05:37 - 2013-08-17 05:37 - 08811349 _____ C:\Users\Gabe\Downloads\44.mp4 2013-08-17 03:38 - 2013-08-03 04:46 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll 2013-08-17 03:38 - 2013-08-03 04:46 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2013-08-17 01:37 - 2013-08-17 01:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-15 17:26 - 2013-08-15 17:25 - 07722827 _____ C:\Users\Gabe\Downloads\3333.mp4 2013-08-15 10:49 - 2013-08-15 10:49 - 00567391 _____ C:\Users\Gabe\Documents\334.3gp 2013-08-15 01:38 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\system32\NDF 2013-08-14 23:02 - 2013-08-14 23:02 - 08163216 _____ C:\Users\Gabe\Downloads\My Ne.mp4 2013-08-13 10:30 - 2013-08-13 00:47 - 00000000 ____D C:\Users\Gabe\Downloads\Epic (2013) 2013-08-13 03:17 - 2013-08-13 03:16 - 144556875 _____ C:\Users\Gabe\Downloads\22.mp4 2013-08-13 01:45 - 2013-08-13 01:45 - 00001137 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk 2013-08-13 01:44 - 2013-08-13 01:44 - 00442040 _____ (Yahoo! Inc.) C:\Users\Gabe\Downloads\msgr11us.exe 2013-08-13 00:51 - 2013-08-13 00:47 - 00000000 ____D C:\Users\Gabe\Downloads\Superman.Man.of.Steel.2013.720p.R6.LiNE.x264.AAC-DiGiTAL 2013-08-13 00:47 - 2013-08-13 00:46 - 00000000 ____D C:\Users\Gabe\Downloads\Oblivion (2013) [1080p] 2013-08-12 16:10 - 2013-08-12 16:10 - 00042184 _____ (Anchorfree Inc.) C:\Windows\system32\Drivers\taphss6.sys 2013-08-12 16:07 - 2013-09-10 08:03 - 00046792 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys 2013-08-12 13:26 - 2013-08-12 13:25 - 06246836 _____ C:\Users\Gabe\Downloads\My New Clip(2).mp4 2013-08-12 06:41 - 2013-08-12 06:41 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf Files to move or delete: ==================== C:\Users\Gabe\AppData\Local\Temp\fp_pl_pfs_installer.exe C:\Users\Gabe\AppData\Local\Temp\GLFAF29.EXE C:\Users\Gabe\AppData\Local\Temp\GLFC820.EXE C:\Users\Gabe\AppData\Local\Temp\mpsetup.exe C:\Users\Gabe\AppData\Local\Temp\oi_{684560FE-6968-42F9-846C-5B6C16643EF9}.exe C:\Users\Gabe\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== BCD ================================ Firmware Boot Manager --------------------- identifier {fwbootmgr} displayorder {bootmgr} {03119580-fc2b-11e2-be6a-806e6f6e6963} {03119581-fc2b-11e2-be6a-806e6f6e6963} {03119582-fc2b-11e2-be6a-806e6f6e6963} timeout 0 Windows Boot Manager -------------------- identifier {bootmgr} device partition=\Device\HarddiskVolume3 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale en-US inherit {globalsettings} default {current} resumeobject {5a330576-fc33-11e2-8cfc-b6b95feeff5b} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Firmware Application (101fffff) ------------------------------- identifier {03119580-fc2b-11e2-be6a-806e6f6e6963} description EFI USB Device Firmware Application (101fffff) ------------------------------- identifier {03119581-fc2b-11e2-be6a-806e6f6e6963} description EFI DVD/CDROM Firmware Application (101fffff) ------------------------------- identifier {03119582-fc2b-11e2-be6a-806e6f6e6963} description EFI Network Windows Boot Loader ------------------- identifier {current} device partition=C: path \Windows\system32\winload.efi description Windows 8 locale en-US inherit {bootloadersettings} recoverysequence {5a330578-fc33-11e2-8cfc-b6b95feeff5b} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \Windows resumeobject {5a330576-fc33-11e2-8cfc-b6b95feeff5b} nx OptIn bootmenupolicy Standard Windows Boot Loader ------------------- identifier {5a330578-fc33-11e2-8cfc-b6b95feeff5b} device ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{5a330579-fc33-11e2-8cfc-b6b95feeff5b} path \windows\system32\winload.efi description Windows Recovery Environment locale en-us inherit {bootloadersettings} displaymessage Recovery displaymessageoverride Recovery osdevice ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{5a330579-fc33-11e2-8cfc-b6b95feeff5b} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Resume from Hibernate --------------------- identifier {5a330576-fc33-11e2-8cfc-b6b95feeff5b} device partition=C: path \Windows\system32\winresume.efi description Windows Resume Application locale en-US inherit {resumeloadersettings} recoverysequence {5a330578-fc33-11e2-8cfc-b6b95feeff5b} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Windows Memory Tester --------------------- identifier {memdiag} device partition=\Device\HarddiskVolume3 path \EFI\Microsoft\Boot\memtest.efi description Windows Memory Diagnostic locale en-US inherit {globalsettings} badmemoryaccess Yes EMS Settings ------------ identifier {emssettings} bootems No Debugger Settings ----------------- identifier {dbgsettings} debugtype Serial debugport 1 baudrate 115200 RAM Defects ----------- identifier {badmemory} Global Settings --------------- identifier {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Boot Loader Settings -------------------- identifier {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Hypervisor Settings ------------------- identifier {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Resume Loader Settings ---------------------- identifier {resumeloadersettings} inherit {globalsettings} Device options -------------- identifier {5a330579-fc33-11e2-8cfc-b6b95feeff5b} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume2 ramdisksdipath \Recovery\WindowsRE\boot.sdi LastRegBack: 2013-09-09 03:00 ==================== End Of Log ============================

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-09-2013 Ran by Gabe (administrator) on SYSADMIN on 11-09-2013 02:02:58 Running from C:\Users\Gabe\Desktop Windows 8 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Broadcom Corporation.) C:\Windows\system32\BtwRSupportService.exe (Microsoft Corporation) C:\Windows\system32\dashost.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\Integrator.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe () C:\Program Files (x86)\IO3O LLC\Who Is On My Wifi\mywifi.exe (Zemana Ltd.) C:\Program Files (x86)\AntiLogger\AntiLogger.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-05-06] (Realtek Semiconductor) HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [6330568 2013-03-21] (ESET) HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [405504 2012-07-25] (Microsoft Corporation) MountPoints2: {03119575-fc2b-11e2-be6a-806e6f6e6963} - "D:\SETUP.EXE" HKLM-x32\...\Run: [AntiLogger] - C:\Program Files (x86)\AntiLogger\AntiLogger.exe [17780136 2013-09-09] (Zemana Ltd.) BootExecute: autocheck autochk * BootDefrag.exe ==================== Internet (Whitelisted) ==================== ProxyServer: 127.0.0.1:48627 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {4372E590-7695-4EC2-97A9-962BD3B31DC6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASAJS Tcpip\Parameters: [DhcpNameServer] 68.105.28.12 68.105.29.12 68.105.28.11 FireFox: ======== FF ProfilePath: C:\Users\Gabe\AppData\Roaming\Mozilla\Firefox\Profiles\jeur3bn4.default FF Keyword.URL: user_pref("keyword.URL", ""); FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll () FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.) FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afext@anchorfree.com FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird ==================== Services (Whitelisted) ================= R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2228440 2013-05-15] (Broadcom Corporation.) R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [331776 2012-07-25] (Microsoft Corporation) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1341664 2013-03-21] (ESET) R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129824 2013-01-23] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166688 2013-01-23] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-02-06] (Sony Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation) S2 nvUpdatusService; "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" [x] ==================== Drivers (Whitelisted) ==================== R1 AntiLog32; C:\Windows\system32\drivers\AntiLog64.sys [49240 2013-09-10] (Zemana Ltd.) R1 AntiLog32; C:\Windows\system32\drivers\AntiLog64.sys [49240 2013-09-10] (Zemana Ltd.) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170200 2013-05-15] (Broadcom Corporation.) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6971056 2013-03-14] (Broadcom Corporation) R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [117632 2013-05-31] (Microsoft Corporation) R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [30720 2013-08-03] (Microsoft Corporation) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-02-20] (ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET) R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [139768 2013-01-10] (ESET) R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [46792 2013-08-12] (AnchorFree Inc.) R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [25056 2013-07-22] (Zemana Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-03-13] (Synaptics Incorporated) R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-08-12] (Anchorfree Inc.) S3 BCM42RLY; system32\drivers\BCM42RLY.sys [x] S0 BootDefragDriver; System32\drivers\BootDefragDriver.sys [x] S3 btwaudio; \SystemRoot\system32\drivers\btwaudio.sys [x] S3 btwavdt; \SystemRoot\System32\drivers\btwavdt.sys [x] S3 btwl2cap; \SystemRoot\system32\DRIVERS\btwl2cap.sys [x] S3 btwrchid; \SystemRoot\System32\drivers\btwrchid.sys [x] ========================== Drivers MD5 ======================= C:\Windows\System32\drivers\1394ohci.sys E890C46E4754F0DF51BAFCC8D2E07498 C:\Windows\System32\drivers\3ware.sys 4F18D4C7EA14F11A7211F60D553C03DB C:\Windows\System32\drivers\ACPI.sys 975AABEB243B800C23626D6B652C5A9C C:\Windows\System32\Drivers\acpiex.sys DC968C37822117E576B933F34A2D130C C:\Windows\System32\drivers\acpipagr.sys 0CA9F7C3A78227C21A0A7854E245CFB2 C:\Windows\System32\drivers\acpipmi.sys 8EB8DA03B142D3DD1EB9ED8107A76C43 C:\Windows\System32\drivers\acpitime.sys CBCE725C5D86ABA7D2604E22951AA9B8 C:\Windows\System32\drivers\adp94xx.sys 93C6388592B99925C1D1576E465BC80F C:\Windows\System32\drivers\adpahci.sys D27763E0247292654E7F7D16444C7C72 C:\Windows\System32\drivers\adpu320.sys 67B90070FF48F794AF19F9FCF0080D75 C:\Windows\system32\drivers\afd.sys 36D6A3201721558A8AFBCC09C2DA4C2C C:\Windows\System32\drivers\agp440.sys 01590377A5AB19E792528C628A2A68F9 C:\Windows\System32\drivers\amdk8.sys 5A81054B824004B1ECC04F0034A1CDF9 C:\Windows\System32\drivers\amdppm.sys B849D453E644FAB9BC8EF6DC8CA9C4C6 C:\Windows\System32\drivers\amdsata.sys 35A0EB5AECB0FA3C41A2FB514A562304 C:\Windows\System32\drivers\amdsbs.sys 00452671904F5EE94B50BF0219C97164 C:\Windows\System32\drivers\amdxata.sys EA3FFE53E92E59C87E3ECA9BEB20D9B7 C:\Windows\system32\drivers\AntiLog64.sys A91B046C4994E50FF068D96B988636C0 C:\Windows\system32\drivers\AntiLog64.sys A91B046C4994E50FF068D96B988636C0 C:\Windows\system32\drivers\appid.sys 83B3682CE922FB0F415734B26D9D6233 C:\Windows\System32\drivers\arc.sys E933401B392387F4BE34DE8BAF1722A7 C:\Windows\System32\drivers\arcsas.sys 07CA323EF2E8247A568AB0F3662AD644 C:\Windows\system32\DRIVERS\asyncmac.sys 74DBAEC35366C4EE7670428808715A6A C:\Windows\System32\drivers\atapi.sys A721FF570C2387E383BDDEA9632863C9 C:\Windows\system32\DRIVERS\athrx.sys DECE3E2832F125A41A02FB59F4C54EEA C:\Windows\System32\drivers\bxvbda.sys 87AB5BB072A3F128541D5B815F82FFDD C:\Windows\System32\drivers\BasicDisplay.sys 81703BC5D68DEDBB086C2368FBE7B334 C:\Windows\System32\drivers\BasicRender.sys 5EC68164E14D25675C98BBB5F09E8606 C:\Windows\system32\drivers\bcbtums.sys 455EB0128FD08E07EACE0C6F754A3AAD C:\Windows\system32\DRIVERS\bcmwl63a.sys 68B456A065A973B9066DBA5430010A0D C:\Windows\System32\Drivers\Beep.sys 9E7AEA59776D904607985AFFE7E5E183 C:\Windows\System32\DRIVERS\bowser.sys B17AC10B47C7FCB44D22A1F06415840E C:\Windows\system32\drivers\BthA2DP.sys D4FA5A33E345CFB6D635579A8EE02399 C:\Windows\System32\drivers\BthAvrcpTg.sys 6695200F455E251F0BCC9CE4D0978D59 C:\Windows\System32\drivers\BthEnum.sys A8B20D852B07AE19A13B5D47EC4E4C3B C:\Windows\system32\DRIVERS\BthHfAud.sys E695E706C9E11DD5201605F1F6B4505C C:\Windows\System32\drivers\bthhfenum.sys 616EB8748C988AEE98D93DA141C3D3B4 C:\Windows\System32\drivers\BthHFHid.sys DCB4EBD928A6FB368BE6CAE522412DE1 C:\Windows\system32\DRIVERS\BthLEEnum.sys 42201C346F0B8C458E1E9CDE04D68A2C C:\Windows\System32\drivers\bthmodem.sys 033916CE8784A848B9A3D686B7F66D97 C:\Windows\system32\DRIVERS\bthpan.sys 091BB978E9504D0AD14586929431A957 C:\Windows\System32\Drivers\BTHport.sys 13795CAA34239D97A7211E7F9D96E012 C:\Windows\System32\Drivers\BTHUSB.sys 1F715957F5236D30B6020A19A4271F6A C:\Windows\System32\DRIVERS\cdfs.sys 990B1BABE6E81FB18E65A87EBEFB1772 C:\Windows\System32\drivers\cdrom.sys 339BFF85D788268752DA8C9644B188EE C:\Windows\System32\drivers\circlass.sys F64B7D1A37CC1D5F421D5359EEC81E2E C:\Windows\System32\drivers\CLFS.sys 9905168708DB68849B879B5548F68AB3 C:\Windows\System32\drivers\CmBatt.sys 2DC8538A2260647484A6C921CA837313 C:\Windows\System32\Drivers\cng.sys E708BFF0473EC6B271EA46B65B16CA56 C:\Windows\System32\drivers\CompositeBus.sys 0E5B1E9E7122EDAAF1F6CE047965CA92 C:\Windows\System32\drivers\condrv.sys D9CB0782AF819548072AA45B70F8B22D C:\Windows\System32\drivers\dam.sys C4D01BD86D6B207275FC143EEA951D75 C:\Windows\System32\drivers\dc3d.sys 7AF9DAC504FBD047CBC3E64AE52C92BF C:\Windows\System32\Drivers\dfsc.sys 09D9EB9E7898F8E6561473A20CC808B9 C:\Windows\system32\DRIVERS\ssudbus.sys E428DFFA96FAD07D8CA3C9082563A225 C:\Windows\System32\drivers\discache.sys 3C736FAE17BA6F91BA37594AAB139CD0 C:\Windows\System32\drivers\disk.sys 560495FF4CA22E1D9B1972FA18F43B6F C:\Windows\System32\drivers\dmvsc.sys 82A7C72593793FE1EADA7A305BD1567A C:\Windows\system32\drivers\drmkaud.sys 9C7C183F937951AE17C5B8B3259CF3FF C:\Windows\System32\drivers\dxgkrnl.sys 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 C:\Windows\system32\DRIVERS\e1y60x64.sys CFE0E3D5EFBF0649E5900CBFCC2B95F7 C:\Windows\System32\DRIVERS\eamonm.sys 398904F1FBF13CEF0FCB822E9CA5F2D5 C:\Windows\System32\drivers\evbda.sys 5AB97B3282D7D6114949D1EB5C8598E4 C:\Windows\system32\DRIVERS\ehdrv.sys 9E39134330C18CBAC0F24C1283701D7E C:\Windows\System32\drivers\EhStorClass.sys 66D60BD9A4C05616ABECA2A901475098 C:\Windows\System32\drivers\EhStorTcgDrv.sys A61D0F543024E458C0FE32352E1978E2 C:\Windows\system32\DRIVERS\epfwwfpr.sys B4E8DC817963B256537B1EC09AF0647E C:\Windows\System32\drivers\errdev.sys D790D058D67582DB9C84C2D33695FE6B C:\Windows\System32\Drivers\exfat.sys 7A4D6FEB8C52B3FE855E4DCDF9107E03 C:\Windows\System32\Drivers\fastfat.sys 60996602A7111FD2D086E803F33E4282 C:\Windows\System32\drivers\fdc.sys 73B2D11DF0B6E03A0CB0323218ACB3E4 C:\Windows\System32\drivers\fileinfo.sys 88A9EBACD1058ABB237A6B4E96E7F397 C:\Windows\System32\drivers\filetrace.sys 9E4EE3A0B00FF7D5F42A4AF9744CBA02 C:\Windows\System32\drivers\flpydisk.sys B1D4C168FF7B8579E3745888658FFB1D C:\Windows\System32\drivers\fltmgr.sys B33EC133AE4E6C1881D2302D93D2467D C:\Windows\System32\drivers\FsDepends.sys A5F7873A39E4E9FAAAE59B7E9E36B705 C:\Windows\System32\Drivers\Fs_Rec.sys A6DD7D491F587F4BC13FB972977DC8E8 C:\Windows\System32\DRIVERS\fvevol.sys FA228F4BB10DC7ED7E7D131C034E2331 C:\Windows\System32\drivers\fxppm.sys A969D92973DFA895E7776B4BFE36DBB2 C:\Windows\System32\drivers\gagp30kx.sys 52BC441E07A827EBAB70CDC7EAEDB28D C:\Windows\System32\drivers\vmgencounter.sys 721F8EEF5E9747F32670DEFF7FB92541 C:\Windows\System32\Drivers\msgpioclx.sys FC2B8B06BDBD3B6457F5A3DA9AD2410E C:\Windows\system32\drivers\HdAudio.sys 630555943E5A3FE21010CE91EC7FC84F C:\Windows\System32\drivers\HDAudBus.sys 7D87B5B6C7188D553E11B59DC7F0B111 C:\Windows\System32\drivers\HidBatt.sys 3F76BBA53D65E85A7F53E7A71082082C C:\Windows\System32\drivers\hidbth.sys 085F150D002B7F0153D3C06DDF33A143 C:\Windows\System32\drivers\hidi2c.sys CC4A07E51D89575CAB6F4EB590D87CD4 C:\Windows\System32\drivers\hidir.sys DC96F7DACB777CDEAEF9958A50BFDA06 C:\Windows\System32\drivers\hidusb.sys 9E11EE0F2E117B2D5A835B2B91752827 C:\Windows\System32\drivers\HpSAMD.sys 64DB7A8D97CA53DCCF93D0A1E08342CF C:\Windows\system32\DRIVERS\hssdrv6.sys 83D5717F961F26B1C221AD8A0FE9C8A0 C:\Windows\System32\drivers\HTTP.sys F4A91D985EB9D1D2717D538F3424603C C:\Windows\System32\drivers\hwpolicy.sys 2A98301068801700906C06649860FE94 C:\Windows\System32\drivers\hyperkbd.sys DC76901D82097C9E297F20C287CB9A27 C:\Windows\system32\DRIVERS\HyperVideo.sys 716413AB3CA12DE0A7222D28C1C9352C C:\Windows\System32\drivers\i8042prt.sys C9E9CBF73AFFBFE3E801EFB516787BA3 C:\Windows\System32\drivers\iaStorA.sys 6C91E425ACE29594BD574DE38AC9B76D C:\Windows\System32\drivers\iaStorV.sys 5E394EBD26FD68AA9300332C46BEDD62 C:\Windows\system32\DRIVERS\igdkmd64.sys 0245CD3AE14CACF6E2503C42019431D7 C:\Windows\System32\drivers\iirsp.sys 24847A06B84339FEEDE5CABF3D27D320 C:\Windows\system32\drivers\RTKVHD64.sys 5A51EF46FE265B15203277AD517DE6EA C:\Windows\system32\DRIVERS\IntcDAud.sys F5495B38BFB9149925F54F65AB40EFBF C:\Windows\System32\drivers\intelide.sys 4F37726CF764CA18A8A84F85EF3A7F24 C:\Windows\System32\drivers\intelppm.sys E15CDF68DD73423F15D4AC404793AF0D C:\Windows\System32\DRIVERS\ipfltdrv.sys 8FCA66234A0933D796BB780B7953BAB9 C:\Windows\System32\drivers\IPMIDrv.sys 6E98A046A12AA113F8898AA5D612BD6E C:\Windows\System32\drivers\ipnat.sys 3969B9C218DD3FAA9F4ED2FFC3651C02 C:\Windows\System32\drivers\irenum.sys 25CD7C4BB2863FFC2B0B311F0AEBF77C C:\Windows\System32\drivers\isapnp.sys D940C5BB9DC92E588533C19ABCC3D2C2 C:\Windows\System32\drivers\msiscsi.sys 69C8BF0BC2B0EA10F130F4D3104DC2EF C:\Windows\System32\drivers\kbdclass.sys 8FBD94B69D6423E20ABCD59D86368B21 C:\Windows\System32\drivers\kbdhid.sys E88C932ABDF8185A62C8F2FC7B051FB6 C:\Windows\system32\DRIVERS\kdnic.sys FB6C185092E18011EF49989425C2AA87 C:\Windows\System32\DRIVERS\KeyCrypt64.sys AF9A30CC359ED62C5BAC4653650451E2 C:\Windows\System32\Drivers\ksecdd.sys DFA480F6DED551464F3A5B959F437800 C:\Windows\System32\Drivers\ksecpkg.sys 127FB0AAD232BAAD2C9BBACD374F4FC5 C:\Windows\system32\drivers\ksthunk.sys 81492FEEBF2F26455B00EE8DBAE8A1B0 C:\Windows\system32\DRIVERS\lltdio.sys CEEFD29FC551F289810B0B9381B321DC C:\Windows\System32\drivers\lsi_sas.sys 022CDD12161B063D7852B1075BF3FFF2 C:\Windows\System32\drivers\lsi_sas2.sys 07AD59D669B996F29F91817F0ECFA34F C:\Windows\System32\drivers\lsi_scsi.sys 216FB796AA4E252ACCE93B1BCB80B5EC C:\Windows\System32\drivers\lsi_sss.sys 5E80530AF37102488EE980B4A92AF99F C:\Windows\system32\drivers\luafv.sys 2BDC5D711FA61307CE6190D47C956368 C:\Windows\system32\drivers\mbam.sys 0BB97D43299910CBFBA59C461B99B910 C:\Windows\system32\drivers\mbam.sys 0BB97D43299910CBFBA59C461B99B910 C:\Windows\System32\drivers\megasas.sys 9B0D829C3BE4E7472DB9DD2B79908E3C C:\Windows\System32\drivers\MegaSR.sys ECC3F54C7AFC318271C4F0B4606D8DB0 C:\Windows\System32\drivers\HECIx64.sys 2BB3EAE2EA641515D4B205CAB29E1624 C:\Windows\System32\drivers\modem.sys 780098AD5DA8A4822E2563984C85EF7B C:\Windows\System32\drivers\monitor.sys EA8EAD3F5B762F889CC7F3966625B48B C:\Windows\System32\drivers\mouclass.sys 618446B98C79776654340CE27C73485E C:\Windows\System32\drivers\mouhid.sys C0ADEBED913295803B579ED288936CBB C:\Windows\System32\drivers\mountmgr.sys 89D263DBF08119CE16273991C120D6DD C:\Windows\System32\drivers\mpsdrv.sys 0D1609DD82C7440F5D5BF21A9D4D5C0C C:\Windows\system32\drivers\mrxdav.sys 3D70147F55F1EC84EB9139ED7FFE48BC C:\Windows\System32\DRIVERS\mrxsmb.sys 93179D48066918323628CB016D8C94DC C:\Windows\System32\DRIVERS\mrxsmb10.sys 06D5F2FA3C61E8EA91648EA8E9F99FD3 C:\Windows\System32\DRIVERS\mrxsmb20.sys 5C7DD2E5759FFCCD2C7341C1B90F2B26 C:\Windows\system32\DRIVERS\bridge.sys 98487487D6B3797CA927E9D7B030AE13 C:\Windows\System32\Drivers\Msfs.sys 3886F1F2A4D2900ABAA7E4486BEEE6A2 C:\Windows\System32\drivers\msgpiowin32.sys C32A7A39B960A42BA9D4FBE47213CA03 C:\Windows\System32\drivers\mshidkmdf.sys D3857A767B91A061B408CCAB02DA4F40 C:\Windows\System32\drivers\mshidumdf.sys 839B48910FB1E887635C48F3EC11A05E C:\Windows\System32\drivers\msisadrv.sys 55C0DB741E3AB7463242B185B1C2997C C:\Windows\system32\drivers\MSKSSRV.sys 509809566E49F4411055864EA8D437CD C:\Windows\system32\DRIVERS\mslldp.sys 63145201D6458E4958E572E7D6FC2604 C:\Windows\system32\drivers\MSPCLOCK.sys 99D526E803DB6D7FF290FD98B6204641 C:\Windows\system32\drivers\MSPQM.sys 06FA77C3E2A491ADCD704C5E73006269 C:\Windows\System32\Drivers\MsRPC.sys E134EC4DE11CF78CB01432D180710D84 C:\Windows\System32\drivers\mssmbios.sys B5AECF12F09DEE97C9FCAA5BA016CE1E C:\Windows\system32\drivers\MSTEE.sys 72D66A05E0F99F2528F6C6204FD22AA1 C:\Windows\System32\drivers\MTConfig.sys 8AAAE399FC255FA105D4158CBA289001 C:\Windows\System32\Drivers\mup.sys 3BCB702F3E6CC622DCAFCAA45D7CDE0A C:\Windows\System32\drivers\mvumis.sys 3A1E095277BBD406CEA8EA6B76950664 C:\Windows\system32\DRIVERS\nwifi.sys 43D7388A90A4C6EA346A4D6FF0377479 C:\Windows\System32\drivers\ndis.sys A10E176F3B2BF83EDE7B5C4658C93B66 C:\Windows\system32\DRIVERS\ndiscap.sys 39C8A1D9D46F5E83A016BCAB72455284 C:\Windows\system32\DRIVERS\NdisImPlatform.sys 762941932B7E4C588E48A577BA9D6440 C:\Windows\system32\DRIVERS\ndistapi.sys 7A6F8A6D0E01432EBA294EF29CDD0FA7 C:\Windows\system32\DRIVERS\ndisuio.sys 79AB68BB3FFF974AD4F41FA559F4EC67 C:\Windows\system32\DRIVERS\ndiswan.sys 62C7DBF4F9301F76CF87D4B9D8F57BF8 C:\Windows\system32\DRIVERS\ndiswan.sys 62C7DBF4F9301F76CF87D4B9D8F57BF8 C:\Windows\System32\Drivers\NDProxy.sys 3730942D7DB2F8BB5F84542B7FF6F650 C:\Windows\System32\drivers\Ndu.sys D3F60A4345FCA9C1BE68AD7D0D6DE770 C:\Windows\System32\DRIVERS\netbios.sys 7C203A76394F9AE68F69EEE5F9612C4A C:\Windows\System32\DRIVERS\netbt.sys 7CEC25C682D319D484630B3952C31A11 C:\Windows\System32\drivers\nfrd960.sys 12DD2800E4EEA37DC9AE256AD62423B4 C:\Windows\System32\Drivers\Npfs.sys 17E19A742FB30C002F8B43575451DBE1 C:\Windows\System32\drivers\npsvctrig.sys 8ED299C30792544264E558BEA79F0947 C:\Windows\System32\drivers\nsiproxy.sys 689B3B1E95C70ABF7AFF29F9406EF1E0 C:\Windows\System32\Drivers\Ntfs.sys 76929F4A69E425911A63B407E26C2589 C:\Windows\System32\Drivers\Null.sys 4163ADE07DB51843AE31F65B94F5398D C:\Windows\system32\DRIVERS\nvlddmkm.sys 27149DEFA430363C3068E5FFDD516E5B C:\Windows\System32\DRIVERS\nvpciflt.sys 6DA2BD7DDC6E8968ED5E416F435229B0 C:\Windows\System32\drivers\nvraid.sys D6D34118263412D3AAA8348A9572B7F2 C:\Windows\System32\drivers\nvstor.sys 27AFC428D1D32ABD04A86763A4EDDEA9 C:\Windows\System32\drivers\nv_agp.sys 051CFB5107BAAE510419BDC41F8C4036 C:\Windows\System32\drivers\parport.sys 4563DAF8C6A740AD7F501E219BD10766 C:\Windows\System32\drivers\partmgr.sys D6ACCF9F2EEEEA711C14EFD976E573F3 C:\Windows\System32\drivers\pci.sys 4A003E8F718C1E6A2050CA98CD53E3E2 C:\Windows\System32\drivers\pciide.sys F9908D274D458220F91E89B54D78D837 C:\Windows\System32\drivers\pcmcia.sys 84D19CB6102627932DCB5DFDF89FE269 C:\Windows\System32\drivers\pcw.sys CEBBAD5391C2644560C55628A40BFD27 C:\Windows\System32\drivers\pdc.sys 0698DEDEAD6A00AD0D468C687D830FBF C:\Windows\System32\drivers\peauth.sys 61FE70659CD43E07F94DA4DC31DEC493 C:\Windows\system32\DRIVERS\raspptp.sys 362D47E5B4D67270DE4B8606036F4ADD C:\Windows\System32\drivers\processr.sys DD979EB6A7212F60E4AFBE96EDC7AE6D C:\Windows\system32\DRIVERS\pacer.sys EB8034147D4820CD31BFCB11A2A652DF C:\Windows\system32\drivers\qwavedrv.sys 13D47BB0CCA2FC51BD15F8E85C6A078E C:\Windows\System32\DRIVERS\rasacd.sys 873C60F8178100557740A832FCE10B5F C:\Windows\system32\DRIVERS\AgileVpn.sys 69B93F623B130976243ECA3D84CC99CA C:\Windows\system32\DRIVERS\rasl2tp.sys A14D625C5AEE5FFE0F47D1A1D419FAAE C:\Windows\system32\DRIVERS\raspppoe.sys 00695B9C2DB6111064499C529E90C042 C:\Windows\system32\DRIVERS\rassstp.sys A7F24D8CD1956B0A1FDCB86CC5114DE4 C:\Windows\System32\DRIVERS\rdbss.sys CA03D642ACE58E1BA54E4B383F91CD69 C:\Windows\System32\drivers\rdpbus.sys CA7DF5EC95D8DE0DD24BE7FF97369F68 C:\Windows\System32\drivers\rdpdr.sys B2A3AD74FF2E2FFA73AF2567108231B3 C:\Windows\System32\drivers\rdpvideominiport.sys 57F4787E4602A3FCA719C0A33137C6DA C:\Windows\System32\Drivers\RDPWD.sys B3CB0721E81E30419CE7D837EF4EA151 C:\Windows\System32\drivers\rdyboost.sys 62C1F8A0685FE07E998AA296C4F697C4 C:\Windows\System32\drivers\rfcomm.sys CCBFCABDFE2BC22F0645CEAADDB36004 C:\Windows\system32\DRIVERS\RtsPStor.sys D5E76FA33A4109490228F4015564133E C:\Windows\system32\DRIVERS\rspndr.sys E04E770DD198B9399640717145E79EBF C:\Windows\system32\DRIVERS\Rt630x64.sys D2768897FCEA8EEFAD3D69BAC9DC4180 C:\Windows\System32\drivers\vms3cap.sys 752EC7DCD2F96871A3857EEE6AFE965A C:\Windows\System32\drivers\sbp2port.sys 9C7B28CE0D136DB226E24DB3BC817F92 C:\Windows\System32\DRIVERS\scfilter.sys 5D7733A12756B267FCA021672B26BC9E C:\Windows\System32\drivers\sdbus.sys F58B030A0664385C707B8C1C63682041 C:\Windows\System32\drivers\sdstor.sys BB107AA9980B0DA4E19A3A90C3BD4460 C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit C:\Windows\System32\drivers\SerCx.sys 87C46B239A7EEF30FDFDD5E9BD46130C C:\Windows\System32\drivers\serenum.sys 7A1F9347C85FD55E39B8A76B3A25C5AD C:\Windows\System32\drivers\serial.sys F640A0A218BBF857F1D04A15D7D939F6 C:\Windows\System32\drivers\sermouse.sys F1A5F56B2620B862CC28FF96A0A6DAAB C:\Windows\System32\drivers\SFEP.sys 415B1326C40A2E1F251A3845B9C7DF31 C:\Windows\System32\drivers\sfloppy.sys 7EE65419B29302C795714FF8073969A1 C:\Windows\System32\drivers\SiSRaid2.sys 2560721D6F16D5B611C36A3A9D28C1B2 C:\Windows\System32\drivers\sisraid4.sys 3AA8FDE1DBF65BB8B88B053529554A0D C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys 817B64BE830C64FEA9A5FDE2251F8F8B C:\Windows\System32\drivers\spaceport.sys FD3AF5575B99871BADB94E7699DBCE08 C:\Windows\System32\drivers\SpbCx.sys 3D8679C8DF52EB26EB7583A4E0A29202 C:\Windows\System32\DRIVERS\srv.sys 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 C:\Windows\System32\DRIVERS\srv2.sys 56218A571ECF8D55E0CDFF8DF2546CF1 C:\Windows\System32\DRIVERS\srvnet.sys 14FC338B80CFF7E04215133B568D15C4 C:\Windows\system32\DRIVERS\ssudmdm.sys AAF6F247F1DC370C593B4430974EAD9C C:\Windows\System32\drivers\stexstor.sys 4E85355B94CFCB67C135F6521A4895A7 C:\Windows\System32\drivers\storahci.sys B240874B2CA0CD02E8CD11E140B14C57 C:\Windows\System32\DRIVERS\vmstorfl.sys F74DBC95A57B1EE866D3732EB5F79BE2 C:\Windows\System32\drivers\storvsc.sys 543CD3CC0E05B8D8815E0D4F040B6F59 C:\Windows\System32\drivers\swenum.sys 4AFD66AAE74FFB5986BC240744DC5FC9 C:\Windows\system32\DRIVERS\SynTP.sys AD6575A2637FF1B3C094791D1CFEC0F5 C:\Windows\system32\DRIVERS\taphss6.sys 38129B6370998F361BB20E4564B00586 C:\Windows\System32\drivers\tcpip.sys 1794C43A000A47D92B3304FC1E3E512A C:\Windows\system32\DRIVERS\tcpip.sys 1794C43A000A47D92B3304FC1E3E512A C:\Windows\System32\drivers\tcpipreg.sys 8F2A13A5DF99D72FDDE87F502A66F989 C:\Windows\system32\DRIVERS\tdx.sys 73DC722CE5DF26D7638CE2446F2655C7 C:\Windows\System32\drivers\terminpt.sys F7C8AB5D8AFFAA318D6A21093D139BF4 C:\Windows\system32\drivers\tpm.sys 6F0BFF80EE2A5BC841286A51F893CBAD C:\Windows\System32\drivers\tsusbflt.sys 4E7C5FB10A50435523DE0CAA37DE2BD3 C:\Windows\System32\drivers\TsUsbGD.sys 16D684A820872EE54F6370703AC0B513 C:\Windows\system32\DRIVERS\tunnel.sys 78C9EE193AC2B4CBDBC48B620314D740 C:\Windows\System32\drivers\uagp35.sys 6D4F67CA56ACA2085DFA2CD89EAFBC1A C:\Windows\System32\drivers\uaspstor.sys 6FD6D03B7752C78712E5CFF29A305026 C:\Windows\System32\drivers\ucx01000.sys 4834158B8D06A153FADAB6B85320FBBE C:\Windows\System32\DRIVERS\udfs.sys 25C50F4EDF70D0A831E0566BD181CCF2 C:\Windows\System32\drivers\uliagpkx.sys 07FEBCDF24FABA0D47B635D85A0FFB7A C:\Windows\System32\drivers\umbus.sys 02CEB3FE6152668A7BA420B93B664860 C:\Windows\System32\drivers\umpass.sys 991EE6B5FC41EAEF99C8AF5B92F2CA09 C:\Windows\System32\drivers\usbccgp.sys 2AF9F0E16D75B8F783A1ACE74EF51C9B C:\Windows\System32\drivers\usbcir.sys B395B62B62F28106218FA6FB17F4C797 C:\Windows\System32\drivers\usbehci.sys 52F267AEE8CA5AA5CEB88C6A71EE1E86 C:\Windows\System32\drivers\usbhub.sys ADBF89B8E0BB372FEFE2E4B84E1E20AE C:\Windows\System32\drivers\UsbHub3.sys EA040D4C6C94F315A85F3D0EAA884B37 C:\Windows\System32\drivers\usbohci.sys 325F6179009B5A7F6118951A5BA422AB C:\Windows\System32\drivers\usbprint.sys BA3ABE0CD1C14B3295BAD0F076B84CAC C:\Windows\System32\drivers\USBSTOR.SYS BFC7FE4AAEB61317A921871B4085EF4B C:\Windows\System32\drivers\usbuhci.sys D25EF4A6EC244C5DE85D88A05B7C149D C:\Windows\System32\Drivers\usbvideo.sys 09799E701B4327097E9F63D3FE221083 C:\Windows\System32\drivers\USBXHCI.SYS 1ADCF0A490C2845637B334626669CD6F C:\Windows\System32\drivers\vdrvroot.sys BACECBFF9C97F7627A60B0E0F1FE7EE8 C:\Windows\System32\drivers\VerifierExt.sys 74FA2D4368DE6F6CE14393EDF1F342BE C:\Windows\System32\drivers\vhdmp.sys 500BE6B2E49883720D0AE8BB859ED7A3 C:\Windows\System32\drivers\viaide.sys F5B4A14B00E89250C50982AC762DDD1D C:\Windows\System32\drivers\vmbus.sys 78DB50F7329F6D1311658DABFFFC8BE0 C:\Windows\System32\drivers\VMBusHID.sys ECFEE2F2BA3932C7880D1A8F67D68F91 C:\Windows\System32\drivers\volmgr.sys CB60FAAED8B49B812EBBF77EB87D9B18 C:\Windows\System32\drivers\volmgrx.sys A74101DA9809251BCD0E5A26BAE0F824 C:\Windows\System32\drivers\volsnap.sys 78A5BBA3819FFFC62FFEC3E2220D102D C:\Windows\System32\drivers\vpci.sys A8DA1C1B52ECEA3726DEBED4FF1B700D C:\Windows\System32\drivers\vsmraid.sys 38A60CD9C009C55C6D3B5586F8E6A353 C:\Windows\System32\drivers\vstxraid.sys A0F6FE0FC2F647C22BBFD6BD4249DBCC C:\Windows\System32\drivers\vwifibus.sys 62460A45435A26A334907E3F2EA45611 C:\Windows\system32\DRIVERS\vwififlt.sys 095E943D27025E4D588AF0A72CC2318F C:\Windows\system32\DRIVERS\vwifimp.sys 73FA1A41A97A5C34ADC03B3577FF1A86 C:\Windows\System32\drivers\wacompen.sys 6B806E893714019969E2B50D7EF6A4D9 C:\Windows\system32\DRIVERS\wanarp.sys 61F6972FF9AC9A8D0B4D62076DC30051 C:\Windows\system32\DRIVERS\wanarp.sys 61F6972FF9AC9A8D0B4D62076DC30051 C:\Windows\System32\drivers\wd.sys B3A4D918DAB90505B6BC7B70632913CB C:\Windows\system32\drivers\WdBoot.sys FD47DF026B32969B8A68721A0243E8EE C:\Windows\System32\drivers\wdcsam64.sys ==> MD5 is legit C:\Windows\System32\drivers\Wdf01000.sys 2ADC985B85A71BD7D99712EC0C24358B C:\Windows\system32\drivers\WdFilter.sys 5F425D842DD6ADE9F95A51A0616AFAD7 C:\Windows\System32\DRIVERS\wfplwfs.sys 3F1F31883EAC9DDDF836ACC6D1DAC36C C:\Windows\System32\drivers\wimmount.sys A3C7624A42A3447EF5EDD1ED37FE4E60 C:\Windows\system32\DRIVERS\WinUsb.sys BB20956C424531003F7FA6CD36F11D5D C:\Windows\System32\drivers\wmiacpi.sys E2A596CACFC6504306CDB7B593B90084 C:\Windows\System32\DRIVERS\wpcfltr.sys C6FF953D5D6F2EAE3B8883474D5076B3 C:\Windows\System32\drivers\WpdUpFltr.sys 0346CAFC181C91C6E2330332EB332ED6 C:\Windows\system32\drivers\ws2ifsl.sys BC8B5CB336E63BB25EAD1CE8EDD34B81 C:\Windows\System32\drivers\WSDPrint.sys 74EFDA0526862C3D8D01A776182798EA C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F C:\Windows\System32\drivers\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659 C:\Windows\system32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659 C:\Windows\system32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659 C:\Windows\system32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659 ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-10 23:46 - 2013-09-10 23:46 - 00030839 _____ C:\Users\Gabe\Desktop\Addition.txt 2013-09-10 23:45 - 2013-09-10 23:45 - 00000000 ____D C:\FRST 2013-09-10 23:44 - 2013-09-10 23:45 - 01949408 _____ (Farbar) C:\Users\Gabe\Desktop\FRST64.exe 2013-09-10 22:45 - 2013-09-10 22:45 - 00000000 ____D C:\Program Files\ESET 2013-09-10 22:41 - 2013-09-10 22:41 - 01415824 _____ (ESET) C:\Users\Gabe\Desktop\eset_nod32_antivirus_live_installer.exe 2013-09-10 21:23 - 2013-09-10 21:23 - 02347384 _____ (ESET) C:\Users\Gabe\Desktop\esetsmartinstaller_enu.exe 2013-09-10 21:23 - 2013-09-10 21:23 - 00000000 ____D C:\Program Files (x86)\ESET 2013-09-10 21:05 - 2013-09-10 21:16 - 00000000 ____D C:\AdwCleaner 2013-09-10 21:04 - 2013-09-10 21:04 - 01037278 _____ C:\Users\Gabe\Desktop\AdwCleaner.exe 2013-09-10 21:01 - 2013-09-10 21:01 - 00002162 _____ C:\Users\Gabe\Desktop\JRT.txt 2013-09-10 20:51 - 2013-09-10 20:51 - 00000000 ____D C:\Windows\ERUNT 2013-09-10 20:50 - 2013-09-10 20:50 - 01029490 _____ (Thisisu) C:\Users\Gabe\Desktop\JRT.exe 2013-09-10 20:20 - 2013-09-10 22:39 - 00000000 ____D C:\Users\Gabe\Desktop\mbar 2013-09-10 20:20 - 2013-09-10 20:20 - 12907592 _____ (Malwarebytes Corp.) C:\Users\Gabe\Desktop\mbar-1.07.0.1005.exe 2013-09-10 20:17 - 2013-09-10 20:17 - 03788288 _____ C:\Users\Gabe\Desktop\RogueKillerX64(1).exe 2013-09-10 20:12 - 2013-09-10 20:12 - 00001771 _____ C:\Users\Gabe\Desktop\RKreport[0]_S_09102013_201228.txt 2013-09-10 20:09 - 2013-09-10 20:59 - 00000000 ____D C:\Users\Gabe\Desktop\RK_Quarantine 2013-09-10 20:07 - 2013-09-10 20:07 - 03788288 _____ C:\Users\Gabe\Desktop\RogueKillerX64.exe 2013-09-10 20:07 - 2013-09-10 20:07 - 00000924 _____ C:\Users\Tiffany\Desktop\NTREGOPT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000924 _____ C:\Users\Gabe\Desktop\NTREGOPT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000924 _____ C:\Users\fbwuser\Desktop\NTREGOPT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000905 _____ C:\Users\Tiffany\Desktop\ERUNT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000905 _____ C:\Users\Gabe\Desktop\ERUNT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000905 _____ C:\Users\fbwuser\Desktop\ERUNT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000000 ____D C:\Windows\ERDNT 2013-09-10 20:06 - 2013-09-10 20:07 - 00000000 ____D C:\Program Files (x86)\ERUNT 2013-09-10 20:06 - 2013-09-10 20:06 - 00791393 _____ (Lars Hederer ) C:\Users\Gabe\Desktop\erunt-setup.exe 2013-09-10 20:05 - 2013-09-10 20:46 - 00002424 _____ C:\Users\Gabe\Desktop\Rkill.txt 2013-09-10 20:05 - 2013-09-10 20:05 - 01898112 _____ (Bleeping Computer, LLC) C:\Users\Gabe\Desktop\rkill.exe 2013-09-10 20:05 - 2013-09-10 20:05 - 00000000 ____D C:\Users\Gabe\Desktop\rkill 2013-09-10 19:40 - 2013-09-10 19:40 - 00024917 _____ C:\Users\Gabe\Desktop\DDS 10 Sep 13.txt 2013-09-10 19:35 - 2013-09-10 19:38 - 00024917 _____ C:\Users\Gabe\Desktop\dds.txt 2013-09-10 19:35 - 2013-09-10 19:38 - 00012515 _____ C:\Users\Gabe\Desktop\attach.txt 2013-09-10 19:34 - 2013-09-10 19:34 - 00688992 ____R (Swearware) C:\Users\Gabe\Desktop\dds.scr 2013-09-10 09:11 - 2013-09-10 09:11 - 05312512 _____ C:\Users\Gabe\Documents\proof.evtx 2013-09-10 09:11 - 2013-09-10 09:11 - 00000000 ____D C:\Users\Gabe\Documents\LocaleMetaData 2013-09-10 08:29 - 2013-09-10 08:29 - 00312280 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-10 08:24 - 2013-09-10 08:24 - 00049240 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\AntiLog64.sys 2013-09-10 08:24 - 2013-09-10 08:24 - 00000913 _____ C:\Users\Public\Desktop\AntiLogger.lnk 2013-09-10 08:24 - 2013-09-10 08:24 - 00000000 ____D C:\Program Files (x86)\AntiLogger 2013-09-10 08:23 - 2013-09-10 08:24 - 00000000 ____D C:\Users\Gabe\AppData\Local\Zemana 2013-09-10 08:23 - 2013-09-10 08:23 - 00000000 ____D C:\Windows\SysWOW64\ZALSDK_uninst 2013-09-10 08:23 - 2013-07-22 18:23 - 00025056 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\KeyCrypt64.sys 2013-09-10 08:23 - 2013-07-22 18:22 - 06525952 _____ (Zemana Ltd.) C:\Windows\SysWOW64\ZALSDKCore.dll 2013-09-10 08:21 - 2013-09-10 08:22 - 21264112 _____ (Zemana Ltd. ) C:\Users\Gabe\Downloads\Zemana_AntiLogger_1.9.3.502.exe 2013-09-10 08:20 - 2013-09-10 08:29 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK 2013-09-10 08:20 - 2013-09-10 08:20 - 00000000 ____D C:\Users\Gabe\AppData\Local\AntiLogger Free 2013-09-10 08:19 - 2013-09-10 08:19 - 04322816 _____ (Zemana Ltd. ) C:\Users\Gabe\Downloads\AntiLoggerFree_Setup_1.6.2.245.exe 2013-09-10 08:04 - 2013-09-10 08:04 - 00001120 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk 2013-09-10 08:03 - 2013-09-10 20:53 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield 2013-09-10 08:03 - 2013-09-10 08:03 - 00583584 _____ C:\Users\Gabe\Downloads\hotspotshield-setup.exe 2013-09-10 08:03 - 2013-09-10 08:03 - 00000020 ___SH C:\Users\fbwuser\ntuser.ini 2013-09-10 08:03 - 2013-08-12 16:07 - 00046792 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys 2013-09-10 07:08 - 2013-09-10 07:08 - 00002107 _____ C:\Users\Public\Desktop\Who Is On My Wifi.lnk 2013-09-10 07:08 - 2013-09-10 07:08 - 00000000 ____D C:\Program Files (x86)\IO3O LLC 2013-09-08 16:28 - 2013-09-08 16:32 - 767623168 ____R C:\Users\Gabe\Downloads\14.0.4734.1000_ProfessionalPlus_volume_x86_en-us.iso 2013-09-08 16:04 - 2013-09-08 16:04 - 00000000 ____H C:\Users\Gabe\Documents\Default.rdp 2013-09-08 09:41 - 2013-09-08 09:41 - 16243768 _____ C:\Users\Gabe\Downloads\Glary_Utilities_v3.9.1.exe 2013-09-08 08:24 - 2013-07-25 22:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2013-09-08 08:24 - 2013-07-25 22:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2013-09-08 08:23 - 2013-07-25 22:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-08 08:23 - 2013-07-25 22:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-08 08:23 - 2013-07-25 22:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-09-08 08:23 - 2013-07-25 22:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-08 08:23 - 2013-07-25 22:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-08 08:23 - 2013-07-25 22:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-08 08:23 - 2013-07-25 22:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-08 08:23 - 2013-07-25 22:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-08 08:23 - 2013-07-25 22:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-08 08:23 - 2013-07-25 22:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-09-08 08:23 - 2013-07-25 22:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-09-08 08:23 - 2013-07-25 22:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-08 08:23 - 2013-07-25 22:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-09-08 08:23 - 2013-07-25 20:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-08 08:23 - 2013-07-25 20:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-08 08:23 - 2013-07-25 20:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-08 08:23 - 2013-07-25 20:13 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2013-09-08 08:23 - 2013-07-25 20:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-08 08:23 - 2013-07-25 20:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-08 08:23 - 2013-07-25 20:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-08 08:23 - 2013-07-25 20:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-08 08:23 - 2013-07-25 20:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-08 08:23 - 2013-07-25 20:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-09-08 08:23 - 2013-07-25 20:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-09-08 08:23 - 2013-07-25 20:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-08 08:23 - 2013-07-25 20:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-08 08:23 - 2013-07-25 20:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-09-08 08:23 - 2013-07-25 19:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-08 08:23 - 2013-07-25 17:54 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2013-09-08 08:23 - 2013-07-12 23:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-09-08 08:23 - 2013-07-12 23:16 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-09-08 08:23 - 2013-07-12 23:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-09-08 08:23 - 2013-07-12 23:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll 2013-09-08 08:23 - 2013-07-12 23:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll 2013-09-08 08:23 - 2013-07-12 21:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2013-09-08 08:23 - 2013-07-12 21:23 - 01568256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-09-08 08:23 - 2013-07-12 21:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll 2013-09-08 08:23 - 2013-07-12 21:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll 2013-09-08 08:23 - 2013-07-09 01:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys 2013-09-08 08:23 - 2013-07-08 23:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2013-09-08 08:23 - 2013-07-08 21:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2013-09-08 08:23 - 2013-07-08 20:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll 2013-09-08 08:23 - 2013-07-08 15:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll 2013-09-08 08:23 - 2013-07-08 15:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll 2013-09-08 08:23 - 2013-07-08 15:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll 2013-09-08 08:23 - 2013-07-08 15:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll 2013-09-08 08:23 - 2013-07-05 17:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2013-09-08 08:23 - 2013-07-02 17:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2013-09-08 08:23 - 2013-07-02 17:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll 2013-09-08 08:23 - 2013-07-02 17:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2013-09-08 08:23 - 2013-07-02 17:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-09-08 08:23 - 2013-07-02 17:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2013-09-08 08:23 - 2013-07-02 17:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2013-09-08 08:23 - 2013-07-02 17:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2013-09-08 08:23 - 2013-07-02 16:51 - 04039680 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-09-08 08:23 - 2013-07-01 17:44 - 00036288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2013-09-08 08:23 - 2013-07-01 15:08 - 00387583 _____ C:\Windows\system32\ApnDatabase.xml 2013-09-08 08:23 - 2013-07-01 15:08 - 00247216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys 2013-09-08 08:23 - 2013-06-30 15:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe 2013-09-08 08:23 - 2013-06-30 15:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe 2013-09-08 08:23 - 2013-06-28 23:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2013-09-08 08:23 - 2013-06-28 23:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys 2013-09-08 08:23 - 2013-06-28 22:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys 2013-09-08 08:23 - 2013-06-28 18:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-09-08 08:23 - 2013-06-25 20:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys 2013-09-08 08:23 - 2013-06-25 19:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys 2013-09-08 08:23 - 2013-06-24 15:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2013-09-08 08:23 - 2013-06-24 15:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll 2013-09-08 08:23 - 2013-06-24 15:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll 2013-09-08 08:23 - 2013-06-18 22:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll 2013-09-08 08:23 - 2013-06-18 22:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll 2013-09-08 08:23 - 2013-06-18 15:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll 2013-09-08 08:23 - 2013-06-18 15:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll 2013-09-08 08:23 - 2013-06-11 16:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2013-09-08 08:23 - 2013-06-11 16:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2013-09-08 08:23 - 2013-06-10 14:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2013-09-08 08:23 - 2013-06-10 12:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-09-08 08:23 - 2013-06-10 12:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-09-08 08:23 - 2013-06-10 12:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2013-09-08 08:23 - 2013-06-10 12:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-09-08 08:23 - 2013-06-10 12:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-09-08 08:23 - 2013-06-10 12:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-09-08 08:23 - 2013-06-06 01:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2013-09-08 08:22 - 2013-07-08 23:07 - 02233168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-09-08 08:22 - 2013-05-23 16:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-09-08 08:22 - 2013-05-23 15:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2013-09-08 07:58 - 2013-09-11 01:04 - 00008044 _____ C:\Windows\PFRO.log 2013-09-08 03:25 - 2013-09-08 03:25 - 00000000 ____D C:\Users\Gabe\AppData\Local\Apps\2.0 2013-09-07 09:18 - 2013-09-07 09:18 - 01448299 _____ C:\Users\Gabe\Downloads\213991775063143-SURROUND-20130820164851.3gp 2013-09-07 09:15 - 2013-09-07 09:15 - 02896534 _____ C:\Users\Gabe\Downloads\213991775063143-SURROUND-20130821123433.3gp 2013-09-07 09:14 - 2013-09-07 09:15 - 00475112 _____ C:\Users\Gabe\Downloads\213991775063143-SURROUND-20130822103012.3gp 2013-09-07 09:12 - 2013-09-07 09:12 - 02896534 _____ C:\Users\Gabe\Downloads\213991775063143-SURROUND-20130822123215.3gp 2013-09-07 08:43 - 2013-09-07 08:43 - 00356352 _____ C:\Users\Gabe\Downloads\log.xls 2013-09-07 08:43 - 2013-09-07 08:43 - 00064000 _____ C:\Users\Gabe\Downloads\contact.xls 2013-09-07 08:43 - 2013-09-07 08:43 - 00040448 _____ C:\Users\Gabe\Downloads\logcall.xls 2013-09-04 14:58 - 2013-09-04 14:58 - 00894600 _____ (CNET Download.com) C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Advanced_Scan_to_PDF_Free-SEO-75738710.exe 2013-09-04 14:39 - 2013-09-04 14:49 - 00000000 ____D C:\Program Files (x86)\JGS-Scan 2013-09-04 14:39 - 2013-09-04 14:38 - 00737280 _____ (Indigo Rose Corporation) C:\Windows\iun6002.exe 2013-09-04 14:38 - 2013-09-04 14:38 - 04907960 _____ () C:\Users\Gabe\Downloads\JGS-Scan3.exe 2013-09-04 14:37 - 2013-09-04 14:37 - 00584600 _____ C:\Users\Gabe\Downloads\cbsidlm-tr1_14-JGSScan-ORG-10267419.exe 2013-09-03 19:07 - 2013-09-03 19:08 - 00000000 ____D C:\Program Files\stinger 2013-09-03 19:07 - 2013-09-03 19:07 - 00000000 ____D C:\Stinger_Quarantine 2013-09-03 19:06 - 2013-09-03 19:06 - 04900592 _____ (McAfee, Inc.) C:\Users\Gabe\Downloads\McAfeeSetup-Serial.exe 2013-09-03 18:57 - 2013-09-03 18:57 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\DiskDefrag 2013-08-26 06:13 - 2013-08-26 06:15 - 116778590 _____ C:\Users\Gabe\Downloads\GET A LIFE 1627.mp4 2013-08-26 06:10 - 2013-08-26 06:11 - 78900943 _____ C:\Users\Gabe\Downloads\SACKCHASING COUGAR.mp4 2013-08-26 06:09 - 2013-08-26 06:10 - 89449556 _____ C:\Users\Gabe\Downloads\PL1300.mp4 2013-08-26 06:09 - 2013-08-26 06:10 - 60828557 _____ C:\Users\Gabe\Downloads\WORTHLESS LOSER.mp4 2013-08-26 06:09 - 2013-08-26 06:09 - 76704889 _____ C:\Users\Gabe\Downloads\LIVING WITH PARENTS AT 40.mp4 2013-08-26 06:03 - 2013-08-26 06:04 - 53457437 _____ C:\Users\Gabe\Downloads\FD1902.mp4 2013-08-26 06:03 - 2013-08-26 06:04 - 35874577 _____ C:\Users\Gabe\Downloads\FD1750WW.mp4 2013-08-26 06:03 - 2013-08-26 06:03 - 35874577 _____ C:\Users\Gabe\Downloads\FFFF.mp4 2013-08-26 06:03 - 2013-08-26 06:03 - 35874577 _____ C:\Users\Gabe\Downloads\FD175022.mp4 2013-08-26 06:02 - 2013-08-26 06:03 - 20270529 _____ C:\Users\Gabe\Downloads\FD2000-FINISH.mp4 2013-08-26 05:58 - 2013-08-26 05:58 - 44342458 _____ C:\Users\Gabe\Downloads\11.mp4 2013-08-26 05:58 - 2013-08-26 05:58 - 35874577 _____ C:\Users\Gabe\Downloads\FD1750.mp4 2013-08-26 05:58 - 2013-08-26 05:58 - 34018519 _____ C:\Users\Gabe\Downloads\FD1705.mp4 2013-08-26 05:57 - 2013-08-26 05:58 - 40459964 _____ C:\Users\Gabe\Downloads\1.mp4 2013-08-26 05:52 - 2013-08-26 05:53 - 40459964 _____ C:\Users\Gabe\Downloads\FD21AUG1530.mp4 2013-08-26 05:52 - 2013-08-26 05:52 - 39933685 _____ C:\Users\Gabe\Downloads\FD21AUG1430.mp4 2013-08-26 05:51 - 2013-08-26 05:52 - 54647286 _____ C:\Users\Gabe\Downloads\My New Clip33.mp4 2013-08-26 05:49 - 2013-08-26 05:49 - 39940067 _____ C:\Users\Gabe\Downloads\FD21AUG1310.mp4 2013-08-26 05:48 - 2013-08-26 05:49 - 39142968 _____ C:\Users\Gabe\Downloads\FrontDoor21Aug1215.mp4 2013-08-26 05:31 - 2013-08-26 05:32 - 54647286 _____ C:\Users\Gabe\Downloads\Front Door 21August.mp4 2013-08-26 05:30 - 2013-08-26 05:31 - 58247011 _____ C:\Users\Gabe\Downloads\BR13AUG1510.mp4 2013-08-26 05:30 - 2013-08-26 05:30 - 40918583 _____ C:\Users\Gabe\Downloads\BR13AUG1415.mp4 2013-08-25 14:03 - 2013-08-25 14:03 - 00000000 ____D C:\Users\Gabe\AppData\Local\Apple Computer 2013-08-25 13:39 - 2013-08-26 05:15 - 00000000 ____D C:\Users\Gabe\Documents\NACI_data 2013-08-25 13:39 - 2013-08-25 22:21 - 00072588 _____ C:\Users\Gabe\Documents\NACI.aup 2013-08-25 13:16 - 2013-08-25 13:18 - 236588638 _____ C:\Users\Gabe\Documents\NACI.wav 2013-08-25 11:10 - 2013-08-25 11:10 - 00000000 ____D C:\Users\Gabe\Downloads\MP_ROOT 2013-08-23 12:34 - 2013-08-23 12:34 - 00461312 _____ C:\Users\Gabe\Downloads\1.xls 2013-08-23 12:07 - 2013-08-23 12:07 - 00461312 _____ C:\Users\Gabe\Downloads\213991775063143SMS.xls 2013-08-23 12:07 - 2013-08-23 12:07 - 00047616 _____ C:\Users\Gabe\Downloads\213991775063143CALL.xls 2013-08-23 11:49 - 2013-08-23 12:30 - 00191488 _____ C:\Users\Gabe\Downloads\213991775063143LOCATION.xls 2013-08-22 22:12 - 2013-08-22 22:12 - 00685123 _____ C:\Users\Gabe\Downloads\213991775063143-CALL-20130819081157-6029782496.3gp 2013-08-22 22:12 - 2013-08-22 22:12 - 00087795 _____ C:\Users\Gabe\Downloads\213991775063143-CALL-20130814211449-6025732886.3gp 2013-08-22 09:21 - 2013-08-22 09:22 - 00000000 ____D C:\Users\Gabe\Documents\Cinematic_Music_Group-Big_K.R.I.T-King_Remembered_In_Time 2013-08-22 09:08 - 2013-08-22 09:08 - 00000000 ____D C:\Users\Gabe\AppData\Local\Macromedia 2013-08-22 07:55 - 2013-08-24 05:36 - 00000075 _____ C:\DiskDefrag.log 2013-08-22 07:55 - 2013-08-22 07:55 - 00002622 _____ C:\Windows\System32\Tasks\GlaryInitialize 3 2013-08-22 07:55 - 2013-08-22 07:55 - 00001080 _____ C:\Users\Public\Desktop\Glary Utilities 3.lnk 2013-08-22 07:55 - 2013-08-20 02:21 - 00117024 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe 2013-08-22 07:54 - 2013-09-11 01:51 - 00000348 _____ C:\Windows\Tasks\GlaryInitialize 3.job 2013-08-22 07:54 - 2013-09-11 01:50 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 3 2013-08-22 07:54 - 2013-08-22 07:54 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\GlarySoft 2013-08-22 07:47 - 2013-08-22 07:47 - 16136496 _____ C:\Users\Gabe\Downloads\gu3setup.exe 2013-08-22 06:52 - 2013-08-22 08:44 - 00000000 ____D C:\Program Files (x86)\WinAce 2013-08-22 06:52 - 2013-08-22 06:52 - 04042444 _____ (e-merge GmbH) C:\Users\Gabe\Downloads\wace269i.exe 2013-08-22 06:52 - 2013-08-22 06:52 - 00000951 _____ C:\Users\Public\Desktop\WinAce Archiver.lnk 2013-08-22 06:49 - 2013-08-22 06:49 - 00862521 _____ C:\Users\Gabe\Downloads\videosnarf-0.63.tar.gz 2013-08-22 04:44 - 2013-08-22 04:44 - 00582605 _____ C:\Users\Gabe\Downloads\Winamp_Essentials_6_7_8_9_10_11_12_13_14.exe 2013-08-21 01:47 - 2013-08-21 01:47 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Apple Computer 2013-08-20 15:10 - 2013-08-24 12:52 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software 2013-08-20 15:09 - 2013-08-24 12:52 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\NCH Software 2013-08-20 15:09 - 2013-08-20 15:09 - 00502848 _____ (NCH Software) C:\Users\Gabe\Downloads\switchsetup.exe 2013-08-20 15:04 - 2013-08-20 15:11 - 00000000 ____D C:\Users\Gabe\Documents\Audio from Tim Mcgraw Burglary 2013-08-20 14:53 - 2013-08-20 14:56 - 470418208 _____ C:\Users\Gabe\Downloads\PowerDirector_3026_GM6_Trial_Trial_VDE130619-02.exe 2013-08-20 14:45 - 2013-08-20 14:45 - 00894600 _____ (CNET Download.com) C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Download_App-BP-75864009.exe 2013-08-20 14:18 - 2013-08-20 14:18 - 00979928 _____ (CyberLink) C:\Users\Gabe\Downloads\CyberLink_PowerDirector_Downloader.exe 2013-08-20 13:22 - 2013-08-25 13:11 - 00000000 ____D C:\Users\Public\CyberLink 2013-08-20 13:22 - 2013-08-20 13:22 - 00000000 ____D C:\Users\Gabe\Documents\CyberLink 2013-08-20 13:20 - 2013-08-20 13:20 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\CyberLink 2013-08-20 13:14 - 2013-08-22 08:44 - 00000000 ____D C:\Program Files (x86)\QuickTime 2013-08-20 13:14 - 2013-08-20 13:14 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk 2013-08-20 12:40 - 2013-08-23 02:06 - 00000000 ____D C:\Users\Gabe\Downloads\CyberLink Power Director 11 Ultra DeLtA Sn1p3r 2013-08-20 12:35 - 2013-08-20 12:37 - 00838896 _____ C:\Users\Gabe\Downloads\LR13AUG0330.mp4.sfk 2013-08-20 12:32 - 2013-08-20 12:37 - 00886196 _____ C:\Users\Gabe\Downloads\10aug1921.mp4.sfk 2013-08-20 12:20 - 2013-08-26 05:30 - 63503421 _____ C:\Users\Gabe\Downloads\BR13AUG1330.mp4 2013-08-20 12:17 - 2013-08-20 12:18 - 52289079 _____ C:\Users\Gabe\Downloads\BR13AUG1240 (Part 1 of 2).mp4 2013-08-20 12:17 - 2013-08-20 12:18 - 31723429 _____ C:\Users\Gabe\Downloads\BR13AUG1240 (Part 2 of 2).mp4 2013-08-20 07:02 - 2013-08-20 07:02 - 00204568 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2013-08-20 07:02 - 2013-08-20 07:02 - 00103576 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2013-08-20 02:05 - 2013-08-20 02:08 - 43723137 _____ C:\Users\Gabe\Downloads\LR13AUG0515.mp4 2013-08-20 01:58 - 2013-08-20 02:05 - 44618151 _____ C:\Users\Gabe\Downloads\LR13AUG0420.mp4 2013-08-20 01:56 - 2013-08-20 02:05 - 57036111 _____ C:\Users\Gabe\Downloads\LR13AUG0325.mp4 2013-08-20 01:52 - 2013-08-20 02:02 - 75121062 _____ C:\Users\Gabe\Downloads\LR13AUG0330.mp4 2013-08-20 01:51 - 2013-08-20 01:58 - 57036111 _____ C:\Users\Gabe\Downloads\LR13AUG0235.mp4 2013-08-20 01:42 - 2013-08-20 01:49 - 90665926 _____ C:\Users\Gabe\Downloads\LR13AUG0146.mp4 2013-08-20 01:35 - 2013-08-20 01:37 - 28597549 _____ C:\Users\Gabe\Downloads\BR13AUG0132 (Part 1 of 2).mp4 2013-08-20 01:35 - 2013-08-20 01:35 - 00000000 _____ C:\Users\Gabe\Downloads\BR13AUG1332 (Part 2 of 2).mp4 2013-08-19 17:40 - 2013-08-20 07:11 - 00000032 _____ C:\Users\Gabe\AppData\Roaming\mbam.context.scan 2013-08-19 13:50 - 2013-08-19 13:50 - 00685123 _____ C:\Users\Gabe\Downloads\CC.3gp 2013-08-19 13:49 - 2013-08-19 13:49 - 00650639 _____ C:\Users\Gabe\Downloads\DAD.3gp 2013-08-19 13:47 - 2013-08-19 13:47 - 01457652 _____ (Repair Video, Inc. ) C:\Users\Gabe\Desktop\asf_avi_rm_wmv_repair.exe 2013-08-18 23:44 - 2013-08-18 23:44 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-08-18 23:44 - 2013-08-18 23:44 - 00000291 _____ C:\AdwCleaner[s2].txt 2013-08-18 23:44 - 2013-08-18 23:44 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Malwarebytes 2013-08-18 23:44 - 2013-08-18 23:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-18 23:44 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-08-18 23:43 - 2013-08-18 23:44 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Gabe\Downloads\mbam-setup-1.75.0.1300.exe 2013-08-18 10:45 - 2013-08-18 10:46 - 52273262 _____ C:\Users\Gabe\Downloads\10aug2155.mp4 2013-08-18 10:45 - 2013-08-18 10:45 - 05730942 _____ C:\Users\Gabe\Downloads\item.mp4 2013-08-18 07:11 - 2013-08-18 07:11 - 00002006 _____ C:\AdwCleaner[s1].txt 2013-08-18 07:09 - 2013-08-18 07:09 - 00891115 _____ C:\Users\Gabe\Downloads\SecurityCheck.exe 2013-08-18 07:07 - 2013-08-18 07:07 - 00000000 _____ C:\Windows\SysWOW64\FAPB4C8.tmp 2013-08-18 07:07 - 2013-08-18 07:07 - 00000000 _____ C:\Windows\SysWOW64\FAPB080.tmp 2013-08-18 07:07 - 2013-08-18 07:07 - 00000000 _____ C:\Windows\SysWOW64\FAP79BE.tmp 2013-08-18 07:05 - 2013-08-20 07:46 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Process Hacker 2 2013-08-18 07:03 - 2013-08-18 07:03 - 00001841 _____ C:\Users\Gabe\Desktop\Process Hacker 2.lnk 2013-08-18 07:03 - 2013-08-18 07:03 - 00000000 ____D C:\Program Files\Process Hacker 2 2013-08-17 22:56 - 2013-08-17 23:04 - 96836088 _____ C:\Users\Gabe\Downloads\10aug2004.avi 2013-08-17 22:55 - 2013-08-17 22:55 - 00894600 _____ (CNET Download.com) C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Pazera_Free_MP4_to_AVI_Converter-SEO-10784027.exe 2013-08-17 22:52 - 2013-08-26 08:14 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Audacity 2013-08-17 22:52 - 2013-08-17 22:52 - 00001007 _____ C:\Users\Gabe\Desktop\Audacity.lnk 2013-08-17 22:52 - 2013-08-17 22:52 - 00000000 ____D C:\Program Files (x86)\Audacity 2013-08-17 22:51 - 2013-08-17 22:52 - 21281052 _____ (Audacity Team ) C:\Users\Gabe\Downloads\audacity-win-2.0.3.exe 2013-08-17 22:50 - 2013-08-17 22:50 - 01856092 _____ (wj32 ) C:\Users\Gabe\Downloads\processhacker-2.31-setup.exe 2013-08-17 20:15 - 2013-08-17 20:15 - 01618718 _____ (UpsideOut, Inc. ) C:\Users\Gabe\Downloads\ProxifySetup.exe 2013-08-17 20:15 - 2013-08-17 20:15 - 00001199 _____ C:\Users\Public\Desktop\Proxify Tray Application.lnk 2013-08-17 20:15 - 2013-08-17 20:15 - 00000000 ____D C:\Program Files (x86)\Proxify Tray Application 2013-08-17 19:37 - 2013-08-17 19:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-08-17 15:13 - 2013-08-17 15:14 - 68162708 _____ C:\Users\Gabe\Downloads\10aug2133.mp4 2013-08-17 15:13 - 2013-08-17 15:13 - 68174687 _____ C:\Users\Gabe\Downloads\10aug1921.mp4 2013-08-17 15:12 - 2013-08-17 15:13 - 52554458 _____ C:\Users\Gabe\Downloads\10aug2112.mp4 2013-08-17 15:08 - 2013-08-17 15:09 - 68020484 _____ C:\Users\Gabe\Downloads\10aug20041.mp4 2013-08-17 15:07 - 2013-08-17 15:08 - 47703588 _____ C:\Users\Gabe\Downloads\10aug2006.mp4 2013-08-17 15:06 - 2013-08-17 15:07 - 68020484 _____ C:\Users\Gabe\Downloads\10aug2004.mp4 2013-08-17 14:15 - 2013-08-17 14:15 - 68020484 _____ C:\Users\Gabe\Downloads\22222.mp4 2013-08-17 14:14 - 2013-08-17 14:14 - 47703588 _____ C:\Users\Gabe\Downloads\10Augbedroom.mp4 2013-08-17 14:11 - 2013-08-17 14:11 - 68020484 _____ C:\Users\Gabe\Downloads\My New Clipjjj.mp4 2013-08-17 13:57 - 2013-08-17 13:58 - 68020484 _____ C:\Users\Gabe\Downloads\10aug20101.mp4 2013-08-17 13:56 - 2013-08-17 13:56 - 35517108 _____ C:\Users\Gabe\Downloads\19aug7pm.mp4 2013-08-17 06:46 - 2013-08-17 06:46 - 08163216 _____ C:\Users\Gabe\Downloads\12AUG2149.mp4 2013-08-17 06:45 - 2013-08-17 06:45 - 07722827 _____ C:\Users\Gabe\Downloads\15AUG1717.mp4 2013-08-17 06:44 - 2013-08-17 06:45 - 144556875 _____ C:\Users\Gabe\Downloads\7AUG1133.mp4 2013-08-17 06:43 - 2013-08-17 06:43 - 10074467 _____ C:\Users\Gabe\Downloads\7AUG1852.mp4 2013-08-17 06:42 - 2013-08-17 06:42 - 07572170 _____ C:\Users\Gabe\Downloads\3AUG.mp4 2013-08-17 06:36 - 2013-08-17 06:37 - 57246322 _____ C:\Users\Gabe\Downloads\10AUG2010(2).mp4 2013-08-17 06:35 - 2013-08-17 06:36 - 57246322 _____ C:\Users\Gabe\Downloads\10AUG2010.mp4 2013-08-17 06:35 - 2013-08-17 06:35 - 06246836 _____ C:\Users\Gabe\Downloads\12AUG0615.mp4 2013-08-17 06:34 - 2013-08-17 06:34 - 08811349 _____ C:\Users\Gabe\Downloads\10AUG1923.mp4 2013-08-17 06:33 - 2013-08-17 06:35 - 57246322 _____ C:\Users\Gabe\Downloads\46.mp4 2013-08-17 05:45 - 2013-08-17 05:45 - 24192489 _____ C:\Users\Gabe\Downloads\45.mp4 2013-08-17 05:37 - 2013-08-17 05:37 - 08811349 _____ C:\Users\Gabe\Downloads\44.mp4 2013-08-17 04:33 - 2013-08-03 05:40 - 00000836 _____ C:\Users\Gabe\Documents\kp[.cer 2013-08-17 01:37 - 2013-08-17 01:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-15 17:25 - 2013-08-15 17:26 - 07722827 _____ C:\Users\Gabe\Downloads\3333.mp4 2013-08-15 10:49 - 2013-08-15 10:49 - 00567391 _____ C:\Users\Gabe\Documents\334.3gp 2013-08-14 23:02 - 2013-08-14 23:02 - 08163216 _____ C:\Users\Gabe\Downloads\My Ne.mp4 2013-08-13 03:16 - 2013-08-13 03:17 - 144556875 _____ C:\Users\Gabe\Downloads\22.mp4 2013-08-13 01:46 - 2013-08-22 08:45 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Yahoo! 2013-08-13 01:45 - 2013-08-13 01:45 - 00001137 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk 2013-08-13 01:44 - 2013-08-20 10:41 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2013-08-13 01:44 - 2013-08-13 01:44 - 00442040 _____ (Yahoo! Inc.) C:\Users\Gabe\Downloads\msgr11us.exe 2013-08-13 00:47 - 2013-08-13 10:30 - 00000000 ____D C:\Users\Gabe\Downloads\Epic (2013) 2013-08-13 00:47 - 2013-08-13 00:51 - 00000000 ____D C:\Users\Gabe\Downloads\Superman.Man.of.Steel.2013.720p.R6.LiNE.x264.AAC-DiGiTAL 2013-08-13 00:46 - 2013-08-13 00:47 - 00000000 ____D C:\Users\Gabe\Downloads\Oblivion (2013) [1080p] 2013-08-12 16:10 - 2013-08-12 16:10 - 00042184 _____ (Anchorfree Inc.) C:\Windows\system32\Drivers\taphss6.sys 2013-08-12 13:25 - 2013-08-12 13:26 - 06246836 _____ C:\Users\Gabe\Downloads\My New Clip(2).mp4 2013-08-12 06:41 - 2013-08-12 06:41 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf ==================== One Month Modified Files and Folders ======= 2013-09-11 02:02 - 2013-08-09 11:40 - 00000000 ____D C:\wifidata 2013-09-11 02:02 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\system32\sru 2013-09-11 01:55 - 2013-08-07 16:14 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3684579750-837988229-3943600733-1002 2013-09-11 01:51 - 2013-08-22 07:54 - 00000348 _____ C:\Windows\Tasks\GlaryInitialize 3.job 2013-09-11 01:50 - 2013-08-22 07:54 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 3 2013-09-11 01:39 - 2012-07-26 00:28 - 00848230 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-11 01:35 - 2012-07-26 00:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-11 01:16 - 2013-09-11 01:16 - 03191888 _____ (McAfee, Inc.) C:\Users\Gabe\Desktop\MCPR.exe 2013-09-11 01:16 - 2013-08-03 04:00 - 01234136 _____ C:\Windows\WindowsUpdate.log 2013-09-11 01:04 - 2013-09-08 07:58 - 00008044 _____ C:\Windows\PFRO.log 2013-09-10 23:46 - 2013-09-10 23:46 - 00030839 _____ C:\Users\Gabe\Desktop\Addition.txt 2013-09-10 23:45 - 2013-09-10 23:45 - 00000000 ____D C:\FRST 2013-09-10 23:45 - 2013-09-10 23:44 - 01949408 _____ (Farbar) C:\Users\Gabe\Desktop\FRST64.exe 2013-09-10 22:48 - 2012-07-26 01:12 - 00000000 ___HD C:\Windows\ELAMBKUP 2013-09-10 22:45 - 2013-09-10 22:45 - 00000000 ____D C:\Program Files\ESET 2013-09-10 22:41 - 2013-09-10 22:41 - 01415824 _____ (ESET) C:\Users\Gabe\Desktop\eset_nod32_antivirus_live_installer.exe 2013-09-10 22:39 - 2013-09-10 20:20 - 00000000 ____D C:\Users\Gabe\Desktop\mbar 2013-09-10 22:13 - 2012-07-25 22:26 - 00262144 ___SH C:\Windows\system32\config\BBI 2013-09-10 21:23 - 2013-09-10 21:23 - 02347384 _____ (ESET) C:\Users\Gabe\Desktop\esetsmartinstaller_enu.exe 2013-09-10 21:23 - 2013-09-10 21:23 - 00000000 ____D C:\Program Files (x86)\ESET 2013-09-10 21:22 - 2012-07-25 22:26 - 00262144 ___SH C:\Windows\system32\config\ELAM 2013-09-10 21:16 - 2013-09-10 21:05 - 00000000 ____D C:\AdwCleaner 2013-09-10 21:04 - 2013-09-10 21:04 - 01037278 _____ C:\Users\Gabe\Desktop\AdwCleaner.exe 2013-09-10 21:01 - 2013-09-10 21:01 - 00002162 _____ C:\Users\Gabe\Desktop\JRT.txt 2013-09-10 20:59 - 2013-09-10 20:09 - 00000000 ____D C:\Users\Gabe\Desktop\RK_Quarantine 2013-09-10 20:53 - 2013-09-10 08:03 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield 2013-09-10 20:51 - 2013-09-10 20:51 - 00000000 ____D C:\Windows\ERUNT 2013-09-10 20:50 - 2013-09-10 20:50 - 01029490 _____ (Thisisu) C:\Users\Gabe\Desktop\JRT.exe 2013-09-10 20:46 - 2013-09-10 20:05 - 00002424 _____ C:\Users\Gabe\Desktop\Rkill.txt 2013-09-10 20:20 - 2013-09-10 20:20 - 12907592 _____ (Malwarebytes Corp.) C:\Users\Gabe\Desktop\mbar-1.07.0.1005.exe 2013-09-10 20:17 - 2013-09-10 20:17 - 03788288 _____ C:\Users\Gabe\Desktop\RogueKillerX64(1).exe 2013-09-10 20:12 - 2013-09-10 20:12 - 00001771 _____ C:\Users\Gabe\Desktop\RKreport[0]_S_09102013_201228.txt 2013-09-10 20:07 - 2013-09-10 20:07 - 03788288 _____ C:\Users\Gabe\Desktop\RogueKillerX64.exe 2013-09-10 20:07 - 2013-09-10 20:07 - 00000924 _____ C:\Users\Tiffany\Desktop\NTREGOPT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000924 _____ C:\Users\Gabe\Desktop\NTREGOPT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000924 _____ C:\Users\fbwuser\Desktop\NTREGOPT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000905 _____ C:\Users\Tiffany\Desktop\ERUNT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000905 _____ C:\Users\Gabe\Desktop\ERUNT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000905 _____ C:\Users\fbwuser\Desktop\ERUNT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000000 ____D C:\Windows\ERDNT 2013-09-10 20:07 - 2013-09-10 20:06 - 00000000 ____D C:\Program Files (x86)\ERUNT 2013-09-10 20:06 - 2013-09-10 20:06 - 00791393 _____ (Lars Hederer ) C:\Users\Gabe\Desktop\erunt-setup.exe 2013-09-10 20:05 - 2013-09-10 20:05 - 01898112 _____ (Bleeping Computer, LLC) C:\Users\Gabe\Desktop\rkill.exe 2013-09-10 20:05 - 2013-09-10 20:05 - 00000000 ____D C:\Users\Gabe\Desktop\rkill 2013-09-10 19:40 - 2013-09-10 19:40 - 00024917 _____ C:\Users\Gabe\Desktop\DDS 10 Sep 13.txt 2013-09-10 19:38 - 2013-09-10 19:35 - 00024917 _____ C:\Users\Gabe\Desktop\dds.txt 2013-09-10 19:38 - 2013-09-10 19:35 - 00012515 _____ C:\Users\Gabe\Desktop\attach.txt 2013-09-10 19:36 - 2013-08-09 12:20 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\uTorrent 2013-09-10 19:34 - 2013-09-10 19:34 - 00688992 ____R (Swearware) C:\Users\Gabe\Desktop\dds.scr 2013-09-10 09:11 - 2013-09-10 09:11 - 05312512 _____ C:\Users\Gabe\Documents\proof.evtx 2013-09-10 09:11 - 2013-09-10 09:11 - 00000000 ____D C:\Users\Gabe\Documents\LocaleMetaData 2013-09-10 08:29 - 2013-09-10 08:29 - 00312280 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-10 08:29 - 2013-09-10 08:20 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK 2013-09-10 08:24 - 2013-09-10 08:24 - 00049240 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\AntiLog64.sys 2013-09-10 08:24 - 2013-09-10 08:24 - 00000913 _____ C:\Users\Public\Desktop\AntiLogger.lnk 2013-09-10 08:24 - 2013-09-10 08:24 - 00000000 ____D C:\Program Files (x86)\AntiLogger 2013-09-10 08:24 - 2013-09-10 08:23 - 00000000 ____D C:\Users\Gabe\AppData\Local\Zemana 2013-09-10 08:23 - 2013-09-10 08:23 - 00000000 ____D C:\Windows\SysWOW64\ZALSDK_uninst 2013-09-10 08:22 - 2013-09-10 08:21 - 21264112 _____ (Zemana Ltd. ) C:\Users\Gabe\Downloads\Zemana_AntiLogger_1.9.3.502.exe 2013-09-10 08:20 - 2013-09-10 08:20 - 00000000 ____D C:\Users\Gabe\AppData\Local\AntiLogger Free 2013-09-10 08:19 - 2013-09-10 08:19 - 04322816 _____ (Zemana Ltd. ) C:\Users\Gabe\Downloads\AntiLoggerFree_Setup_1.6.2.245.exe 2013-09-10 08:04 - 2013-09-10 08:04 - 00001120 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk 2013-09-10 08:03 - 2013-09-10 08:03 - 00583584 _____ C:\Users\Gabe\Downloads\hotspotshield-setup.exe 2013-09-10 08:03 - 2013-09-10 08:03 - 00000020 ___SH C:\Users\fbwuser\ntuser.ini 2013-09-10 07:08 - 2013-09-10 07:08 - 00002107 _____ C:\Users\Public\Desktop\Who Is On My Wifi.lnk 2013-09-10 07:08 - 2013-09-10 07:08 - 00000000 ____D C:\Program Files (x86)\IO3O LLC 2013-09-10 07:08 - 2013-08-09 11:39 - 05228920 _____ (IO3O LLC ) C:\Users\Gabe\Downloads\mywifi.exe 2013-09-08 16:32 - 2013-09-08 16:28 - 767623168 ____R C:\Users\Gabe\Downloads\14.0.4734.1000_ProfessionalPlus_volume_x86_en-us.iso 2013-09-08 16:31 - 2013-08-07 16:12 - 00000000 ____D C:\Users\Gabe\AppData\Local\Sony Corporation 2013-09-08 16:31 - 2013-08-03 04:47 - 00000000 ____D C:\Program Files (x86)\Sony 2013-09-08 16:04 - 2013-09-08 16:04 - 00000000 ____H C:\Users\Gabe\Documents\Default.rdp 2013-09-08 11:03 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\rescache 2013-09-08 10:36 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\WinStore 2013-09-08 10:36 - 2012-07-26 01:12 - 00000000 ____D C:\Program Files\Windows Defender 2013-09-08 10:36 - 2012-07-26 01:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2013-09-08 10:36 - 2012-07-25 22:38 - 00000000 ____D C:\Windows\system32\oobe 2013-09-08 09:41 - 2013-09-08 09:41 - 16243768 _____ C:\Users\Gabe\Downloads\Glary_Utilities_v3.9.1.exe 2013-09-08 08:26 - 2013-08-07 16:53 - 00000000 ____D C:\Windows\system32\MRT 2013-09-08 08:25 - 2013-08-07 16:53 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-09-08 07:20 - 2013-08-03 05:22 - 00000000 ____D C:\Program Files (x86)\CyberLink 2013-09-08 07:20 - 2013-08-03 04:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-09-08 07:08 - 2012-08-02 18:59 - 00000000 ____D C:\Windows\Panther 2013-09-08 06:54 - 2013-08-07 17:13 - 00000022 _____ C:\Windows\Model.txt 2013-09-08 03:25 - 2013-09-08 03:25 - 00000000 ____D C:\Users\Gabe\AppData\Local\Apps\2.0 2013-09-07 09:18 - 2013-09-07 09:18 - 01448299 _____ C:\Users\Gabe\Downloads\213991775063143-SURROUND-20130820164851.3gp 2013-09-07 09:15 - 2013-09-07 09:15 - 02896534 _____ C:\Users\Gabe\Downloads\213991775063143-SURROUND-20130821123433.3gp 2013-09-07 09:15 - 2013-09-07 09:14 - 00475112 _____ C:\Users\Gabe\Downloads\213991775063143-SURROUND-20130822103012.3gp 2013-09-07 09:12 - 2013-09-07 09:12 - 02896534 _____ C:\Users\Gabe\Downloads\213991775063143-SURROUND-20130822123215.3gp 2013-09-07 08:43 - 2013-09-07 08:43 - 00356352 _____ C:\Users\Gabe\Downloads\log.xls 2013-09-07 08:43 - 2013-09-07 08:43 - 00064000 _____ C:\Users\Gabe\Downloads\contact.xls 2013-09-07 08:43 - 2013-09-07 08:43 - 00040448 _____ C:\Users\Gabe\Downloads\logcall.xls 2013-09-05 17:36 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\AUInstallAgent 2013-09-04 14:58 - 2013-09-04 14:58 - 00894600 _____ (CNET Download.com) C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Advanced_Scan_to_PDF_Free-SEO-75738710.exe 2013-09-04 14:49 - 2013-09-04 14:39 - 00000000 ____D C:\Program Files (x86)\JGS-Scan 2013-09-04 14:38 - 2013-09-04 14:39 - 00737280 _____ (Indigo Rose Corporation) C:\Windows\iun6002.exe 2013-09-04 14:38 - 2013-09-04 14:38 - 04907960 _____ () C:\Users\Gabe\Downloads\JGS-Scan3.exe 2013-09-04 14:37 - 2013-09-04 14:37 - 00584600 _____ C:\Users\Gabe\Downloads\cbsidlm-tr1_14-JGSScan-ORG-10267419.exe 2013-09-04 14:35 - 2013-08-07 16:08 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Adobe 2013-09-03 19:08 - 2013-09-03 19:07 - 00000000 ____D C:\Program Files\stinger 2013-09-03 19:07 - 2013-09-03 19:07 - 00000000 ____D C:\Stinger_Quarantine 2013-09-03 19:06 - 2013-09-03 19:06 - 04900592 _____ (McAfee, Inc.) C:\Users\Gabe\Downloads\McAfeeSetup-Serial.exe 2013-09-03 18:57 - 2013-09-03 18:57 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\DiskDefrag 2013-08-26 08:14 - 2013-08-17 22:52 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Audacity 2013-08-26 06:15 - 2013-08-26 06:13 - 116778590 _____ C:\Users\Gabe\Downloads\GET A LIFE 1627.mp4 2013-08-26 06:11 - 2013-08-26 06:10 - 78900943 _____ C:\Users\Gabe\Downloads\SACKCHASING COUGAR.mp4 2013-08-26 06:10 - 2013-08-26 06:09 - 89449556 _____ C:\Users\Gabe\Downloads\PL1300.mp4 2013-08-26 06:10 - 2013-08-26 06:09 - 60828557 _____ C:\Users\Gabe\Downloads\WORTHLESS LOSER.mp4 2013-08-26 06:09 - 2013-08-26 06:09 - 76704889 _____ C:\Users\Gabe\Downloads\LIVING WITH PARENTS AT 40.mp4 2013-08-26 06:04 - 2013-08-26 06:03 - 53457437 _____ C:\Users\Gabe\Downloads\FD1902.mp4 2013-08-26 06:04 - 2013-08-26 06:03 - 35874577 _____ C:\Users\Gabe\Downloads\FD1750WW.mp4 2013-08-26 06:03 - 2013-08-26 06:03 - 35874577 _____ C:\Users\Gabe\Downloads\FFFF.mp4 2013-08-26 06:03 - 2013-08-26 06:03 - 35874577 _____ C:\Users\Gabe\Downloads\FD175022.mp4 2013-08-26 06:03 - 2013-08-26 06:02 - 20270529 _____ C:\Users\Gabe\Downloads\FD2000-FINISH.mp4 2013-08-26 05:58 - 2013-08-26 05:58 - 44342458 _____ C:\Users\Gabe\Downloads\11.mp4 2013-08-26 05:58 - 2013-08-26 05:58 - 35874577 _____ C:\Users\Gabe\Downloads\FD1750.mp4 2013-08-26 05:58 - 2013-08-26 05:58 - 34018519 _____ C:\Users\Gabe\Downloads\FD1705.mp4 2013-08-26 05:58 - 2013-08-26 05:57 - 40459964 _____ C:\Users\Gabe\Downloads\1.mp4 2013-08-26 05:53 - 2013-08-26 05:52 - 40459964 _____ C:\Users\Gabe\Downloads\FD21AUG1530.mp4 2013-08-26 05:52 - 2013-08-26 05:52 - 39933685 _____ C:\Users\Gabe\Downloads\FD21AUG1430.mp4 2013-08-26 05:52 - 2013-08-26 05:51 - 54647286 _____ C:\Users\Gabe\Downloads\My New Clip33.mp4 2013-08-26 05:49 - 2013-08-26 05:49 - 39940067 _____ C:\Users\Gabe\Downloads\FD21AUG1310.mp4 2013-08-26 05:49 - 2013-08-26 05:48 - 39142968 _____ C:\Users\Gabe\Downloads\FrontDoor21Aug1215.mp4 2013-08-26 05:32 - 2013-08-26 05:31 - 54647286 _____ C:\Users\Gabe\Downloads\Front Door 21August.mp4 2013-08-26 05:31 - 2013-08-26 05:30 - 58247011 _____ C:\Users\Gabe\Downloads\BR13AUG1510.mp4 2013-08-26 05:30 - 2013-08-26 05:30 - 40918583 _____ C:\Users\Gabe\Downloads\BR13AUG1415.mp4 2013-08-26 05:30 - 2013-08-20 12:20 - 63503421 _____ C:\Users\Gabe\Downloads\BR13AUG1330.mp4 2013-08-26 05:15 - 2013-08-25 13:39 - 00000000 ____D C:\Users\Gabe\Documents\NACI_data 2013-08-25 22:21 - 2013-08-25 13:39 - 00072588 _____ C:\Users\Gabe\Documents\NACI.aup 2013-08-25 14:03 - 2013-08-25 14:03 - 00000000 ____D C:\Users\Gabe\AppData\Local\Apple Computer 2013-08-25 13:18 - 2013-08-25 13:16 - 236588638 _____ C:\Users\Gabe\Documents\NACI.wav 2013-08-25 13:11 - 2013-08-20 13:22 - 00000000 ____D C:\Users\Public\CyberLink 2013-08-25 11:10 - 2013-08-25 11:10 - 00000000 ____D C:\Users\Gabe\Downloads\MP_ROOT 2013-08-24 12:52 - 2013-08-20 15:10 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software 2013-08-24 12:52 - 2013-08-20 15:09 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\NCH Software 2013-08-24 05:36 - 2013-08-22 07:55 - 00000075 _____ C:\DiskDefrag.log 2013-08-24 02:04 - 2013-08-03 04:53 - 00000000 ____D C:\Program Files\Sony 2013-08-23 12:34 - 2013-08-23 12:34 - 00461312 _____ C:\Users\Gabe\Downloads\1.xls 2013-08-23 12:30 - 2013-08-23 11:49 - 00191488 _____ C:\Users\Gabe\Downloads\213991775063143LOCATION.xls 2013-08-23 12:07 - 2013-08-23 12:07 - 00461312 _____ C:\Users\Gabe\Downloads\213991775063143SMS.xls 2013-08-23 12:07 - 2013-08-23 12:07 - 00047616 _____ C:\Users\Gabe\Downloads\213991775063143CALL.xls 2013-08-23 02:06 - 2013-08-20 12:40 - 00000000 ____D C:\Users\Gabe\Downloads\CyberLink Power Director 11 Ultra DeLtA Sn1p3r 2013-08-22 22:12 - 2013-08-22 22:12 - 00685123 _____ C:\Users\Gabe\Downloads\213991775063143-CALL-20130819081157-6029782496.3gp 2013-08-22 22:12 - 2013-08-22 22:12 - 00087795 _____ C:\Users\Gabe\Downloads\213991775063143-CALL-20130814211449-6025732886.3gp 2013-08-22 21:47 - 2013-08-08 01:25 - 00000000 ____D C:\Users\Tiffany\AppData\Local\Sony Corporation 2013-08-22 21:47 - 2013-08-03 04:47 - 00000000 ____D C:\Windows\System32\Tasks\Sony Corporation 2013-08-22 09:34 - 2013-08-08 01:36 - 00007616 _____ C:\Users\Gabe\AppData\Local\resmon.resmoncfg 2013-08-22 09:22 - 2013-08-22 09:21 - 00000000 ____D C:\Users\Gabe\Documents\Cinematic_Music_Group-Big_K.R.I.T-King_Remembered_In_Time 2013-08-22 09:08 - 2013-08-22 09:08 - 00000000 ____D C:\Users\Gabe\AppData\Local\Macromedia 2013-08-22 09:08 - 2013-08-07 21:28 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Mozilla 2013-08-22 08:45 - 2013-08-13 01:46 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Yahoo! 2013-08-22 08:45 - 2013-08-10 23:59 - 00000000 ____D C:\Users\Gabe\Documents\Sony PMB 2013-08-22 08:45 - 2013-08-08 01:20 - 00000000 ____D C:\Users\Tiffany 2013-08-22 08:45 - 2013-08-07 17:33 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Sony 2013-08-22 08:45 - 2013-08-07 16:07 - 00000000 ____D C:\Users\Gabe 2013-08-22 08:44 - 2013-08-22 06:52 - 00000000 ____D C:\Program Files (x86)\WinAce 2013-08-22 08:44 - 2013-08-20 13:14 - 00000000 ____D C:\Program Files (x86)\QuickTime 2013-08-22 08:44 - 2013-08-08 08:32 - 00000000 ____D C:\Program Files (x86)\The KMPlayer 2013-08-22 08:44 - 2012-07-26 01:12 - 00000000 __SHD C:\Program Files\Windows Sidebar 2013-08-22 08:44 - 2012-07-25 22:37 - 00000000 __RHD C:\Users\Default 2013-08-22 08:43 - 2013-08-03 04:22 - 00000000 ____D C:\Intel 2013-08-22 08:00 - 2013-08-09 03:48 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Winamp 2013-08-22 07:55 - 2013-08-22 07:55 - 00002622 _____ C:\Windows\System32\Tasks\GlaryInitialize 3 2013-08-22 07:55 - 2013-08-22 07:55 - 00001080 _____ C:\Users\Public\Desktop\Glary Utilities 3.lnk 2013-08-22 07:54 - 2013-08-22 07:54 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\GlarySoft 2013-08-22 07:47 - 2013-08-22 07:47 - 16136496 _____ C:\Users\Gabe\Downloads\gu3setup.exe 2013-08-22 06:52 - 2013-08-22 06:52 - 04042444 _____ (e-merge GmbH) C:\Users\Gabe\Downloads\wace269i.exe 2013-08-22 06:52 - 2013-08-22 06:52 - 00000951 _____ C:\Users\Public\Desktop\WinAce Archiver.lnk 2013-08-22 06:49 - 2013-08-22 06:49 - 00862521 _____ C:\Users\Gabe\Downloads\videosnarf-0.63.tar.gz 2013-08-22 04:44 - 2013-08-22 04:44 - 00582605 _____ C:\Users\Gabe\Downloads\Winamp_Essentials_6_7_8_9_10_11_12_13_14.exe 2013-08-22 04:44 - 2013-08-09 03:48 - 00000000 ____D C:\Program Files (x86)\Winamp 2013-08-21 01:47 - 2013-08-21 01:47 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Apple Computer 2013-08-20 15:11 - 2013-08-20 15:04 - 00000000 ____D C:\Users\Gabe\Documents\Audio from Tim Mcgraw Burglary 2013-08-20 15:09 - 2013-08-20 15:09 - 00502848 _____ (NCH Software) C:\Users\Gabe\Downloads\switchsetup.exe 2013-08-20 14:56 - 2013-08-20 14:53 - 470418208 _____ C:\Users\Gabe\Downloads\PowerDirector_3026_GM6_Trial_Trial_VDE130619-02.exe 2013-08-20 14:45 - 2013-08-20 14:45 - 00894600 _____ (CNET Download.com) C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Download_App-BP-75864009.exe 2013-08-20 14:18 - 2013-08-20 14:18 - 00979928 _____ (CyberLink) C:\Users\Gabe\Downloads\CyberLink_PowerDirector_Downloader.exe 2013-08-20 13:22 - 2013-08-20 13:22 - 00000000 ____D C:\Users\Gabe\Documents\CyberLink 2013-08-20 13:20 - 2013-08-20 13:20 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\CyberLink 2013-08-20 13:14 - 2013-08-20 13:14 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk 2013-08-20 12:37 - 2013-08-20 12:35 - 00838896 _____ C:\Users\Gabe\Downloads\LR13AUG0330.mp4.sfk 2013-08-20 12:37 - 2013-08-20 12:32 - 00886196 _____ C:\Users\Gabe\Downloads\10aug1921.mp4.sfk 2013-08-20 12:29 - 2013-08-07 17:33 - 00000000 ____D C:\Users\Gabe\AppData\Local\Sony 2013-08-20 12:18 - 2013-08-20 12:17 - 52289079 _____ C:\Users\Gabe\Downloads\BR13AUG1240 (Part 1 of 2).mp4 2013-08-20 12:18 - 2013-08-20 12:17 - 31723429 _____ C:\Users\Gabe\Downloads\BR13AUG1240 (Part 2 of 2).mp4 2013-08-20 10:41 - 2013-08-13 01:44 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2013-08-20 10:40 - 2013-08-03 04:44 - 00000000 ____D C:\Program Files\Common Files\Sony Shared 2013-08-20 07:46 - 2013-08-18 07:05 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Process Hacker 2 2013-08-20 07:11 - 2013-08-19 17:40 - 00000032 _____ C:\Users\Gabe\AppData\Roaming\mbam.context.scan 2013-08-20 07:02 - 2013-08-20 07:02 - 00204568 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2013-08-20 07:02 - 2013-08-20 07:02 - 00103576 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2013-08-20 02:21 - 2013-08-22 07:55 - 00117024 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe 2013-08-20 02:08 - 2013-08-20 02:05 - 43723137 _____ C:\Users\Gabe\Downloads\LR13AUG0515.mp4 2013-08-20 02:05 - 2013-08-20 01:58 - 44618151 _____ C:\Users\Gabe\Downloads\LR13AUG0420.mp4 2013-08-20 02:05 - 2013-08-20 01:56 - 57036111 _____ C:\Users\Gabe\Downloads\LR13AUG0325.mp4 2013-08-20 02:02 - 2013-08-20 01:52 - 75121062 _____ C:\Users\Gabe\Downloads\LR13AUG0330.mp4 2013-08-20 01:58 - 2013-08-20 01:51 - 57036111 _____ C:\Users\Gabe\Downloads\LR13AUG0235.mp4 2013-08-20 01:49 - 2013-08-20 01:42 - 90665926 _____ C:\Users\Gabe\Downloads\LR13AUG0146.mp4 2013-08-20 01:37 - 2013-08-20 01:35 - 28597549 _____ C:\Users\Gabe\Downloads\BR13AUG0132 (Part 1 of 2).mp4 2013-08-20 01:35 - 2013-08-20 01:35 - 00000000 _____ C:\Users\Gabe\Downloads\BR13AUG1332 (Part 2 of 2).mp4 2013-08-19 13:50 - 2013-08-19 13:50 - 00685123 _____ C:\Users\Gabe\Downloads\CC.3gp 2013-08-19 13:49 - 2013-08-19 13:49 - 00650639 _____ C:\Users\Gabe\Downloads\DAD.3gp 2013-08-19 13:47 - 2013-08-19 13:47 - 01457652 _____ (Repair Video, Inc. ) C:\Users\Gabe\Desktop\asf_avi_rm_wmv_repair.exe 2013-08-18 23:44 - 2013-08-18 23:44 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-08-18 23:44 - 2013-08-18 23:44 - 00000291 _____ C:\AdwCleaner[s2].txt 2013-08-18 23:44 - 2013-08-18 23:44 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Malwarebytes 2013-08-18 23:44 - 2013-08-18 23:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-18 23:44 - 2013-08-18 23:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Gabe\Downloads\mbam-setup-1.75.0.1300.exe 2013-08-18 10:46 - 2013-08-18 10:45 - 52273262 _____ C:\Users\Gabe\Downloads\10aug2155.mp4 2013-08-18 10:45 - 2013-08-18 10:45 - 05730942 _____ C:\Users\Gabe\Downloads\item.mp4 2013-08-18 07:11 - 2013-08-18 07:11 - 00002006 _____ C:\AdwCleaner[s1].txt 2013-08-18 07:09 - 2013-08-18 07:09 - 00891115 _____ C:\Users\Gabe\Downloads\SecurityCheck.exe 2013-08-18 07:07 - 2013-08-18 07:07 - 00000000 _____ C:\Windows\SysWOW64\FAPB4C8.tmp 2013-08-18 07:07 - 2013-08-18 07:07 - 00000000 _____ C:\Windows\SysWOW64\FAPB080.tmp 2013-08-18 07:07 - 2013-08-18 07:07 - 00000000 _____ C:\Windows\SysWOW64\FAP79BE.tmp 2013-08-18 07:03 - 2013-08-18 07:03 - 00001841 _____ C:\Users\Gabe\Desktop\Process Hacker 2.lnk 2013-08-18 07:03 - 2013-08-18 07:03 - 00000000 ____D C:\Program Files\Process Hacker 2 2013-08-17 23:04 - 2013-08-17 22:56 - 96836088 _____ C:\Users\Gabe\Downloads\10aug2004.avi 2013-08-17 22:55 - 2013-08-17 22:55 - 00894600 _____ (CNET Download.com) C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Pazera_Free_MP4_to_AVI_Converter-SEO-10784027.exe 2013-08-17 22:52 - 2013-08-17 22:52 - 00001007 _____ C:\Users\Gabe\Desktop\Audacity.lnk 2013-08-17 22:52 - 2013-08-17 22:52 - 00000000 ____D C:\Program Files (x86)\Audacity 2013-08-17 22:52 - 2013-08-17 22:51 - 21281052 _____ (Audacity Team ) C:\Users\Gabe\Downloads\audacity-win-2.0.3.exe 2013-08-17 22:50 - 2013-08-17 22:50 - 01856092 _____ (wj32 ) C:\Users\Gabe\Downloads\processhacker-2.31-setup.exe 2013-08-17 20:15 - 2013-08-17 20:15 - 01618718 _____ (UpsideOut, Inc. ) C:\Users\Gabe\Downloads\ProxifySetup.exe 2013-08-17 20:15 - 2013-08-17 20:15 - 00001199 _____ C:\Users\Public\Desktop\Proxify Tray Application.lnk 2013-08-17 20:15 - 2013-08-17 20:15 - 00000000 ____D C:\Program Files (x86)\Proxify Tray Application 2013-08-17 19:37 - 2013-08-17 19:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-08-17 15:14 - 2013-08-17 15:13 - 68162708 _____ C:\Users\Gabe\Downloads\10aug2133.mp4 2013-08-17 15:13 - 2013-08-17 15:13 - 68174687 _____ C:\Users\Gabe\Downloads\10aug1921.mp4 2013-08-17 15:13 - 2013-08-17 15:12 - 52554458 _____ C:\Users\Gabe\Downloads\10aug2112.mp4 2013-08-17 15:09 - 2013-08-17 15:08 - 68020484 _____ C:\Users\Gabe\Downloads\10aug20041.mp4 2013-08-17 15:08 - 2013-08-17 15:07 - 47703588 _____ C:\Users\Gabe\Downloads\10aug2006.mp4 2013-08-17 15:07 - 2013-08-17 15:06 - 68020484 _____ C:\Users\Gabe\Downloads\10aug2004.mp4 2013-08-17 14:15 - 2013-08-17 14:15 - 68020484 _____ C:\Users\Gabe\Downloads\22222.mp4 2013-08-17 14:14 - 2013-08-17 14:14 - 47703588 _____ C:\Users\Gabe\Downloads\10Augbedroom.mp4 2013-08-17 14:11 - 2013-08-17 14:11 - 68020484 _____ C:\Users\Gabe\Downloads\My New Clipjjj.mp4 2013-08-17 13:58 - 2013-08-17 13:57 - 68020484 _____ C:\Users\Gabe\Downloads\10aug20101.mp4 2013-08-17 13:56 - 2013-08-17 13:56 - 35517108 _____ C:\Users\Gabe\Downloads\19aug7pm.mp4 2013-08-17 06:46 - 2013-08-17 06:46 - 08163216 _____ C:\Users\Gabe\Downloads\12AUG2149.mp4 2013-08-17 06:45 - 2013-08-17 06:45 - 07722827 _____ C:\Users\Gabe\Downloads\15AUG1717.mp4 2013-08-17 06:45 - 2013-08-17 06:44 - 144556875 _____ C:\Users\Gabe\Downloads\7AUG1133.mp4 2013-08-17 06:43 - 2013-08-17 06:43 - 10074467 _____ C:\Users\Gabe\Downloads\7AUG1852.mp4 2013-08-17 06:42 - 2013-08-17 06:42 - 07572170 _____ C:\Users\Gabe\Downloads\3AUG.mp4 2013-08-17 06:37 - 2013-08-17 06:36 - 57246322 _____ C:\Users\Gabe\Downloads\10AUG2010(2).mp4 2013-08-17 06:36 - 2013-08-17 06:35 - 57246322 _____ C:\Users\Gabe\Downloads\10AUG2010.mp4 2013-08-17 06:35 - 2013-08-17 06:35 - 06246836 _____ C:\Users\Gabe\Downloads\12AUG0615.mp4 2013-08-17 06:35 - 2013-08-17 06:33 - 57246322 _____ C:\Users\Gabe\Downloads\46.mp4 2013-08-17 06:34 - 2013-08-17 06:34 - 08811349 _____ C:\Users\Gabe\Downloads\10AUG1923.mp4 2013-08-17 05:45 - 2013-08-17 05:45 - 24192489 _____ C:\Users\Gabe\Downloads\45.mp4 2013-08-17 05:37 - 2013-08-17 05:37 - 08811349 _____ C:\Users\Gabe\Downloads\44.mp4 2013-08-17 03:38 - 2013-08-03 04:46 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll 2013-08-17 03:38 - 2013-08-03 04:46 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2013-08-17 01:37 - 2013-08-17 01:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-15 17:26 - 2013-08-15 17:25 - 07722827 _____ C:\Users\Gabe\Downloads\3333.mp4 2013-08-15 10:49 - 2013-08-15 10:49 - 00567391 _____ C:\Users\Gabe\Documents\334.3gp 2013-08-15 01:38 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\system32\NDF 2013-08-14 23:02 - 2013-08-14 23:02 - 08163216 _____ C:\Users\Gabe\Downloads\My Ne.mp4 2013-08-13 10:30 - 2013-08-13 00:47 - 00000000 ____D C:\Users\Gabe\Downloads\Epic (2013) 2013-08-13 03:17 - 2013-08-13 03:16 - 144556875 _____ C:\Users\Gabe\Downloads\22.mp4 2013-08-13 01:45 - 2013-08-13 01:45 - 00001137 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk 2013-08-13 01:44 - 2013-08-13 01:44 - 00442040 _____ (Yahoo! Inc.) C:\Users\Gabe\Downloads\msgr11us.exe 2013-08-13 00:51 - 2013-08-13 00:47 - 00000000 ____D C:\Users\Gabe\Downloads\Superman.Man.of.Steel.2013.720p.R6.LiNE.x264.AAC-DiGiTAL 2013-08-13 00:47 - 2013-08-13 00:46 - 00000000 ____D C:\Users\Gabe\Downloads\Oblivion (2013) [1080p] 2013-08-12 16:10 - 2013-08-12 16:10 - 00042184 _____ (Anchorfree Inc.) C:\Windows\system32\Drivers\taphss6.sys 2013-08-12 16:07 - 2013-09-10 08:03 - 00046792 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys 2013-08-12 13:26 - 2013-08-12 13:25 - 06246836 _____ C:\Users\Gabe\Downloads\My New Clip(2).mp4 2013-08-12 06:41 - 2013-08-12 06:41 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-09-2013 Ran by Gabe at 2013-09-10 23:46:03 Running from C:\Users\Gabe\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94) Adobe Reader XI (11.0.03) MUI (x32 Version: 11.0.03) AntiLogger (x32 Version: 1.9.3.502) AntiLogger (x32) Apple Application Support (x32 Version: 2.1.7) Audacity 2.0.3 (x32 Version: 2.0.3) ERUNT 1.1j (x32) ESET NOD32 Antivirus (Version: 6.0.316.0) ESET Online Scanner v3 (x32) Glary Utilities 3.9 (x32 Version: 3.9.0.137) Harmony Browser Plug-in (x32 Version: 2.0) Hotspot Shield 3.13 (x32 Version: 3.13) Intel® Management Engine Components (x32 Version: 8.1.0.1281) Intel® Processor Graphics (x32 Version: 9.17.10.2963) Intel® PROSet/Wireless NFC Software (Version: 1.1.1.002) Intel® Rapid Storage Technology (x32 Version: 11.6.0.1030) Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149) Intel® Trusted Connect Service Client (Version: 1.24.738.1) Java 7 Update 25 (x32 Version: 7.0.250) Java Auto Updater (x32 Version: 2.1.9.5) KeyCrypt SDK version 1.6.1.246 (x32 Version: 1.6.1.246) Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft Office (x32 Version: 15.0.4454.1510) Microsoft Report Viewer Redistributable 2005 (x32 Version: 8.0.50727.42) Microsoft Report Viewer Redistributable 2005 (x32) Microsoft Silverlight (Version: 5.1.20125.0) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106) Movie Studio Platinum 12.0 (64-bit) (Version: 12.0.756) Mozilla Firefox 23.0.1 (x86 en-US) (x32 Version: 23.0.1) MSVCRT Redists (Version: 1.0) Networkx64 (Version: 1.0.0) NVIDIA Control Panel 311.46 (Version: 311.46) NVIDIA Graphics Driver 311.46 (Version: 311.46) NVIDIA Install Application (Version: 2.1002.109.706) NVIDIA Optimus 1.11.3 (Version: 1.11.3) NVIDIA PhysX (x32 Version: 9.12.1031) NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031) NVIDIA Update Components (Version: 1.11.3) PlayMemories Home (x32 Version: 7.0.02.14060) Process Hacker 2.31 (r5355) (Version: 2.31.0.5355) Proxify Tray Application version 1.0.8.0 (x32 Version: 1.0.8.0) QuickTime (x32 Version: 7.72.80.56) Realtek Ethernet Controller Driver (x32 Version: 8.10.1226.2012) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6895) Realtek PCIE Card Reader (x32 Version: 6.2.9200.28135) Shared C Run-time for x64 (Version: 10.0.0) Synaptics Pointing Device Driver (Version: 16.4.0.1) The KMPlayer (remove only) (x32 Version: 3.6.0.87) VAIO Movie Creator (x32 Version: 4.1.01.15140) Who Is On My Wifi version 2.1.7 (x32 Version: 2.1.7) WinAce Archiver (x32 Version: 2.69) Winamp (x32 Version: 5.65 ) Winamp Detector Plug-in (HKCU Version: 1.0.0.1) Winamp Essentials Pack (x32 Version: v5.64) Yahoo! Messenger (x32) Yahoo! Toolbar (x32) ==================== Restore Points ========================= 23-08-2013 04:40:49 Removed VAIO First Logon Setup Tool 04-09-2013 05:55:15 Scheduled Checkpoint 08-09-2013 14:17:26 Removed VAIO Easy Connect. 11-09-2013 03:45:44 Malwarebytes Anti-Rootkit Restore Point ==================== Hosts content: ========================== 2012-07-25 22:26 - 2012-07-25 22:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-25] (Microsoft Corporation) Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical Task: {1512017D-D898-4D3A-AAD6-BA5ADA05B6BC} - System32\Tasks\VaioRegistrationDesktopTask => C:\Program Files\Sony\VAIO Registration\Sony.VAIO.Desktop.RegistrationTask.exe [2012-08-09] (Sony) Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\System32\sysmain.dll [2013-05-03] (Microsoft Corporation) Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance Task: {22A6F687-35EF-443E-B1BF-8EE7D9B943AF} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\WSClient.dll [2012-09-19] (Microsoft Corporation) Task: {24DB440A-2AA6-4B5A-AAC9-080DFDE57700} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup Task: {263BFA26-C253-4887-B4D5-EFED40F334D1} - System32\Tasks\GlaryInitialize 3 => C:\Program Files (x86)\Glary Utilities 3\Initialize.exe [2013-08-20] (Glarysoft Ltd) Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem Task: {3D5AAA45-F954-4E6A-984D-2181BED5C309} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3684579750-837988229-3943600733-1002 Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation) Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required Task: {61B0D0DE-0EB4-4EDA-A894-A85CF2B01B12} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-25] (Microsoft Corporation) Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-19] (Microsoft Corporation) Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode) Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\WSClient.dll [2012-09-19] (Microsoft Corporation) Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\System32\Windows.Storage.ApplicationData.dll [2012-07-25] (Microsoft Corporation) Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork Task: {D6A7F05B-63D4-4253-B241-5BDCCA176EC7} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => Sc.exe start wuauserv Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical Task: {DD092B2B-9EE8-4A98-A22C-F1880DB0DF95} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-19] (Microsoft Corporation) Task: {EAD237E7-D276-4257-9F16-51DF41548733} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\System32\Startupscan.dll [2012-07-25] (Microsoft Corporation) Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM Task: {F517077F-AA0A-4CDA-B0D5-B992ADAA4F14} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-03-13] (Synaptics Incorporated) Task: C:\Windows\Tasks\GlaryInitialize 3.job => C:\Program Files (x86)\Glary Utilities 3\Initialize.exe ==================== Loaded Modules (whitelisted) ============= 2013-03-14 14:11 - 2013-03-13 21:33 - 01049840 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll 2013-03-14 14:11 - 2013-03-13 21:38 - 00254704 _____ (Synaptics Incorporated) C:\Windows\SYSTEM32\SynTPAPI.dll 2013-08-03 04:40 - 2013-05-02 19:45 - 01107440 _____ (NVIDIA Corporation) C:\Windows\SYSTEM32\nvumdshimx.dll 2013-08-03 04:40 - 2013-05-02 19:43 - 00245872 _____ (NVIDIA Corporation) C:\Windows\SYSTEM32\nvinitx.dll 2013-03-11 15:49 - 2013-03-08 00:04 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll 2013-08-03 04:36 - 2013-05-06 18:13 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2013-08-03 04:36 - 2013-05-06 18:13 - 03693640 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2013-03-14 12:21 - 2013-03-13 20:33 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrENU.lrc 2013-03-14 12:21 - 2013-03-13 20:31 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2013-08-18 07:03 - 2013-07-20 22:24 - 00108032 _____ (wj32) C:\Program Files\Process Hacker 2\plugins\DotNetTools.dll 2013-08-18 07:03 - 2013-07-20 22:24 - 00095744 _____ (wj32) C:\Program Files\Process Hacker 2\plugins\ExtendedNotifications.dll 2013-08-18 07:03 - 2013-07-20 22:24 - 00111616 _____ (wj32) C:\Program Files\Process Hacker 2\plugins\ExtendedServices.dll 2013-08-18 07:03 - 2013-07-20 22:24 - 00177152 _____ (wj32) C:\Program Files\Process Hacker 2\plugins\ExtendedTools.dll 2013-08-18 07:03 - 2013-07-20 22:24 - 00073216 _____ (wj32) C:\Program Files\Process Hacker 2\plugins\NetworkTools.dll 2013-08-18 07:03 - 2013-07-28 19:02 - 00095744 _____ (wj32) C:\Program Files\Process Hacker 2\plugins\OnlineChecks.dll 2013-08-18 07:03 - 2013-07-20 22:24 - 00074240 _____ (wj32) C:\Program Files\Process Hacker 2\plugins\SbieSupport.dll 2013-08-18 07:03 - 2013-07-28 22:00 - 00117248 _____ (dmex) C:\Program Files\Process Hacker 2\plugins\ToolStatus.dll 2013-08-18 07:03 - 2013-07-28 22:00 - 00092160 _____ (dmex) C:\Program Files\Process Hacker 2\plugins\Updater.dll 2013-08-18 07:03 - 2013-07-28 22:00 - 00087552 _____ (wj32) C:\Program Files\Process Hacker 2\plugins\UserNotes.dll 2013-08-18 07:03 - 2013-07-20 22:24 - 00111104 _____ (wj32) C:\Program Files\Process Hacker 2\plugins\WindowExplorer.dll 2013-03-21 15:20 - 2013-03-21 15:20 - 00123776 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ToastNotify.dll 2013-03-21 15:20 - 2013-03-21 15:20 - 00254080 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiHips.dll 2013-03-21 15:20 - 2013-03-21 15:20 - 00691288 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll 2013-03-21 15:19 - 2013-03-21 15:19 - 00355008 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll 2013-03-21 15:19 - 2013-03-21 15:19 - 00123752 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll 2013-03-21 15:19 - 2013-03-21 15:19 - 00119144 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll 2013-03-21 15:20 - 2013-03-21 15:20 - 01653320 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll 2013-03-21 15:20 - 2013-03-21 15:20 - 01010624 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll 2013-03-21 15:20 - 2013-03-21 15:20 - 00111416 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll 2013-09-10 07:08 - 2012-06-27 07:18 - 00839680 _____ () C:\Program Files (x86)\IO3O LLC\Who Is On My Wifi\System.Data.SQLite.dll 2012-07-26 01:14 - 2013-06-27 15:05 - 14375800 _____ (Adobe Systems, Inc.) C:\Windows\SYSTEM32\Macromed\Flash\Flash.ocx 2013-09-10 07:08 - 2009-05-04 14:22 - 00151040 _____ (http://sharppcap.sf.net) C:\Program Files (x86)\IO3O LLC\Who Is On My Wifi\SharpPcap.dll 2013-08-17 01:37 - 2013-08-17 01:37 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========== ==================== Faulty Device Manager Devices ============= Name: Bluetooth Device (RFCOMM Protocol TDI) Description: Bluetooth Device (RFCOMM Protocol TDI) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: RFCOMM Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Bluetooth Device (Personal Area Network) Description: Bluetooth Device (Personal Area Network) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: BthPan Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: SPH-D710 Description: SPH-D710 Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: SAMSUNG Electronics Co. Ltd. Service: WUDFWpdMtp Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (09/10/2013 10:48:46 PM) (Source: McLogEvent) (User: NT AUTHORITY) Description: 1 Error: (09/10/2013 10:48:46 PM) (Source: McLogEvent) (User: NT AUTHORITY) Description: 0x7eThe specified module could not be found. Error: (09/10/2013 10:16:55 PM) (Source: Microsoft-Windows-User Profiles Service) (User: SysAdmin) Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off. Error: (09/10/2013 10:16:55 PM) (Source: Microsoft-Windows-User Profiles Service) (User: SysAdmin) Description: Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on. Error: (09/10/2013 10:12:26 PM) (Source: EventSystem) (User: ) Description: 800706e5EventSystem.EventSubscription{D2D9D1BD-A036-4BCF-8DA7-ED916C08B2F6}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}Explorer Error: (09/10/2013 09:23:31 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error: (09/10/2013 09:23:29 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error: (09/10/2013 09:23:24 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error: (09/10/2013 09:23:24 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error: (09/10/2013 09:23:01 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. System errors: ============= Error: (09/10/2013 10:47:26 PM) (Source: Service Control Manager) (User: ) Description: The Process creation detector. service failed to start due to the following error: %%1275 Error: (09/10/2013 10:47:26 PM) (Source: Application Popup) (User: ) Description: \??\C:\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys Error: (09/10/2013 10:45:48 PM) (Source: Service Control Manager) (User: ) Description: The ESET Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (09/10/2013 10:23:01 PM) (Source: mbamchameleon) (User: ) Description: \Device\HarddiskVolume5\PROGRA~2\MCAFEE\SITEAD~1\SAUI.EXE Error: (09/10/2013 10:23:01 PM) (Source: mbamchameleon) (User: ) Description: \??\c:\PROGRA~2\mcafee\SITEAD~1\saui.exe Error: (09/10/2013 10:19:11 PM) (Source: mbamchameleon) (User: ) Description: \Device\HarddiskVolume5\PROGRAM FILES\COMMON FILES\MCAFEE\CORE\MCHOST.EXE Error: (09/10/2013 10:19:11 PM) (Source: mbamchameleon) (User: ) Description: \??\C:\Program Files\Common Files\McAfee\Core\mchost.exe Error: (09/10/2013 10:17:24 PM) (Source: mbamchameleon) (User: ) Description: \Device\HarddiskVolume5\PROGRAM FILES\COMMON FILES\MCAFEE\CORE\MCHOST.EXE Error: (09/10/2013 10:17:24 PM) (Source: mbamchameleon) (User: ) Description: \??\C:\Program Files\Common Files\McAfee\Core\mchost.exe Error: (09/10/2013 10:17:24 PM) (Source: mbamchameleon) (User: ) Description: \Device\HarddiskVolume5\PROGRAM FILES\COMMON FILES\MCAFEE\CORE\MCHOST.EXE Microsoft Office Sessions: ========================= Error: (09/10/2013 10:48:46 PM) (Source: McLogEvent)(User: NT AUTHORITY) Description: 1 Error: (09/10/2013 10:48:46 PM) (Source: McLogEvent)(User: NT AUTHORITY) Description: 0x7eThe specified module could not be found. Error: (09/10/2013 10:16:55 PM) (Source: Microsoft-Windows-User Profiles Service)(User: SysAdmin) Description: Error: (09/10/2013 10:16:55 PM) (Source: Microsoft-Windows-User Profiles Service)(User: SysAdmin) Description: Error: (09/10/2013 10:12:26 PM) (Source: EventSystem)(User: ) Description: 800706e5EventSystem.EventSubscription{D2D9D1BD-A036-4BCF-8DA7-ED916C08B2F6}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}Explorer Error: (09/10/2013 09:23:31 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Gabe\Desktop\esetsmartinstaller_enu.exe Error: (09/10/2013 09:23:29 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Gabe\Desktop\esetsmartinstaller_enu.exe Error: (09/10/2013 09:23:24 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Gabe\Desktop\esetsmartinstaller_enu.exe Error: (09/10/2013 09:23:24 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Gabe\Desktop\esetsmartinstaller_enu.exe Error: (09/10/2013 09:23:01 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Gabe\Desktop\esetsmartinstaller_enu.exe CodeIntegrity Errors: =================================== Date: 2013-09-10 22:47:26.632 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-09-10 19:36:25.786 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-09-08 16:29:56.647 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-09-08 07:16:03.419 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-08-22 21:38:41.484 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 19% Total physical RAM: 12166.8 MB Available physical RAM: 9831.09 MB Total Pagefile: 13062.8 MB Available Pagefile: 10549.39 MB Total Virtual: 8192 MB Available Virtual: 8191.77 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:899.57 GB) (Free:476.77 GB) NTFS Drive d: (OFFICE14) (CDROM) (Total:2.35 GB) (Free:0 GB) UDF Drive f: (Gardner's External HDD II) (Fixed) (Total:465.76 GB) (Free:0 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 932 GB) (Disk ID: 6AD751D9) Partition: GPT Partition Type ======================================================== Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 1CE7A4E9) Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS) ==================== End Of Log ============================

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-09-2013 Ran by Gabe (administrator) on SYSADMIN on 10-09-2013 23:45:32 Running from C:\Users\Gabe\Desktop Windows 8 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Broadcom Corporation.) C:\Windows\system32\BtwRSupportService.exe (Microsoft Corporation) C:\Windows\system32\dashost.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe () C:\Program Files (x86)\IO3O LLC\Who Is On My Wifi\mywifi.exe (Zemana Ltd.) C:\Program Files (x86)\AntiLogger\AntiLogger.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe (McAfee, Inc.) c:\PROGRA~2\mcafee\SITEAD~1\saui.exe (wj32) C:\Program Files\Process Hacker 2\ProcessHacker.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-05-06] (Realtek Semiconductor) HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [6330568 2013-03-21] (ESET) HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [405504 2012-07-25] (Microsoft Corporation) MountPoints2: {03119575-fc2b-11e2-be6a-806e6f6e6963} - "D:\SETUP.EXE" HKLM-x32\...\Run: [AntiLogger] - C:\Program Files (x86)\AntiLogger\AntiLogger.exe [17780136 2013-09-09] (Zemana Ltd.) BootExecute: autocheck autochk * BootDefrag.exe ==================== Internet (Whitelisted) ==================== ProxyServer: 127.0.0.1:48627 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {4372E590-7695-4EC2-97A9-962BD3B31DC6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASAJS BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 68.105.28.12 68.105.29.12 68.105.28.11 FireFox: ======== FF ProfilePath: C:\Users\Gabe\AppData\Roaming\Mozilla\Firefox\Profiles\jeur3bn4.default FF Keyword.URL: user_pref("keyword.URL", ""); FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll () FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.) FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afext@anchorfree.com FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK FF Extension: No Name - C:\Program Files\McAfee\MSK FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird ==================== Services (Whitelisted) ================= S2 0222411378878482mcinstcleanup; C:\Users\Gabe\AppData\Local\Temp\022241~1.EXE [834664 2013-07-30] (McAfee, Inc.) R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2228440 2013-05-15] (Broadcom Corporation.) R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [331776 2012-07-25] (Microsoft Corporation) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1341664 2013-03-21] (ESET) R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129824 2013-01-23] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166688 2013-01-23] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-02-06] (Sony Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation) S4 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [x] S2 mfevtp; "C:\Windows\system32\mfevtps.exe" [x] S2 nvUpdatusService; "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" [x] ==================== Drivers (Whitelisted) ==================== R1 AntiLog32; C:\Windows\system32\drivers\AntiLog64.sys [49240 2013-09-10] (Zemana Ltd.) R1 AntiLog32; C:\Windows\system32\drivers\AntiLog64.sys [49240 2013-09-10] (Zemana Ltd.) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170200 2013-05-15] (Broadcom Corporation.) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6971056 2013-03-14] (Broadcom Corporation) R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [117632 2013-05-31] (Microsoft Corporation) R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [30720 2013-08-03] (Microsoft Corporation) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-02-20] (ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET) R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [139768 2013-01-10] (ESET) R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [46792 2013-08-12] (AnchorFree Inc.) R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [25056 2013-07-22] (Zemana Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-03-13] (Synaptics Incorporated) R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-08-12] (Anchorfree Inc.) S3 BCM42RLY; system32\drivers\BCM42RLY.sys [x] S0 BootDefragDriver; System32\drivers\BootDefragDriver.sys [x] S3 btwaudio; \SystemRoot\system32\drivers\btwaudio.sys [x] S3 btwavdt; \SystemRoot\System32\drivers\btwavdt.sys [x] S3 btwl2cap; \SystemRoot\system32\DRIVERS\btwl2cap.sys [x] S3 btwrchid; \SystemRoot\System32\drivers\btwrchid.sys [x] S0 cfwids; system32\drivers\cfwids.sys [x] S0 mfeapfk; system32\drivers\mfeapfk.sys [x] R0 mfeavfk; system32\drivers\mfeavfk.sys [x] U3 mfeavfk01; No ImagePath S0 mfeelamk; system32\drivers\mfeelamk.sys [x] S0 mfefirek; system32\drivers\mfefirek.sys [x] R0 mfehidk; system32\drivers\mfehidk.sys [x] S0 mferkdet; \SystemRoot\system32\drivers\mferkdet.sys [x] R0 mfewfpk; system32\drivers\mfewfpk.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-10 23:44 - 2013-09-10 23:45 - 01949408 _____ (Farbar) C:\Users\Gabe\Desktop\FRST64.exe 2013-09-10 22:45 - 2013-09-10 22:45 - 00000000 ____D C:\Program Files\ESET 2013-09-10 22:41 - 2013-09-10 22:41 - 01415824 _____ (ESET) C:\Users\Gabe\Desktop\eset_nod32_antivirus_live_installer.exe 2013-09-10 21:23 - 2013-09-10 21:23 - 02347384 _____ (ESET) C:\Users\Gabe\Desktop\esetsmartinstaller_enu.exe 2013-09-10 21:23 - 2013-09-10 21:23 - 00000000 ____D C:\Program Files (x86)\ESET 2013-09-10 21:05 - 2013-09-10 21:16 - 00000000 ____D C:\AdwCleaner 2013-09-10 21:04 - 2013-09-10 21:04 - 01037278 _____ C:\Users\Gabe\Desktop\AdwCleaner.exe 2013-09-10 21:01 - 2013-09-10 21:01 - 00002162 _____ C:\Users\Gabe\Desktop\JRT.txt 2013-09-10 20:51 - 2013-09-10 20:51 - 00000000 ____D C:\Windows\ERUNT 2013-09-10 20:50 - 2013-09-10 20:50 - 01029490 _____ (Thisisu) C:\Users\Gabe\Desktop\JRT.exe 2013-09-10 20:20 - 2013-09-10 22:39 - 00000000 ____D C:\Users\Gabe\Desktop\mbar 2013-09-10 20:20 - 2013-09-10 20:20 - 12907592 _____ (Malwarebytes Corp.) C:\Users\Gabe\Desktop\mbar-1.07.0.1005.exe 2013-09-10 20:17 - 2013-09-10 20:17 - 03788288 _____ C:\Users\Gabe\Desktop\RogueKillerX64(1).exe 2013-09-10 20:12 - 2013-09-10 20:12 - 00001771 _____ C:\Users\Gabe\Desktop\RKreport[0]_S_09102013_201228.txt 2013-09-10 20:09 - 2013-09-10 20:59 - 00000000 ____D C:\Users\Gabe\Desktop\RK_Quarantine 2013-09-10 20:07 - 2013-09-10 20:07 - 03788288 _____ C:\Users\Gabe\Desktop\RogueKillerX64.exe 2013-09-10 20:07 - 2013-09-10 20:07 - 00000924 _____ C:\Users\Tiffany\Desktop\NTREGOPT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000924 _____ C:\Users\Gabe\Desktop\NTREGOPT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000924 _____ C:\Users\fbwuser\Desktop\NTREGOPT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000905 _____ C:\Users\Tiffany\Desktop\ERUNT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000905 _____ C:\Users\Gabe\Desktop\ERUNT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000905 _____ C:\Users\fbwuser\Desktop\ERUNT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000000 ____D C:\Windows\ERDNT 2013-09-10 20:06 - 2013-09-10 20:07 - 00000000 ____D C:\Program Files (x86)\ERUNT 2013-09-10 20:06 - 2013-09-10 20:06 - 00791393 _____ (Lars Hederer ) C:\Users\Gabe\Desktop\erunt-setup.exe 2013-09-10 20:05 - 2013-09-10 20:46 - 00002424 _____ C:\Users\Gabe\Desktop\Rkill.txt 2013-09-10 20:05 - 2013-09-10 20:05 - 01898112 _____ (Bleeping Computer, LLC) C:\Users\Gabe\Desktop\rkill.exe 2013-09-10 20:05 - 2013-09-10 20:05 - 00000000 ____D C:\Users\Gabe\Desktop\rkill 2013-09-10 19:40 - 2013-09-10 19:40 - 00024917 _____ C:\Users\Gabe\Desktop\DDS 10 Sep 13.txt 2013-09-10 19:35 - 2013-09-10 19:38 - 00024917 _____ C:\Users\Gabe\Desktop\dds.txt 2013-09-10 19:35 - 2013-09-10 19:38 - 00012515 _____ C:\Users\Gabe\Desktop\attach.txt 2013-09-10 19:34 - 2013-09-10 19:34 - 00688992 ____R (Swearware) C:\Users\Gabe\Desktop\dds.scr 2013-09-10 09:11 - 2013-09-10 09:11 - 05312512 _____ C:\Users\Gabe\Documents\proof.evtx 2013-09-10 09:11 - 2013-09-10 09:11 - 00000000 ____D C:\Users\Gabe\Documents\LocaleMetaData 2013-09-10 08:29 - 2013-09-10 08:29 - 00312280 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-10 08:24 - 2013-09-10 08:24 - 00049240 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\AntiLog64.sys 2013-09-10 08:24 - 2013-09-10 08:24 - 00000913 _____ C:\Users\Public\Desktop\AntiLogger.lnk 2013-09-10 08:24 - 2013-09-10 08:24 - 00000000 ____D C:\Program Files (x86)\AntiLogger 2013-09-10 08:23 - 2013-09-10 08:24 - 00000000 ____D C:\Users\Gabe\AppData\Local\Zemana 2013-09-10 08:23 - 2013-09-10 08:23 - 00000000 ____D C:\Windows\SysWOW64\ZALSDK_uninst 2013-09-10 08:23 - 2013-07-22 18:23 - 00025056 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\KeyCrypt64.sys 2013-09-10 08:23 - 2013-07-22 18:22 - 06525952 _____ (Zemana Ltd.) C:\Windows\SysWOW64\ZALSDKCore.dll 2013-09-10 08:21 - 2013-09-10 08:22 - 21264112 _____ (Zemana Ltd. ) C:\Users\Gabe\Downloads\Zemana_AntiLogger_1.9.3.502.exe 2013-09-10 08:20 - 2013-09-10 08:29 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK 2013-09-10 08:20 - 2013-09-10 08:20 - 00000000 ____D C:\Users\Gabe\AppData\Local\AntiLogger Free 2013-09-10 08:19 - 2013-09-10 08:19 - 04322816 _____ (Zemana Ltd. ) C:\Users\Gabe\Downloads\AntiLoggerFree_Setup_1.6.2.245.exe 2013-09-10 08:04 - 2013-09-10 08:04 - 00001120 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk 2013-09-10 08:03 - 2013-09-10 20:53 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield 2013-09-10 08:03 - 2013-09-10 08:03 - 00583584 _____ C:\Users\Gabe\Downloads\hotspotshield-setup.exe 2013-09-10 08:03 - 2013-09-10 08:03 - 00000020 ___SH C:\Users\fbwuser\ntuser.ini 2013-09-10 08:03 - 2013-08-12 16:07 - 00046792 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys 2013-09-10 07:08 - 2013-09-10 07:08 - 00002107 _____ C:\Users\Public\Desktop\Who Is On My Wifi.lnk 2013-09-10 07:08 - 2013-09-10 07:08 - 00000000 ____D C:\Program Files (x86)\IO3O LLC 2013-09-08 16:28 - 2013-09-08 16:32 - 767623168 ____R C:\Users\Gabe\Downloads\14.0.4734.1000_ProfessionalPlus_volume_x86_en-us.iso 2013-09-08 16:04 - 2013-09-08 16:04 - 00000000 ____H C:\Users\Gabe\Documents\Default.rdp 2013-09-08 09:41 - 2013-09-08 09:41 - 16243768 _____ C:\Users\Gabe\Downloads\Glary_Utilities_v3.9.1.exe 2013-09-08 08:24 - 2013-07-25 22:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2013-09-08 08:24 - 2013-07-25 22:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2013-09-08 08:23 - 2013-07-25 22:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-08 08:23 - 2013-07-25 22:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-08 08:23 - 2013-07-25 22:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-09-08 08:23 - 2013-07-25 22:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-08 08:23 - 2013-07-25 22:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-08 08:23 - 2013-07-25 22:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-08 08:23 - 2013-07-25 22:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-08 08:23 - 2013-07-25 22:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-08 08:23 - 2013-07-25 22:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-08 08:23 - 2013-07-25 22:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-09-08 08:23 - 2013-07-25 22:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-09-08 08:23 - 2013-07-25 22:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-08 08:23 - 2013-07-25 22:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-09-08 08:23 - 2013-07-25 20:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-08 08:23 - 2013-07-25 20:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-08 08:23 - 2013-07-25 20:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-08 08:23 - 2013-07-25 20:13 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2013-09-08 08:23 - 2013-07-25 20:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-08 08:23 - 2013-07-25 20:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-08 08:23 - 2013-07-25 20:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-08 08:23 - 2013-07-25 20:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-08 08:23 - 2013-07-25 20:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-08 08:23 - 2013-07-25 20:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-09-08 08:23 - 2013-07-25 20:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-09-08 08:23 - 2013-07-25 20:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-08 08:23 - 2013-07-25 20:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-08 08:23 - 2013-07-25 20:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-09-08 08:23 - 2013-07-25 19:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-08 08:23 - 2013-07-25 17:54 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2013-09-08 08:23 - 2013-07-12 23:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-09-08 08:23 - 2013-07-12 23:16 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-09-08 08:23 - 2013-07-12 23:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-09-08 08:23 - 2013-07-12 23:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll 2013-09-08 08:23 - 2013-07-12 23:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll 2013-09-08 08:23 - 2013-07-12 21:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2013-09-08 08:23 - 2013-07-12 21:23 - 01568256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-09-08 08:23 - 2013-07-12 21:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll 2013-09-08 08:23 - 2013-07-12 21:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll 2013-09-08 08:23 - 2013-07-09 01:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys 2013-09-08 08:23 - 2013-07-08 23:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2013-09-08 08:23 - 2013-07-08 21:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2013-09-08 08:23 - 2013-07-08 20:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll 2013-09-08 08:23 - 2013-07-08 15:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll 2013-09-08 08:23 - 2013-07-08 15:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll 2013-09-08 08:23 - 2013-07-08 15:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll 2013-09-08 08:23 - 2013-07-08 15:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll 2013-09-08 08:23 - 2013-07-05 17:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2013-09-08 08:23 - 2013-07-02 17:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2013-09-08 08:23 - 2013-07-02 17:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll 2013-09-08 08:23 - 2013-07-02 17:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2013-09-08 08:23 - 2013-07-02 17:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-09-08 08:23 - 2013-07-02 17:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2013-09-08 08:23 - 2013-07-02 17:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2013-09-08 08:23 - 2013-07-02 17:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2013-09-08 08:23 - 2013-07-02 16:51 - 04039680 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-09-08 08:23 - 2013-07-01 17:44 - 00036288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2013-09-08 08:23 - 2013-07-01 15:08 - 00387583 _____ C:\Windows\system32\ApnDatabase.xml 2013-09-08 08:23 - 2013-07-01 15:08 - 00247216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys 2013-09-08 08:23 - 2013-06-30 15:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe 2013-09-08 08:23 - 2013-06-30 15:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe 2013-09-08 08:23 - 2013-06-28 23:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2013-09-08 08:23 - 2013-06-28 23:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys 2013-09-08 08:23 - 2013-06-28 22:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys 2013-09-08 08:23 - 2013-06-28 18:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-09-08 08:23 - 2013-06-25 20:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys 2013-09-08 08:23 - 2013-06-25 19:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys 2013-09-08 08:23 - 2013-06-24 15:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2013-09-08 08:23 - 2013-06-24 15:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll 2013-09-08 08:23 - 2013-06-24 15:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll 2013-09-08 08:23 - 2013-06-18 22:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll 2013-09-08 08:23 - 2013-06-18 22:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll 2013-09-08 08:23 - 2013-06-18 15:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll 2013-09-08 08:23 - 2013-06-18 15:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll 2013-09-08 08:23 - 2013-06-11 16:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2013-09-08 08:23 - 2013-06-11 16:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2013-09-08 08:23 - 2013-06-10 14:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2013-09-08 08:23 - 2013-06-10 12:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-09-08 08:23 - 2013-06-10 12:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-09-08 08:23 - 2013-06-10 12:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2013-09-08 08:23 - 2013-06-10 12:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-09-08 08:23 - 2013-06-10 12:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-09-08 08:23 - 2013-06-10 12:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-09-08 08:23 - 2013-06-06 01:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2013-09-08 08:22 - 2013-07-08 23:07 - 02233168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-09-08 08:22 - 2013-05-23 16:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-09-08 08:22 - 2013-05-23 15:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2013-09-08 07:58 - 2013-09-10 08:29 - 00002960 _____ C:\Windows\PFRO.log 2013-09-08 03:25 - 2013-09-08 03:25 - 00000000 ____D C:\Users\Gabe\AppData\Local\Apps\2.0 2013-09-07 09:18 - 2013-09-07 09:18 - 01448299 _____ C:\Users\Gabe\Downloads\213991775063143-SURROUND-20130820164851.3gp 2013-09-07 09:15 - 2013-09-07 09:15 - 02896534 _____ C:\Users\Gabe\Downloads\213991775063143-SURROUND-20130821123433.3gp 2013-09-07 09:14 - 2013-09-07 09:15 - 00475112 _____ C:\Users\Gabe\Downloads\213991775063143-SURROUND-20130822103012.3gp 2013-09-07 09:12 - 2013-09-07 09:12 - 02896534 _____ C:\Users\Gabe\Downloads\213991775063143-SURROUND-20130822123215.3gp 2013-09-07 08:43 - 2013-09-07 08:43 - 00356352 _____ C:\Users\Gabe\Downloads\log.xls 2013-09-07 08:43 - 2013-09-07 08:43 - 00064000 _____ C:\Users\Gabe\Downloads\contact.xls 2013-09-07 08:43 - 2013-09-07 08:43 - 00040448 _____ C:\Users\Gabe\Downloads\logcall.xls 2013-09-04 14:58 - 2013-09-04 14:58 - 00894600 _____ (CNET Download.com) C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Advanced_Scan_to_PDF_Free-SEO-75738710.exe 2013-09-04 14:39 - 2013-09-04 14:49 - 00000000 ____D C:\Program Files (x86)\JGS-Scan 2013-09-04 14:39 - 2013-09-04 14:38 - 00737280 _____ (Indigo Rose Corporation) C:\Windows\iun6002.exe 2013-09-04 14:38 - 2013-09-04 14:38 - 04907960 _____ () C:\Users\Gabe\Downloads\JGS-Scan3.exe 2013-09-04 14:37 - 2013-09-04 14:37 - 00584600 _____ C:\Users\Gabe\Downloads\cbsidlm-tr1_14-JGSScan-ORG-10267419.exe 2013-09-03 19:16 - 2013-09-10 22:48 - 00000000 ____D C:\Program Files\McAfee 2013-09-03 19:16 - 2013-09-04 15:05 - 00000000 ____D C:\Program Files (x86)\McAfee 2013-09-03 19:16 - 2013-09-03 19:16 - 00000000 ____D C:\Program Files\McAfee.com 2013-09-03 19:16 - 2013-09-03 19:16 - 00000000 ____D C:\Program Files\Common Files\McAfee 2013-09-03 19:16 - 2013-09-03 19:16 - 00000000 ____D C:\Program Files (x86)\McAfee.com 2013-09-03 19:07 - 2013-09-03 19:08 - 00000000 ____D C:\Program Files\stinger 2013-09-03 19:07 - 2013-09-03 19:07 - 00000000 ____D C:\Stinger_Quarantine 2013-09-03 19:06 - 2013-09-03 19:06 - 04900592 _____ (McAfee, Inc.) C:\Users\Gabe\Downloads\McAfeeSetup-Serial.exe 2013-09-03 19:06 - 2013-02-19 13:56 - 00182752 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe.d0c0.deleteme 2013-09-03 18:57 - 2013-09-03 18:57 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\DiskDefrag 2013-08-26 06:13 - 2013-08-26 06:15 - 116778590 _____ C:\Users\Gabe\Downloads\GET A LIFE 1627.mp4 2013-08-26 06:10 - 2013-08-26 06:11 - 78900943 _____ C:\Users\Gabe\Downloads\SACKCHASING COUGAR.mp4 2013-08-26 06:09 - 2013-08-26 06:10 - 89449556 _____ C:\Users\Gabe\Downloads\PL1300.mp4 2013-08-26 06:09 - 2013-08-26 06:10 - 60828557 _____ C:\Users\Gabe\Downloads\WORTHLESS LOSER.mp4 2013-08-26 06:09 - 2013-08-26 06:09 - 76704889 _____ C:\Users\Gabe\Downloads\LIVING WITH PARENTS AT 40.mp4 2013-08-26 06:03 - 2013-08-26 06:04 - 53457437 _____ C:\Users\Gabe\Downloads\FD1902.mp4 2013-08-26 06:03 - 2013-08-26 06:04 - 35874577 _____ C:\Users\Gabe\Downloads\FD1750WW.mp4 2013-08-26 06:03 - 2013-08-26 06:03 - 35874577 _____ C:\Users\Gabe\Downloads\FFFF.mp4 2013-08-26 06:03 - 2013-08-26 06:03 - 35874577 _____ C:\Users\Gabe\Downloads\FD175022.mp4 2013-08-26 06:02 - 2013-08-26 06:03 - 20270529 _____ C:\Users\Gabe\Downloads\FD2000-FINISH.mp4 2013-08-26 05:58 - 2013-08-26 05:58 - 44342458 _____ C:\Users\Gabe\Downloads\11.mp4 2013-08-26 05:58 - 2013-08-26 05:58 - 35874577 _____ C:\Users\Gabe\Downloads\FD1750.mp4 2013-08-26 05:58 - 2013-08-26 05:58 - 34018519 _____ C:\Users\Gabe\Downloads\FD1705.mp4 2013-08-26 05:57 - 2013-08-26 05:58 - 40459964 _____ C:\Users\Gabe\Downloads\1.mp4 2013-08-26 05:52 - 2013-08-26 05:53 - 40459964 _____ C:\Users\Gabe\Downloads\FD21AUG1530.mp4 2013-08-26 05:52 - 2013-08-26 05:52 - 39933685 _____ C:\Users\Gabe\Downloads\FD21AUG1430.mp4 2013-08-26 05:51 - 2013-08-26 05:52 - 54647286 _____ C:\Users\Gabe\Downloads\My New Clip33.mp4 2013-08-26 05:49 - 2013-08-26 05:49 - 39940067 _____ C:\Users\Gabe\Downloads\FD21AUG1310.mp4 2013-08-26 05:48 - 2013-08-26 05:49 - 39142968 _____ C:\Users\Gabe\Downloads\FrontDoor21Aug1215.mp4 2013-08-26 05:31 - 2013-08-26 05:32 - 54647286 _____ C:\Users\Gabe\Downloads\Front Door 21August.mp4 2013-08-26 05:30 - 2013-08-26 05:31 - 58247011 _____ C:\Users\Gabe\Downloads\BR13AUG1510.mp4 2013-08-26 05:30 - 2013-08-26 05:30 - 40918583 _____ C:\Users\Gabe\Downloads\BR13AUG1415.mp4 2013-08-25 14:03 - 2013-08-25 14:03 - 00000000 ____D C:\Users\Gabe\AppData\Local\Apple Computer 2013-08-25 13:39 - 2013-08-26 05:15 - 00000000 ____D C:\Users\Gabe\Documents\NACI_data 2013-08-25 13:39 - 2013-08-25 22:21 - 00072588 _____ C:\Users\Gabe\Documents\NACI.aup 2013-08-25 13:16 - 2013-08-25 13:18 - 236588638 _____ C:\Users\Gabe\Documents\NACI.wav 2013-08-25 11:10 - 2013-08-25 11:10 - 00000000 ____D C:\Users\Gabe\Downloads\MP_ROOT 2013-08-23 12:34 - 2013-08-23 12:34 - 00461312 _____ C:\Users\Gabe\Downloads\1.xls 2013-08-23 12:07 - 2013-08-23 12:07 - 00461312 _____ C:\Users\Gabe\Downloads\213991775063143SMS.xls 2013-08-23 12:07 - 2013-08-23 12:07 - 00047616 _____ C:\Users\Gabe\Downloads\213991775063143CALL.xls 2013-08-23 11:49 - 2013-08-23 12:30 - 00191488 _____ C:\Users\Gabe\Downloads\213991775063143LOCATION.xls 2013-08-22 22:12 - 2013-08-22 22:12 - 00685123 _____ C:\Users\Gabe\Downloads\213991775063143-CALL-20130819081157-6029782496.3gp 2013-08-22 22:12 - 2013-08-22 22:12 - 00087795 _____ C:\Users\Gabe\Downloads\213991775063143-CALL-20130814211449-6025732886.3gp 2013-08-22 09:21 - 2013-08-22 09:22 - 00000000 ____D C:\Users\Gabe\Documents\Cinematic_Music_Group-Big_K.R.I.T-King_Remembered_In_Time 2013-08-22 09:08 - 2013-08-22 09:08 - 00000000 ____D C:\Users\Gabe\AppData\Local\Macromedia 2013-08-22 07:55 - 2013-08-24 05:36 - 00000075 _____ C:\DiskDefrag.log 2013-08-22 07:55 - 2013-08-22 07:55 - 00002622 _____ C:\Windows\System32\Tasks\GlaryInitialize 3 2013-08-22 07:55 - 2013-08-22 07:55 - 00001080 _____ C:\Users\Public\Desktop\Glary Utilities 3.lnk 2013-08-22 07:55 - 2013-08-20 02:21 - 00117024 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe 2013-08-22 07:54 - 2013-09-10 22:15 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 3 2013-08-22 07:54 - 2013-09-10 21:19 - 00000348 _____ C:\Windows\Tasks\GlaryInitialize 3.job 2013-08-22 07:54 - 2013-08-22 07:54 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\GlarySoft 2013-08-22 07:47 - 2013-08-22 07:47 - 16136496 _____ C:\Users\Gabe\Downloads\gu3setup.exe 2013-08-22 06:52 - 2013-08-22 08:44 - 00000000 ____D C:\Program Files (x86)\WinAce 2013-08-22 06:52 - 2013-08-22 06:52 - 04042444 _____ (e-merge GmbH) C:\Users\Gabe\Downloads\wace269i.exe 2013-08-22 06:52 - 2013-08-22 06:52 - 00000951 _____ C:\Users\Public\Desktop\WinAce Archiver.lnk 2013-08-22 06:49 - 2013-08-22 06:49 - 00862521 _____ C:\Users\Gabe\Downloads\videosnarf-0.63.tar.gz 2013-08-22 04:44 - 2013-08-22 04:44 - 00582605 _____ C:\Users\Gabe\Downloads\Winamp_Essentials_6_7_8_9_10_11_12_13_14.exe 2013-08-21 01:47 - 2013-08-21 01:47 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Apple Computer 2013-08-20 15:10 - 2013-08-24 12:52 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software 2013-08-20 15:09 - 2013-08-24 12:52 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\NCH Software 2013-08-20 15:09 - 2013-08-20 15:09 - 00502848 _____ (NCH Software) C:\Users\Gabe\Downloads\switchsetup.exe 2013-08-20 15:04 - 2013-08-20 15:11 - 00000000 ____D C:\Users\Gabe\Documents\Audio from Tim Mcgraw Burglary 2013-08-20 14:53 - 2013-08-20 14:56 - 470418208 _____ C:\Users\Gabe\Downloads\PowerDirector_3026_GM6_Trial_Trial_VDE130619-02.exe 2013-08-20 14:45 - 2013-08-20 14:45 - 00894600 _____ (CNET Download.com) C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Download_App-BP-75864009.exe 2013-08-20 14:18 - 2013-08-20 14:18 - 00979928 _____ (CyberLink) C:\Users\Gabe\Downloads\CyberLink_PowerDirector_Downloader.exe 2013-08-20 13:22 - 2013-08-25 13:11 - 00000000 ____D C:\Users\Public\CyberLink 2013-08-20 13:22 - 2013-08-20 13:22 - 00000000 ____D C:\Users\Gabe\Documents\CyberLink 2013-08-20 13:20 - 2013-08-20 13:20 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\CyberLink 2013-08-20 13:14 - 2013-08-22 08:44 - 00000000 ____D C:\Program Files (x86)\QuickTime 2013-08-20 13:14 - 2013-08-20 13:14 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk 2013-08-20 12:40 - 2013-08-23 02:06 - 00000000 ____D C:\Users\Gabe\Downloads\CyberLink Power Director 11 Ultra DeLtA Sn1p3r 2013-08-20 12:35 - 2013-08-20 12:37 - 00838896 _____ C:\Users\Gabe\Downloads\LR13AUG0330.mp4.sfk 2013-08-20 12:32 - 2013-08-20 12:37 - 00886196 _____ C:\Users\Gabe\Downloads\10aug1921.mp4.sfk 2013-08-20 12:20 - 2013-08-26 05:30 - 63503421 _____ C:\Users\Gabe\Downloads\BR13AUG1330.mp4 2013-08-20 12:17 - 2013-08-20 12:18 - 52289079 _____ C:\Users\Gabe\Downloads\BR13AUG1240 (Part 1 of 2).mp4 2013-08-20 12:17 - 2013-08-20 12:18 - 31723429 _____ C:\Users\Gabe\Downloads\BR13AUG1240 (Part 2 of 2).mp4 2013-08-20 07:02 - 2013-08-20 07:02 - 00204568 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2013-08-20 07:02 - 2013-08-20 07:02 - 00103576 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2013-08-20 02:05 - 2013-08-20 02:08 - 43723137 _____ C:\Users\Gabe\Downloads\LR13AUG0515.mp4 2013-08-20 01:58 - 2013-08-20 02:05 - 44618151 _____ C:\Users\Gabe\Downloads\LR13AUG0420.mp4 2013-08-20 01:56 - 2013-08-20 02:05 - 57036111 _____ C:\Users\Gabe\Downloads\LR13AUG0325.mp4 2013-08-20 01:52 - 2013-08-20 02:02 - 75121062 _____ C:\Users\Gabe\Downloads\LR13AUG0330.mp4 2013-08-20 01:51 - 2013-08-20 01:58 - 57036111 _____ C:\Users\Gabe\Downloads\LR13AUG0235.mp4 2013-08-20 01:42 - 2013-08-20 01:49 - 90665926 _____ C:\Users\Gabe\Downloads\LR13AUG0146.mp4 2013-08-20 01:35 - 2013-08-20 01:37 - 28597549 _____ C:\Users\Gabe\Downloads\BR13AUG0132 (Part 1 of 2).mp4 2013-08-20 01:35 - 2013-08-20 01:35 - 00000000 _____ C:\Users\Gabe\Downloads\BR13AUG1332 (Part 2 of 2).mp4 2013-08-19 17:40 - 2013-08-20 07:11 - 00000032 _____ C:\Users\Gabe\AppData\Roaming\mbam.context.scan 2013-08-19 13:50 - 2013-08-19 13:50 - 00685123 _____ C:\Users\Gabe\Downloads\CC.3gp 2013-08-19 13:49 - 2013-08-19 13:49 - 00650639 _____ C:\Users\Gabe\Downloads\DAD.3gp 2013-08-19 13:47 - 2013-08-19 13:47 - 01457652 _____ (Repair Video, Inc. ) C:\Users\Gabe\Desktop\asf_avi_rm_wmv_repair.exe 2013-08-18 23:44 - 2013-08-18 23:44 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-08-18 23:44 - 2013-08-18 23:44 - 00000291 _____ C:\AdwCleaner[s2].txt 2013-08-18 23:44 - 2013-08-18 23:44 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Malwarebytes 2013-08-18 23:44 - 2013-08-18 23:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-18 23:44 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-08-18 23:43 - 2013-08-18 23:44 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Gabe\Downloads\mbam-setup-1.75.0.1300.exe 2013-08-18 10:45 - 2013-08-18 10:46 - 52273262 _____ C:\Users\Gabe\Downloads\10aug2155.mp4 2013-08-18 10:45 - 2013-08-18 10:45 - 05730942 _____ C:\Users\Gabe\Downloads\item.mp4 2013-08-18 07:11 - 2013-08-18 07:11 - 00002006 _____ C:\AdwCleaner[s1].txt 2013-08-18 07:09 - 2013-08-18 07:09 - 00891115 _____ C:\Users\Gabe\Downloads\SecurityCheck.exe 2013-08-18 07:07 - 2013-08-18 07:07 - 00000000 _____ C:\Windows\SysWOW64\FAPB4C8.tmp 2013-08-18 07:07 - 2013-08-18 07:07 - 00000000 _____ C:\Windows\SysWOW64\FAPB080.tmp 2013-08-18 07:07 - 2013-08-18 07:07 - 00000000 _____ C:\Windows\SysWOW64\FAP79BE.tmp 2013-08-18 07:05 - 2013-08-20 07:46 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Process Hacker 2 2013-08-18 07:03 - 2013-08-18 07:03 - 00001841 _____ C:\Users\Gabe\Desktop\Process Hacker 2.lnk 2013-08-18 07:03 - 2013-08-18 07:03 - 00000000 ____D C:\Program Files\Process Hacker 2 2013-08-17 22:56 - 2013-08-17 23:04 - 96836088 _____ C:\Users\Gabe\Downloads\10aug2004.avi 2013-08-17 22:55 - 2013-08-17 22:55 - 00894600 _____ (CNET Download.com) C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Pazera_Free_MP4_to_AVI_Converter-SEO-10784027.exe 2013-08-17 22:52 - 2013-08-26 08:14 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Audacity 2013-08-17 22:52 - 2013-08-17 22:52 - 00001007 _____ C:\Users\Gabe\Desktop\Audacity.lnk 2013-08-17 22:52 - 2013-08-17 22:52 - 00000000 ____D C:\Program Files (x86)\Audacity 2013-08-17 22:51 - 2013-08-17 22:52 - 21281052 _____ (Audacity Team ) C:\Users\Gabe\Downloads\audacity-win-2.0.3.exe 2013-08-17 22:50 - 2013-08-17 22:50 - 01856092 _____ (wj32 ) C:\Users\Gabe\Downloads\processhacker-2.31-setup.exe 2013-08-17 20:15 - 2013-08-17 20:15 - 01618718 _____ (UpsideOut, Inc. ) C:\Users\Gabe\Downloads\ProxifySetup.exe 2013-08-17 20:15 - 2013-08-17 20:15 - 00001199 _____ C:\Users\Public\Desktop\Proxify Tray Application.lnk 2013-08-17 20:15 - 2013-08-17 20:15 - 00000000 ____D C:\Program Files (x86)\Proxify Tray Application 2013-08-17 19:37 - 2013-08-17 19:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-08-17 15:13 - 2013-08-17 15:14 - 68162708 _____ C:\Users\Gabe\Downloads\10aug2133.mp4 2013-08-17 15:13 - 2013-08-17 15:13 - 68174687 _____ C:\Users\Gabe\Downloads\10aug1921.mp4 2013-08-17 15:12 - 2013-08-17 15:13 - 52554458 _____ C:\Users\Gabe\Downloads\10aug2112.mp4 2013-08-17 15:08 - 2013-08-17 15:09 - 68020484 _____ C:\Users\Gabe\Downloads\10aug20041.mp4 2013-08-17 15:07 - 2013-08-17 15:08 - 47703588 _____ C:\Users\Gabe\Downloads\10aug2006.mp4 2013-08-17 15:06 - 2013-08-17 15:07 - 68020484 _____ C:\Users\Gabe\Downloads\10aug2004.mp4 2013-08-17 14:15 - 2013-08-17 14:15 - 68020484 _____ C:\Users\Gabe\Downloads\22222.mp4 2013-08-17 14:14 - 2013-08-17 14:14 - 47703588 _____ C:\Users\Gabe\Downloads\10Augbedroom.mp4 2013-08-17 14:11 - 2013-08-17 14:11 - 68020484 _____ C:\Users\Gabe\Downloads\My New Clipjjj.mp4 2013-08-17 13:57 - 2013-08-17 13:58 - 68020484 _____ C:\Users\Gabe\Downloads\10aug20101.mp4 2013-08-17 13:56 - 2013-08-17 13:56 - 35517108 _____ C:\Users\Gabe\Downloads\19aug7pm.mp4 2013-08-17 06:46 - 2013-08-17 06:46 - 08163216 _____ C:\Users\Gabe\Downloads\12AUG2149.mp4 2013-08-17 06:45 - 2013-08-17 06:45 - 07722827 _____ C:\Users\Gabe\Downloads\15AUG1717.mp4 2013-08-17 06:44 - 2013-08-17 06:45 - 144556875 _____ C:\Users\Gabe\Downloads\7AUG1133.mp4 2013-08-17 06:43 - 2013-08-17 06:43 - 10074467 _____ C:\Users\Gabe\Downloads\7AUG1852.mp4 2013-08-17 06:42 - 2013-08-17 06:42 - 07572170 _____ C:\Users\Gabe\Downloads\3AUG.mp4 2013-08-17 06:36 - 2013-08-17 06:37 - 57246322 _____ C:\Users\Gabe\Downloads\10AUG2010(2).mp4 2013-08-17 06:35 - 2013-08-17 06:36 - 57246322 _____ C:\Users\Gabe\Downloads\10AUG2010.mp4 2013-08-17 06:35 - 2013-08-17 06:35 - 06246836 _____ C:\Users\Gabe\Downloads\12AUG0615.mp4 2013-08-17 06:34 - 2013-08-17 06:34 - 08811349 _____ C:\Users\Gabe\Downloads\10AUG1923.mp4 2013-08-17 06:33 - 2013-08-17 06:35 - 57246322 _____ C:\Users\Gabe\Downloads\46.mp4 2013-08-17 05:45 - 2013-08-17 05:45 - 24192489 _____ C:\Users\Gabe\Downloads\45.mp4 2013-08-17 05:37 - 2013-08-17 05:37 - 08811349 _____ C:\Users\Gabe\Downloads\44.mp4 2013-08-17 04:33 - 2013-08-03 05:40 - 00000836 _____ C:\Users\Gabe\Documents\kp[.cer 2013-08-17 03:38 - 2013-08-17 03:38 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-08-17 03:38 - 2013-08-17 03:38 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-08-17 03:38 - 2013-08-17 03:38 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-08-17 03:38 - 2013-08-17 03:38 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-08-17 03:38 - 2013-08-17 03:38 - 00000000 ____D C:\Program Files (x86)\Java 2013-08-17 01:37 - 2013-08-17 01:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-15 17:25 - 2013-08-15 17:26 - 07722827 _____ C:\Users\Gabe\Downloads\3333.mp4 2013-08-15 10:49 - 2013-08-15 10:49 - 00567391 _____ C:\Users\Gabe\Documents\334.3gp 2013-08-14 23:02 - 2013-08-14 23:02 - 08163216 _____ C:\Users\Gabe\Downloads\My Ne.mp4 2013-08-13 03:16 - 2013-08-13 03:17 - 144556875 _____ C:\Users\Gabe\Downloads\22.mp4 2013-08-13 01:46 - 2013-08-22 08:45 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Yahoo! 2013-08-13 01:45 - 2013-08-13 01:45 - 00001137 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk 2013-08-13 01:44 - 2013-08-20 10:41 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2013-08-13 01:44 - 2013-08-13 01:44 - 00442040 _____ (Yahoo! Inc.) C:\Users\Gabe\Downloads\msgr11us.exe 2013-08-13 00:47 - 2013-08-13 10:30 - 00000000 ____D C:\Users\Gabe\Downloads\Epic (2013) 2013-08-13 00:47 - 2013-08-13 00:51 - 00000000 ____D C:\Users\Gabe\Downloads\Superman.Man.of.Steel.2013.720p.R6.LiNE.x264.AAC-DiGiTAL 2013-08-13 00:46 - 2013-08-13 00:47 - 00000000 ____D C:\Users\Gabe\Downloads\Oblivion (2013) [1080p] 2013-08-12 16:10 - 2013-08-12 16:10 - 00042184 _____ (Anchorfree Inc.) C:\Windows\system32\Drivers\taphss6.sys 2013-08-12 13:25 - 2013-08-12 13:26 - 06246836 _____ C:\Users\Gabe\Downloads\My New Clip(2).mp4 2013-08-12 06:41 - 2013-08-12 06:41 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf ==================== One Month Modified Files and Folders ======= 2013-09-10 23:45 - 2013-09-10 23:44 - 01949408 _____ (Farbar) C:\Users\Gabe\Desktop\FRST64.exe 2013-09-10 23:40 - 2013-08-09 11:40 - 00000000 ____D C:\wifidata 2013-09-10 23:00 - 2013-08-03 04:00 - 01153861 _____ C:\Windows\WindowsUpdate.log 2013-09-10 23:00 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\system32\sru 2013-09-10 22:48 - 2013-09-03 19:16 - 00000000 ____D C:\Program Files\McAfee 2013-09-10 22:48 - 2012-07-26 01:12 - 00000000 ___HD C:\Windows\ELAMBKUP 2013-09-10 22:45 - 2013-09-10 22:45 - 00000000 ____D C:\Program Files\ESET 2013-09-10 22:41 - 2013-09-10 22:41 - 01415824 _____ (ESET) C:\Users\Gabe\Desktop\eset_nod32_antivirus_live_installer.exe 2013-09-10 22:39 - 2013-09-10 20:20 - 00000000 ____D C:\Users\Gabe\Desktop\mbar 2013-09-10 22:21 - 2012-07-26 00:28 - 00848230 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-10 22:20 - 2013-08-07 16:14 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3684579750-837988229-3943600733-1002 2013-09-10 22:15 - 2013-08-22 07:54 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 3 2013-09-10 22:14 - 2012-07-26 00:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-10 22:13 - 2012-07-25 22:26 - 00262144 ___SH C:\Windows\system32\config\BBI 2013-09-10 21:23 - 2013-09-10 21:23 - 02347384 _____ (ESET) C:\Users\Gabe\Desktop\esetsmartinstaller_enu.exe 2013-09-10 21:23 - 2013-09-10 21:23 - 00000000 ____D C:\Program Files (x86)\ESET 2013-09-10 21:22 - 2012-07-25 22:26 - 00262144 ___SH C:\Windows\system32\config\ELAM 2013-09-10 21:19 - 2013-08-22 07:54 - 00000348 _____ C:\Windows\Tasks\GlaryInitialize 3.job 2013-09-10 21:16 - 2013-09-10 21:05 - 00000000 ____D C:\AdwCleaner 2013-09-10 21:04 - 2013-09-10 21:04 - 01037278 _____ C:\Users\Gabe\Desktop\AdwCleaner.exe 2013-09-10 21:01 - 2013-09-10 21:01 - 00002162 _____ C:\Users\Gabe\Desktop\JRT.txt 2013-09-10 20:59 - 2013-09-10 20:09 - 00000000 ____D C:\Users\Gabe\Desktop\RK_Quarantine 2013-09-10 20:53 - 2013-09-10 08:03 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield 2013-09-10 20:51 - 2013-09-10 20:51 - 00000000 ____D C:\Windows\ERUNT 2013-09-10 20:50 - 2013-09-10 20:50 - 01029490 _____ (Thisisu) C:\Users\Gabe\Desktop\JRT.exe 2013-09-10 20:46 - 2013-09-10 20:05 - 00002424 _____ C:\Users\Gabe\Desktop\Rkill.txt 2013-09-10 20:20 - 2013-09-10 20:20 - 12907592 _____ (Malwarebytes Corp.) C:\Users\Gabe\Desktop\mbar-1.07.0.1005.exe 2013-09-10 20:17 - 2013-09-10 20:17 - 03788288 _____ C:\Users\Gabe\Desktop\RogueKillerX64(1).exe 2013-09-10 20:12 - 2013-09-10 20:12 - 00001771 _____ C:\Users\Gabe\Desktop\RKreport[0]_S_09102013_201228.txt 2013-09-10 20:07 - 2013-09-10 20:07 - 03788288 _____ C:\Users\Gabe\Desktop\RogueKillerX64.exe 2013-09-10 20:07 - 2013-09-10 20:07 - 00000924 _____ C:\Users\Tiffany\Desktop\NTREGOPT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000924 _____ C:\Users\Gabe\Desktop\NTREGOPT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000924 _____ C:\Users\fbwuser\Desktop\NTREGOPT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000905 _____ C:\Users\Tiffany\Desktop\ERUNT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000905 _____ C:\Users\Gabe\Desktop\ERUNT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000905 _____ C:\Users\fbwuser\Desktop\ERUNT.lnk 2013-09-10 20:07 - 2013-09-10 20:07 - 00000000 ____D C:\Windows\ERDNT 2013-09-10 20:07 - 2013-09-10 20:06 - 00000000 ____D C:\Program Files (x86)\ERUNT 2013-09-10 20:06 - 2013-09-10 20:06 - 00791393 _____ (Lars Hederer ) C:\Users\Gabe\Desktop\erunt-setup.exe 2013-09-10 20:05 - 2013-09-10 20:05 - 01898112 _____ (Bleeping Computer, LLC) C:\Users\Gabe\Desktop\rkill.exe 2013-09-10 20:05 - 2013-09-10 20:05 - 00000000 ____D C:\Users\Gabe\Desktop\rkill 2013-09-10 19:40 - 2013-09-10 19:40 - 00024917 _____ C:\Users\Gabe\Desktop\DDS 10 Sep 13.txt 2013-09-10 19:38 - 2013-09-10 19:35 - 00024917 _____ C:\Users\Gabe\Desktop\dds.txt 2013-09-10 19:38 - 2013-09-10 19:35 - 00012515 _____ C:\Users\Gabe\Desktop\attach.txt 2013-09-10 19:36 - 2013-08-09 12:20 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\uTorrent 2013-09-10 19:34 - 2013-09-10 19:34 - 00688992 ____R (Swearware) C:\Users\Gabe\Desktop\dds.scr 2013-09-10 09:11 - 2013-09-10 09:11 - 05312512 _____ C:\Users\Gabe\Documents\proof.evtx 2013-09-10 09:11 - 2013-09-10 09:11 - 00000000 ____D C:\Users\Gabe\Documents\LocaleMetaData 2013-09-10 08:29 - 2013-09-10 08:29 - 00312280 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-10 08:29 - 2013-09-10 08:20 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK 2013-09-10 08:29 - 2013-09-08 07:58 - 00002960 _____ C:\Windows\PFRO.log 2013-09-10 08:24 - 2013-09-10 08:24 - 00049240 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\AntiLog64.sys 2013-09-10 08:24 - 2013-09-10 08:24 - 00000913 _____ C:\Users\Public\Desktop\AntiLogger.lnk 2013-09-10 08:24 - 2013-09-10 08:24 - 00000000 ____D C:\Program Files (x86)\AntiLogger 2013-09-10 08:24 - 2013-09-10 08:23 - 00000000 ____D C:\Users\Gabe\AppData\Local\Zemana 2013-09-10 08:23 - 2013-09-10 08:23 - 00000000 ____D C:\Windows\SysWOW64\ZALSDK_uninst 2013-09-10 08:22 - 2013-09-10 08:21 - 21264112 _____ (Zemana Ltd. ) C:\Users\Gabe\Downloads\Zemana_AntiLogger_1.9.3.502.exe 2013-09-10 08:20 - 2013-09-10 08:20 - 00000000 ____D C:\Users\Gabe\AppData\Local\AntiLogger Free 2013-09-10 08:19 - 2013-09-10 08:19 - 04322816 _____ (Zemana Ltd. ) C:\Users\Gabe\Downloads\AntiLoggerFree_Setup_1.6.2.245.exe 2013-09-10 08:04 - 2013-09-10 08:04 - 00001120 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk 2013-09-10 08:03 - 2013-09-10 08:03 - 00583584 _____ C:\Users\Gabe\Downloads\hotspotshield-setup.exe 2013-09-10 08:03 - 2013-09-10 08:03 - 00000020 ___SH C:\Users\fbwuser\ntuser.ini 2013-09-10 07:08 - 2013-09-10 07:08 - 00002107 _____ C:\Users\Public\Desktop\Who Is On My Wifi.lnk 2013-09-10 07:08 - 2013-09-10 07:08 - 00000000 ____D C:\Program Files (x86)\IO3O LLC 2013-09-10 07:08 - 2013-08-09 11:39 - 05228920 _____ (IO3O LLC ) C:\Users\Gabe\Downloads\mywifi.exe 2013-09-08 16:32 - 2013-09-08 16:28 - 767623168 ____R C:\Users\Gabe\Downloads\14.0.4734.1000_ProfessionalPlus_volume_x86_en-us.iso 2013-09-08 16:31 - 2013-08-07 16:12 - 00000000 ____D C:\Users\Gabe\AppData\Local\Sony Corporation 2013-09-08 16:31 - 2013-08-03 04:47 - 00000000 ____D C:\Program Files (x86)\Sony 2013-09-08 16:04 - 2013-09-08 16:04 - 00000000 ____H C:\Users\Gabe\Documents\Default.rdp 2013-09-08 11:03 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\rescache 2013-09-08 10:36 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\WinStore 2013-09-08 10:36 - 2012-07-26 01:12 - 00000000 ____D C:\Program Files\Windows Defender 2013-09-08 10:36 - 2012-07-26 01:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2013-09-08 10:36 - 2012-07-25 22:38 - 00000000 ____D C:\Windows\system32\oobe 2013-09-08 09:41 - 2013-09-08 09:41 - 16243768 _____ C:\Users\Gabe\Downloads\Glary_Utilities_v3.9.1.exe 2013-09-08 08:26 - 2013-08-07 16:53 - 00000000 ____D C:\Windows\system32\MRT 2013-09-08 08:25 - 2013-08-07 16:53 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-09-08 07:20 - 2013-08-03 05:22 - 00000000 ____D C:\Program Files (x86)\CyberLink 2013-09-08 07:20 - 2013-08-03 04:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-09-08 07:08 - 2012-08-02 18:59 - 00000000 ____D C:\Windows\Panther 2013-09-08 06:54 - 2013-08-07 17:13 - 00000022 _____ C:\Windows\Model.txt 2013-09-08 03:25 - 2013-09-08 03:25 - 00000000 ____D C:\Users\Gabe\AppData\Local\Apps\2.0 2013-09-07 09:18 - 2013-09-07 09:18 - 01448299 _____ C:\Users\Gabe\Downloads\213991775063143-SURROUND-20130820164851.3gp 2013-09-07 09:15 - 2013-09-07 09:15 - 02896534 _____ C:\Users\Gabe\Downloads\213991775063143-SURROUND-20130821123433.3gp 2013-09-07 09:15 - 2013-09-07 09:14 - 00475112 _____ C:\Users\Gabe\Downloads\213991775063143-SURROUND-20130822103012.3gp 2013-09-07 09:12 - 2013-09-07 09:12 - 02896534 _____ C:\Users\Gabe\Downloads\213991775063143-SURROUND-20130822123215.3gp 2013-09-07 08:43 - 2013-09-07 08:43 - 00356352 _____ C:\Users\Gabe\Downloads\log.xls 2013-09-07 08:43 - 2013-09-07 08:43 - 00064000 _____ C:\Users\Gabe\Downloads\contact.xls 2013-09-07 08:43 - 2013-09-07 08:43 - 00040448 _____ C:\Users\Gabe\Downloads\logcall.xls 2013-09-05 17:36 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\AUInstallAgent 2013-09-04 15:05 - 2013-09-03 19:16 - 00000000 ____D C:\Program Files (x86)\McAfee 2013-09-04 14:58 - 2013-09-04 14:58 - 00894600 _____ (CNET Download.com) C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Advanced_Scan_to_PDF_Free-SEO-75738710.exe 2013-09-04 14:49 - 2013-09-04 14:39 - 00000000 ____D C:\Program Files (x86)\JGS-Scan 2013-09-04 14:38 - 2013-09-04 14:39 - 00737280 _____ (Indigo Rose Corporation) C:\Windows\iun6002.exe 2013-09-04 14:38 - 2013-09-04 14:38 - 04907960 _____ () C:\Users\Gabe\Downloads\JGS-Scan3.exe 2013-09-04 14:37 - 2013-09-04 14:37 - 00584600 _____ C:\Users\Gabe\Downloads\cbsidlm-tr1_14-JGSScan-ORG-10267419.exe 2013-09-04 14:35 - 2013-08-07 16:08 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Adobe 2013-09-03 19:16 - 2013-09-03 19:16 - 00000000 ____D C:\Program Files\McAfee.com 2013-09-03 19:16 - 2013-09-03 19:16 - 00000000 ____D C:\Program Files\Common Files\McAfee 2013-09-03 19:16 - 2013-09-03 19:16 - 00000000 ____D C:\Program Files (x86)\McAfee.com 2013-09-03 19:08 - 2013-09-03 19:07 - 00000000 ____D C:\Program Files\stinger 2013-09-03 19:07 - 2013-09-03 19:07 - 00000000 ____D C:\Stinger_Quarantine 2013-09-03 19:06 - 2013-09-03 19:06 - 04900592 _____ (McAfee, Inc.) C:\Users\Gabe\Downloads\McAfeeSetup-Serial.exe 2013-09-03 18:57 - 2013-09-03 18:57 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\DiskDefrag 2013-08-26 08:14 - 2013-08-17 22:52 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Audacity 2013-08-26 06:15 - 2013-08-26 06:13 - 116778590 _____ C:\Users\Gabe\Downloads\GET A LIFE 1627.mp4 2013-08-26 06:11 - 2013-08-26 06:10 - 78900943 _____ C:\Users\Gabe\Downloads\SACKCHASING COUGAR.mp4 2013-08-26 06:10 - 2013-08-26 06:09 - 89449556 _____ C:\Users\Gabe\Downloads\PL1300.mp4 2013-08-26 06:10 - 2013-08-26 06:09 - 60828557 _____ C:\Users\Gabe\Downloads\WORTHLESS LOSER.mp4 2013-08-26 06:09 - 2013-08-26 06:09 - 76704889 _____ C:\Users\Gabe\Downloads\LIVING WITH PARENTS AT 40.mp4 2013-08-26 06:04 - 2013-08-26 06:03 - 53457437 _____ C:\Users\Gabe\Downloads\FD1902.mp4 2013-08-26 06:04 - 2013-08-26 06:03 - 35874577 _____ C:\Users\Gabe\Downloads\FD1750WW.mp4 2013-08-26 06:03 - 2013-08-26 06:03 - 35874577 _____ C:\Users\Gabe\Downloads\FFFF.mp4 2013-08-26 06:03 - 2013-08-26 06:03 - 35874577 _____ C:\Users\Gabe\Downloads\FD175022.mp4 2013-08-26 06:03 - 2013-08-26 06:02 - 20270529 _____ C:\Users\Gabe\Downloads\FD2000-FINISH.mp4 2013-08-26 05:58 - 2013-08-26 05:58 - 44342458 _____ C:\Users\Gabe\Downloads\11.mp4 2013-08-26 05:58 - 2013-08-26 05:58 - 35874577 _____ C:\Users\Gabe\Downloads\FD1750.mp4 2013-08-26 05:58 - 2013-08-26 05:58 - 34018519 _____ C:\Users\Gabe\Downloads\FD1705.mp4 2013-08-26 05:58 - 2013-08-26 05:57 - 40459964 _____ C:\Users\Gabe\Downloads\1.mp4 2013-08-26 05:53 - 2013-08-26 05:52 - 40459964 _____ C:\Users\Gabe\Downloads\FD21AUG1530.mp4 2013-08-26 05:52 - 2013-08-26 05:52 - 39933685 _____ C:\Users\Gabe\Downloads\FD21AUG1430.mp4 2013-08-26 05:52 - 2013-08-26 05:51 - 54647286 _____ C:\Users\Gabe\Downloads\My New Clip33.mp4 2013-08-26 05:49 - 2013-08-26 05:49 - 39940067 _____ C:\Users\Gabe\Downloads\FD21AUG1310.mp4 2013-08-26 05:49 - 2013-08-26 05:48 - 39142968 _____ C:\Users\Gabe\Downloads\FrontDoor21Aug1215.mp4 2013-08-26 05:32 - 2013-08-26 05:31 - 54647286 _____ C:\Users\Gabe\Downloads\Front Door 21August.mp4 2013-08-26 05:31 - 2013-08-26 05:30 - 58247011 _____ C:\Users\Gabe\Downloads\BR13AUG1510.mp4 2013-08-26 05:30 - 2013-08-26 05:30 - 40918583 _____ C:\Users\Gabe\Downloads\BR13AUG1415.mp4 2013-08-26 05:30 - 2013-08-20 12:20 - 63503421 _____ C:\Users\Gabe\Downloads\BR13AUG1330.mp4 2013-08-26 05:15 - 2013-08-25 13:39 - 00000000 ____D C:\Users\Gabe\Documents\NACI_data 2013-08-25 22:21 - 2013-08-25 13:39 - 00072588 _____ C:\Users\Gabe\Documents\NACI.aup 2013-08-25 14:03 - 2013-08-25 14:03 - 00000000 ____D C:\Users\Gabe\AppData\Local\Apple Computer 2013-08-25 13:18 - 2013-08-25 13:16 - 236588638 _____ C:\Users\Gabe\Documents\NACI.wav 2013-08-25 13:11 - 2013-08-20 13:22 - 00000000 ____D C:\Users\Public\CyberLink 2013-08-25 11:10 - 2013-08-25 11:10 - 00000000 ____D C:\Users\Gabe\Downloads\MP_ROOT 2013-08-24 12:52 - 2013-08-20 15:10 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software 2013-08-24 12:52 - 2013-08-20 15:09 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\NCH Software 2013-08-24 05:36 - 2013-08-22 07:55 - 00000075 _____ C:\DiskDefrag.log 2013-08-24 02:04 - 2013-08-03 04:53 - 00000000 ____D C:\Program Files\Sony 2013-08-23 12:34 - 2013-08-23 12:34 - 00461312 _____ C:\Users\Gabe\Downloads\1.xls 2013-08-23 12:30 - 2013-08-23 11:49 - 00191488 _____ C:\Users\Gabe\Downloads\213991775063143LOCATION.xls 2013-08-23 12:07 - 2013-08-23 12:07 - 00461312 _____ C:\Users\Gabe\Downloads\213991775063143SMS.xls 2013-08-23 12:07 - 2013-08-23 12:07 - 00047616 _____ C:\Users\Gabe\Downloads\213991775063143CALL.xls 2013-08-23 02:06 - 2013-08-20 12:40 - 00000000 ____D C:\Users\Gabe\Downloads\CyberLink Power Director 11 Ultra DeLtA Sn1p3r 2013-08-22 22:12 - 2013-08-22 22:12 - 00685123 _____ C:\Users\Gabe\Downloads\213991775063143-CALL-20130819081157-6029782496.3gp 2013-08-22 22:12 - 2013-08-22 22:12 - 00087795 _____ C:\Users\Gabe\Downloads\213991775063143-CALL-20130814211449-6025732886.3gp 2013-08-22 21:47 - 2013-08-08 01:25 - 00000000 ____D C:\Users\Tiffany\AppData\Local\Sony Corporation 2013-08-22 21:47 - 2013-08-03 04:47 - 00000000 ____D C:\Windows\System32\Tasks\Sony Corporation 2013-08-22 09:34 - 2013-08-08 01:36 - 00007616 _____ C:\Users\Gabe\AppData\Local\resmon.resmoncfg 2013-08-22 09:22 - 2013-08-22 09:21 - 00000000 ____D C:\Users\Gabe\Documents\Cinematic_Music_Group-Big_K.R.I.T-King_Remembered_In_Time 2013-08-22 09:08 - 2013-08-22 09:08 - 00000000 ____D C:\Users\Gabe\AppData\Local\Macromedia 2013-08-22 09:08 - 2013-08-07 21:28 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Mozilla 2013-08-22 08:45 - 2013-08-13 01:46 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Yahoo! 2013-08-22 08:45 - 2013-08-10 23:59 - 00000000 ____D C:\Users\Gabe\Documents\Sony PMB 2013-08-22 08:45 - 2013-08-08 01:20 - 00000000 ____D C:\Users\Tiffany 2013-08-22 08:45 - 2013-08-07 17:33 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Sony 2013-08-22 08:45 - 2013-08-07 16:07 - 00000000 ____D C:\Users\Gabe 2013-08-22 08:44 - 2013-08-22 06:52 - 00000000 ____D C:\Program Files (x86)\WinAce 2013-08-22 08:44 - 2013-08-20 13:14 - 00000000 ____D C:\Program Files (x86)\QuickTime 2013-08-22 08:44 - 2013-08-08 08:32 - 00000000 ____D C:\Program Files (x86)\The KMPlayer 2013-08-22 08:44 - 2012-07-26 01:12 - 00000000 __SHD C:\Program Files\Windows Sidebar 2013-08-22 08:44 - 2012-07-25 22:37 - 00000000 __RHD C:\Users\Default 2013-08-22 08:43 - 2013-08-03 04:22 - 00000000 ____D C:\Intel 2013-08-22 08:00 - 2013-08-09 03:48 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Winamp 2013-08-22 07:55 - 2013-08-22 07:55 - 00002622 _____ C:\Windows\System32\Tasks\GlaryInitialize 3 2013-08-22 07:55 - 2013-08-22 07:55 - 00001080 _____ C:\Users\Public\Desktop\Glary Utilities 3.lnk 2013-08-22 07:54 - 2013-08-22 07:54 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\GlarySoft 2013-08-22 07:47 - 2013-08-22 07:47 - 16136496 _____ C:\Users\Gabe\Downloads\gu3setup.exe 2013-08-22 06:52 - 2013-08-22 06:52 - 04042444 _____ (e-merge GmbH) C:\Users\Gabe\Downloads\wace269i.exe 2013-08-22 06:52 - 2013-08-22 06:52 - 00000951 _____ C:\Users\Public\Desktop\WinAce Archiver.lnk 2013-08-22 06:49 - 2013-08-22 06:49 - 00862521 _____ C:\Users\Gabe\Downloads\videosnarf-0.63.tar.gz 2013-08-22 04:44 - 2013-08-22 04:44 - 00582605 _____ C:\Users\Gabe\Downloads\Winamp_Essentials_6_7_8_9_10_11_12_13_14.exe 2013-08-22 04:44 - 2013-08-09 03:48 - 00000000 ____D C:\Program Files (x86)\Winamp 2013-08-21 01:47 - 2013-08-21 01:47 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Apple Computer 2013-08-20 15:11 - 2013-08-20 15:04 - 00000000 ____D C:\Users\Gabe\Documents\Audio from Tim Mcgraw Burglary 2013-08-20 15:09 - 2013-08-20 15:09 - 00502848 _____ (NCH Software) C:\Users\Gabe\Downloads\switchsetup.exe 2013-08-20 14:56 - 2013-08-20 14:53 - 470418208 _____ C:\Users\Gabe\Downloads\PowerDirector_3026_GM6_Trial_Trial_VDE130619-02.exe 2013-08-20 14:45 - 2013-08-20 14:45 - 00894600 _____ (CNET Download.com) C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Download_App-BP-75864009.exe 2013-08-20 14:18 - 2013-08-20 14:18 - 00979928 _____ (CyberLink) C:\Users\Gabe\Downloads\CyberLink_PowerDirector_Downloader.exe 2013-08-20 13:22 - 2013-08-20 13:22 - 00000000 ____D C:\Users\Gabe\Documents\CyberLink 2013-08-20 13:20 - 2013-08-20 13:20 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\CyberLink 2013-08-20 13:14 - 2013-08-20 13:14 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk 2013-08-20 12:37 - 2013-08-20 12:35 - 00838896 _____ C:\Users\Gabe\Downloads\LR13AUG0330.mp4.sfk 2013-08-20 12:37 - 2013-08-20 12:32 - 00886196 _____ C:\Users\Gabe\Downloads\10aug1921.mp4.sfk 2013-08-20 12:29 - 2013-08-07 17:33 - 00000000 ____D C:\Users\Gabe\AppData\Local\Sony 2013-08-20 12:18 - 2013-08-20 12:17 - 52289079 _____ C:\Users\Gabe\Downloads\BR13AUG1240 (Part 1 of 2).mp4 2013-08-20 12:18 - 2013-08-20 12:17 - 31723429 _____ C:\Users\Gabe\Downloads\BR13AUG1240 (Part 2 of 2).mp4 2013-08-20 10:41 - 2013-08-13 01:44 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2013-08-20 10:40 - 2013-08-03 04:44 - 00000000 ____D C:\Program Files\Common Files\Sony Shared 2013-08-20 07:46 - 2013-08-18 07:05 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Process Hacker 2 2013-08-20 07:11 - 2013-08-19 17:40 - 00000032 _____ C:\Users\Gabe\AppData\Roaming\mbam.context.scan 2013-08-20 07:02 - 2013-08-20 07:02 - 00204568 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2013-08-20 07:02 - 2013-08-20 07:02 - 00103576 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2013-08-20 02:21 - 2013-08-22 07:55 - 00117024 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe 2013-08-20 02:08 - 2013-08-20 02:05 - 43723137 _____ C:\Users\Gabe\Downloads\LR13AUG0515.mp4 2013-08-20 02:05 - 2013-08-20 01:58 - 44618151 _____ C:\Users\Gabe\Downloads\LR13AUG0420.mp4 2013-08-20 02:05 - 2013-08-20 01:56 - 57036111 _____ C:\Users\Gabe\Downloads\LR13AUG0325.mp4 2013-08-20 02:02 - 2013-08-20 01:52 - 75121062 _____ C:\Users\Gabe\Downloads\LR13AUG0330.mp4 2013-08-20 01:58 - 2013-08-20 01:51 - 57036111 _____ C:\Users\Gabe\Downloads\LR13AUG0235.mp4 2013-08-20 01:49 - 2013-08-20 01:42 - 90665926 _____ C:\Users\Gabe\Downloads\LR13AUG0146.mp4 2013-08-20 01:37 - 2013-08-20 01:35 - 28597549 _____ C:\Users\Gabe\Downloads\BR13AUG0132 (Part 1 of 2).mp4 2013-08-20 01:35 - 2013-08-20 01:35 - 00000000 _____ C:\Users\Gabe\Downloads\BR13AUG1332 (Part 2 of 2).mp4 2013-08-19 13:50 - 2013-08-19 13:50 - 00685123 _____ C:\Users\Gabe\Downloads\CC.3gp 2013-08-19 13:49 - 2013-08-19 13:49 - 00650639 _____ C:\Users\Gabe\Downloads\DAD.3gp 2013-08-19 13:47 - 2013-08-19 13:47 - 01457652 _____ (Repair Video, Inc. ) C:\Users\Gabe\Desktop\asf_avi_rm_wmv_repair.exe 2013-08-18 23:44 - 2013-08-18 23:44 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-08-18 23:44 - 2013-08-18 23:44 - 00000291 _____ C:\AdwCleaner[s2].txt 2013-08-18 23:44 - 2013-08-18 23:44 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\Malwarebytes 2013-08-18 23:44 - 2013-08-18 23:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-18 23:44 - 2013-08-18 23:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Gabe\Downloads\mbam-setup-1.75.0.1300.exe 2013-08-18 10:46 - 2013-08-18 10:45 - 52273262 _____ C:\Users\Gabe\Downloads\10aug2155.mp4 2013-08-18 10:45 - 2013-08-18 10:45 - 05730942 _____ C:\Users\Gabe\Downloads\item.mp4 2013-08-18 07:11 - 2013-08-18 07:11 - 00002006 _____ C:\AdwCleaner[s1].txt 2013-08-18 07:09 - 2013-08-18 07:09 - 00891115 _____ C:\Users\Gabe\Downloads\SecurityCheck.exe 2013-08-18 07:07 - 2013-08-18 07:07 - 00000000 _____ C:\Windows\SysWOW64\FAPB4C8.tmp 2013-08-18 07:07 - 2013-08-18 07:07 - 00000000 _____ C:\Windows\SysWOW64\FAPB080.tmp 2013-08-18 07:07 - 2013-08-18 07:07 - 00000000 _____ C:\Windows\SysWOW64\FAP79BE.tmp 2013-08-18 07:03 - 2013-08-18 07:03 - 00001841 _____ C:\Users\Gabe\Desktop\Process Hacker 2.lnk 2013-08-18 07:03 - 2013-08-18 07:03 - 00000000 ____D C:\Program Files\Process Hacker 2 2013-08-17 23:04 - 2013-08-17 22:56 - 96836088 _____ C:\Users\Gabe\Downloads\10aug2004.avi 2013-08-17 22:55 - 2013-08-17 22:55 - 00894600 _____ (CNET Download.com) C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Pazera_Free_MP4_to_AVI_Converter-SEO-10784027.exe 2013-08-17 22:52 - 2013-08-17 22:52 - 00001007 _____ C:\Users\Gabe\Desktop\Audacity.lnk 2013-08-17 22:52 - 2013-08-17 22:52 - 00000000 ____D C:\Program Files (x86)\Audacity 2013-08-17 22:52 - 2013-08-17 22:51 - 21281052 _____ (Audacity Team ) C:\Users\Gabe\Downloads\audacity-win-2.0.3.exe 2013-08-17 22:50 - 2013-08-17 22:50 - 01856092 _____ (wj32 ) C:\Users\Gabe\Downloads\processhacker-2.31-setup.exe 2013-08-17 20:15 - 2013-08-17 20:15 - 01618718 _____ (UpsideOut, Inc. ) C:\Users\Gabe\Downloads\ProxifySetup.exe 2013-08-17 20:15 - 2013-08-17 20:15 - 00001199 _____ C:\Users\Public\Desktop\Proxify Tray Application.lnk 2013-08-17 20:15 - 2013-08-17 20:15 - 00000000 ____D C:\Program Files (x86)\Proxify Tray Application 2013-08-17 19:37 - 2013-08-17 19:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-08-17 15:14 - 2013-08-17 15:13 - 68162708 _____ C:\Users\Gabe\Downloads\10aug2133.mp4 2013-08-17 15:13 - 2013-08-17 15:13 - 68174687 _____ C:\Users\Gabe\Downloads\10aug1921.mp4 2013-08-17 15:13 - 2013-08-17 15:12 - 52554458 _____ C:\Users\Gabe\Downloads\10aug2112.mp4 2013-08-17 15:09 - 2013-08-17 15:08 - 68020484 _____ C:\Users\Gabe\Downloads\10aug20041.mp4 2013-08-17 15:08 - 2013-08-17 15:07 - 47703588 _____ C:\Users\Gabe\Downloads\10aug2006.mp4 2013-08-17 15:07 - 2013-08-17 15:06 - 68020484 _____ C:\Users\Gabe\Downloads\10aug2004.mp4 2013-08-17 14:15 - 2013-08-17 14:15 - 68020484 _____ C:\Users\Gabe\Downloads\22222.mp4 2013-08-17 14:14 - 2013-08-17 14:14 - 47703588 _____ C:\Users\Gabe\Downloads\10Augbedroom.mp4 2013-08-17 14:11 - 2013-08-17 14:11 - 68020484 _____ C:\Users\Gabe\Downloads\My New Clipjjj.mp4 2013-08-17 13:58 - 2013-08-17 13:57 - 68020484 _____ C:\Users\Gabe\Downloads\10aug20101.mp4 2013-08-17 13:56 - 2013-08-17 13:56 - 35517108 _____ C:\Users\Gabe\Downloads\19aug7pm.mp4 2013-08-17 06:46 - 2013-08-17 06:46 - 08163216 _____ C:\Users\Gabe\Downloads\12AUG2149.mp4 2013-08-17 06:45 - 2013-08-17 06:45 - 07722827 _____ C:\Users\Gabe\Downloads\15AUG1717.mp4 2013-08-17 06:45 - 2013-08-17 06:44 - 144556875 _____ C:\Users\Gabe\Downloads\7AUG1133.mp4 2013-08-17 06:43 - 2013-08-17 06:43 - 10074467 _____ C:\Users\Gabe\Downloads\7AUG1852.mp4 2013-08-17 06:42 - 2013-08-17 06:42 - 07572170 _____ C:\Users\Gabe\Downloads\3AUG.mp4 2013-08-17 06:37 - 2013-08-17 06:36 - 57246322 _____ C:\Users\Gabe\Downloads\10AUG2010(2).mp4 2013-08-17 06:36 - 2013-08-17 06:35 - 57246322 _____ C:\Users\Gabe\Downloads\10AUG2010.mp4 2013-08-17 06:35 - 2013-08-17 06:35 - 06246836 _____ C:\Users\Gabe\Downloads\12AUG0615.mp4 2013-08-17 06:35 - 2013-08-17 06:33 - 57246322 _____ C:\Users\Gabe\Downloads\46.mp4 2013-08-17 06:34 - 2013-08-17 06:34 - 08811349 _____ C:\Users\Gabe\Downloads\10AUG1923.mp4 2013-08-17 05:45 - 2013-08-17 05:45 - 24192489 _____ C:\Users\Gabe\Downloads\45.mp4 2013-08-17 05:37 - 2013-08-17 05:37 - 08811349 _____ C:\Users\Gabe\Downloads\44.mp4 2013-08-17 03:38 - 2013-08-17 03:38 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-08-17 03:38 - 2013-08-17 03:38 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-08-17 03:38 - 2013-08-17 03:38 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-08-17 03:38 - 2013-08-17 03:38 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-08-17 03:38 - 2013-08-17 03:38 - 00000000 ____D C:\Program Files (x86)\Java 2013-08-17 03:38 - 2013-08-03 04:46 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll 2013-08-17 03:38 - 2013-08-03 04:46 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2013-08-17 01:37 - 2013-08-17 01:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-15 17:26 - 2013-08-15 17:25 - 07722827 _____ C:\Users\Gabe\Downloads\3333.mp4 2013-08-15 10:49 - 2013-08-15 10:49 - 00567391 _____ C:\Users\Gabe\Documents\334.3gp 2013-08-15 01:38 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\system32\NDF 2013-08-14 23:02 - 2013-08-14 23:02 - 08163216 _____ C:\Users\Gabe\Downloads\My Ne.mp4 2013-08-13 10:30 - 2013-08-13 00:47 - 00000000 ____D C:\Users\Gabe\Downloads\Epic (2013) 2013-08-13 03:17 - 2013-08-13 03:16 - 144556875 _____ C:\Users\Gabe\Downloads\22.mp4 2013-08-13 01:45 - 2013-08-13 01:45 - 00001137 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk 2013-08-13 01:44 - 2013-08-13 01:44 - 00442040 _____ (Yahoo! Inc.) C:\Users\Gabe\Downloads\msgr11us.exe 2013-08-13 00:51 - 2013-08-13 00:47 - 00000000 ____D C:\Users\Gabe\Downloads\Superman.Man.of.Steel.2013.720p.R6.LiNE.x264.AAC-DiGiTAL 2013-08-13 00:47 - 2013-08-13 00:46 - 00000000 ____D C:\Users\Gabe\Downloads\Oblivion (2013) [1080p] 2013-08-12 16:10 - 2013-08-12 16:10 - 00042184 _____ (Anchorfree Inc.) C:\Windows\system32\Drivers\taphss6.sys 2013-08-12 16:07 - 2013-09-10 08:03 - 00046792 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys 2013-08-12 13:26 - 2013-08-12 13:25 - 06246836 _____ C:\Users\Gabe\Downloads\My New Clip(2).mp4 2013-08-12 06:41 - 2013-08-12 06:41 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf Files to move or delete: ==================== C:\Users\Gabe\AppData\Local\Temp\0222411378878482mcinst.exe C:\Users\Gabe\AppData\Local\Temp\fp_pl_pfs_installer.exe C:\Users\Gabe\AppData\Local\Temp\GLFAF29.EXE C:\Users\Gabe\AppData\Local\Temp\GLFC820.EXE C:\Users\Gabe\AppData\Local\Temp\mpsetup.exe C:\Users\Gabe\AppData\Local\Temp\oi_{684560FE-6968-42F9-846C-5B6C16643EF9}.exe C:\Users\Gabe\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-09 03:00 ==================== End Of Log ============================

Yes, the 2nds MBAR scan. Here is the ESET log. C:\Users\Gabe\AppData\Local\Temp\dlm5D8C.tmp\AdvancedScantoPDFFree.exe Win32/OpenCandy potentially unsafe application No action C:\Users\Gabe\Downloads\cbsidlm-cbsi127-KMPlayer-SEO-10659939.exe probably a variant of Win32/CNETInstaller.A potentially unwanted application No action C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Advanced_Scan_to_PDF_Free-SEO-75738710.exe probably a variant of Win32/CNETInstaller.A potentially unwanted application No action C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Download_App-BP-75864009.exe probably a variant of Win32/CNETInstaller.A potentially unwanted application No action C:\Users\Gabe\Downloads\cbsidlm-cbsi134-Pazera_Free_MP4_to_AVI_Converter-SEO-10784027.exe probably a variant of Win32/CNETInstaller.A potentially unwanted application No action C:\Users\Gabe\Downloads\cbsidlm-tr1_14-3GP_Player-SEO-10881638.exe Win32/DownloadAdmin.G potentially unwanted application No action C:\Users\Gabe\Downloads\cbsidlm-tr1_14-JGSScan-ORG-10267419.exe Win32/DownloadAdmin.G potentially unwanted application No action C:\Users\Gabe\Downloads\KMPlayer_3.6.0.87.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application No action

thats what it said after the scan,. doing eset now, will post log when complete.

no cleanup needed.

# AdwCleaner v3.003 - Report created 10/09/2013 at 21:16:38 # Updated 07/09/2013 by Xplode # Operating System : Windows 8 (64 bits) # Username : Gabe - SYSADMIN # Running from : C:\Users\Gabe\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\Gabe\AppData\Roaming\Mozilla\Firefox\Profiles\jeur3bn4.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} File Deleted : C:\Users\Gabe\AppData\Local\Temp\Uninstall.exe ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 -\\ Mozilla Firefox v23.0.1 (en-US) [ File : C:\Users\Gabe\AppData\Roaming\Mozilla\Firefox\Profiles\jeur3bn4.default\prefs.js ] ************************* AdwCleaner[R0].txt - [1164 octets] - [10/09/2013 21:05:35] AdwCleaner[s0].txt - [1091 octets] - [10/09/2013 21:16:38] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1151 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.5.9 (09.07.2013:1) OS: Windows 8 x64 Ran by Gabe on Tue 09/10/2013 at 20:51:07.30 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Successfully stopped: [service] hshld Failed to delete: [service] hshld Successfully stopped: [service] hsstrayservice Successfully deleted: [service] hsstrayservice Successfully stopped: [service] hsswd Successfully deleted: [service] hsswd ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1 Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\anchorfree Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\hotspotshield ~~~ Files Successfully deleted: [File] "C:\end" ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\hotspot shield" Successfully deleted: [Folder] "C:\Users\Gabe\AppData\Roaming\hotspot shield" Failed to delete: [Folder] "C:\Program Files (x86)\hotspot shield" ~~~ FireFox Emptied folder: C:\Users\Gabe\AppData\Roaming\mozilla\firefox\profiles\jeur3bn4.default\minidumps [1 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Tue 09/10/2013 at 21:01:31.67 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Malwarebytes Anti-Rootkit BETA 1.07.0.1005 www.malwarebytes.org Database version: v2013.09.11.01 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16660 Gabe :: SYSADMIN [administrator] 9/10/2013 8:30:17 PM mbar-log-2013-09-10 (20-30-17).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 287027 Time elapsed: 15 minute(s), 13 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 1 HKLM\SOFTWARE\Refog Software (Refog.Keylogger) -> Delete on reboot. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.07.0.1005 © Malwarebytes Corporation 2011-2012 OS version: 6.2.9200 Windows 8 x64 Account is Administrative Internet Explorer version: 10.0.9200.16660 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, F:\ DRIVE_FIXED CPU speed: 2.494000 GHz Memory total: 12757811200, free: 10194030592 Downloaded database version: v2013.09.11.01 Downloaded database version: v2013.08.06.01 ======================================= --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.07.0.1005 © Malwarebytes Corporation 2011-2012 OS version: 6.2.9200 Windows 8 x64 Account is Administrative Internet Explorer version: 10.0.9200.16660 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, F:\ DRIVE_FIXED CPU speed: 2.494000 GHz Memory total: 12757811200, free: 10237689856 ======================================= ------------ Kernel report ------------ 09/10/2013 20:23:27 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kd.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\System32\drivers\CLFS.SYS \SystemRoot\System32\drivers\tm.sys \SystemRoot\system32\PSHED.dll \SystemRoot\system32\BOOTVID.dll \SystemRoot\system32\CI.dll \SystemRoot\System32\drivers\msrpc.sys \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\System32\Drivers\acpiex.sys \SystemRoot\System32\Drivers\WppRecorder.sys \SystemRoot\System32\drivers\ACPI.sys \SystemRoot\System32\drivers\WMILIB.SYS \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\msisadrv.sys \SystemRoot\System32\drivers\pci.sys \SystemRoot\System32\drivers\vdrvroot.sys \SystemRoot\system32\drivers\pdc.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\System32\drivers\spaceport.sys \SystemRoot\System32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\System32\drivers\iaStorA.sys \SystemRoot\System32\drivers\storport.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\System32\drivers\fileinfo.sys \SystemRoot\system32\drivers\mfehidk.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\DRIVERS\wfplwfs.sys \SystemRoot\system32\drivers\mfewfpk.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\System32\drivers\wd.sys \SystemRoot\System32\drivers\volsnap.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\system32\DRIVERS\nvpciflt.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\disk.sys \SystemRoot\System32\drivers\CLASSPNP.SYS \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\drivers\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\BasicRender.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\System32\drivers\BasicDisplay.sys \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\hssdrv6.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\System32\drivers\npsvctrig.sys \SystemRoot\System32\drivers\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \??\C:\Windows\system32\drivers\AntiLog64.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\taphss6.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\System32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\kdnic.sys \SystemRoot\System32\drivers\umbus.sys \SystemRoot\system32\DRIVERS\nvlddmkm.sys \SystemRoot\system32\DRIVERS\igdkmd64.sys \SystemRoot\System32\drivers\USBXHCI.SYS \SystemRoot\System32\drivers\ucx01000.sys \SystemRoot\System32\drivers\HECIx64.sys \SystemRoot\System32\drivers\usbehci.sys \SystemRoot\System32\drivers\USBPORT.SYS \SystemRoot\System32\drivers\HDAudBus.sys \SystemRoot\system32\DRIVERS\bcmwl63a.sys \SystemRoot\System32\drivers\vwifibus.sys \SystemRoot\system32\DRIVERS\RtsPStor.sys \SystemRoot\system32\DRIVERS\Rt630x64.sys \SystemRoot\System32\drivers\SFEP.sys \SystemRoot\System32\drivers\i8042prt.sys \SystemRoot\system32\DRIVERS\SynTP.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\KeyCrypt64.sys \SystemRoot\System32\drivers\kbdclass.sys \SystemRoot\System32\drivers\mouclass.sys \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys \SystemRoot\System32\drivers\CmBatt.sys \SystemRoot\System32\drivers\BATTC.SYS \SystemRoot\System32\drivers\intelppm.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\System32\drivers\swenum.sys \SystemRoot\System32\drivers\ks.sys \SystemRoot\System32\drivers\rdpbus.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\System32\drivers\usbhub.sys \SystemRoot\System32\drivers\UsbHub3.sys \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\DRIVERS\IntcDAud.sys \SystemRoot\system32\drivers\mfeavfk.sys \SystemRoot\system32\drivers\mfefirek.sys \SystemRoot\System32\drivers\USBSTOR.SYS \SystemRoot\System32\Drivers\fastfat.SYS \SystemRoot\system32\DRIVERS\udfs.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\HIDPARSE.SYS \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\system32\drivers\luafv.sys \??\C:\Windows\system32\drivers\mbam.sys \SystemRoot\System32\drivers\monitor.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\System32\drivers\usbccgp.sys \SystemRoot\System32\drivers\hidusb.sys \SystemRoot\System32\drivers\HIDCLASS.SYS \SystemRoot\System32\Drivers\dump_diskdump.sys \SystemRoot\System32\Drivers\dump_iaStorA.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\bcbtums.sys \SystemRoot\System32\Drivers\BTHUSB.sys \SystemRoot\System32\Drivers\bthport.sys \SystemRoot\System32\drivers\condrv.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\system32\DRIVERS\vwifimp.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\system32\DRIVERS\BthLEEnum.sys \SystemRoot\System32\drivers\BthEnum.sys \SystemRoot\system32\drivers\BthA2DP.sys \SystemRoot\system32\drivers\btampm.sys \SystemRoot\System32\drivers\BthAvrcpTg.sys \SystemRoot\System32\drivers\bthhfenum.sys \SystemRoot\system32\DRIVERS\BthHfAud.sys \SystemRoot\System32\drivers\BthHFHid.sys \SystemRoot\System32\drivers\mshidkmdf.sys \SystemRoot\system32\drivers\Ndu.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\System32\drivers\WUDFRd.sys \SystemRoot\System32\drivers\WpdUpFltr.sys \SystemRoot\system32\drivers\mfeapfk.sys \SystemRoot\system32\drivers\cfwids.sys \SystemRoot\System32\drivers\mouhid.sys \??\C:\Program Files\Process Hacker 2\kprocesshacker.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk1\DR1 Upper Device Object: 0xfffffa800f1d0740 Upper Device Driver Name: \Driver\disk\ Lower Device Name: \Device\00000046\ Lower Device Object: 0xfffffa800f1cd650 Lower Device Driver Name: \Driver\USBSTOR\ <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa800c976060 Upper Device Driver Name: \Driver\disk\ Lower Device Name: \Device\00000038\ Lower Device Object: 0xfffffa800af24060 Lower Device Driver Name: \Driver\iaStorA\ <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa800c976060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa800c976b10, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa800c976060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ DevicePointer: 0xfffffa800af25c00, DeviceName: Unknown, DriverName: \Driver\ACPI\ DevicePointer: 0xfffffa800af24060, DeviceName: \Device\00000038\, DriverName: \Driver\iaStorA\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Read File: File "C:\Windows\System32\Drivers\vwifibus.sys" is compressed (flags = 1) Read File: File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1) Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: This drive is a GPT Drive. MBR Signature: 55AA Disk Signature: 6AD751D9 GPT Protective MBR Partition information: Partition 0 type is EFI-GPT (0xee) Partition is NOT ACTIVE. Partition starts at LBA: 1 Numsec = 4294967295 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 GPT Partition information: GPT Header Signature 4546492050415254 GPT Header Revision 65536 Size 92 CRC 2160474830 GPT Header CurrentLba = 1 BackupLba 1953525167 GPT Header FirstUsableLba 34 LastUsableLba 1953525134 GPT Header Guid ba5f9427-ca4e-4b1d-abb5-4afcb8cded GPT Header Contains 128 partition entries starting at LBA 2 GPT Header Partition entry size = 128 Backup GPT header Signature 4546492050415254 Backup GPT header Revision 65536 Size 92 CRC 890022109 Backup GPT header CurrentLba = 1953525167 BackupLba 1 Backup GPT header FirstUsableLba 34 LastUsableLba 1953525134 Backup GPT header Guid 90ffade2-d4fe-4d1f-baaf-5ce747118b71 Backup GPT header Contains 128 partition entries starting at LBA 1953525135 Backup GPT header Partition entry size = 128 Partition 0 Type f4019732-66e-4e12-8273-346c5641494f Partition ID 9ee4681a-b4b0-4013-8fb9-c883483d96da FirstLBA 2048 Last LBA 534527 Attributes 1 Partition Name EFI system partition Partition 1 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac Partition ID 7ce4513f-27cd-46b0-8d35-11fd8bd4ffd FirstLBA 534528 Last LBA 3553279 Attributes 1 Partition Name Basic data partition Partition 2 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b Partition ID e2f16338-f560-4cc4-b3e4-e09a26655cd8 FirstLBA 3553280 Last LBA 4085759 Attributes 0 Partition Name EFI system partition GPT Partition 2 is bootable Partition 3 Type e3c9e316-b5c-4db8-817d-f92df0215ae Partition ID 68010a40-e61f-4372-ba93-a47189aefedc FirstLBA 4085760 Last LBA 4347903 Attributes 0 Partition Name Microsoft reserved partition Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7 Partition ID 2f7736cc-b96b-4644-83e2-0c89a23e595 FirstLBA 4347904 Last LBA 1890877439 Attributes 0 Partition Name Basic data partition Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac Partition ID ce4717dd-bf12-4def-a7cb-4643f942caf5 FirstLBA 1890877440 Last LBA 1953523711 Attributes 1 Partition Name Basic data partition Disk Size: 1000204886016 bytes Sector size: 512 bytes Done! Physical Sector Size: 512 Drive: 1, DevicePointer: 0xfffffa800f1d0740, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa800f1ca040, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa800f1d0740, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ DevicePointer: 0xfffffa800f1cd650, DeviceName: \Device\00000046\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 1 Scanning MBR on drive 1... Inspecting partition table: MBR Signature: 55AA Disk Signature: 1CE7A4E9 Partition information: Partition 0 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 976769072 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 500107862016 bytes Sector size: 512 bytes Done! Scan Interrupted Scan was aborted. ======================================= Removal queue found; removal started Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_r.mbam... Removal finished --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.07.0.1005 © Malwarebytes Corporation 2011-2012 OS version: 6.2.9200 Windows 8 x64 Account is Administrative Internet Explorer version: 10.0.9200.16660 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, F:\ DRIVE_FIXED CPU speed: 2.494000 GHz Memory total: 12757811200, free: 10134528000 --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.07.0.1005 © Malwarebytes Corporation 2011-2012 OS version: 6.2.9200 Windows 8 x64 Account is Administrative Internet Explorer version: 10.0.9200.16660 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, F:\ DRIVE_FIXED CPU speed: 2.494000 GHz Memory total: 12757811200, free: 10145017856 Downloaded database version: v2013.09.11.01 Downloaded database version: v2013.08.06.01 Initializing... ====================== ------------ Kernel report ------------ 09/10/2013 20:30:14 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kd.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\System32\drivers\CLFS.SYS \SystemRoot\System32\drivers\tm.sys \SystemRoot\system32\PSHED.dll \SystemRoot\system32\BOOTVID.dll \SystemRoot\system32\CI.dll \SystemRoot\System32\drivers\msrpc.sys \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\System32\Drivers\acpiex.sys \SystemRoot\System32\Drivers\WppRecorder.sys \SystemRoot\System32\drivers\ACPI.sys \SystemRoot\System32\drivers\WMILIB.SYS \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\msisadrv.sys \SystemRoot\System32\drivers\pci.sys \SystemRoot\System32\drivers\vdrvroot.sys \SystemRoot\system32\drivers\pdc.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\System32\drivers\spaceport.sys \SystemRoot\System32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\System32\drivers\iaStorA.sys \SystemRoot\System32\drivers\storport.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\System32\drivers\fileinfo.sys \SystemRoot\system32\drivers\mfehidk.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\DRIVERS\wfplwfs.sys \SystemRoot\system32\drivers\mfewfpk.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\System32\drivers\wd.sys \SystemRoot\System32\drivers\volsnap.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\system32\DRIVERS\nvpciflt.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\disk.sys \SystemRoot\System32\drivers\CLASSPNP.SYS \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\drivers\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\BasicRender.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\System32\drivers\BasicDisplay.sys \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\hssdrv6.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\System32\drivers\npsvctrig.sys \SystemRoot\System32\drivers\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \??\C:\Windows\system32\drivers\AntiLog64.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\taphss6.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\System32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\kdnic.sys \SystemRoot\System32\drivers\umbus.sys \SystemRoot\system32\DRIVERS\nvlddmkm.sys \SystemRoot\system32\DRIVERS\igdkmd64.sys \SystemRoot\System32\drivers\USBXHCI.SYS \SystemRoot\System32\drivers\ucx01000.sys \SystemRoot\System32\drivers\HECIx64.sys \SystemRoot\System32\drivers\usbehci.sys \SystemRoot\System32\drivers\USBPORT.SYS \SystemRoot\System32\drivers\HDAudBus.sys \SystemRoot\system32\DRIVERS\bcmwl63a.sys \SystemRoot\System32\drivers\vwifibus.sys \SystemRoot\system32\DRIVERS\RtsPStor.sys \SystemRoot\system32\DRIVERS\Rt630x64.sys \SystemRoot\System32\drivers\SFEP.sys \SystemRoot\System32\drivers\i8042prt.sys \SystemRoot\system32\DRIVERS\SynTP.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\KeyCrypt64.sys \SystemRoot\System32\drivers\kbdclass.sys \SystemRoot\System32\drivers\mouclass.sys \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys \SystemRoot\System32\drivers\CmBatt.sys \SystemRoot\System32\drivers\BATTC.SYS \SystemRoot\System32\drivers\intelppm.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\System32\drivers\swenum.sys \SystemRoot\System32\drivers\ks.sys \SystemRoot\System32\drivers\rdpbus.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\System32\drivers\usbhub.sys \SystemRoot\System32\drivers\UsbHub3.sys \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\DRIVERS\IntcDAud.sys \SystemRoot\system32\drivers\mfeavfk.sys \SystemRoot\system32\drivers\mfefirek.sys \SystemRoot\System32\drivers\USBSTOR.SYS \SystemRoot\System32\Drivers\fastfat.SYS \SystemRoot\system32\DRIVERS\udfs.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\HIDPARSE.SYS \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\system32\drivers\luafv.sys \??\C:\Windows\system32\drivers\mbam.sys \SystemRoot\System32\drivers\monitor.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\System32\drivers\usbccgp.sys \SystemRoot\System32\drivers\hidusb.sys \SystemRoot\System32\drivers\HIDCLASS.SYS \SystemRoot\System32\Drivers\dump_diskdump.sys \SystemRoot\System32\Drivers\dump_iaStorA.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\bcbtums.sys \SystemRoot\System32\Drivers\BTHUSB.sys \SystemRoot\System32\Drivers\bthport.sys \SystemRoot\System32\drivers\condrv.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\system32\DRIVERS\vwifimp.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\system32\DRIVERS\BthLEEnum.sys \SystemRoot\System32\drivers\BthEnum.sys \SystemRoot\system32\drivers\BthA2DP.sys \SystemRoot\system32\drivers\btampm.sys \SystemRoot\System32\drivers\BthAvrcpTg.sys \SystemRoot\System32\drivers\bthhfenum.sys \SystemRoot\system32\DRIVERS\BthHfAud.sys \SystemRoot\System32\drivers\BthHFHid.sys \SystemRoot\System32\drivers\mshidkmdf.sys \SystemRoot\system32\drivers\Ndu.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\System32\drivers\WUDFRd.sys \SystemRoot\System32\drivers\WpdUpFltr.sys \SystemRoot\system32\drivers\mfeapfk.sys \SystemRoot\system32\drivers\cfwids.sys \SystemRoot\System32\drivers\mouhid.sys \??\C:\Program Files\Process Hacker 2\kprocesshacker.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk1\DR1 Upper Device Object: 0xfffffa800f1d0740 Upper Device Driver Name: \Driver\disk\ Lower Device Name: \Device\00000046\ Lower Device Object: 0xfffffa800f1cd650 Lower Device Driver Name: \Driver\USBSTOR\ <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa800c976060 Upper Device Driver Name: \Driver\disk\ Lower Device Name: \Device\00000038\ Lower Device Object: 0xfffffa800af24060 Lower Device Driver Name: \Driver\iaStorA\ <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa800c976060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa800c976b10, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa800c976060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ DevicePointer: 0xfffffa800af25c00, DeviceName: Unknown, DriverName: \Driver\ACPI\ DevicePointer: 0xfffffa800af24060, DeviceName: \Device\00000038\, DriverName: \Driver\iaStorA\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Read File: File "C:\Windows\System32\Drivers\vwifibus.sys" is compressed (flags = 1) Read File: File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1) Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: This drive is a GPT Drive. MBR Signature: 55AA Disk Signature: 6AD751D9 GPT Protective MBR Partition information: Partition 0 type is EFI-GPT (0xee) Partition is NOT ACTIVE. Partition starts at LBA: 1 Numsec = 4294967295 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 GPT Partition information: GPT Header Signature 4546492050415254 GPT Header Revision 65536 Size 92 CRC 2160474830 GPT Header CurrentLba = 1 BackupLba 1953525167 GPT Header FirstUsableLba 34 LastUsableLba 1953525134 GPT Header Guid ba5f9427-ca4e-4b1d-abb5-4afcb8cded GPT Header Contains 128 partition entries starting at LBA 2 GPT Header Partition entry size = 128 Backup GPT header Signature 4546492050415254 Backup GPT header Revision 65536 Size 92 CRC 890022109 Backup GPT header CurrentLba = 1953525167 BackupLba 1 Backup GPT header FirstUsableLba 34 LastUsableLba 1953525134 Backup GPT header Guid 90ffade2-d4fe-4d1f-baaf-5ce747118b71 Backup GPT header Contains 128 partition entries starting at LBA 1953525135 Backup GPT header Partition entry size = 128 Partition 0 Type f4019732-66e-4e12-8273-346c5641494f Partition ID 9ee4681a-b4b0-4013-8fb9-c883483d96da FirstLBA 2048 Last LBA 534527 Attributes 1 Partition Name EFI system partition Partition 1 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac Partition ID 7ce4513f-27cd-46b0-8d35-11fd8bd4ffd FirstLBA 534528 Last LBA 3553279 Attributes 1 Partition Name Basic data partition Partition 2 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b Partition ID e2f16338-f560-4cc4-b3e4-e09a26655cd8 FirstLBA 3553280 Last LBA 4085759 Attributes 0 Partition Name EFI system partition GPT Partition 2 is bootable Partition 3 Type e3c9e316-b5c-4db8-817d-f92df0215ae Partition ID 68010a40-e61f-4372-ba93-a47189aefedc FirstLBA 4085760 Last LBA 4347903 Attributes 0 Partition Name Microsoft reserved partition Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7 Partition ID 2f7736cc-b96b-4644-83e2-0c89a23e595 FirstLBA 4347904 Last LBA 1890877439 Attributes 0 Partition Name Basic data partition Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac Partition ID ce4717dd-bf12-4def-a7cb-4643f942caf5 FirstLBA 1890877440 Last LBA 1953523711 Attributes 1 Partition Name Basic data partition Disk Size: 1000204886016 bytes Sector size: 512 bytes Done! Physical Sector Size: 512 Drive: 1, DevicePointer: 0xfffffa800f1d0740, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa800f1ca040, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa800f1d0740, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ DevicePointer: 0xfffffa800f1cd650, DeviceName: \Device\00000046\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 1 Scanning MBR on drive 1... Inspecting partition table: MBR Signature: 55AA Disk Signature: 1CE7A4E9 Partition information: Partition 0 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 976769072 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 500107862016 bytes Sector size: 512 bytes Done! Infected: HKLM\SOFTWARE\Refog Software --> [Refog.Keylogger] Scan finished Creating System Restore point... Cleaning up... Removal successful. No system shutdown is required. =======================================