Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PileFinder reminder, i need help


  • This topic is locked This topic is locked
27 replies to this topic

#1 shoot259

shoot259

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:canada, under your bed
  • Local time:07:31 AM

Posted 02 June 2014 - 07:41 AM

i Recently tried to download a video from ITunes and it came with Pilefinder  please help also i have windows 8.1


Edited by Orange Blossom, 04 June 2014 - 07:28 PM.
Moved to AII from log forum and back. ~ OB


BC AdBot (Login to Remove)

 


m

#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,719 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:06:31 AM

Posted 04 June 2014 - 07:30 PM

Hello, you neglected to follow the prep. guide as boopme instructed here: http://www.bleepingcomputer.com/forums/t/535716/help-with-pilefile-reminder/#entry3381056

 

Because you have created this topic, please post the required logs as a reply this topic.

 

Orange Blossom :cherry:


Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 shoot259

shoot259
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:canada, under your bed
  • Local time:07:31 AM

Posted 05 June 2014 - 07:28 AM

i cant do the log because DDS doesnt run on windows 8



#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:31 AM

Posted 07 June 2014 - 07:45 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/536331 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#5 shoot259

shoot259
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:canada, under your bed
  • Local time:07:31 AM

Posted 10 June 2014 - 09:20 AM

i downloaded a video From Itunes and for whatever reason i got Pilefinder with it, and i've tried to delete it
but it says i don't have the priveliges to delete it, i am on a windows 8.1 and it is a 64bit system
and i don't have the original windows CD/DVD available ALSO I AM UNABLE TO RUN THE DDS BECAUSE OF COMPATIBILITY ISSUES
now i have a browser popping up with a weird link like this 

Edited by shoot259, 10 June 2014 - 11:42 AM.


#6 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,015 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:11:31 AM

Posted 13 June 2014 - 10:29 AM

Greetings and :welcome: to BleepingComputer,
My name is xXToffeeXx, but feel free to call me Toffee if it is easier for you. I will be helping you with your malware problems.
 
A few points to cover before we start:

  • Do not run any tools without being instructed to as this makes my job much harder in trying to figure out what you have done.
  • Make sure to read my instructions fully before attempting a step.
  • If you have problems or questions with any of the steps, feel free to ask me. I will be happy to answer any questions you have.
  • Please follow the topic by clicking on the "Follow this topic" button, and make sure a tick is in the "receive notifications" and is set to "Instantly". Any replies should be made in this topic by clicking the "Reply to this topic" button.
  • Important information in my posts will often be in bold, make sure to take note of these.
  • I will attempt to reply as soon as possible, and normally within 24 hours of your reply. If this is not possible or I have a delay then I will let you know.
  • I will bump a topic after 3 days of no activity, and then will give you another 2 days to reply before a topic is closed. If you need more time than this please let me know.
  • Lets get going now :thumbup2:

==========================
 
Hi shoot259,
 
Please download Farbar Recovery Scan Tool and save it to your Desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.
 
--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • FRST.txt
  • Addition.txt

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

~Currently in my last year of school, so replies might be more delayed~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#7 shoot259

shoot259
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:canada, under your bed
  • Local time:07:31 AM

Posted 14 June 2014 - 01:22 PM

first of all, i may not be able to post within the amount of time you have requested because i don't have Internet at my house, so i need to go to the library, i generally don't go to the library that often maybe once a week if that. but anyway the logs u requested are right here.

 

FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 02
Ran by brandon carpenter (administrator) on BRANDON on 13-06-2014 13:23:31
Running from C:\Users\brandon carpenter\Desktop
Platform: Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
(Microsoft Corporation) C:\Windows\System32\ByteCodeGenerator.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565472 2013-04-22] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [170848 2013-01-29] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1549392 2013-03-04] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [374784 2013-01-16] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [467360 2013-03-08] (TOSHIBA)
HKLM-x32\...\Run: [Intel AppUp® center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1935824 2014-05-15] (APN)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-04-23] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3886954115-1495926628-1329715624-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [429792 2013-02-08] (AppEx Networks Corporation)
HKU\S-1-5-21-3886954115-1495926628-1329715624-1001\...\MountPoints2: {7d3fdaf4-dd19-11e3-8250-806e6f6e6963} - "E:\AutoPlay.exe" 
HKU\S-1-5-21-3886954115-1495926628-1329715624-1001\...\MountPoints2: {c0d54d8f-d070-11e3-bea1-0c54a53359a6} - "D:\SISetup.exe" 
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
Startup: C:\Users\brandon carpenter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fitness testing for Military.txt ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3886954115-1495926628-1329715624-1001\User: Group Policy restriction detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.toshiba.ca/welcome/?w=23
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.toshiba.ca/welcome/?w=23
SearchScopes: HKLM - DefaultScope {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKLM - {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKLM-x32 - DefaultScope {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKLM-x32 - {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKCU - {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll (APN LLC.)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll (APN LLC.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Rich Media View - {97b00aed-bc3b-4678-8026-5815851eb9b6} - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6311\ie\RichMediaViewV1release6311.dll ()
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll (APN LLC.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Rich Media View - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6311\ff [2014-05-16]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\IPSFF
FF HKLM-x32\...\Firefox\Extensions: [ext@RichMediaViewV1release6311.net] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6311\ff
FF Extension: Rich Media View - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6311\ff [2014-05-16]
 
Chrome: 
=======
CHR Extension: (Rich Media View) - C:\Users\brandon carpenter\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmkbgjbpefoibhadlhiimddlogcghmbd [2014-05-16]
CHR Extension: (Google Wallet) - C:\Users\brandon carpenter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-21]
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] -  [2014-04-21]
CHR HKLM-x32\...\Chrome\Extension: [hmkbgjbpefoibhadlhiimddlogcghmbd] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6311\ch\RichMediaViewV1release6311.crx [2014-05-13]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] -  [2014-05-13]
 
==================== Services (Whitelisted) =================
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-23] (Advanced Micro Devices, Inc.) [File not signed]
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-05-15] (APN LLC.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2266296 2014-05-16] (Microsoft Corporation)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-04-10] ()
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-04-17] (IDT, Inc.) [File not signed]
S4 THAccelSvc; C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [216976 2013-03-26] (TOSHIBA CORPORATION)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-05-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-05-16] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [37472 2013-02-13] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [217824 2013-03-21] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-01-15] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [311968 2014-03-30] ()
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
S3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1405000.01C\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-03-01] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-03-01] (Symantec Corporation) [File not signed]
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-03-18] (Microsoft Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2014-03-29] ()
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-08-21] (Marvell Semiconductor, Inc.)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-03-18] (Microsoft Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2987224 2013-11-24] (Realtek Semiconductor Corporation                           )
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-03-18] (Microsoft Corporation)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [30448 2013-10-30] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1405000.01C\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
S3 SRTSPX; C:\Windows\system32\drivers\NISx64\1405000.01C\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2014-03-18] (Microsoft Corporation)
S3 SymDS; C:\Windows\system32\drivers\NISx64\1405000.01C\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
S3 SymEFA; C:\Windows\system32\drivers\NISx64\1405000.01C\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NISx64\1405000.01C\SymELAM.sys [23448 2012-11-15] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2014-03-02] (Symantec Corporation)
S3 SymIRON; C:\Windows\system32\drivers\NISx64\1405000.01C\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1405000.01C\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
R0 THAccel; C:\Windows\System32\DRIVERS\THAccel.sys [110976 2013-03-25] (TOSHIBA Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows ® Win 7 DDK provider)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-05-16] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-05-16] (Microsoft Corporation)
S3 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [X]
S3 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20140328.001\IDSvia64.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20140331.003\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20140331.003\EX64.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-13 13:23 - 2014-06-13 13:24 - 00019599 _____ () C:\Users\brandon carpenter\Desktop\FRST.txt
2014-06-13 13:22 - 2014-06-13 13:23 - 00000000 ____D () C:\FRST
2014-06-13 11:45 - 2014-06-13 11:45 - 02081792 _____ (Farbar) C:\Users\brandon carpenter\Desktop\FRST64.exe
2014-06-13 11:34 - 2014-06-13 11:34 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-06-13 10:56 - 2014-05-08 19:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-13 09:41 - 2014-06-13 09:42 - 00102975 _____ () C:\Users\brandon carpenter\Downloads\LOIC-1.0.7.42-binary.zip
2014-06-13 09:37 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-13 09:37 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-13 09:37 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-13 09:37 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-13 09:37 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-13 09:37 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-13 09:37 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-13 09:37 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-13 09:37 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-13 09:37 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-13 09:37 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-13 09:37 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-13 09:37 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-13 09:37 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-13 09:37 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-13 09:37 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-13 09:37 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-13 09:37 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-13 09:37 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-13 09:37 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-13 09:37 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-13 09:37 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-13 09:37 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-13 09:37 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-13 09:37 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-13 09:37 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-13 09:37 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-13 09:37 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-13 09:37 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-13 09:37 - 2014-02-06 07:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-13 09:37 - 2014-02-06 07:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-13 09:37 - 2014-02-06 07:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-13 09:37 - 2014-02-06 06:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-13 09:37 - 2014-02-06 06:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-13 09:37 - 2014-02-06 06:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-13 09:37 - 2014-02-06 06:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-13 09:37 - 2014-02-06 06:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-13 09:37 - 2014-02-06 05:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-13 09:37 - 2014-02-06 05:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-13 09:37 - 2014-02-06 05:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-13 09:37 - 2014-02-06 05:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-13 09:34 - 2014-06-13 09:34 - 00000000 ____D () C:\Users\brandon carpenter\Documents\StarCraft II
2014-06-13 09:29 - 2014-05-19 02:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-13 09:29 - 2014-05-19 02:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-13 09:29 - 2014-05-19 01:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-13 09:29 - 2014-05-09 23:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-13 09:29 - 2014-05-09 23:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-13 09:29 - 2014-05-05 00:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-13 09:29 - 2014-05-03 03:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-13 09:29 - 2014-05-03 00:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-13 09:29 - 2014-05-03 00:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-13 09:29 - 2014-05-02 23:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-13 09:29 - 2014-05-02 23:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-13 09:29 - 2014-04-30 00:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-13 09:29 - 2014-04-30 00:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-13 09:29 - 2014-04-03 03:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-13 09:29 - 2014-04-03 03:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-13 09:28 - 2014-05-01 09:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-13 09:28 - 2014-05-01 09:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-13 09:28 - 2014-05-01 03:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-13 09:28 - 2014-05-01 03:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-13 09:28 - 2014-05-01 02:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-13 09:28 - 2014-05-01 01:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-13 09:28 - 2014-04-30 07:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-13 09:28 - 2014-04-29 23:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-13 09:28 - 2014-04-29 23:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-12 15:08 - 2014-06-12 15:08 - 00000000 ____D () C:\Users\brandon carpenter\AppData\Local\AMD
2014-06-12 15:08 - 2014-06-12 15:08 - 00000000 ____D () C:\ProgramData\ATI
2014-06-12 12:25 - 2014-06-12 12:25 - 00000017 _____ () C:\Users\brandon carpenter\Desktop\Liars.txt
2014-06-12 11:36 - 2014-06-12 11:36 - 00054873 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201406121136464165.log
2014-06-12 11:36 - 2014-06-12 11:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-06-12 11:36 - 2014-06-12 11:36 - 00000000 ____D () C:\Program Files (x86)\Advanced Micro Devices, Inc
2014-06-12 11:35 - 2014-06-12 11:35 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-06-12 11:34 - 2014-06-12 11:34 - 00000000 ____D () C:\Users\Default\AppData\Roaming\ATI
2014-06-12 11:34 - 2014-06-12 11:34 - 00000000 ____D () C:\Users\Default\AppData\Local\ATI
2014-06-12 11:34 - 2014-06-12 11:34 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\ATI
2014-06-12 11:34 - 2014-06-12 11:34 - 00000000 ____D () C:\Users\Default User\AppData\Local\ATI
2014-06-12 11:33 - 2014-06-12 11:33 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-11 17:58 - 2014-06-11 17:58 - 00000000 ___DC () C:\Users\brandon carpenter\AppData\Local\MigWiz
2014-06-11 11:11 - 2014-06-11 11:11 - 00000000 ____H () C:\Users\brandon carpenter\Documents\Default.rdp
2014-06-10 12:03 - 2014-06-10 12:03 - 00000014 _____ () C:\Users\brandon carpenter\Desktop\somebodies phone #.txt
2014-06-10 10:30 - 2014-06-10 10:30 - 00003099 _____ () C:\Users\brandon carpenter\Desktop\do this andrew.txt
2014-06-05 19:54 - 2014-06-05 19:54 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-05 14:15 - 2014-06-05 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-06-05 14:15 - 2012-08-31 10:32 - 00126880 _____ (HP) C:\WINDOWS\system32\HPSIsvc.exe
2014-06-05 14:14 - 2012-08-21 16:07 - 01696256 _____ () C:\WINDOWS\system32\HP1100SM.EXE
2014-06-05 14:14 - 2012-08-21 16:07 - 00288768 _____ () C:\WINDOWS\system32\HP1100LM.DLL
2014-06-05 14:13 - 2014-06-05 14:13 - 00000000 ____D () C:\Program Files\HP
2014-06-05 14:13 - 2012-08-21 04:13 - 00350720 _____ () C:\WINDOWS\system32\mvhlewsi.DLL
2014-06-05 14:13 - 2012-08-21 04:08 - 00049664 _____ () C:\WINDOWS\system32\HP1100SMs.dll
2014-06-05 13:44 - 2014-06-05 13:44 - 00951120 _____ () C:\Users\brandon carpenter\Documents\Food drive.pptx
2014-06-05 11:56 - 2014-06-05 14:34 - 00000048 _____ () C:\Users\brandon carpenter\Desktop\starwars.txt
2014-06-04 14:42 - 2014-06-04 15:22 - 00000020 _____ () C:\Users\brandon carpenter\Desktop\bitty.txt
2014-06-04 13:36 - 2014-06-04 13:36 - 00001023 _____ () C:\Users\brandon carpenter\Documents - Shortcut.lnk
2014-06-04 11:55 - 2014-06-04 14:37 - 00000000 ____D () C:\Users\brandon carpenter\Desktop\HappyWheels Full
2014-06-03 11:15 - 2014-06-02 15:53 - 00032440 _____ () C:\Users\brandon carpenter\Desktop\dds.txt
2014-06-03 11:15 - 2014-06-02 15:53 - 00012720 _____ () C:\Users\brandon carpenter\Desktop\attach.txt
2014-06-02 09:55 - 2014-06-04 09:47 - 06416804 _____ () C:\Users\brandon carpenter\Desktop\D-Day.pptx
2014-05-30 19:57 - 2014-05-30 19:57 - 00688992 _____ (Swearware) C:\Users\brandon carpenter\Desktop\dds.com
2014-05-30 10:27 - 2014-05-30 10:27 - 00000056 _____ () C:\Users\brandon carpenter\Desktop\dldld.txt
2014-05-28 16:53 - 2014-05-28 16:53 - 03461040 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap
2014-05-28 16:53 - 2014-05-28 16:53 - 03426688 _____ () C:\WINDOWS\system32\atiumd6a.cap
2014-05-28 16:53 - 2014-05-28 16:53 - 00230912 _____ () C:\WINDOWS\system32\clinfo.exe
2014-05-28 16:53 - 2014-05-28 16:53 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00129536 _____ (AMD) C:\WINDOWS\system32\coinst_13.251.9001.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00099840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00083968 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00073728 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 29382144 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 26352128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 24860160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 22157824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 13209088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2014-05-28 16:52 - 2014-05-28 16:52 - 00825344 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00626688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2014-05-28 16:52 - 2014-05-28 16:52 - 00550464 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb
2014-05-28 16:52 - 2014-05-28 16:52 - 00550464 _____ () C:\WINDOWS\system32\atiapfxx.blb
2014-05-28 16:52 - 2014-05-28 16:52 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00412672 _____ () C:\WINDOWS\system32\amdmiracast.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 00157736 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00142304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00134656 _____ () C:\WINDOWS\system32\amdhdl64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00074752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00063488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00057344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2014-05-26 11:50 - 2012-08-21 03:57 - 00082944 _____ () C:\WINDOWS\system32\mvusbews.dll
2014-05-26 11:50 - 2012-08-21 03:57 - 00020480 _____ (Marvell Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\mvusbews.sys
2014-05-26 11:50 - 2012-06-21 03:38 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2014-05-24 18:39 - 2014-05-24 18:39 - 00000000 ____D () C:\Users\brandon carpenter\Desktop\mario 64
2014-05-23 17:04 - 2014-05-30 16:55 - 00000895 _____ () C:\Users\brandon
2014-05-22 20:58 - 2014-05-23 08:27 - 00000014 _____ () C:\Users\brandon carpenter\Desktop\gf number.txt
2014-05-22 20:35 - 2014-05-22 20:35 - 00606274 _____ (Three Rings Design, Inc.) C:\Users\brandon carpenter\Downloads\yohoho-0--en-install.exe
2014-05-21 11:40 - 2014-05-21 11:40 - 00000000 __SHD () C:\found.000
2014-05-21 07:53 - 2014-05-21 07:53 - 00000000 ___HD () C:\$SysReset
2014-05-20 09:26 - 2014-04-08 18:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-05-20 09:26 - 2014-04-08 18:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-05-20 09:26 - 2014-04-08 14:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-05-20 09:26 - 2014-04-08 14:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-05-19 12:07 - 2014-05-19 12:07 - 00000000 _____ () C:\WINDOWS\iPlayer.INI
2014-05-19 12:01 - 2014-05-19 12:10 - 00000000 ____D () C:\Program Files\InterActual
2014-05-19 11:51 - 2014-05-19 11:51 - 00000529 _____ () C:\WINDOWS\KB893803v2.log
2014-05-16 16:45 - 2014-05-20 08:29 - 00000000 ___DC () C:\WINDOWS\Panther
2014-05-16 16:45 - 2014-05-16 16:45 - 00000000 __SHD () C:\Recovery
2014-05-16 16:43 - 2014-05-16 16:43 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-05-16 16:43 - 2014-05-16 16:43 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-05-16 16:42 - 2014-05-16 16:42 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-05-16 16:42 - 2014-05-16 16:42 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-05-16 16:42 - 2014-05-16 16:42 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-05-16 16:42 - 2014-05-16 16:42 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-05-16 16:42 - 2014-05-16 16:42 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-05-16 16:42 - 2014-05-16 16:42 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-05-16 16:42 - 2014-05-16 16:42 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-05-16 16:42 - 2014-05-16 16:42 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-05-16 16:42 - 2014-05-16 16:42 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-05-16 16:42 - 2014-05-16 16:42 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-05-16 16:42 - 2014-05-16 16:42 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-05-16 16:42 - 2014-05-16 16:42 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-05-16 16:40 - 2014-05-16 16:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-05-16 16:40 - 2014-05-16 16:40 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-05-16 16:40 - 2014-05-16 16:40 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-05-16 16:40 - 2014-05-16 16:40 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-05-16 16:40 - 2014-05-16 16:40 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-05-16 16:39 - 2014-05-16 16:39 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-05-16 16:39 - 2014-05-16 16:39 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-05-16 16:39 - 2014-05-16 16:39 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-05-16 16:38 - 2014-05-16 16:38 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-05-16 16:38 - 2014-05-16 16:38 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-05-16 16:38 - 2014-05-16 16:38 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00565536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-05-16 16:38 - 2014-05-16 16:38 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-05-16 16:38 - 2014-05-16 16:38 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-05-16 16:38 - 2014-05-16 16:38 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-05-16 16:38 - 2014-05-16 16:38 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-05-16 16:38 - 2014-05-16 16:38 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-05-16 16:38 - 2014-05-16 16:38 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-05-16 16:38 - 2014-05-16 16:38 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-05-16 16:38 - 2014-05-16 16:38 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-05-16 16:36 - 2014-05-16 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-05-16 16:34 - 2014-05-16 16:34 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\telnet.exe
2014-05-16 16:34 - 2014-05-16 16:34 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-05-16 16:34 - 2014-05-16 16:34 - 00000000 ____D () C:\Program Files\MSBuild
2014-05-16 16:34 - 2014-05-16 16:34 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-05-16 16:34 - 2014-05-16 16:34 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-05-16 16:33 - 2013-08-03 00:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-05-16 16:33 - 2013-08-03 00:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-05-16 16:33 - 2013-08-03 00:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-05-16 16:33 - 2013-08-03 00:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-05-16 16:33 - 2013-08-03 00:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-05-16 16:33 - 2013-08-03 00:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-05-16 14:24 - 2014-06-13 09:14 - 00003970 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{98573B23-D2E2-43C6-BEEB-C9CE10BAD1C9}
2014-05-16 14:24 - 2014-05-16 14:24 - 00000000 __SHD () C:\Users\brandon carpenter\AppData\Local\EmieUserList
2014-05-16 14:24 - 2014-05-16 14:24 - 00000000 __SHD () C:\Users\brandon carpenter\AppData\Local\EmieSiteList
2014-05-16 13:42 - 2014-05-16 13:42 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-05-16 13:35 - 2014-06-13 13:21 - 00000000 ___RD () C:\Users\brandon carpenter\OneDrive
2014-05-16 13:35 - 2014-05-16 13:35 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-05-16 13:31 - 2014-05-16 13:31 - 00001492 _____ () C:\Users\brandon carpenter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-16 13:30 - 2014-05-16 13:30 - 00000632 __RSH () C:\Users\brandon carpenter\ntuser.pol
2014-05-16 13:29 - 2014-05-16 13:29 - 00000020 ___SH () C:\Users\brandon carpenter\ntuser.ini
2014-05-16 13:16 - 2014-05-16 13:16 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-05-16 13:04 - 2014-05-16 13:04 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-05-16 13:01 - 2014-06-13 12:40 - 01250426 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-16 12:59 - 2014-05-16 12:59 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-05-16 12:56 - 2014-06-13 13:24 - 00000000 ____D () C:\Users\brandon carpenter\AppData\Local\Temp
2014-05-16 12:56 - 2014-06-04 13:37 - 00000000 ____D () C:\Users\brandon carpenter
2014-05-16 12:56 - 2014-05-16 13:25 - 00034293 _____ () C:\WINDOWS\diagwrn.xml
2014-05-16 12:56 - 2014-05-16 13:25 - 00034293 _____ () C:\WINDOWS\diagerr.xml
2014-05-16 12:56 - 2014-05-16 13:10 - 00000000 ____D () C:\Users\Guest
2014-05-16 12:56 - 2014-05-16 12:58 - 00000000 ___RD () C:\Users\brandon carpenter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-16 12:56 - 2014-05-16 12:58 - 00000000 ___RD () C:\Users\brandon carpenter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-16 12:56 - 2014-05-16 12:57 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-16 12:56 - 2014-05-16 12:57 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-16 12:56 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-05-16 12:56 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-05-16 12:56 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\brandon carpenter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-05-16 12:56 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\brandon carpenter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-05-16 12:56 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-16 12:56 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\brandon carpenter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-16 12:56 - 2013-08-22 11:36 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-16 12:56 - 2013-08-22 11:36 - 00000000 ____D () C:\Users\Guest\AppData\Local\Temp
2014-05-16 12:56 - 2013-08-22 11:36 - 00000000 ____D () C:\Users\brandon carpenter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-16 12:49 - 2014-06-13 11:34 - 00002990 _____ () C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2014-05-16 12:49 - 2014-05-16 12:49 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-05-16 12:48 - 2014-05-16 13:01 - 00000000 ____D () C:\Program Files\IDT
2014-05-16 12:48 - 2014-05-16 12:48 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-05-16 12:48 - 2014-05-16 12:48 - 00000000 ____D () C:\Program Files\AMD
2014-05-16 12:48 - 2014-05-16 12:48 - 00000000 ____D () C:\AMD
2014-05-16 12:48 - 2014-05-16 12:48 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2014-05-16 12:47 - 2014-05-16 12:47 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-05-16 12:47 - 2014-05-16 12:47 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_AMDASF_01011.Wdf
2014-05-16 12:47 - 2014-05-16 12:47 - 00000000 ____D () C:\Program Files\Synaptics
2014-05-16 12:08 - 2014-05-16 13:25 - 00006603 _____ () C:\WINDOWS\comsetup.log
2014-05-16 11:38 - 2014-05-16 11:38 - 00000098 _____ () C:\extensions.ini
2014-05-16 11:37 - 2014-05-16 11:37 - 00000000 ____D () C:\Program Files (x86)\RichMediaViewV1
 
==================== One Month Modified Files and Folders =======
 
2014-06-13 13:24 - 2014-06-13 13:23 - 00019599 _____ () C:\Users\brandon carpenter\Desktop\FRST.txt
2014-06-13 13:24 - 2014-05-16 12:56 - 00000000 ____D () C:\Users\brandon carpenter\AppData\Local\Temp
2014-06-13 13:23 - 2014-06-13 13:22 - 00000000 ____D () C:\FRST
2014-06-13 13:23 - 2014-04-21 12:42 - 00002249 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-13 13:23 - 2014-04-21 12:39 - 00000932 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-13 13:22 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-06-13 13:21 - 2014-05-16 13:35 - 00000000 ___RD () C:\Users\brandon carpenter\OneDrive
2014-06-13 13:21 - 2014-04-03 20:24 - 00000386 _____ () C:\WINDOWS\Tasks\AmiUpdXp.job
2014-06-13 12:40 - 2014-05-16 13:01 - 01250426 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-13 12:40 - 2014-04-03 12:27 - 00000502 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2014-06-13 12:39 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-13 12:38 - 2014-03-18 05:54 - 00003072 _____ () C:\WINDOWS\PFRO.log
2014-06-13 11:48 - 2013-08-22 09:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-06-13 11:47 - 2014-04-21 12:39 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-13 11:47 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-13 11:47 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-13 11:45 - 2014-06-13 11:45 - 02081792 _____ (Farbar) C:\Users\brandon carpenter\Desktop\FRST64.exe
2014-06-13 11:42 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-06-13 11:39 - 2014-03-02 14:28 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3886954115-1495926628-1329715624-1001
2014-06-13 11:38 - 2014-03-03 15:21 - 00005018 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for brandon-brandon carpenter brandon
2014-06-13 11:36 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-13 11:34 - 2014-06-13 11:34 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-06-13 11:34 - 2014-05-16 12:49 - 00002990 _____ () C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2014-06-13 11:34 - 2013-08-22 10:46 - 00332647 _____ () C:\WINDOWS\setupact.log
2014-06-13 11:22 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-06-13 11:17 - 2014-02-28 12:44 - 00000000 ____D () C:\Users\brandon carpenter\AppData\Local\Packages
2014-06-13 09:44 - 2012-01-29 14:04 - 00135168 _____ () C:\Users\brandon carpenter\Desktop\LOIC.exe
2014-06-13 09:42 - 2014-06-13 09:41 - 00102975 _____ () C:\Users\brandon carpenter\Downloads\LOIC-1.0.7.42-binary.zip
2014-06-13 09:39 - 2014-03-17 10:37 - 00000000 ____D () C:\Users\brandon carpenter\AppData\Roaming\.minecraft
2014-06-13 09:34 - 2014-06-13 09:34 - 00000000 ____D () C:\Users\brandon carpenter\Documents\StarCraft II
2014-06-13 09:33 - 2014-03-03 17:58 - 00000000 ____D () C:\Users\brandon carpenter\Desktop\StarCraft II
2014-06-13 09:14 - 2014-05-16 14:24 - 00003970 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{98573B23-D2E2-43C6-BEEB-C9CE10BAD1C9}
2014-06-12 15:08 - 2014-06-12 15:08 - 00000000 ____D () C:\Users\brandon carpenter\AppData\Local\AMD
2014-06-12 15:08 - 2014-06-12 15:08 - 00000000 ____D () C:\ProgramData\ATI
2014-06-12 12:25 - 2014-06-12 12:25 - 00000017 _____ () C:\Users\brandon carpenter\Desktop\Liars.txt
2014-06-12 11:36 - 2014-06-12 11:36 - 00054873 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201406121136464165.log
2014-06-12 11:36 - 2014-06-12 11:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-06-12 11:36 - 2014-06-12 11:36 - 00000000 ____D () C:\Program Files (x86)\Advanced Micro Devices, Inc
2014-06-12 11:35 - 2014-06-12 11:35 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-06-12 11:35 - 2013-11-26 10:42 - 00000000 ____D () C:\ProgramData\AMD
2014-06-12 11:35 - 2013-11-26 10:41 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-06-12 11:35 - 2013-04-26 04:47 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-12 11:34 - 2014-06-12 11:34 - 00000000 ____D () C:\Users\Default\AppData\Roaming\ATI
2014-06-12 11:34 - 2014-06-12 11:34 - 00000000 ____D () C:\Users\Default\AppData\Local\ATI
2014-06-12 11:34 - 2014-06-12 11:34 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\ATI
2014-06-12 11:34 - 2014-06-12 11:34 - 00000000 ____D () C:\Users\Default User\AppData\Local\ATI
2014-06-12 11:33 - 2014-06-12 11:33 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-11 17:58 - 2014-06-11 17:58 - 00000000 ___DC () C:\Users\brandon carpenter\AppData\Local\MigWiz
2014-06-11 11:11 - 2014-06-11 11:11 - 00000000 ____H () C:\Users\brandon carpenter\Documents\Default.rdp
2014-06-11 10:41 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-06-10 12:03 - 2014-06-10 12:03 - 00000014 _____ () C:\Users\brandon carpenter\Desktop\somebodies phone #.txt
2014-06-10 10:30 - 2014-06-10 10:30 - 00003099 _____ () C:\Users\brandon carpenter\Desktop\do this andrew.txt
2014-06-05 20:39 - 2014-05-05 21:21 - 00000000 ____D () C:\Users\brandon carpenter\Desktop\Poetry
2014-06-05 19:54 - 2014-06-05 19:54 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-05 14:34 - 2014-06-05 11:56 - 00000048 _____ () C:\Users\brandon carpenter\Desktop\starwars.txt
2014-06-05 14:15 - 2014-06-05 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-06-05 14:13 - 2014-06-05 14:13 - 00000000 ____D () C:\Program Files\HP
2014-06-05 13:44 - 2014-06-05 13:44 - 00951120 _____ () C:\Users\brandon carpenter\Documents\Food drive.pptx
2014-06-05 13:28 - 2014-03-18 06:03 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-04 15:22 - 2014-06-04 14:42 - 00000020 _____ () C:\Users\brandon carpenter\Desktop\bitty.txt
2014-06-04 14:37 - 2014-06-04 11:55 - 00000000 ____D () C:\Users\brandon carpenter\Desktop\HappyWheels Full
2014-06-04 13:37 - 2014-05-16 12:56 - 00000000 ____D () C:\Users\brandon carpenter
2014-06-04 13:36 - 2014-06-04 13:36 - 00001023 _____ () C:\Users\brandon carpenter\Documents - Shortcut.lnk
2014-06-04 09:47 - 2014-06-02 09:55 - 06416804 _____ () C:\Users\brandon carpenter\Desktop\D-Day.pptx
2014-06-02 15:53 - 2014-06-03 11:15 - 00032440 _____ () C:\Users\brandon carpenter\Desktop\dds.txt
2014-06-02 15:53 - 2014-06-03 11:15 - 00012720 _____ () C:\Users\brandon carpenter\Desktop\attach.txt
2014-05-31 01:13 - 2013-08-22 11:38 - 00703992 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-05-31 01:13 - 2013-08-22 11:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-30 19:57 - 2014-05-30 19:57 - 00688992 _____ (Swearware) C:\Users\brandon carpenter\Desktop\dds.com
2014-05-30 16:55 - 2014-05-23 17:04 - 00000895 _____ () C:\Users\brandon
2014-05-30 10:27 - 2014-05-30 10:27 - 00000056 _____ () C:\Users\brandon carpenter\Desktop\dldld.txt
2014-05-30 06:21 - 2014-06-13 09:37 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-30 05:45 - 2014-06-13 09:37 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-05-30 05:28 - 2014-06-13 09:37 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-05-30 05:20 - 2014-06-13 09:37 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-05-30 05:18 - 2014-06-13 09:37 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-30 05:08 - 2014-06-13 09:37 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-05-30 05:06 - 2014-06-13 09:37 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-05-30 04:46 - 2014-06-13 09:37 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-30 04:44 - 2014-06-13 09:37 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-05-30 04:43 - 2014-06-13 09:37 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-05-30 04:38 - 2014-06-13 09:37 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-05-30 04:35 - 2014-06-13 09:37 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-05-30 04:29 - 2014-06-13 09:37 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-05-30 04:27 - 2014-06-13 09:37 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-05-30 04:23 - 2014-06-13 09:37 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-05-30 04:16 - 2014-06-13 09:37 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-05-30 04:04 - 2014-06-13 09:37 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-30 04:02 - 2014-06-13 09:37 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-05-30 03:56 - 2014-06-13 09:37 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-05-30 03:56 - 2014-06-13 09:37 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-05-30 03:54 - 2014-06-13 09:37 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-05-30 03:49 - 2014-06-13 09:37 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-05-30 03:43 - 2014-06-13 09:37 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-05-30 03:40 - 2014-06-13 09:37 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-05-30 03:30 - 2014-06-13 09:37 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-05-30 03:21 - 2014-06-13 09:37 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-05-30 03:15 - 2014-06-13 09:37 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-05-30 03:13 - 2014-06-13 09:37 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-05-30 03:13 - 2014-06-13 09:37 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 03461040 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap
2014-05-28 16:53 - 2014-05-28 16:53 - 03426688 _____ () C:\WINDOWS\system32\atiumd6a.cap
2014-05-28 16:53 - 2014-05-28 16:53 - 00230912 _____ () C:\WINDOWS\system32\clinfo.exe
2014-05-28 16:53 - 2014-05-28 16:53 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00129536 _____ (AMD) C:\WINDOWS\system32\coinst_13.251.9001.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00099840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00083968 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00073728 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
2014-05-28 16:53 - 2013-12-13 10:23 - 08927704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2014-05-28 16:53 - 2013-12-13 10:23 - 08287008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2014-05-28 16:53 - 2013-12-13 10:23 - 07751920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2014-05-28 16:53 - 2013-12-13 10:23 - 06630232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2014-05-28 16:53 - 2013-12-13 10:23 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2014-05-28 16:53 - 2013-12-13 10:23 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2014-05-28 16:53 - 2013-12-13 10:23 - 00115512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2014-05-28 16:53 - 2013-12-13 10:23 - 00098496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 29382144 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 26352128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 24860160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 22157824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 13209088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2014-05-28 16:52 - 2014-05-28 16:52 - 00825344 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00626688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2014-05-28 16:52 - 2014-05-28 16:52 - 00550464 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb
2014-05-28 16:52 - 2014-05-28 16:52 - 00550464 _____ () C:\WINDOWS\system32\atiapfxx.blb
2014-05-28 16:52 - 2014-05-28 16:52 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00412672 _____ () C:\WINDOWS\system32\amdmiracast.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 00157736 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00142304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00134656 _____ () C:\WINDOWS\system32\amdhdl64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00074752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00063488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00057344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2014-05-28 16:52 - 2013-12-13 10:23 - 09753752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2014-05-28 16:52 - 2013-12-13 10:23 - 08406024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2014-05-28 16:52 - 2013-12-13 10:23 - 01318552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2014-05-28 16:52 - 2013-12-13 10:23 - 01144320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2014-05-28 16:52 - 2013-12-13 10:23 - 01100216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2014-05-28 16:52 - 2013-12-13 10:23 - 00588288 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2014-05-28 16:52 - 2013-12-13 10:23 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2014-05-24 18:39 - 2014-05-24 18:39 - 00000000 ____D () C:\Users\brandon carpenter\Desktop\mario 64
2014-05-23 14:09 - 2014-03-02 14:16 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-05-23 08:27 - 2014-05-22 20:58 - 00000014 _____ () C:\Users\brandon carpenter\Desktop\gf number.txt
2014-05-23 08:26 - 2014-04-08 18:16 - 00002177 _____ () C:\Users\brandon carpenter\Desktop\Puzzle Pirates.lnk
2014-05-23 08:25 - 2014-04-08 18:16 - 00002110 _____ () C:\Users\brandon carpenter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Puzzle Pirates.lnk
2014-05-22 20:35 - 2014-05-22 20:35 - 00606274 _____ (Three Rings Design, Inc.) C:\Users\brandon carpenter\Downloads\yohoho-0--en-install.exe
2014-05-22 19:21 - 2014-02-28 19:35 - 00002593 ____N () C:\Users\Public\Desktop\WildTangent Games App - toshiba.lnk
2014-05-22 19:21 - 2013-11-26 11:12 - 00002681 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - toshiba.lnk
2014-05-22 19:21 - 2013-11-26 11:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-22 09:45 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-05-21 11:40 - 2014-05-21 11:40 - 00000000 __SHD () C:\found.000
2014-05-21 07:53 - 2014-05-21 07:53 - 00000000 ___HD () C:\$SysReset
2014-05-21 07:44 - 2013-11-26 11:04 - 00000000 ____D () C:\ProgramData\Norton
2014-05-20 09:29 - 2014-03-05 14:57 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-05-20 09:27 - 2014-03-05 14:57 - 93223848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-20 09:17 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-05-20 09:14 - 2014-03-19 11:26 - 00002085 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-05-20 09:14 - 2013-04-26 04:46 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-20 08:29 - 2014-05-16 16:45 - 00000000 ___DC () C:\WINDOWS\Panther
2014-05-19 12:10 - 2014-05-19 12:01 - 00000000 ____D () C:\Program Files\InterActual
2014-05-19 12:07 - 2014-05-19 12:07 - 00000000 _____ () C:\WINDOWS\iPlayer.INI
2014-05-19 11:51 - 2014-05-19 11:51 - 00000529 _____ () C:\WINDOWS\KB893803v2.log
2014-05-19 02:31 - 2014-06-13 09:29 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-05-19 02:21 - 2014-06-13 09:29 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-05-19 01:23 - 2014-06-13 09:29 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-05-16 16:45 - 2014-05-16 16:45 - 00000000 __SHD () C:\Recovery
2014-05-16 16:44 - 2013-08-22 11:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-05-16 16:43 - 2014-05-16 16:43 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-05-16 16:43 - 2014-05-16 16:43 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-05-16 16:43 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-05-16 16:42 - 2014-05-16 16:42 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-05-16 16:42 - 2014-05-16 16:42 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-05-16 16:42 - 2014-05-16 16:42 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-05-16 16:42 - 2014-05-16 16:42 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-05-16 16:42 - 2014-05-16 16:42 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-05-16 16:42 - 2014-05-16 16:42 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-05-16 16:42 - 2014-05-16 16:42 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-05-16 16:42 - 2014-05-16 16:42 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-05-16 16:42 - 2014-05-16 16:42 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-05-16 16:42 - 2014-05-16 16:42 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-05-16 16:42 - 2014-05-16 16:42 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-05-16 16:42 - 2014-05-16 16:42 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-05-16 16:42 - 2014-05-16 16:42 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-05-16 16:42 - 2014-05-16 16:42 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-05-16 16:40 - 2014-05-16 16:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-05-16 16:40 - 2014-05-16 16:40 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-05-16 16:40 - 2014-05-16 16:40 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-05-16 16:40 - 2014-05-16 16:40 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-05-16 16:40 - 2014-05-16 16:40 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-05-16 16:40 - 2014-05-16 16:40 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-05-16 16:40 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-05-16 16:39 - 2014-05-16 16:39 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-05-16 16:39 - 2014-05-16 16:39 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-05-16 16:39 - 2014-05-16 16:39 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-05-16 16:39 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-05-16 16:39 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-16 16:39 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-16 16:39 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-16 16:39 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-16 16:38 - 2014-05-16 16:38 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-05-16 16:38 - 2014-05-16 16:38 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-05-16 16:38 - 2014-05-16 16:38 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-05-16 16:38 - 2014-05-16 16:38 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00565536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-05-16 16:38 - 2014-05-16 16:38 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-05-16 16:38 - 2014-05-16 16:38 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-05-16 16:38 - 2014-05-16 16:38 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-05-16 16:38 - 2014-05-16 16:38 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-05-16 16:38 - 2014-05-16 16:38 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-05-16 16:38 - 2014-05-16 16:38 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-05-16 16:38 - 2014-05-16 16:38 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-05-16 16:38 - 2014-05-16 16:38 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-05-16 16:38 - 2014-05-16 16:38 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-05-16 16:38 - 2014-05-16 16:38 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-05-16 16:36 - 2014-05-16 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-05-16 16:34 - 2014-05-16 16:34 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\telnet.exe
2014-05-16 16:34 - 2014-05-16 16:34 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-05-16 16:34 - 2014-05-16 16:34 - 00000000 ____D () C:\Program Files\MSBuild
2014-05-16 16:34 - 2014-05-16 16:34 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-05-16 16:34 - 2014-05-16 16:34 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-05-16 14:24 - 2014-05-16 14:24 - 00000000 __SHD () C:\Users\brandon carpenter\AppData\Local\EmieUserList
2014-05-16 14:24 - 2014-05-16 14:24 - 00000000 __SHD () C:\Users\brandon carpenter\AppData\Local\EmieSiteList
2014-05-16 13:42 - 2014-05-16 13:42 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-05-16 13:42 - 2013-08-22 10:44 - 00370936 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-16 13:41 - 2012-07-26 04:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-05-16 13:35 - 2014-05-16 13:35 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-05-16 13:31 - 2014-05-16 13:31 - 00001492 _____ () C:\Users\brandon carpenter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-16 13:31 - 2014-02-28 12:45 - 00000000 ___RD () C:\Users\brandon carpenter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 13:31 - 2014-02-28 12:45 - 00000000 ___RD () C:\Users\brandon carpenter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 13:30 - 2014-05-16 13:30 - 00000632 __RSH () C:\Users\brandon carpenter\ntuser.pol
2014-05-16 13:30 - 2013-11-26 11:05 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-05-16 13:29 - 2014-05-16 13:29 - 00000020 ___SH () C:\Users\brandon carpenter\ntuser.ini
2014-05-16 13:25 - 2014-05-16 12:56 - 00034293 _____ () C:\WINDOWS\diagwrn.xml
2014-05-16 13:25 - 2014-05-16 12:56 - 00034293 _____ () C:\WINDOWS\diagerr.xml
2014-05-16 13:25 - 2014-05-16 12:08 - 00006603 _____ () C:\WINDOWS\comsetup.log
2014-05-16 13:25 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-05-16 13:16 - 2014-05-16 13:16 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-05-16 13:13 - 2013-08-22 11:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-05-16 13:13 - 2013-08-22 11:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-05-16 13:10 - 2014-05-16 12:56 - 00000000 ____D () C:\Users\Guest
2014-05-16 13:06 - 2014-04-21 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-16 13:06 - 2014-04-21 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-16 13:06 - 2014-03-20 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Supreme Ruler 2020 Gold
2014-05-16 13:06 - 2014-03-18 05:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-05-16 13:06 - 2014-03-16 20:17 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 13:06 - 2014-03-03 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-05-16 13:06 - 2014-03-02 14:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-05-16 13:06 - 2013-11-26 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp® center
2014-05-16 13:06 - 2013-11-26 11:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup
2014-05-16 13:06 - 2013-11-26 11:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Dashboard
2014-05-16 13:06 - 2013-11-26 11:04 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-05-16 13:06 - 2013-11-26 10:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS, Inc
2014-05-16 13:06 - 2013-11-26 10:47 - 00000000 ____D () C:\WINDOWS\SysWOW64\Atheros_L1e
2014-05-16 13:06 - 2013-11-26 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2014-05-16 13:06 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-05-16 13:04 - 2014-05-16 13:04 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-05-16 13:04 - 2014-03-18 05:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-05-16 13:04 - 2014-03-18 05:32 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-05-16 13:04 - 2013-11-26 10:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-05-16 13:04 - 2013-08-22 11:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-05-16 13:04 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-05-16 13:04 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-05-16 13:04 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-05-16 13:04 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-05-16 13:04 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2014-05-16 13:04 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-05-16 13:04 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-05-16 13:04 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-05-16 13:04 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-05-16 13:04 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-05-16 13:03 - 2013-08-22 11:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-05-16 13:03 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-05-16 13:03 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\IME
2014-05-16 13:03 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Help
2014-05-16 13:01 - 2014-05-16 12:48 - 00000000 ____D () C:\Program Files\IDT
2014-05-16 13:01 - 2014-03-29 15:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2014-05-16 13:01 - 2013-11-26 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2014-05-16 13:01 - 2013-08-22 11:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-05-16 13:01 - 2013-08-22 11:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-05-16 13:01 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-05-16 13:01 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-05-16 13:01 - 2013-04-26 04:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2014-05-16 13:01 - 2013-04-26 04:45 - 00000000 ____D () C:\ProgramData\PRICache
2014-05-16 12:59 - 2014-05-16 12:59 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-05-16 12:59 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-05-16 12:58 - 2014-05-16 12:56 - 00000000 ___RD () C:\Users\brandon carpenter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-16 12:58 - 2014-05-16 12:56 - 00000000 ___RD () C:\Users\brandon carpenter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-16 12:58 - 2012-07-26 04:12 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-05-16 12:57 - 2014-05-16 12:56 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-16 12:57 - 2014-05-16 12:56 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-16 12:57 - 2014-03-16 20:17 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 12:57 - 2014-03-16 20:17 - 00000000 ____D () C:\Users\Guest\AppData\Local\Packages
2014-05-16 12:49 - 2014-05-16 12:49 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-05-16 12:48 - 2014-05-16 12:48 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-05-16 12:48 - 2014-05-16 12:48 - 00000000 ____D () C:\Program Files\AMD
2014-05-16 12:48 - 2014-05-16 12:48 - 00000000 ____D () C:\AMD
2014-05-16 12:48 - 2014-05-16 12:48 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2014-05-16 12:47 - 2014-05-16 12:47 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-05-16 12:47 - 2014-05-16 12:47 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_AMDASF_01011.Wdf
2014-05-16 12:47 - 2014-05-16 12:47 - 00000000 ____D () C:\Program Files\Synaptics
2014-05-16 12:46 - 2013-08-22 09:36 - 00000000 __RHD () C:\Users\Default
2014-05-16 12:19 - 2014-02-28 12:43 - 01637286 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-05-16 12:00 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-05-16 11:38 - 2014-05-16 11:38 - 00000098 _____ () C:\extensions.ini
2014-05-16 11:37 - 2014-05-16 11:37 - 00000000 ____D () C:\Program Files (x86)\RichMediaViewV1
2014-05-15 15:15 - 2013-11-26 11:05 - 00002547 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-05-15 15:15 - 2013-11-26 11:05 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
 
Files to move or delete:
====================
C:\ProgramData\hash.dat
 
 
Some content of TEMP:
====================
C:\Users\brandon carpenter\AppData\Local\Temp\siinst.exe
C:\Users\brandon carpenter\AppData\Local\Temp\SIntf16.dll
C:\Users\brandon carpenter\AppData\Local\Temp\SIntf32.dll
C:\Users\brandon carpenter\AppData\Local\Temp\SIntfNT.dll
C:\Users\brandon carpenter\AppData\Local\Temp\siuninst.exe
C:\Users\brandon carpenter\AppData\Local\Temp\strings.dll
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-06-10 12:15
 
==================== End Of Log ============================
and  the addition
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2014 02
Ran by brandon carpenter at 2014-06-13 13:25:52
Running from C:\Users\brandon carpenter\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Disabled - Out of date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Disabled - Out of date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
 
==================== Installed Programs ======================
 
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.4.1245.72462 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 4.4.1245.72462 - Alcor Micro Corp.) Hidden
AMD Accelerated Video Transcoding (Version: 12.10.100.30406 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{83DEB2E3-26DC-26BE-2445-A3CA29203ABF}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) Hidden
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.2.0 - AppEx Networks)
AMD VISION Engine Control Center (HKLM-x32\...\{8B1A559A-FB9D-42F5-A8A7-2F132CF28414}) (Version: 1.00.0000 - )
Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C0C02}) (Version: 12.12.2.83 - APN, LLC) <==== ATTENTION
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) Hidden
Dawn Of War (HKLM-x32\...\{83F12F73-D52E-40C0-93B1-463C311C4E17}) (Version: 1.40 - THQ)
DTS Sound (HKLM-x32\...\{F8EB8FFC-C535-49A1-A84D-CC75CB2D6ADA}) (Version: 1.00.0062 - DTS, Inc.)
Evernote v. 4.5.7 (HKLM-x32\...\{0BE73D3C-B5AF-11E1-933A-984BE15F174E}) (Version: 4.5.7.7146 - Evernote Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version:  - )
IDT Audio Driver (HKLM\...\{B1DBC61C-2044-4BC0-8225-1EC7A709EAAF}) (Version: 6.10.6469.0 - IDT)
Intel AppUp® center (HKLM-x32\...\Intel AppUp® center 41504) (Version: 3.8.0.41504.23 - Intel)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4615.1002 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.5.0.28 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
Norton Security Dashboard (HKLM-x32\...\NortonSD) (Version: 1.1.1.9 - Symantec Corporation)
OEM Application Profile (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
PileFile reminder (HKCU\...\{56837588-F559-40CF-91D9-D439D405FB28}) (Version:  - LADY'S WOOD 2013 LIMITED) <==== ATTENTION
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0021 - REALTEK Semiconductor Corp.)
Rich Media View (HKLM-x32\...\RichMediaViewV1release6311) (Version: 1.1 - Rich Media View) <==== ATTENTION
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Supreme Ruler 2020 Gold 6.6.1 (HKLM-x32\...\Supreme Ruler 2020 Gold_is1) (Version:  - BattleGoat Studios)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.2 - Synaptics Incorporated)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.15.4 - Toshiba Corporation)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.01.02.6405 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{B6619F14-F766-4000-BC8A-522D4CC4E44F}) (Version: 1.0.4.5 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.3.6403 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6630.6403 - Toshiba Corporation)
TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 2.0.0001 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.341 - Toshiba Corporation)
TOSHIBA Password Utility (x32 Version: 3.00.341 - Toshiba Corporation) Hidden
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.02.6402 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.0.01.55004008 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.5.03 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{6499E894-43F8-458B-AE35-724F4732BCDE}) (Version: 2.5.6 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0020 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0007.32003 - Toshiba Corporation)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.5.59 - Toshiba Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Restore Points  =========================
 
21-05-2014 12:48:38 Scheduled Checkpoint
04-06-2014 12:56:42 Scheduled Checkpoint
05-06-2014 23:50:55 Uniblue SpeedUpMyPC installation
11-06-2014 22:03:35 Windows Defender Checkpoint
 
==================== Hosts content: ==========================
 
2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2404C701-0446-41D6-B5DC-7A38C699EEE0} - System32\Tasks\AmiUpdXp => C:\Users\brandon carpenter\AppData\Local\41\a18467.exe [2014-04-03] () <==== ATTENTION
Task: {2AF6D831-67E5-4BDD-9484-D8C87163B102} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-20] (Synaptics Incorporated)
Task: {2C04F5DF-987F-4C0C-8EBC-F308B83D2CA9} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-03-19] (TOSHIBA Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {44164173-BD9C-45FF-8E68-F29A2336FDC1} - \PileFile reminder No Task File <==== ATTENTION
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4D623992-32A8-4188-A41F-780564CDE96E} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {5EF5063D-A648-4483-A1E0-94D5F59113BF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-05-20] (Microsoft Corporation)
Task: {67A92BDC-354C-43FE-9BB3-4B29D1346D68} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {694DC877-7274-48D4-B16E-212C455F4C44} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {81B3AB51-F537-4DA5-98D1-9CDBD1D4AA02} - \PileFile logon No Task File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8A5BE87A-3A7C-4EBD-BB06-092AF5706A51} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-21] (Google Inc.)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {ACE7D333-2922-461C-A0C3-E37629B59213} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\WSCStub.exe [2014-04-29] (Symantec Corporation)
Task: {AEED0985-499F-46CB-8C40-60AD5B365D5C} - System32\Tasks\Microsoft Office 15 Sync Maintenance for brandon-brandon carpenter brandon => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-05-23] (Microsoft Corporation)
Task: {AF730ED0-111D-463B-9797-A8AE3A786A46} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-08-27] (Symantec Corporation)
Task: {BF58E14B-1069-43E0-80DD-BB525A2FD9CD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {C3B89E7C-1287-442D-84DB-9E300D40FB42} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {C50E0EDF-FA4A-4DE3-B3DC-35097B33FF6A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-21] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D08F1AB1-8F5E-4779-937E-7A750E734C77} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E2ACF668-4308-4463-9ECA-B3DD4467FB01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {E3BDCA69-0278-4D27-AE94-D673C4802877} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E4E87EB2-FA70-48A7-86A2-7DD739B216CF} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-04-15] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\AmiUpdXp.job => C:\Users\brandon carpenter\AppData\Local\41\a18467.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-03-27 19:53 - 2013-03-27 19:53 - 00163168 _____ () C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
2014-06-05 14:14 - 2012-08-21 16:07 - 00288768 _____ () C:\WINDOWS\System32\HP1100LM.DLL
2014-05-26 11:51 - 2012-08-21 16:07 - 00074240 ____N () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2014-04-23 04:51 - 2014-04-23 04:51 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-03-24 08:50 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-03-02 14:16 - 2014-04-15 03:39 - 00630952 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-04-10 18:45 - 2013-04-10 18:45 - 00016720 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2014-05-23 13:29 - 2014-05-23 13:29 - 08889512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-07-18 22:38 - 2012-07-18 22:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2014-04-23 04:52 - 2014-04-23 04:52 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-05-29 20:08 - 2014-05-29 20:08 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-04-14 10:11 - 2014-04-14 10:11 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2013-11-26 11:11 - 2012-10-04 15:48 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-11-26 11:11 - 2012-10-04 15:48 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-11-26 11:11 - 2012-10-04 15:48 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-11-26 11:11 - 2012-10-04 15:48 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-11-26 11:11 - 2012-10-04 15:48 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-11-26 11:11 - 2012-10-04 15:48 - 00020480 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-11-26 11:11 - 2012-10-04 15:48 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-11-26 11:11 - 2012-10-04 15:48 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-11-26 11:11 - 2012-10-04 15:48 - 00064512 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2014-05-01 19:40 - 2012-05-30 02:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.5.0.28\wincfi39.dll
2014-06-13 10:20 - 2014-06-13 10:24 - 00025088 _____ () C:\Program Files\WindowsApps\7FCE16C0.SamuraiDefender_1.4.1.0_x86__rn2yrzteqp88t\Template.exe
2014-05-17 10:10 - 2014-05-17 10:10 - 03530752 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\f2bf020fc6307e10194fd94e85d52a72\Windows.UI.Xaml.ni.dll
2014-05-17 10:10 - 2014-05-17 10:10 - 01130496 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\224ab0385dc2991b9139bdbf7bcf8e0e\Windows.ApplicationModel.ni.dll
2014-05-20 19:05 - 2014-05-20 19:10 - 08974848 _____ () C:\Program Files\WindowsApps\7FCE16C0.SamuraiDefender_1.4.1.0_x86__rn2yrzteqp88t\UnityPlayer.dll
2014-05-17 10:10 - 2014-05-17 10:10 - 00960000 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI\c95c4deae76420a882bef7161a449d72\Windows.UI.ni.dll
2014-05-17 10:10 - 2014-05-17 10:10 - 00228864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\cf021988965369c551bb0987fe019862\Windows.Foundation.ni.dll
2014-05-17 10:10 - 2014-05-17 10:10 - 00808448 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Storage\f3deb382d1f91df4e2bf1801afb4ea21\Windows.Storage.ni.dll
2014-05-20 19:05 - 2014-05-20 19:10 - 00376832 _____ () C:\Program Files\WindowsApps\7FCE16C0.SamuraiDefender_1.4.1.0_x86__rn2yrzteqp88t\UnityEngineDelegates.dll
2014-05-17 10:11 - 2014-05-17 10:11 - 00133120 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.System\726121cd59d8545addcd2c64688b5309\Windows.System.ni.dll
2014-05-17 10:10 - 2014-05-17 10:10 - 01282048 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Devices\bf5509cf3a0d2e3afbd0c33e9153ecbd\Windows.Devices.ni.dll
2014-06-13 10:12 - 2014-06-13 10:20 - 00022528 _____ () C:\Program Files\WindowsApps\Fingersoft.FailHard_1.0.12.1_x86__r6rtpscs7gwyg\Template.exe
2014-05-20 19:05 - 2014-05-20 19:10 - 08974848 _____ () C:\Program Files\WindowsApps\Fingersoft.FailHard_1.0.12.1_x86__r6rtpscs7gwyg\UnityPlayer.dll
2014-05-20 19:05 - 2014-05-20 19:10 - 00376832 _____ () C:\Program Files\WindowsApps\Fingersoft.FailHard_1.0.12.1_x86__r6rtpscs7gwyg\UnityEngineDelegates.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Users\brandon carpenter\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
HKLM\...\StartupApproved\Run32: => "mobilegeni daemon"
HKCU\...\StartupApproved\StartupFolder: => "MyPC Backup.lnk"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/13/2014 01:25:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20498 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 5cc
 
Start Time: 01cf872beebed008
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 52495f40-f31f-11e3-beb8-0c54a53359a6
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (06/13/2014 01:22:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: BRANDON)
Description: Package microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe+ppleae38af2e007f4358a809ac99a64a67c1 was terminated because it took too long to suspend.
 
Error: (06/13/2014 09:29:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program TextNow.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 18f8
 
Start Time: 01cf870b37283cb6
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\Enflick.TextNow_1.0.0.1_x64__dkxvxr4vem6pc\TextNow.exe
 
Report Id: 7fbd050d-f2fe-11e3-beb7-0c54a53359a6
 
Faulting package full name: Enflick.TextNow_1.0.0.1_x64__dkxvxr4vem6pc
 
Faulting package-relative application ID: App
 
Error: (06/13/2014 09:27:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: BRANDON)
Description: App Microsoft.BingNews_3.0.2.261_x64__8wekyb3d8bbwe+AppexNews did not launch within its allotted time.
 
Error: (06/13/2014 09:27:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program UNKNOWN version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 5a7c
 
Start Time: 01cf870b3c4e9204
 
Termination Time: 4294967295
 
Application Path: UNKNOWN
 
Report Id: 
 
Faulting package full name: Microsoft.BingNews_3.0.2.261_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: AppexNews
 
Error: (06/13/2014 09:27:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17031 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 5a7c
 
Start Time: 01cf870b3c4e9204
 
Termination Time: 4294967295
 
Application Path: C:\WINDOWS\system32\wwahost.exe
 
Report Id: 
 
Faulting package full name: Microsoft.BingNews_3.0.2.261_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: AppexNews
 
Error: (06/13/2014 09:27:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: BRANDON)
Description: App Enflick.TextNow_1.0.0.1_x64__dkxvxr4vem6pc+App did not launch within its allotted time.
 
Error: (06/13/2014 09:14:27 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (06/12/2014 05:43:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: glcnd.exe, version: 6.3.9600.17044, time stamp: 0x531f2957
Faulting module name: glcnd.exe, version: 6.3.9600.17044, time stamp: 0x531f2957
Exception code: 0xc0000602
Fault offset: 0x00000000008af888
Faulting process id: 0x250c
Faulting application start time: 0xglcnd.exe0
Faulting application path: glcnd.exe1
Faulting module path: glcnd.exe2
Report Id: glcnd.exe3
Faulting package full name: glcnd.exe4
Faulting package-relative application ID: glcnd.exe5
 
Error: (06/12/2014 05:43:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: glcnd.exe, version: 6.3.9600.17044, time stamp: 0x531f2957
Faulting module name: glcnd.exe, version: 6.3.9600.17044, time stamp: 0x531f2957
Exception code: 0xc0000602
Fault offset: 0x00000000008af888
Faulting process id: 0x854
Faulting application start time: 0xglcnd.exe0
Faulting application path: glcnd.exe1
Faulting module path: glcnd.exe2
Report Id: glcnd.exe3
Faulting package full name: glcnd.exe4
Faulting package-relative application ID: glcnd.exe5
 
 
System errors:
=============
Error: (06/13/2014 01:25:56 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume TI80141400B.
 
A corruption was found in a file system index structure.  The file reference number is 0x9000000000009.  The name of the file is "<unable to determine file name>".  The corrupted index attribute is ":$SII:$INDEX_ALLOCATION".  The corrupted index block is located at Vcn 0xe, Lcn 0xffffffffffffffff.  The corruption begins at offset 3832 within the index block.
 
Error: (06/13/2014 11:46:34 AM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: 
 
Error: (06/13/2014 11:46:24 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (06/13/2014 11:30:55 AM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: 
 
Error: (06/13/2014 11:30:37 AM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: 
 
Error: (06/13/2014 11:14:44 AM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: 
 
Error: (06/13/2014 11:02:36 AM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: 
 
Error: (06/13/2014 11:00:34 AM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: 
 
Error: (06/13/2014 10:56:42 AM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: 
 
Error: (06/13/2014 09:41:11 AM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: 
 
 
Microsoft Office Sessions:
=========================
Error: (06/13/2014 01:25:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.204985cc01cf872beebed0084294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe52495f40-f31f-11e3-beb8-0c54a53359a6microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
 
Error: (06/13/2014 01:22:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: BRANDON)
Description: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe+ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (06/13/2014 09:29:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: TextNow.exe1.0.0.018f801cf870b37283cb64294967295C:\Program Files\WindowsApps\Enflick.TextNow_1.0.0.1_x64__dkxvxr4vem6pc\TextNow.exe7fbd050d-f2fe-11e3-beb7-0c54a53359a6Enflick.TextNow_1.0.0.1_x64__dkxvxr4vem6pcApp
 
Error: (06/13/2014 09:27:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: BRANDON)
Description: Microsoft.BingNews_3.0.2.261_x64__8wekyb3d8bbwe+AppexNews
 
Error: (06/13/2014 09:27:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: UNKNOWN0.0.0.05a7c01cf870b3c4e92044294967295UNKNOWNMicrosoft.BingNews_3.0.2.261_x64__8wekyb3d8bbweAppexNews
 
Error: (06/13/2014 09:27:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.170315a7c01cf870b3c4e92044294967295C:\WINDOWS\system32\wwahost.exeMicrosoft.BingNews_3.0.2.261_x64__8wekyb3d8bbweAppexNews
 
Error: (06/13/2014 09:27:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: BRANDON)
Description: Enflick.TextNow_1.0.0.1_x64__dkxvxr4vem6pc+App
 
Error: (06/13/2014 09:14:27 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (06/12/2014 05:43:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: glcnd.exe6.3.9600.17044531f2957glcnd.exe6.3.9600.17044531f2957c000060200000000008af888250c01cf86875614c6baC:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exeC:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe9bbc9fea-f27a-11e3-beb7-0c54a53359a6Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbweMicrosoft.Reader
 
Error: (06/12/2014 05:43:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: glcnd.exe6.3.9600.17044531f2957glcnd.exe6.3.9600.17044531f2957c000060200000000008af88885401cf86875322d219C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exeC:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe92843c9a-f27a-11e3-beb7-0c54a53359a6Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbweMicrosoft.Reader
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-06-03 09:58:26.655
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\FileManager\FileManager.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\symerr.exe that did not meet the Microsoft signing level requirements.
 
  Date: 2014-05-21 13:33:35.848
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\9446MSPEgypt.MilitaryStrength_1.0.0.0_neutral__xwxtf0b908m7e\Global Firepower.exe that did not meet the Store signing level requirements.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 31%
Total physical RAM: 7374.26 MB
Available physical RAM: 5063.64 MB
Total Pagefile: 8526.26 MB
Available Pagefile: 5812.3 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
 
==================== Drives ================================
 
Drive c: (TI80141400B) (Fixed) (Total:919.13 GB) (Free:860.16 GB) NTFS
Drive e: (DoW1) (CDROM) (Total:0.26 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================


#8 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,015 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:11:31 AM

Posted 15 June 2014 - 05:35 AM

Hi shoot259,
 
Thank you for letting me know. I will try and wait longer for your replies, just as long as I know you are active.

 

--------------
 
Do you use Norton Internet Security or Windows Defender as your antivirus?
 
--------------
 
WildTangent Program Warning:
Wildtangent is a video game software company specializing in online games. It has even made a partnership with AOL to include itself as part of the AOL Instant Messenger for their AIM games section. The WildTangent Web Driver is their technology that allows you to play 3D games over the Internet. Although its not technically considered spyware it does have built in components to update itself and gather information about the computer system including:

  • Operating System Version
  • CPU Type and Speed
  • Memory Amount
  • Video Card type and Driver Version
  • Sound Card type and Driver Version
  • DirectX Version
  • Location that the Web Driver was installed from

For that reason I would suggest you uninstalled it via add/remove
 
--------------
 
We need to remove some programs with Revo Uninstaller Free:
 
Note: Revo Uninstaller is more thorough in deleting programs on your computer than using the Add/Remove option in Windows. Since it is a more powerful tool, please be sure to follow the instructions carefully.
Note: If the program you want to uninstall is not listed by Revo, let me know and we will try an altenate method of removal.

  • Please download and install Revo Uninstaller Free
    note: there is no need to click anything on that page, the download will start automatically
  • Double click Revo Uninstaller to run it
  • From the list of programs double click on the listed program(s), or anything similar, to remove it:
Ask Toolbar
PileFile reminder
Rich Media View
  • When prompted if you want to uninstall click Yes
  • Be sure the Moderate option is selected then click Next
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished click on Next
  • Once the program has searched for leftovers click Next
  • Check the items in bold only on the list then click Delete
    note: you may have to expand some folders by clicking the "+" mark
  • When prompted click on Yes and then on Next
  • Put a check on any folders that are found and select Delete
  • When prompted select Yes then Next
  • Once done click Finish

--------------

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • AdwCleaner scan log

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

~Currently in my last year of school, so replies might be more delayed~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#9 shoot259

shoot259
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:canada, under your bed
  • Local time:07:31 AM

Posted 16 June 2014 - 06:20 PM

# AdwCleaner v3.212 - Report created 16/06/2014 at 19:18:07
# Updated 05/06/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : brandon carpenter - BRANDON
# Running from : C:\Users\brandon carpenter\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Users\Public\Desktop\eBay.lnk
File Found : C:\WINDOWS\System32\Tasks\AmiUpdXp
File Found : C:\WINDOWS\Tasks\AmiUpdXp.job
Folder Found : C:\Program Files (x86)\RichMediaViewV1
Folder Found : C:\ProgramData\apn
Folder Found : C:\Users\BRANDO~1\AppData\Local\Temp\apn
Folder Found : C:\Users\brandon carpenter\AppData\Local\41
Folder Found : C:\Users\brandon carpenter\AppData\Local\Mobogenie
Folder Found : C:\Users\brandon carpenter\AppData\Local\SearchProtect
Folder Found : C:\Users\brandon carpenter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Found : C:\Users\brandon carpenter\AppData\Roaming\Oxy
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\Rr Savings
Key Found : HKCU\Software\AppDataLow\Software\Supra Savings
Key Found : HKCU\Software\AppDataLow\Software\ViewPassword
Key Found : HKCU\Software\Escolade
Key Found : HKCU\Software\genesis
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\1ClickDownload
Key Found : [x64] HKCU\Software\Escolade
Key Found : [x64] HKCU\Software\genesis
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : HKLM\SOFTWARE\Classes\speedupmypc
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{363BB65D-1747-4826-B445-1DA6244E2037}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9863E762-BACC-46E4-8CAA-2A6ADA06B65B}
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\Software\SearchProtect
Key Found : HKLM\Software\suprasavings
Key Found : HKLM\Software\Uniblue
Key Found : HKLM\Software\Uniblue\DriverScanner
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Key Found : [x64] HKLM\SOFTWARE\suprasavings
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\brandon carpenter\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [3199 octets] - [16/06/2014 19:18:07]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3259 octets] ##########


#10 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,015 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:11:31 AM

Posted 17 June 2014 - 11:16 AM

Hi shoot259,
 
Double click on AdwCleaner.exe to run the tool again.

  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished.
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

--------------
 
Please re-run FRST from the desktop (like you did before) and press the scan button. It will produce a FRST.txt log located on the desktop. Please copy and paste the log into your next reply.
 
--------------
 
Does PileFinder still appear?

--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • AdwCleaner clean log
  • New FRST.txt

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

~Currently in my last year of school, so replies might be more delayed~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#11 shoot259

shoot259
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:canada, under your bed
  • Local time:07:31 AM

Posted 17 June 2014 - 12:34 PM

adware clean log

 

# AdwCleaner v3.212 - Report created 17/06/2014 at 13:27:25
# Updated 05/06/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : brandon carpenter - BRANDON
# Running from : C:\Users\brandon carpenter\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\Program Files (x86)\RichMediaViewV1
Folder Deleted : C:\Users\BRANDO~1\AppData\Local\Temp\apn
Folder Deleted : C:\Users\brandon carpenter\AppData\Local\41
Folder Deleted : C:\Users\brandon carpenter\AppData\Local\Mobogenie
Folder Deleted : C:\Users\brandon carpenter\AppData\Local\SearchProtect
Folder Deleted : C:\Users\brandon carpenter\AppData\Roaming\Oxy
Folder Deleted : C:\Users\brandon carpenter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\WINDOWS\Tasks\AmiUpdXp.job
File Deleted : C:\WINDOWS\System32\Tasks\AmiUpdXp
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{363BB65D-1747-4826-B445-1DA6244E2037}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9863E762-BACC-46E4-8CAA-2A6ADA06B65B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Escolade
Key Deleted : HKCU\Software\genesis
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Rr Savings
Key Deleted : HKCU\Software\AppDataLow\Software\Supra Savings
Key Deleted : HKCU\Software\AppDataLow\Software\ViewPassword
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\suprasavings
Key Deleted : HKLM\Software\Uniblue
Key Deleted : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Key Deleted : [x64] HKLM\SOFTWARE\suprasavings
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\brandon carpenter\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [3371 octets] - [16/06/2014 19:18:07]
AdwCleaner[R1].txt - [3431 octets] - [17/06/2014 13:25:45]
AdwCleaner[S0].txt - [3115 octets] - [17/06/2014 13:27:25]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3175 octets] ##########
 
FRST txt log
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 02
Ran by brandon carpenter (administrator) on BRANDON on 17-06-2014 13:31:50
Running from C:\Users\brandon carpenter\Desktop
Platform: Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565472 2013-04-22] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [170848 2013-01-29] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1549392 2013-03-04] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [374784 2013-01-16] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [467360 2013-03-08] (TOSHIBA)
HKLM-x32\...\Run: [Intel AppUp® center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-04-23] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3886954115-1495926628-1329715624-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [429792 2013-02-08] (AppEx Networks Corporation)
HKU\S-1-5-21-3886954115-1495926628-1329715624-1001\...\MountPoints2: {7d3fdaf4-dd19-11e3-8250-806e6f6e6963} - "E:\autoplay.exe" 
HKU\S-1-5-21-3886954115-1495926628-1329715624-1001\...\MountPoints2: {c0d54d8f-d070-11e3-bea1-0c54a53359a6} - "D:\SISetup.exe" 
Startup: C:\Users\brandon carpenter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fitness testing for Military.txt ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3886954115-1495926628-1329715624-1001\User: Group Policy restriction detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.toshiba.ca/welcome/?w=23
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.toshiba.ca/welcome/?w=23
SearchScopes: HKLM - DefaultScope {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKLM - {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKCU - {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: No Name - {4F524A2D-5637-4300-76A7-7A786E7484D7} -  No File
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {4F524A2D-5637-4300-76A7-7A786E7484D7} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 209.226.175.141
 
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\IPSFF
 
Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Wallet) - C:\Users\brandon carpenter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-21]
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] -  [2014-04-21]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] -  [2014-04-21]
 
==================== Services (Whitelisted) =================
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-23] (Advanced Micro Devices, Inc.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2266296 2014-05-16] (Microsoft Corporation)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-04-10] ()
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
U2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-04-17] (IDT, Inc.) [File not signed]
S4 THAccelSvc; C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [216976 2013-03-26] (TOSHIBA CORPORATION)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-05-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-05-16] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [37472 2013-02-13] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [217824 2013-03-21] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-01-15] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [311968 2014-03-30] ()
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
S3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1405000.01C\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-03-01] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-03-01] (Symantec Corporation) [File not signed]
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-03-18] (Microsoft Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2014-03-29] ()
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-08-21] (Marvell Semiconductor, Inc.)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-03-18] (Microsoft Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2987224 2013-11-24] (Realtek Semiconductor Corporation                           )
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-03-18] (Microsoft Corporation)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [30448 2013-10-30] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1405000.01C\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
S3 SRTSPX; C:\Windows\system32\drivers\NISx64\1405000.01C\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2014-03-18] (Microsoft Corporation)
S3 SymDS; C:\Windows\system32\drivers\NISx64\1405000.01C\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
S3 SymEFA; C:\Windows\system32\drivers\NISx64\1405000.01C\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NISx64\1405000.01C\SymELAM.sys [23448 2012-11-15] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2014-03-02] (Symantec Corporation)
S3 SymIRON; C:\Windows\system32\drivers\NISx64\1405000.01C\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1405000.01C\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
R0 THAccel; C:\Windows\System32\DRIVERS\THAccel.sys [110976 2013-03-25] (TOSHIBA Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows ® Win 7 DDK provider)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-05-16] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-05-16] (Microsoft Corporation)
S3 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [X]
S3 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20140328.001\IDSvia64.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20140331.003\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20140331.003\EX64.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-17 13:31 - 2014-06-17 13:31 - 00016382 _____ () C:\Users\brandon carpenter\Desktop\FRST.txt
2014-06-16 19:18 - 2014-06-17 13:27 - 00000000 ____D () C:\AdwCleaner
2014-06-16 19:18 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-06-16 19:10 - 2014-06-16 19:10 - 01333465 _____ () C:\Users\brandon carpenter\Desktop\AdwCleaner.exe
2014-06-16 19:10 - 2014-06-16 19:10 - 00001290 _____ () C:\Users\brandon carpenter\Desktop\Revo Uninstaller.lnk
2014-06-16 19:10 - 2014-06-16 19:10 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-16 19:09 - 2014-06-16 19:09 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\brandon carpenter\Downloads\revosetup.exe
2014-06-16 14:18 - 2014-06-16 14:18 - 00067584 _____ (Microsoft Corporation) C:\Users\brandon carpenter\Downloads\QuickMenuv6.EXE
2014-06-16 11:49 - 2014-06-16 11:51 - 00000000 ____D () C:\Users\brandon carpenter\AppData\Roaming\Notepad++
2014-06-16 11:47 - 2014-06-16 14:11 - 00000000 ____D () C:\Users\brandon carpenter\Desktop\Notepad++
2014-06-16 11:47 - 2014-05-17 23:35 - 00000590 _____ () C:\Users\brandon carpenter\Desktop\Notepad++.lnk
2014-06-16 08:37 - 2014-06-17 08:44 - 00000000 ____D () C:\Users\brandon carpenter\Desktop\Deal with these
2014-06-14 19:12 - 2014-06-14 19:12 - 00000000 ____D () C:\Users\brandon carpenter\Documents\Gotham
2014-06-14 18:15 - 2014-06-14 18:15 - 00002264 _____ () C:\Users\Public\Desktop\Conflict Desert Storm II.lnk
2014-06-14 17:45 - 2014-06-17 13:31 - 00000000 ____D () C:\Users\brandon carpenter\Desktop\FRST 64
2014-06-14 17:45 - 2014-06-14 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gotham Games
2014-06-14 17:44 - 2014-06-14 17:44 - 00000000 ____D () C:\Program Files (x86)\Gotham Games
2014-06-14 14:42 - 2014-06-17 08:35 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-14 14:42 - 2014-06-14 14:42 - 00001025 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-06-14 14:42 - 2014-06-14 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-14 14:38 - 2014-06-14 14:39 - 01141680 _____ () C:\Users\brandon carpenter\Downloads\SteamSetup.exe
2014-06-14 14:11 - 2014-06-14 14:11 - 00003054 _____ () C:\WINDOWS\System32\Tasks\{252B0A81-056C-41E2-B0BC-57E852D7A7E3}
2014-06-14 14:07 - 2014-06-14 14:07 - 00126976 _____ (Blizzard Entertainment) C:\WINDOWS\War3Unin.exe
2014-06-14 14:07 - 2014-06-14 14:07 - 00019231 _____ () C:\WINDOWS\War3Unin.dat
2014-06-14 14:07 - 2014-06-14 14:07 - 00002829 _____ () C:\WINDOWS\War3Unin.pif
2014-06-14 14:07 - 2014-06-14 14:07 - 00002011 _____ () C:\Users\Guest\Desktop\Warcraft III.lnk
2014-06-14 14:07 - 2014-06-14 14:07 - 00002011 _____ () C:\Users\brandon carpenter\Desktop\Warcraft III.lnk
2014-06-14 14:07 - 2014-06-14 14:07 - 00000000 ____D () C:\Users\brandon carpenter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III
2014-06-14 14:07 - 2014-06-14 14:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
2014-06-14 14:02 - 2014-06-16 17:43 - 00000000 ____D () C:\Program Files (x86)\Warcraft III
2014-06-13 17:21 - 2014-06-13 17:22 - 00000000 ____D () C:\Users\brandon carpenter\Desktop\DDS
2014-06-13 13:22 - 2014-06-17 13:31 - 00000000 ____D () C:\FRST
2014-06-13 11:45 - 2014-06-13 11:45 - 02081792 _____ (Farbar) C:\Users\brandon carpenter\Desktop\FRST64.exe
2014-06-13 11:34 - 2014-06-13 11:34 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-06-13 10:56 - 2014-05-08 19:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-13 09:41 - 2014-06-13 09:42 - 00102975 _____ () C:\Users\brandon carpenter\Downloads\LOIC-1.0.7.42-binary.zip
2014-06-13 09:37 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-13 09:37 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-13 09:37 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-13 09:37 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-13 09:37 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-13 09:37 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-13 09:37 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-13 09:37 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-13 09:37 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-13 09:37 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-13 09:37 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-13 09:37 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-13 09:37 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-13 09:37 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-13 09:37 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-13 09:37 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-13 09:37 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-13 09:37 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-13 09:37 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-13 09:37 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-13 09:37 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-13 09:37 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-13 09:37 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-13 09:37 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-13 09:37 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-13 09:37 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-13 09:37 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-13 09:37 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-13 09:37 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-13 09:37 - 2014-02-06 07:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-13 09:37 - 2014-02-06 07:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-13 09:37 - 2014-02-06 07:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-13 09:37 - 2014-02-06 06:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-13 09:37 - 2014-02-06 06:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-13 09:37 - 2014-02-06 06:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-13 09:37 - 2014-02-06 06:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-13 09:37 - 2014-02-06 06:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-13 09:37 - 2014-02-06 05:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-13 09:37 - 2014-02-06 05:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-13 09:37 - 2014-02-06 05:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-13 09:37 - 2014-02-06 05:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-13 09:34 - 2014-06-17 09:15 - 00000000 ____D () C:\Users\brandon carpenter\Documents\StarCraft II
2014-06-13 09:29 - 2014-05-19 02:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-13 09:29 - 2014-05-19 02:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-13 09:29 - 2014-05-19 01:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-13 09:29 - 2014-05-09 23:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-13 09:29 - 2014-05-09 23:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-13 09:29 - 2014-05-05 00:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-13 09:29 - 2014-05-03 03:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-13 09:29 - 2014-05-03 00:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-13 09:29 - 2014-05-03 00:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-13 09:29 - 2014-05-02 23:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-13 09:29 - 2014-05-02 23:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-13 09:29 - 2014-04-30 00:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-13 09:29 - 2014-04-30 00:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-13 09:29 - 2014-04-03 03:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-13 09:29 - 2014-04-03 03:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-13 09:28 - 2014-05-01 09:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-13 09:28 - 2014-05-01 09:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-13 09:28 - 2014-05-01 03:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-13 09:28 - 2014-05-01 03:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-13 09:28 - 2014-05-01 02:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-13 09:28 - 2014-05-01 01:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-13 09:28 - 2014-04-30 07:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-13 09:28 - 2014-04-29 23:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-13 09:28 - 2014-04-29 23:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-12 15:08 - 2014-06-12 15:08 - 00000000 ____D () C:\Users\brandon carpenter\AppData\Local\AMD
2014-06-12 15:08 - 2014-06-12 15:08 - 00000000 ____D () C:\ProgramData\ATI
2014-06-12 12:25 - 2014-06-12 12:25 - 00000017 _____ () C:\Users\brandon carpenter\Desktop\Liars.txt
2014-06-12 11:36 - 2014-06-12 11:36 - 00054873 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201406121136464165.log
2014-06-12 11:36 - 2014-06-12 11:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-06-12 11:36 - 2014-06-12 11:36 - 00000000 ____D () C:\Program Files (x86)\Advanced Micro Devices, Inc
2014-06-12 11:35 - 2014-06-12 11:35 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-06-12 11:34 - 2014-06-12 11:34 - 00000000 ____D () C:\Users\Default\AppData\Roaming\ATI
2014-06-12 11:34 - 2014-06-12 11:34 - 00000000 ____D () C:\Users\Default\AppData\Local\ATI
2014-06-12 11:34 - 2014-06-12 11:34 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\ATI
2014-06-12 11:34 - 2014-06-12 11:34 - 00000000 ____D () C:\Users\Default User\AppData\Local\ATI
2014-06-12 11:33 - 2014-06-12 11:33 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-11 17:58 - 2014-06-11 17:58 - 00000000 ___DC () C:\Users\brandon carpenter\AppData\Local\MigWiz
2014-06-11 11:11 - 2014-06-11 11:11 - 00000000 ____H () C:\Users\brandon carpenter\Documents\Default.rdp
2014-06-05 19:54 - 2014-06-05 19:54 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-05 14:15 - 2014-06-05 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-06-05 14:15 - 2012-08-31 10:32 - 00126880 _____ (HP) C:\WINDOWS\system32\HPSIsvc.exe
2014-06-05 14:14 - 2012-08-21 16:07 - 01696256 _____ () C:\WINDOWS\system32\HP1100SM.EXE
2014-06-05 14:14 - 2012-08-21 16:07 - 00288768 _____ () C:\WINDOWS\system32\HP1100LM.DLL
2014-06-05 14:13 - 2014-06-05 14:13 - 00000000 ____D () C:\Program Files\HP
2014-06-05 14:13 - 2012-08-21 04:13 - 00350720 _____ () C:\WINDOWS\system32\mvhlewsi.DLL
2014-06-05 14:13 - 2012-08-21 04:08 - 00049664 _____ () C:\WINDOWS\system32\HP1100SMs.dll
2014-06-05 13:44 - 2014-06-05 13:44 - 00951120 _____ () C:\Users\brandon carpenter\Documents\Food drive.pptx
2014-06-04 14:42 - 2014-06-04 15:22 - 00000020 _____ () C:\Users\brandon carpenter\Desktop\bitty.txt
2014-06-04 13:36 - 2014-06-04 13:36 - 00001023 _____ () C:\Users\brandon carpenter\Documents - Shortcut.lnk
2014-06-04 11:55 - 2014-06-04 14:37 - 00000000 ____D () C:\Users\brandon carpenter\Desktop\HappyWheels Full
2014-06-02 09:55 - 2014-06-04 09:47 - 06416804 _____ () C:\Users\brandon carpenter\Desktop\D-Day.pptx
2014-05-28 16:53 - 2014-05-28 16:53 - 03461040 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap
2014-05-28 16:53 - 2014-05-28 16:53 - 03426688 _____ () C:\WINDOWS\system32\atiumd6a.cap
2014-05-28 16:53 - 2014-05-28 16:53 - 00230912 _____ () C:\WINDOWS\system32\clinfo.exe
2014-05-28 16:53 - 2014-05-28 16:53 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00129536 _____ (AMD) C:\WINDOWS\system32\coinst_13.251.9001.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00099840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00083968 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00073728 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 29382144 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 26352128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 24860160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 22157824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 13209088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2014-05-28 16:52 - 2014-05-28 16:52 - 00825344 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00626688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2014-05-28 16:52 - 2014-05-28 16:52 - 00550464 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb
2014-05-28 16:52 - 2014-05-28 16:52 - 00550464 _____ () C:\WINDOWS\system32\atiapfxx.blb
2014-05-28 16:52 - 2014-05-28 16:52 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00412672 _____ () C:\WINDOWS\system32\amdmiracast.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 00157736 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00142304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00134656 _____ () C:\WINDOWS\system32\amdhdl64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00074752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00063488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00057344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2014-05-26 11:50 - 2012-08-21 03:57 - 00082944 _____ () C:\WINDOWS\system32\mvusbews.dll
2014-05-26 11:50 - 2012-08-21 03:57 - 00020480 _____ (Marvell Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\mvusbews.sys
2014-05-26 11:50 - 2012-06-21 03:38 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2014-05-24 18:39 - 2014-05-24 18:39 - 00000000 ____D () C:\Users\brandon carpenter\Desktop\mario 64
2014-05-23 17:04 - 2014-05-30 16:55 - 00000895 _____ () C:\Users\brandon
2014-05-22 20:35 - 2014-05-22 20:35 - 00606274 _____ (Three Rings Design, Inc.) C:\Users\brandon carpenter\Downloads\yohoho-0--en-install.exe
2014-05-21 11:40 - 2014-05-21 11:40 - 00000000 __SHD () C:\found.000
2014-05-21 07:53 - 2014-05-21 07:53 - 00000000 ___HD () C:\$SysReset
2014-05-20 09:26 - 2014-04-08 18:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-05-20 09:26 - 2014-04-08 18:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-05-20 09:26 - 2014-04-08 14:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-05-20 09:26 - 2014-04-08 14:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-05-19 12:07 - 2014-05-19 12:07 - 00000000 _____ () C:\WINDOWS\iPlayer.INI
2014-05-19 12:01 - 2014-05-19 12:10 - 00000000 ____D () C:\Program Files\InterActual
2014-05-19 11:51 - 2014-05-19 11:51 - 00000529 _____ () C:\WINDOWS\KB893803v2.log
 
==================== One Month Modified Files and Folders =======
 
2014-06-17 13:33 - 2014-05-16 12:56 - 00000000 ____D () C:\Users\brandon carpenter\AppData\Local\Temp
2014-06-17 13:32 - 2014-06-17 13:31 - 00016382 _____ () C:\Users\brandon carpenter\Desktop\FRST.txt
2014-06-17 13:32 - 2014-04-21 12:42 - 00002209 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-17 13:31 - 2014-06-14 17:45 - 00000000 ____D () C:\Users\brandon carpenter\Desktop\FRST 64
2014-06-17 13:31 - 2014-06-13 13:22 - 00000000 ____D () C:\FRST
2014-06-17 13:30 - 2014-05-16 13:35 - 00000000 ___RD () C:\Users\brandon carpenter\OneDrive
2014-06-17 13:30 - 2014-04-21 12:39 - 00000932 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-17 13:29 - 2014-04-03 12:27 - 00000502 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2014-06-17 13:29 - 2014-03-18 05:54 - 00003756 _____ () C:\WINDOWS\PFRO.log
2014-06-17 13:29 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-17 13:28 - 2014-05-16 13:01 - 01361365 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-17 13:28 - 2013-08-22 09:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-06-17 13:27 - 2014-06-16 19:18 - 00000000 ____D () C:\AdwCleaner
2014-06-17 13:23 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-06-17 11:53 - 2014-03-02 14:28 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3886954115-1495926628-1329715624-1001
2014-06-17 11:49 - 2014-03-18 06:03 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-17 11:48 - 2014-03-03 15:21 - 00005018 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for brandon-brandon carpenter brandon
2014-06-17 11:47 - 2014-04-21 12:39 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-17 11:47 - 2013-08-22 10:46 - 00335033 _____ () C:\WINDOWS\setupact.log
2014-06-17 11:46 - 2014-03-05 14:57 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-17 11:46 - 2014-03-05 14:57 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-17 09:45 - 2014-05-16 14:24 - 00003970 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{98573B23-D2E2-43C6-BEEB-C9CE10BAD1C9}
2014-06-17 09:15 - 2014-06-13 09:34 - 00000000 ____D () C:\Users\brandon carpenter\Documents\StarCraft II
2014-06-17 08:44 - 2014-06-16 08:37 - 00000000 ____D () C:\Users\brandon carpenter\Desktop\Deal with these
2014-06-17 08:35 - 2014-06-14 14:42 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-16 19:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-06-16 19:52 - 2014-02-28 12:44 - 00000000 ____D () C:\Users\brandon carpenter\AppData\Local\Packages
2014-06-16 19:10 - 2014-06-16 19:10 - 01333465 _____ () C:\Users\brandon carpenter\Desktop\AdwCleaner.exe
2014-06-16 19:10 - 2014-06-16 19:10 - 00001290 _____ () C:\Users\brandon carpenter\Desktop\Revo Uninstaller.lnk
2014-06-16 19:10 - 2014-06-16 19:10 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-16 19:09 - 2014-06-16 19:09 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\brandon carpenter\Downloads\revosetup.exe
2014-06-16 17:43 - 2014-06-14 14:02 - 00000000 ____D () C:\Program Files (x86)\Warcraft III
2014-06-16 15:19 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-06-16 14:18 - 2014-06-16 14:18 - 00067584 _____ (Microsoft Corporation) C:\Users\brandon carpenter\Downloads\QuickMenuv6.EXE
2014-06-16 14:11 - 2014-06-16 11:47 - 00000000 ____D () C:\Users\brandon carpenter\Desktop\Notepad++
2014-06-16 11:51 - 2014-06-16 11:49 - 00000000 ____D () C:\Users\brandon carpenter\AppData\Roaming\Notepad++
2014-06-16 10:08 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-16 08:30 - 2013-11-26 11:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-16 08:30 - 2013-11-26 11:12 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-06-16 08:29 - 2014-02-28 12:48 - 00000000 ____D () C:\Users\brandon carpenter\AppData\Roaming\WildTangent
2014-06-16 08:29 - 2013-11-26 11:12 - 00000000 ____D () C:\ProgramData\WildTangent
2014-06-15 17:35 - 2014-05-16 12:56 - 00000000 ____D () C:\Users\brandon carpenter
2014-06-14 19:12 - 2014-06-14 19:12 - 00000000 ____D () C:\Users\brandon carpenter\Documents\Gotham
2014-06-14 18:15 - 2014-06-14 18:15 - 00002264 _____ () C:\Users\Public\Desktop\Conflict Desert Storm II.lnk
2014-06-14 17:45 - 2014-06-14 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gotham Games
2014-06-14 17:45 - 2013-04-26 04:47 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-14 17:44 - 2014-06-14 17:44 - 00000000 ____D () C:\Program Files (x86)\Gotham Games
2014-06-14 14:42 - 2014-06-14 14:42 - 00001025 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-06-14 14:42 - 2014-06-14 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-14 14:39 - 2014-06-14 14:38 - 01141680 _____ () C:\Users\brandon carpenter\Downloads\SteamSetup.exe
2014-06-14 14:11 - 2014-06-14 14:11 - 00003054 _____ () C:\WINDOWS\System32\Tasks\{252B0A81-056C-41E2-B0BC-57E852D7A7E3}
2014-06-14 14:07 - 2014-06-14 14:07 - 00126976 _____ (Blizzard Entertainment) C:\WINDOWS\War3Unin.exe
2014-06-14 14:07 - 2014-06-14 14:07 - 00019231 _____ () C:\WINDOWS\War3Unin.dat
2014-06-14 14:07 - 2014-06-14 14:07 - 00002829 _____ () C:\WINDOWS\War3Unin.pif
2014-06-14 14:07 - 2014-06-14 14:07 - 00002011 _____ () C:\Users\Guest\Desktop\Warcraft III.lnk
2014-06-14 14:07 - 2014-06-14 14:07 - 00002011 _____ () C:\Users\brandon carpenter\Desktop\Warcraft III.lnk
2014-06-14 14:07 - 2014-06-14 14:07 - 00000000 ____D () C:\Users\brandon carpenter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III
2014-06-14 14:07 - 2014-06-14 14:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
2014-06-13 17:22 - 2014-06-13 17:21 - 00000000 ____D () C:\Users\brandon carpenter\Desktop\DDS
2014-06-13 11:47 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-13 11:47 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-13 11:45 - 2014-06-13 11:45 - 02081792 _____ (Farbar) C:\Users\brandon carpenter\Desktop\FRST64.exe
2014-06-13 11:36 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-13 11:34 - 2014-06-13 11:34 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-06-13 11:34 - 2014-05-16 12:49 - 00002990 _____ () C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2014-06-13 09:44 - 2012-01-29 14:04 - 00135168 _____ () C:\Users\brandon carpenter\Desktop\LOIC.exe
2014-06-13 09:42 - 2014-06-13 09:41 - 00102975 _____ () C:\Users\brandon carpenter\Downloads\LOIC-1.0.7.42-binary.zip
2014-06-13 09:39 - 2014-03-17 10:37 - 00000000 ____D () C:\Users\brandon carpenter\AppData\Roaming\.minecraft
2014-06-13 09:33 - 2014-03-03 17:58 - 00000000 ____D () C:\Users\brandon carpenter\Desktop\StarCraft II
2014-06-12 15:08 - 2014-06-12 15:08 - 00000000 ____D () C:\Users\brandon carpenter\AppData\Local\AMD
2014-06-12 15:08 - 2014-06-12 15:08 - 00000000 ____D () C:\ProgramData\ATI
2014-06-12 12:25 - 2014-06-12 12:25 - 00000017 _____ () C:\Users\brandon carpenter\Desktop\Liars.txt
2014-06-12 11:36 - 2014-06-12 11:36 - 00054873 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201406121136464165.log
2014-06-12 11:36 - 2014-06-12 11:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-06-12 11:36 - 2014-06-12 11:36 - 00000000 ____D () C:\Program Files (x86)\Advanced Micro Devices, Inc
2014-06-12 11:35 - 2014-06-12 11:35 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-06-12 11:35 - 2013-11-26 10:42 - 00000000 ____D () C:\ProgramData\AMD
2014-06-12 11:35 - 2013-11-26 10:41 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-06-12 11:34 - 2014-06-12 11:34 - 00000000 ____D () C:\Users\Default\AppData\Roaming\ATI
2014-06-12 11:34 - 2014-06-12 11:34 - 00000000 ____D () C:\Users\Default\AppData\Local\ATI
2014-06-12 11:34 - 2014-06-12 11:34 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\ATI
2014-06-12 11:34 - 2014-06-12 11:34 - 00000000 ____D () C:\Users\Default User\AppData\Local\ATI
2014-06-12 11:33 - 2014-06-12 11:33 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-11 17:58 - 2014-06-11 17:58 - 00000000 ___DC () C:\Users\brandon carpenter\AppData\Local\MigWiz
2014-06-11 11:11 - 2014-06-11 11:11 - 00000000 ____H () C:\Users\brandon carpenter\Documents\Default.rdp
2014-06-11 10:41 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-06-05 20:39 - 2014-05-05 21:21 - 00000000 ____D () C:\Users\brandon carpenter\Desktop\Poetry
2014-06-05 19:54 - 2014-06-05 19:54 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-05 14:15 - 2014-06-05 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-06-05 14:13 - 2014-06-05 14:13 - 00000000 ____D () C:\Program Files\HP
2014-06-05 13:44 - 2014-06-05 13:44 - 00951120 _____ () C:\Users\brandon carpenter\Documents\Food drive.pptx
2014-06-04 15:22 - 2014-06-04 14:42 - 00000020 _____ () C:\Users\brandon carpenter\Desktop\bitty.txt
2014-06-04 14:37 - 2014-06-04 11:55 - 00000000 ____D () C:\Users\brandon carpenter\Desktop\HappyWheels Full
2014-06-04 13:36 - 2014-06-04 13:36 - 00001023 _____ () C:\Users\brandon carpenter\Documents - Shortcut.lnk
2014-06-04 09:47 - 2014-06-02 09:55 - 06416804 _____ () C:\Users\brandon carpenter\Desktop\D-Day.pptx
2014-05-31 01:13 - 2013-08-22 11:38 - 00703992 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-05-31 01:13 - 2013-08-22 11:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-30 16:55 - 2014-05-23 17:04 - 00000895 _____ () C:\Users\brandon
2014-05-30 06:21 - 2014-06-13 09:37 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-30 05:45 - 2014-06-13 09:37 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-05-30 05:28 - 2014-06-13 09:37 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-05-30 05:20 - 2014-06-13 09:37 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-05-30 05:18 - 2014-06-13 09:37 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-30 05:08 - 2014-06-13 09:37 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-05-30 05:06 - 2014-06-13 09:37 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-05-30 04:46 - 2014-06-13 09:37 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-30 04:44 - 2014-06-13 09:37 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-05-30 04:43 - 2014-06-13 09:37 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-05-30 04:38 - 2014-06-13 09:37 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-05-30 04:35 - 2014-06-13 09:37 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-05-30 04:29 - 2014-06-13 09:37 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-05-30 04:27 - 2014-06-13 09:37 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-05-30 04:23 - 2014-06-13 09:37 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-05-30 04:16 - 2014-06-13 09:37 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-05-30 04:04 - 2014-06-13 09:37 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-30 04:02 - 2014-06-13 09:37 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-05-30 03:56 - 2014-06-13 09:37 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-05-30 03:56 - 2014-06-13 09:37 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-05-30 03:54 - 2014-06-13 09:37 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-05-30 03:49 - 2014-06-13 09:37 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-05-30 03:43 - 2014-06-13 09:37 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-05-30 03:40 - 2014-06-13 09:37 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-05-30 03:30 - 2014-06-13 09:37 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-05-30 03:21 - 2014-06-13 09:37 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-05-30 03:15 - 2014-06-13 09:37 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-05-30 03:13 - 2014-06-13 09:37 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-05-30 03:13 - 2014-06-13 09:37 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 03461040 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap
2014-05-28 16:53 - 2014-05-28 16:53 - 03426688 _____ () C:\WINDOWS\system32\atiumd6a.cap
2014-05-28 16:53 - 2014-05-28 16:53 - 00230912 _____ () C:\WINDOWS\system32\clinfo.exe
2014-05-28 16:53 - 2014-05-28 16:53 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00129536 _____ (AMD) C:\WINDOWS\system32\coinst_13.251.9001.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00099840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00083968 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00073728 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
2014-05-28 16:53 - 2013-12-13 10:23 - 08927704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2014-05-28 16:53 - 2013-12-13 10:23 - 08287008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2014-05-28 16:53 - 2013-12-13 10:23 - 07751920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2014-05-28 16:53 - 2013-12-13 10:23 - 06630232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2014-05-28 16:53 - 2013-12-13 10:23 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2014-05-28 16:53 - 2013-12-13 10:23 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2014-05-28 16:53 - 2013-12-13 10:23 - 00115512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2014-05-28 16:53 - 2013-12-13 10:23 - 00098496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 29382144 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 26352128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 24860160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 22157824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 13209088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2014-05-28 16:52 - 2014-05-28 16:52 - 00825344 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00626688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2014-05-28 16:52 - 2014-05-28 16:52 - 00550464 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb
2014-05-28 16:52 - 2014-05-28 16:52 - 00550464 _____ () C:\WINDOWS\system32\atiapfxx.blb
2014-05-28 16:52 - 2014-05-28 16:52 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00412672 _____ () C:\WINDOWS\system32\amdmiracast.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 00157736 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00142304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00134656 _____ () C:\WINDOWS\system32\amdhdl64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00074752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00063488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00057344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2014-05-28 16:52 - 2013-12-13 10:23 - 09753752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2014-05-28 16:52 - 2013-12-13 10:23 - 08406024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2014-05-28 16:52 - 2013-12-13 10:23 - 01318552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2014-05-28 16:52 - 2013-12-13 10:23 - 01144320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2014-05-28 16:52 - 2013-12-13 10:23 - 01100216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2014-05-28 16:52 - 2013-12-13 10:23 - 00588288 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2014-05-28 16:52 - 2013-12-13 10:23 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2014-05-24 18:39 - 2014-05-24 18:39 - 00000000 ____D () C:\Users\brandon carpenter\Desktop\mario 64
2014-05-23 14:09 - 2014-03-02 14:16 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-05-23 08:26 - 2014-04-08 18:16 - 00002177 _____ () C:\Users\brandon carpenter\Desktop\Puzzle Pirates.lnk
2014-05-23 08:25 - 2014-04-08 18:16 - 00002110 _____ () C:\Users\brandon carpenter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Puzzle Pirates.lnk
2014-05-22 20:35 - 2014-05-22 20:35 - 00606274 _____ (Three Rings Design, Inc.) C:\Users\brandon carpenter\Downloads\yohoho-0--en-install.exe
2014-05-21 11:40 - 2014-05-21 11:40 - 00000000 __SHD () C:\found.000
2014-05-21 07:53 - 2014-05-21 07:53 - 00000000 ___HD () C:\$SysReset
2014-05-21 07:44 - 2013-11-26 11:04 - 00000000 ____D () C:\ProgramData\Norton
2014-05-20 09:17 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-05-20 09:14 - 2014-03-19 11:26 - 00002085 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-05-20 09:14 - 2013-04-26 04:46 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-20 08:29 - 2014-05-16 16:45 - 00000000 ___DC () C:\WINDOWS\Panther
2014-05-19 12:10 - 2014-05-19 12:01 - 00000000 ____D () C:\Program Files\InterActual
2014-05-19 12:07 - 2014-05-19 12:07 - 00000000 _____ () C:\WINDOWS\iPlayer.INI
2014-05-19 11:51 - 2014-05-19 11:51 - 00000529 _____ () C:\WINDOWS\KB893803v2.log
2014-05-19 02:31 - 2014-06-13 09:29 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-05-19 02:21 - 2014-06-13 09:29 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-05-19 01:23 - 2014-06-13 09:29 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
 
Files to move or delete:
====================
C:\ProgramData\hash.dat
 
 
Some content of TEMP:
====================
C:\Users\brandon carpenter\AppData\Local\Temp\CmdLineExt03.dll
C:\Users\brandon carpenter\AppData\Local\Temp\npp.6.6.6.Installer.exe
C:\Users\brandon carpenter\AppData\Local\Temp\Quarantine.exe
C:\Users\brandon carpenter\AppData\Local\Temp\siinst.exe
C:\Users\brandon carpenter\AppData\Local\Temp\SIntf16.dll
C:\Users\brandon carpenter\AppData\Local\Temp\SIntf32.dll
C:\Users\brandon carpenter\AppData\Local\Temp\SIntfNT.dll
C:\Users\brandon carpenter\AppData\Local\Temp\siuninst.exe
C:\Users\brandon carpenter\AppData\Local\Temp\strings.dll
C:\Users\brandon carpenter\AppData\Local\Temp\war3_Install.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-06-17 09:55
 
==================== End Of Log ============================
and when i go into the Uninstall Programs i don't see PileFinder, but i'm not sure if that just means it's hiding or if it's actually gone


#12 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,015 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:11:31 AM

Posted 18 June 2014 - 11:32 AM

Hi shoot259,
 
No, if you don't see PileFinder then it means Revo Uninstaller did its job and got rid of it :)

We need to run a fix with FRST:

  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter.
  • Copy and paste the script below in the notepad document:​
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3886954115-1495926628-1329715624-1001\User: Group Policy restriction detected <======= ATTENTION
BHO: No Name - {4F524A2D-5637-4300-76A7-7A786E7484D7} -  No File
Toolbar: HKLM-x32 - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {4F524A2D-5637-4300-76A7-7A786E7484D7} -  No File
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] -  [2014-04-21]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] -  [2014-04-21]
S3 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [X]
S3 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20140328.001\IDSvia64.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20140331.003\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20140331.003\EX64.SYS [X]
Task: C:\WINDOWS\Tasks\AmiUpdXp.job => C:\Users\brandon carpenter\AppData\Local\41\a18467.exe <==== ATTENTION
Task: {81B3AB51-F537-4DA5-98D1-9CDBD1D4AA02} - \PileFile logon No Task File <==== ATTENTION
Task: {44164173-BD9C-45FF-8E68-F29A2336FDC1} - \PileFile reminder No Task File <==== ATTENTION
Task: {2404C701-0446-41D6-B5DC-7A38C699EEE0} - System32\Tasks\AmiUpdXp => C:\Users\brandon carpenter\AppData\Local\41\a18467.exe [2014-04-03] () <==== ATTENTION
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
  • Save the file to your desktop and name it as fixlist.txt

Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run.
  • Please copy and paste the log in your next reply.

--------------
 
Please download Malwarebytes Anti-Malware to your desktop.

  • Double-click mb3-setup-1878.1878-3.3.1.2183.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

--------------

This scan can take a long time, so it is best done overnight or when you do not need the computer
 
I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • Fixlog.txt
  • Malwarebytes log
  • ESET log

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

~Currently in my last year of school, so replies might be more delayed~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#13 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,015 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:11:31 AM

Posted 25 June 2014 - 01:26 PM

Hi shoot259,
 
This is a 3 day bump:
 
It has been more than 3 days since my last post.

  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

~Currently in my last year of school, so replies might be more delayed~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#14 shoot259

shoot259
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:canada, under your bed
  • Local time:07:31 AM

Posted 27 June 2014 - 09:45 AM

i do need help still, i'm just trying to get that ESET thing to work



#15 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,015 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:11:31 AM

Posted 27 June 2014 - 10:41 AM

Hi shoot259,

 

If you are having trouble with ESET then we can try another program instead.

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

~Currently in my last year of school, so replies might be more delayed~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users