Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by A Lamar (administrator) on HP on 04-04-2014 03:27:21
Running from C:\Users\A Lamar\Desktop
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
==================== Processes (Whitelisted) =================
(Webroot) C:\Program Files\Webroot\WRSA.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(AdFender, Inc.) C:\Program Files (x86)\AdFender\AdFender.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
(j2 Global Communications, Inc.) C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Just Great Software) C:\Program Files\Just Great Software\EditPad Lite 7\EditPadLite7.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(freefilesync.sourceforge.net) C:\Program Files\FreeFileSync\FreeFileSync.exe
(freefilesync.sourceforge.net) C:\Program Files\FreeFileSync\Bin\FreeFileSync_x64.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [37888 2012-08-10] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.)
HKLM\...\Run: [Classic Start Menu] - C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM-x32\...\Run: [BtTray] - c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [363520 2012-07-27] (IVT Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [WRSVC] - C:\Program Files\Webroot\WRSA.exe [766040 2014-03-26] (Webroot)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-11-02] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2012-01-16] (Apple Inc.)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ContentTransferWMDetector.exe] - C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe [583016 2009-11-19] (Sony Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [eFax 4.4] - C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe [95744 2012-08-29] (j2 Global Communications, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\.DEFAULT\...\Policies\system: [DisableCMD] 0
HKU\.DEFAULT\...\Policies\system: [NoDispAppearancePage] 0
HKU\.DEFAULT\...\Policies\system: [NoDispBackgroundPage] 0
HKU\.DEFAULT\...\Policies\system: [NoDispSettingsPage] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFind] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFile] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideClock] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDFSTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoLogoff] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoHardwareTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [457728 2013-11-14] (Microsoft Corporation)
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Run: [eFax 4.4] - C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe [95744 2012-08-29] (j2 Global Communications, Inc.)
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Run: [Amazon Cloud Player] - C:\Users\White\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3140608 2014-01-14] ()
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Run: [WordWeb] - C:\Program Files (x86)\WordWeb\wweb32.exe [77056 2013-05-16] (WordWeb Software)
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Run: [TWC.Win7] - C:\Program Files (x86)\The Weather Channel\Desktop Weather\TWC.Win7.exe [47616 2014-02-24] ()
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Run: [GoogleChromeAutoLaunch_7F95AED034661DEE360CF71A9EEB50EF] - C:\Users\White\AppData\Local\Torch\Application\torch.exe [884224 2014-03-27] (Torch Media Inc.)
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1001\...\MountPoints2: {d2a5b9ec-23a2-11ff-be6d-689423099ede} - "J:\LaunchU3.exe"
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Run: [EPLTarget\P0000000000000000] - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE [239488 2011-04-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-4128554873-3097705083-3195864600-1004\...\MountPoints2: {d2a5b9ec-23a2-11ff-be6d-689423099ede} - "J:\LaunchU3.exe"
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Webroot Filtering Extension - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Freecorder extension - {B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} - C:\Program Files (x86)\Freecorder extension\ScriptHost.dll (Applian Technologies Inc.)
BHO-x32: Webroot Filtering Extension - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\windows\SysWow64\skype4com.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default
FF Homepage: google.com
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @meadco.com/neptune plugin,version=2.0.0.29 - C:\PROGRA~2\MEADCO~1\npmeadax.dll (MeadCo Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin - C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll (Simon Bünzli)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: TorchVLC - C:\Users\White\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: pcpitstop.com/PCMaticPlugin - C:\Users\A Lamar\AppData\Roaming\PCPitstop\PC Matic Plugin\1.0.0.1\npPCMaticPlugin.1.0.0.1.dll (PC Pitstop LLC)
FF Extension: FlashFirebug - C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\Extensions\flashfirebug@o-minds.com [2014-04-01]
FF Extension: DownloadHelper - C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: CSHelper - C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\Extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473} [2014-04-01]
FF Extension: anonymoX - C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\Extensions\client@anonymox.net.xpi [2014-01-03]
FF Extension: CommentBlocker - C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\Extensions\commentblocker@xertoz.se.xpi [2014-04-01]
FF Extension: Ghostery - C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\Extensions\firefox@ghostery.com.xpi [2014-04-01]
FF Extension: Test Pilot - C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\Extensions\testpilot@labs.mozilla.com.xpi [2014-01-03]
FF Extension: translator - C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\Extensions\translator@dontfollowme.net.xpi [2014-01-03]
FF Extension: FlashGot - C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2014-04-01]
FF Extension: Yahoo! Mail Notifier - C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\Extensions\{89f8dde0-010a-11da-8cd6-0800200c9a66}.xpi [2014-01-03]
FF Extension: Adblock Plus - C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-03]
FF Extension: FusionCash Toolbar - C:\Users\A Lamar\AppData\Roaming\Mozilla\Firefox\Profiles\cfr080di.default\Extensions\{ef914f7f-701e-b874-85f8-9a53e30326d5}.xpi [2014-01-03]
FF HKLM-x32\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer
FF Extension: Webroot Filtering Extension - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2014-02-13]
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-03]
CHR Extension: (Google Drive) - C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-03]
CHR Extension: (YouTube) - C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-03]
CHR Extension: (Adblock Plus) - C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-03]
CHR Extension: (Google Search) - C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-03]
CHR Extension: (Freecorder) - C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm [2014-04-01]
CHR Extension: (Webroot Filtering Extension) - C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2014-03-05]
CHR Extension: (CommentBlocker) - C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhkjhnbkeibefoijmacgnnkddlkkmjaf [2014-03-22]
CHR Extension: (Google Wallet) - C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-03]
CHR Extension: (Gmail) - C:\Users\A Lamar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-03]
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.0.0.26.crx [2014-02-13]
CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\WordWeb\wcxChrome.crx [2014-01-30]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1544192 2012-07-23] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-07-10] (IVT Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S2 TorchCrashHandler; C:\Users\A Lamar\AppData\Local\Torch\Update\TorchCrashHandler.exe [1216520 2014-03-21] (TorchMedia Inc.)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [107624 2014-03-29] (RaMMicHaeL)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-12-23] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [766040 2014-03-26] (Webroot)
S2 HPConnectedRemote; No ImagePath
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg;
U4 BthHFEnum;
U4 bthhfhid;
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48352 2012-07-11] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 debutfilter; C:\Windows\system32\DRIVERS\debutfilterx64.sys [33488 2013-12-24] ()
S3 hpvision; C:\Windows\System32\drivers\hp64vision.sys [26912 2013-02-08] (Windows ® Codename Longhorn DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-23] (Microsoft Corporation)
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36568 2013-09-30] (IObit)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [24744 2013-12-18] (Audials AG)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-23] (Microsoft Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 VNUSB; C:\Windows\System32\Drivers\VNUSB.sys [22528 2009-09-29] (OLYMPUS IMAGING CORP.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [115168 2014-03-26] (Webroot)
U0 SR;
U2 srservice;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2038-09-13 09:42 - 2038-09-13 09:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1413375.txt
2038-09-13 09:42 - 2038-09-13 09:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1412921.txt
2038-09-13 09:41 - 2038-09-13 09:41 - 00000000 ____D () C:\Users\White\AppData\Roaming\Macromedia
2038-09-13 09:40 - 2038-09-13 09:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1323015.txt
2038-09-13 09:40 - 2014-04-03 14:32 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4128554873-3097705083-3195864600-1001
2038-09-13 09:36 - 2038-09-13 09:36 - 00000000 ____D () C:\ProgramData\Recovery
2038-09-13 09:34 - 2038-09-13 09:34 - 00000117 _____ () C:\WINDOWS\system32\netcfg-955531.txt
2038-09-13 09:34 - 2038-09-13 09:34 - 00000117 _____ () C:\WINDOWS\system32\netcfg-952843.txt
2038-09-13 09:34 - 2038-09-13 09:34 - 00000117 _____ () C:\WINDOWS\system32\netcfg-952812.txt
2038-09-13 09:34 - 2038-09-13 09:34 - 00000117 _____ () C:\WINDOWS\system32\netcfg-952703.txt
2038-09-13 09:34 - 2038-09-13 09:34 - 00000117 _____ () C:\WINDOWS\system32\netcfg-950343.txt
2038-09-13 09:24 - 2038-09-13 09:24 - 00000000 ____D () C:\Users\White\Documents\CyberLink
2038-09-13 09:24 - 2014-02-27 18:26 - 00000000 ____D () C:\Users\White\Documents\Naturalsoft
2038-09-13 09:24 - 2014-02-18 07:06 - 00000000 ____D () C:\Users\White\Documents\VHS to DVD
2038-09-13 09:24 - 2014-01-17 07:17 - 00000000 ____D () C:\Users\White\Documents\Virtual Machines
2038-09-13 09:24 - 2013-11-06 06:11 - 00000000 ____D () C:\Users\White\Documents\My CamStudio Temp Files
2038-09-13 09:24 - 2013-10-30 02:39 - 00000000 ____D () C:\Users\White\Documents\VideoPad Projects
2038-09-13 09:23 - 2014-04-02 17:43 - 00000000 ____D () C:\Users\White\AppData\Roaming\Hewlett-Packard
2038-09-13 09:22 - 2014-04-03 01:07 - 00000000 ____D () C:\Users\White\Documents\ConvertXtoDVD
2038-09-13 09:22 - 2013-11-06 08:19 - 00002326 _____ () C:\Users\White\Documents\My Movie.wlmp
2038-09-13 09:21 - 2038-09-13 09:21 - 00003902 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3C6296C1-DDF5-4314-8E7A-E313A6DB753F}
2038-09-13 09:21 - 2038-09-13 09:21 - 00000117 _____ () C:\WINDOWS\system32\netcfg-184906.txt
2038-09-13 09:21 - 2038-09-13 09:21 - 00000000 ____D () C:\Users\White\Documents\Bluetooth
2038-09-13 09:21 - 2038-09-13 09:21 - 00000000 ____D () C:\Users\White\AppData\Local\Power2Go8
2038-09-13 09:21 - 2014-03-22 07:55 - 00000000 ___RD () C:\Users\White\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2038-09-13 09:21 - 2014-03-22 07:55 - 00000000 ___RD () C:\Users\White\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2038-09-13 09:21 - 2014-01-17 09:44 - 00000000 ____D () C:\Users\White\AppData\Local\bluesoleil
2038-09-13 09:21 - 2013-12-24 02:55 - 00000000 ____D () C:\Users\White\AppData\Roaming\Adobe
2038-09-13 09:21 - 2013-12-23 19:37 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2038-09-13 09:20 - 2038-09-13 09:20 - 00000117 _____ () C:\WINDOWS\system32\netcfg-90359.txt
2038-09-13 09:20 - 2014-04-02 15:07 - 00000000 ____D () C:\Users\White\AppData\Local\VirtualStore
2038-09-13 09:20 - 2014-01-15 08:43 - 00000000 ___HD () C:\Users\White\Documents\hp.system.package.metadata
2038-09-13 09:20 - 2014-01-08 13:40 - 00000000 ____D () C:\Users\White\AppData\Local\Packages
2038-09-13 07:59 - 2038-09-13 07:59 - 00000142 _____ () C:\WINDOWS\system32\netcfg-138625.txt
2038-09-13 07:57 - 2038-09-13 07:57 - 00018630 _____ () C:\WINDOWS\system32\results.xml
2038-09-13 07:57 - 2014-04-04 03:11 - 00004524 _____ () C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2038-09-13 07:57 - 2014-04-02 21:22 - 00000043 _____ () C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2038-09-13 07:55 - 2038-09-13 07:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1340343.txt
2038-09-13 07:55 - 2038-09-13 07:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1335187.txt
2038-09-13 07:54 - 2038-09-13 07:54 - 00000000 ____D () C:\Users\Public\Symantec
2038-09-13 07:54 - 2038-09-13 07:54 - 00000000 ____D () C:\Program Files (x86)\SymSilent
2038-09-13 07:54 - 2014-03-30 12:22 - 00000000 ____D () C:\ProgramData\Norton
2038-09-13 07:54 - 2013-12-23 21:01 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2038-09-13 07:54 - 2013-12-23 19:36 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2038-09-13 07:54 - 2013-12-23 17:01 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2038-09-13 07:53 - 2038-09-13 09:21 - 00000000 ___RD () C:\Program Files\Online Services
2038-09-13 07:53 - 2013-12-23 19:29 - 00000000 ____D () C:\WINDOWS\en
2038-09-13 07:52 - 2038-09-13 07:52 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2038-09-13 07:52 - 2038-09-13 07:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2038-09-13 07:52 - 2009-09-04 20:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2038-09-13 07:52 - 2009-09-04 20:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2038-09-13 07:52 - 2009-09-04 20:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2038-09-13 07:52 - 2009-09-04 20:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2038-09-13 07:52 - 2006-11-29 16:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2038-09-13 07:52 - 2006-11-29 16:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2038-09-13 07:50 - 2038-09-13 07:50 - 00029480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2038-09-13 07:46 - 2012-06-25 13:24 - 00092536 _____ (CyberLink) C:\WINDOWS\system32\Drivers\CLVirtualDrive.sys
2038-09-13 07:45 - 2038-09-13 07:45 - 00000000 ____D () C:\Program Files\Bonjour
2038-09-13 07:45 - 2038-09-13 07:45 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2038-09-13 07:45 - 2013-12-24 08:25 - 00000000 ____D () C:\ProgramData\Apple
2038-09-13 07:45 - 2012-08-08 02:21 - 00377344 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpbrprtmon.dll
2038-09-13 07:45 - 2012-08-08 02:18 - 00170496 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpbprtmonui.dll
2038-09-13 07:45 - 2012-08-08 01:22 - 00355840 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpbprtmon.dll
2038-09-13 07:43 - 2038-09-13 09:21 - 00000000 ___RD () C:\Program Files (x86)\Online Services
2038-09-13 07:43 - 2038-09-13 07:45 - 00000000 ____D () C:\ProgramData\install_clap
2038-09-13 07:43 - 2014-04-03 00:23 - 00000000 ____D () C:\ProgramData\CyberLink
2038-09-13 07:43 - 2014-04-01 05:40 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2038-09-13 07:42 - 2014-03-25 13:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2038-09-13 07:41 - 2038-09-13 07:41 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Hewlett-Packard
2038-09-13 07:41 - 2010-03-01 17:59 - 00024376 _____ () C:\WINDOWS\system32\Drivers\cpqdfw.sys
2038-09-13 07:40 - 2038-09-13 07:40 - 00000000 ____D () C:\ProgramData\{AFF99647-6D64-46F2-934A-F12F468037F6}
2038-09-13 07:39 - 2038-09-13 07:39 - 00000318 _____ () C:\WINDOWS\system32\netcfg-390500.txt
2038-09-13 07:39 - 2038-09-13 07:39 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_BtL2caScoIf_01009.Wdf
2038-09-13 07:39 - 2038-09-13 07:39 - 00000000 ____D () C:\ProgramData\Ralink Driver
2038-09-13 07:39 - 2013-12-21 19:24 - 00002901 _____ () C:\WINDOWS\system32\RaCoInst.log
2038-09-13 07:38 - 2038-09-13 07:38 - 00001100 _____ () C:\WINDOWS\system32\netcfg-339656.txt
2038-09-13 07:38 - 2038-09-13 07:38 - 00000161 _____ () C:\WINDOWS\system32\netcfg-340406.txt
2038-09-13 07:38 - 2038-09-13 07:38 - 00000000 ____D () C:\Program Files (x86)\Ralink Corporation
2038-09-13 07:38 - 2038-09-13 07:38 - 00000000 _____ () C:\WINDOWS\system32\0
2038-09-13 07:37 - 2038-09-13 07:37 - 00000000 ____D () C:\ProgramData\Intel
2038-09-13 07:37 - 2038-09-13 07:37 - 00000000 ____D () C:\Program Files\IDT
2038-09-13 07:37 - 2014-04-01 07:29 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2038-09-13 07:36 - 2038-09-13 07:54 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2038-09-13 07:36 - 2038-09-13 07:36 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2038-09-13 07:36 - 2014-04-01 07:34 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2038-09-13 07:36 - 2011-08-23 16:52 - 00117248 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPMUIDir.exe
2038-09-13 07:35 - 2038-09-13 09:21 - 00000000 __RSH () C:\WINDOWS\SysWOW64\Drivers\103C_HP_cPC_h8-1410_Y53316J_0U_Q4CE2370G93_E12NA3RR8605_4A_I2AD5_SPEGATRON CORPORATION_V1.03_B8.18_T130318_W8101-0_L409_M8059_J2000_7Intel_86A9_93.00_#380913_N19691091;18143290_Z_G80860152_Ohp DVD-RAM SW810.MRK
2038-09-13 07:35 - 2038-09-13 09:21 - 00000000 __RSH () C:\WINDOWS\system32\Drivers\103C_HP_cPC_h8-1410_Y53316J_0U_Q4CE2370G93_E12NA3RR8605_4A_I2AD5_SPEGATRON CORPORATION_V1.03_B8.18_T130318_W8101-0_L409_M8059_J2000_7Intel_86A9_93.00_#380913_N19691091;18143290_Z_G80860152_Ohp DVD-RAM SW810.MRK
2038-09-13 07:34 - 2038-09-13 07:34 - 00000117 _____ () C:\WINDOWS\system32\netcfg-97406.txt
2038-09-13 07:34 - 2038-09-13 07:34 - 00000117 _____ () C:\WINDOWS\system32\netcfg-97375.txt
2038-09-13 07:33 - 2038-09-13 07:33 - 00001027 _____ () C:\WINDOWS\system32\netcfg-38765.txt
2038-09-13 07:33 - 2038-09-13 07:33 - 00000117 _____ () C:\WINDOWS\system32\netcfg-33265.txt
2038-09-13 07:33 - 2038-09-13 07:33 - 00000117 _____ () C:\WINDOWS\system32\netcfg-28359.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00001136 _____ () C:\WINDOWS\system32\netcfg-47015.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00001136 _____ () C:\WINDOWS\system32\netcfg-33125.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000197 _____ () C:\WINDOWS\system32\netcfg-47781.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000185 _____ () C:\WINDOWS\system32\netcfg-36093.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000164 _____ () C:\WINDOWS\system32\netcfg-32687.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000161 _____ () C:\WINDOWS\system32\netcfg-35812.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000160 _____ () C:\WINDOWS\system32\netcfg-35609.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000160 _____ () C:\WINDOWS\system32\netcfg-34921.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000160 _____ () C:\WINDOWS\system32\netcfg-32453.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000159 _____ () C:\WINDOWS\system32\netcfg-35093.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000157 _____ () C:\WINDOWS\system32\netcfg-35359.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000157 _____ () C:\WINDOWS\system32\netcfg-32812.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000150 _____ () C:\WINDOWS\system32\netcfg-34703.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000000 ____D () C:\Program Files\Common Files\Intel
2038-09-13 07:32 - 2013-12-23 19:31 - 00000000 ____D () C:\ProgramData\SoundResearch
2038-09-13 07:32 - 2012-08-10 04:34 - 06085632 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2038-09-13 07:32 - 2012-08-10 04:34 - 01425408 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2038-09-13 07:32 - 2012-08-10 04:33 - 01821184 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl
2038-09-13 07:32 - 2012-08-10 04:32 - 00224256 _____ (IDT, Inc.) C:\WINDOWS\system32\HPToneCtrls64.dll
2038-09-13 07:32 - 2012-08-10 04:32 - 00037888 _____ (Hewlett-Packard ) C:\WINDOWS\system32\Beats64.exe
2014-04-04 03:10 - 2014-04-04 03:10 - 00001215 _____ () C:\Users\A Lamar\Desktop\my post 2.txt
2014-04-04 03:03 - 2014-04-04 03:03 - 00000368 _____ () C:\Users\A Lamar\Desktop\Stephen_F_Austin_vs_VCU_Game_203_1850_662d7e873cdbc82d_p_Seg1_Frag232574743
2014-04-04 02:51 - 2014-04-04 02:51 - 00000000 ____D () C:\Users\White\AppData\Roaming\KeePass
2014-04-04 02:34 - 2014-04-04 02:50 - 00000000 ____D () C:\Users\White\AppData\Roaming\FLV Extract
2014-04-04 02:30 - 2014-04-03 23:45 - 1249141143 _____ () C:\Users\White\Desktop\2014 gonz vs ok st rd 2 mm (adobe hds downloader test).flv
2014-04-03 23:44 - 2014-04-04 01:25 - 00106496 ___SH () C:\Users\White\Downloads\Thumbs.db
2014-04-03 12:40 - 2014-04-03 12:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-03 01:21 - 2014-04-03 01:21 - 00000000 ____D () C:\Users\White\AppData\Roaming\WebApp
2014-04-03 01:18 - 2014-04-03 01:18 - 00000000 ____D () C:\Users\White\AppData\Local\Cyberlink
2014-04-03 01:12 - 2014-04-03 01:26 - 00000000 ____D () C:\Users\White\AppData\Roaming\Balabolka
2014-04-03 01:12 - 2014-04-03 01:12 - 00000000 ____D () C:\Users\White\Documents\Balabolka
2014-04-03 00:22 - 2014-04-03 01:18 - 00000000 ____D () C:\Users\White\AppData\Roaming\CyberLink
2014-04-03 00:00 - 2014-04-03 00:00 - 00000000 ____D () C:\Users\White\AppData\Local\Windows Live
2014-04-03 00:00 - 2014-04-03 00:00 - 00000000 ____D () C:\Users\White\AppData\Local\{6D6A07B6-366D-4773-AFF1-3864F0793073}
2014-04-02 17:42 - 2014-04-02 17:42 - 00002234 _____ () C:\Users\White\AppData\Roaming\Microsoft\Windows\Start Menu\Google Earth.lnk
2014-04-02 17:41 - 2014-04-03 23:16 - 00000000 ____D () C:\Users\White\Desktop\New folder
2014-04-02 15:08 - 2014-04-02 23:28 - 00004258 _____ () C:\WINDOWS\System32\Tasks\FREE FILE SYNC EVERY 5 MIN UNATTENDED BACKUP
2014-04-02 14:05 - 2014-04-02 19:16 - 00000000 ____D () C:\Users\White\AppData\Roaming\FreeFileSync
2014-04-02 13:17 - 2014-04-02 13:17 - 00000000 ____D () C:\Program Files\FreeFileSync
2014-04-02 13:15 - 2014-04-02 13:15 - 00000000 ____D () C:\Users\White\AppData\Roaming\SumatraPDF
2014-04-02 12:37 - 2014-04-02 12:37 - 00002387 _____ () C:\Users\White\Desktop\Torch DE3IK FB -.lnk
2014-04-02 12:13 - 2014-04-04 03:03 - 00000368 _____ () C:\Users\A Lamar\Desktop\Stephen_F_Austin_vs_VCU_Game_203_1850_662d7e873cdbc82d_p_Seg1_Frag232574742
2014-04-02 12:08 - 2014-04-02 12:10 - 00000000 ____D () C:\Users\A Lamar\Desktop\User Data
2014-04-02 11:53 - 2014-04-03 01:29 - 00002387 _____ () C:\Users\White\Desktop\Torch DE3IK GV -.lnk
2014-04-02 11:53 - 2014-04-02 11:54 - 00001449 _____ () C:\Users\White\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
2014-04-02 11:53 - 2014-04-02 11:53 - 00000000 ____D () C:\Users\White\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch
2014-04-02 11:51 - 2014-04-02 11:53 - 00000000 ____D () C:\Users\White\AppData\Local\Torch
2014-04-02 11:49 - 2038-09-13 07:53 - 00002269 _____ () C:\Users\White\Desktop\eBay.lnk
2014-04-02 11:49 - 2014-04-02 12:25 - 00002277 _____ () C:\Users\White\Desktop\Facebook.lnk
2014-04-02 11:49 - 2014-04-02 12:25 - 00002273 _____ () C:\Users\White\Desktop\Youtube.lnk
2014-04-02 11:49 - 2014-03-30 06:50 - 00000931 _____ () C:\Users\White\Desktop\Balabolka.lnk
2014-04-02 11:49 - 2014-03-30 03:30 - 00000988 _____ () C:\Users\White\Desktop\Audials 11.lnk
2014-04-02 11:49 - 2014-03-29 23:13 - 00001069 _____ () C:\Users\White\Desktop\KeePass.lnk
2014-04-02 11:49 - 2014-03-29 19:37 - 00001358 _____ () C:\Users\White\Desktop\PROCESS EXPLORER (TASK MANAGER ALTERNATIVE) - Shortcut.lnk
2014-04-02 11:49 - 2014-03-29 17:56 - 00001177 _____ () C:\Users\White\Desktop\PDF Shaper.lnk
2014-04-02 11:49 - 2014-03-25 04:12 - 00000810 _____ () C:\Users\White\Desktop\Speccy.lnk
2014-04-02 11:49 - 2014-02-05 09:35 - 00001202 _____ () C:\Users\White\Desktop\IObit Unlocker.lnk
2014-04-01 22:31 - 2014-04-01 22:31 - 00000000 ____D () C:\Users\White\AppData\Roaming\MPC-HC
2014-04-01 14:42 - 2014-04-01 14:42 - 00000000 ____D () C:\Users\A Lamar\Documents\StreamTransport
2014-04-01 14:33 - 2014-04-01 14:34 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\HandBrake
2014-04-01 12:41 - 2014-04-01 12:41 - 00000000 _____ () C:\Users\A Lamar\mm_backup.cfg
2014-04-01 12:00 - 2014-04-01 12:00 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\MPC-HC
2014-04-01 11:49 - 2000-08-23 17:00 - 00033280 _____ (Disappearing Inc.) C:\WINDOWS\system32\HUFFYUV.DLL
2014-04-01 11:22 - 2014-04-04 03:27 - 00036155 _____ () C:\Users\A Lamar\Desktop\FRST.txt
2014-04-01 11:22 - 2014-04-01 11:23 - 00039308 _____ () C:\Users\A Lamar\Desktop\Addition.txt
2014-04-01 11:17 - 2014-04-01 12:01 - 00000408 _____ () C:\Users\A Lamar\AppData\Roaming\CamShapes.ini
2014-04-01 11:17 - 2014-04-01 12:01 - 00000408 _____ () C:\Users\A Lamar\AppData\Roaming\CamLayout.ini
2014-04-01 11:17 - 2014-04-01 12:01 - 00000249 _____ () C:\Users\A Lamar\AppData\Roaming\Camdata.ini
2014-04-01 11:17 - 2012-07-21 07:54 - 00122880 _____ (fccHandler) C:\WINDOWS\SysWOW64\is-07H84.tmp
2014-04-01 11:17 - 2011-06-24 11:45 - 00258560 _____ () C:\WINDOWS\system32\xvidvfw.dll
2014-04-01 11:17 - 2011-06-24 11:44 - 00243200 _____ () C:\WINDOWS\SysWOW64\xvidvfw.dll
2014-04-01 11:17 - 2011-06-24 11:31 - 00703488 _____ () C:\WINDOWS\system32\xvidcore.dll
2014-04-01 11:17 - 2011-06-24 11:28 - 00650752 _____ () C:\WINDOWS\SysWOW64\xvidcore.dll
2014-04-01 09:57 - 2014-04-02 09:34 - 00000000 ____D () C:\Program Files (x86)\Applian Technologies
2014-04-01 09:57 - 2014-04-01 09:57 - 00000000 ____D () C:\WINDOWS\Jaksta
2014-04-01 09:56 - 2014-04-02 09:34 - 00000000 ____D () C:\Program Files (x86)\Freecorder extension
2014-04-01 09:56 - 2014-04-01 09:56 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\freecorder
2014-04-01 08:07 - 2011-05-23 05:52 - 00153088 _____ () C:\WINDOWS\SysWOW64\xvid.ax
2014-04-01 08:00 - 2014-04-02 09:27 - 00014848 ___SH () C:\Users\A Lamar\Downloads\Thumbs.db
2014-04-01 06:32 - 2014-04-01 07:31 - 00000000 ____D () C:\Program Files (x86)\Hensence.com
2014-04-01 06:32 - 2014-04-01 06:32 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Hensense.com
2014-04-01 06:05 - 2014-04-02 12:22 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Media Player Classic
2014-04-01 04:09 - 2014-04-04 03:11 - 00000761 _____ () C:\Users\Public\Desktop\Webroot SecureAnywhere.lnk
2014-04-01 04:01 - 2013-11-13 23:41 - 00439296 _____ (Sendori) C:\WINDOWS\system32\plsapp64.dll
2014-04-01 01:58 - 2014-04-02 11:40 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\vlc
2014-04-01 01:58 - 2014-04-01 01:58 - 00000889 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-04-01 00:34 - 2014-04-01 00:34 - 00000204 _____ () C:\WINDOWS\SysWOW64\secustat.dat
2014-04-01 00:32 - 2014-04-01 00:40 - 00000000 ____D () C:\Program Files (x86)\FlashGet Network
2014-04-01 00:32 - 2014-04-01 00:34 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\FlashgetSetup
2014-04-01 00:32 - 2014-04-01 00:34 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\BITS
2014-04-01 00:32 - 2014-04-01 00:32 - 00001424 _____ () C:\Users\Eurceliakins\Desktop\FlashGet downloads.lnk
2014-04-01 00:32 - 2014-04-01 00:32 - 00000025 _____ () C:\WINDOWS\libem.INI
2014-03-31 23:44 - 2014-04-01 05:38 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\StreamTorrent
2014-03-31 22:59 - 2014-03-31 22:59 - 01005095 _____ () C:\Users\A Lamar\Desktop\QuarantineRestore_31032014225912.txt
2014-03-31 22:59 - 2014-03-31 17:07 - 00022787 _____ () C:\Users\A Lamar\Desktop\AdwCleaner[S0].txt
2014-03-31 22:49 - 2014-04-01 06:05 - 00000000 ____D () C:\Users\A Lamar\dwhelper
2014-03-31 17:46 - 2014-03-31 17:46 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\ABBYY
2014-03-31 17:16 - 2014-03-31 17:19 - 00002277 _____ () C:\Users\A Lamar\Desktop\Facebook.lnk
2014-03-31 17:16 - 2014-03-31 17:19 - 00002273 _____ () C:\Users\A Lamar\Desktop\Youtube.lnk
2014-03-31 17:16 - 2014-03-31 17:16 - 00000000 ____D () C:\ProgramData\TorchCrashHandler
2014-03-31 17:15 - 2014-03-31 22:57 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch
2014-03-31 17:13 - 2014-04-02 12:14 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\Torch
2014-03-31 17:09 - 2014-04-04 03:15 - 00000000 ____D () C:\FRST
2014-03-31 16:32 - 2014-03-31 16:32 - 02157056 _____ (Farbar) C:\Users\A Lamar\Desktop\FRST64.exe
2014-03-31 00:24 - 2014-04-01 04:27 - 00000000 ____D () C:\AdwCleaner
2014-03-31 00:23 - 2014-03-31 00:23 - 01950720 _____ () C:\Users\A Lamar\Desktop\AdwCleaner.exe
2014-03-30 23:10 - 2014-03-30 23:10 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mead & Company
2014-03-30 23:10 - 2014-03-30 23:10 - 00000000 ____D () C:\Program Files (x86)\MeadCo Neptune
2014-03-30 23:00 - 2014-03-30 23:00 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\PCPitstop
2014-03-30 22:59 - 2014-03-30 22:59 - 00761856 _____ () C:\Users\A Lamar\Desktop\PCMaticPlugin.msi
2014-03-30 22:11 - 2014-03-30 22:11 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\QuickScan
2014-03-30 21:26 - 2014-03-30 21:26 - 00002397 _____ () C:\Users\A Lamar\Desktop\DE3IK FB - Torch.lnk
2014-03-30 21:01 - 2014-03-30 21:01 - 00000305 _____ () C:\Users\A Lamar\Desktop\ClickClean-v8.3-Options.json
2014-03-30 20:24 - 2014-03-30 20:24 - 00002397 _____ () C:\Users\A Lamar\Desktop\DE3IK GV - Torch.lnk
2014-03-30 17:50 - 2014-03-30 17:50 - 00000125 _____ () C:\Users\A Lamar\Desktop\POST.txt
2014-03-30 17:40 - 2014-03-30 17:40 - 00008301 _____ () C:\Users\A Lamar\Desktop\ESETScan.txt
2014-03-30 12:30 - 2014-03-30 12:30 - 02347384 _____ (ESET) C:\Users\A Lamar\Desktop\esetsmartinstaller_enu.exe
2014-03-30 12:30 - 2014-03-30 12:30 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-30 10:46 - 2014-03-30 10:46 - 00141713 _____ () C:\Users\A Lamar\Desktop\Malwarebytes Anti-Malware.txt
2014-03-30 10:02 - 2014-03-30 10:04 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-03-30 10:02 - 2014-03-30 10:02 - 00001080 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-30 10:02 - 2014-03-30 10:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-03-30 10:02 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-30 10:02 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-03-30 10:02 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-30 06:50 - 2014-03-30 06:50 - 00000000 ____D () C:\Users\A Lamar\Documents\Balabolka
2014-03-30 06:50 - 2014-03-30 06:50 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Balabolka
2014-03-30 06:50 - 2014-03-30 06:50 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Balabolka
2014-03-30 06:50 - 2014-03-30 06:50 - 00000000 ____D () C:\Program Files (x86)\Balabolka
2014-03-30 06:41 - 2014-03-30 06:49 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\SumatraPDF
2014-03-30 06:41 - 2014-03-30 06:41 - 00000000 ____D () C:\Program Files (x86)\SumatraPDF
2014-03-30 06:39 - 2014-03-30 06:39 - 00000000 ____D () C:\Users\A Lamar\Desktop\FileSample_CSV
2014-03-30 05:59 - 2014-03-30 05:59 - 00000017 _____ () C:\Users\A Lamar\AppData\Local\resmon.resmoncfg
2014-03-30 05:35 - 2014-04-02 09:36 - 00000000 ____D () C:\ProgramData\GlarySoft
2014-03-30 05:19 - 2014-03-31 23:01 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\DiskDefrag
2014-03-30 05:17 - 2014-04-02 09:36 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\GlarySoft
2014-03-30 04:38 - 2014-03-30 04:38 - 00001115 _____ () C:\Users\A Lamar\Desktop\SpywareBlaster.lnk
2014-03-30 04:33 - 2014-03-30 04:33 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2014-03-30 04:09 - 2014-03-30 04:09 - 00000000 ____D () C:\Users\A Lamar\Documents\StreamingStar
2014-03-30 03:29 - 2014-04-02 11:43 - 00000000 ____D () C:\Users\A Lamar\Desktop\SHORTCUTS
2014-03-30 00:48 - 2014-03-30 00:48 - 00000046 _____ () C:\WINDOWS\SysWOW64\DonationCoder_urlsnooper_InstallInfo.dat
2014-03-30 00:48 - 2014-03-30 00:48 - 00000000 ____D () C:\Users\A Lamar\Documents\DonationCoder
2014-03-30 00:48 - 2014-03-30 00:48 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\DonationCoder
2014-03-29 23:15 - 2014-03-29 23:15 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\KeePass
2014-03-29 23:13 - 2014-03-29 23:13 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe
2014-03-29 19:59 - 2014-03-29 19:59 - 00000997 _____ () C:\Users\Public\Desktop\Unchecky.lnk
2014-03-29 19:59 - 2014-03-29 19:59 - 00000000 ____D () C:\Program Files (x86)\Unchecky
2014-03-29 19:39 - 2014-03-30 05:42 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\Comodo
2014-03-29 19:39 - 2014-03-30 04:33 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Comodo
2014-03-29 19:39 - 2014-03-30 04:33 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-03-29 19:38 - 2014-03-29 19:38 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2014-03-29 18:57 - 2014-03-31 17:19 - 00001457 _____ () C:\Users\A Lamar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
2014-03-29 18:13 - 2014-03-31 18:05 - 00000024 _____ () C:\Users\A Lamar\AppData\Local\pdfshaper.ini
2014-03-29 18:00 - 2014-03-29 18:13 - 00000134 _____ () C:\Users\A Lamar\AppData\Roaming\PDFShaper.ini
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 ____D () C:\Program Files (x86)\Glorylogic
2014-03-29 16:58 - 2014-04-02 12:22 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Azureus
2014-03-29 16:58 - 2014-03-29 16:58 - 00000000 ____D () C:\ProgramData\Azureus
2014-03-29 16:56 - 2014-03-29 16:57 - 00006948 _____ () C:\Users\A Lamar\Desktop\error.log
2014-03-29 16:55 - 2014-03-29 16:55 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Oracle
2014-03-29 16:54 - 2014-03-29 16:54 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-03-29 16:54 - 2014-03-29 16:54 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-03-29 16:54 - 2014-03-29 16:54 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-03-29 16:54 - 2014-03-29 16:54 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-03-29 16:54 - 2014-03-29 16:54 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-28 17:35 - 2014-03-31 18:36 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\CutePDF Writer
2014-03-26 15:18 - 2014-03-26 15:18 - 00000000 ____D () C:\Users\White\AppData\Roaming\Real
2014-03-25 12:24 - 2014-03-25 12:24 - 00334223 _____ () C:\Users\A Lamar\Desktop\CBS.zip
2014-03-25 08:07 - 2014-03-25 08:07 - 11204416 _____ () C:\Users\A Lamar\Desktop\CBS.log
2014-03-25 06:56 - 2014-03-25 06:56 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\Intel_Corporation
2014-03-25 04:12 - 2014-03-25 04:12 - 00000000 ____D () C:\Program Files\Speccy
2014-03-25 01:02 - 2014-03-30 05:49 - 00003304 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4128554873-3097705083-3195864600-1004
2014-03-25 01:02 - 2014-03-29 23:39 - 00003354 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4128554873-3097705083-3195864600-1004
2014-03-25 01:01 - 2014-03-25 01:01 - 00201800 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\rmoc3260.dll
2014-03-25 01:00 - 2014-03-30 04:43 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Real
2014-03-25 01:00 - 2014-03-30 04:43 - 00000000 ____D () C:\Program Files (x86)\Real
2014-03-25 00:51 - 2014-03-30 04:43 - 00000000 ____D () C:\ProgramData\Real
2014-03-24 21:43 - 2014-02-22 08:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-24 21:43 - 2014-02-22 07:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-03-24 20:15 - 2014-03-13 12:41 - 23002558 _____ () C:\Users\A Lamar\CbsPersist_20140313164805.log
2014-03-24 19:59 - 2014-03-24 19:59 - 00001141 _____ () C:\Users\A Lamar\Desktop\FastStone Image Viewer.lnk
2014-03-23 01:18 - 2014-03-30 05:48 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Orbit
2014-03-23 01:18 - 2014-03-23 01:18 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\ProgSense
2014-03-23 01:18 - 2014-03-23 01:18 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\GrabPro
2014-03-23 00:02 - 2014-03-23 00:02 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\RapidSolution
2014-03-23 00:02 - 2014-03-23 00:02 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\CrashRpt
2014-03-22 17:10 - 2014-03-22 17:16 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\WORDsearch Basic 10
2014-03-22 17:10 - 2014-03-22 17:10 - 00001179 _____ () C:\Users\A Lamar\Desktop\WORDsearch Basic.lnk
2014-03-22 17:10 - 2014-03-22 17:10 - 00000000 ____D () C:\Users\A Lamar\Documents\WORDsearch
2014-03-22 05:44 - 2014-03-25 11:58 - 00064158 _____ () C:\Users\A
2014-03-22 04:16 - 2014-03-22 04:16 - 00004017 _____ () C:\Users\A Lamar\Desktop\RKreport[0]_D_03222014_041616.txt
2014-03-22 04:14 - 2014-03-22 04:14 - 00003821 _____ () C:\Users\A Lamar\Desktop\RKreport[0]_S_03222014_041456.txt
2014-03-21 21:13 - 2014-03-21 21:13 - 00003787 _____ () C:\Users\A Lamar\Desktop\RKreport[0]_S_03212014_211352.txt
2014-03-21 21:11 - 2014-03-21 21:11 - 00003754 _____ () C:\Users\A Lamar\Desktop\RKreport[0]_S_03212014_211107.txt
2014-03-21 21:08 - 2014-03-22 04:16 - 00000000 ____D () C:\Users\A Lamar\Desktop\RK_Quarantine
2014-03-20 04:23 - 2014-03-20 04:23 - 03901952 _____ () C:\Users\A Lamar\Desktop\RogueKiller.exe
2014-03-19 19:54 - 2014-03-19 19:54 - 00000000 ____D () C:\_OTL
2014-03-18 15:50 - 2014-03-13 20:08 - 00602112 _____ (OldTimer Tools) C:\Users\White\Desktop\OTL.exe
2014-03-18 13:38 - 2014-03-18 13:38 - 04745728 _____ (AVAST Software) C:\Users\White\Desktop\aswMBR.exe
2014-03-18 13:38 - 2014-03-18 13:38 - 00987442 _____ () C:\Users\White\Desktop\SecurityCheck.exe
2014-03-18 11:09 - 2014-01-07 21:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-18 11:09 - 2014-01-07 21:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-18 11:09 - 2014-01-07 21:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-18 11:09 - 2014-01-04 11:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-18 11:09 - 2014-01-04 11:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-18 11:09 - 2014-01-04 10:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-18 11:09 - 2014-01-04 09:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-18 11:09 - 2014-01-02 19:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-18 11:09 - 2014-01-02 19:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-18 11:09 - 2013-12-31 21:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-18 11:09 - 2013-12-31 21:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-18 11:09 - 2013-12-31 20:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-18 11:09 - 2013-12-31 20:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-18 11:09 - 2013-12-31 19:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-18 11:09 - 2013-12-31 19:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-18 11:09 - 2013-12-31 19:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-18 11:09 - 2013-12-30 19:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-18 11:09 - 2013-12-30 19:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-18 11:09 - 2013-12-30 19:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-18 11:09 - 2013-12-30 19:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-18 11:09 - 2013-12-30 19:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-18 11:09 - 2013-12-27 11:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-18 11:09 - 2013-12-27 04:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-18 11:09 - 2013-12-27 04:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-18 11:09 - 2013-12-27 04:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-18 11:09 - 2013-12-27 03:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-18 11:09 - 2013-12-27 03:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-18 11:09 - 2013-12-27 02:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-18 11:09 - 2013-12-21 03:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-18 11:09 - 2013-12-17 03:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-18 11:09 - 2013-12-14 02:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-18 11:09 - 2013-12-14 02:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-18 11:09 - 2013-12-13 06:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-18 11:09 - 2013-12-13 03:24 - 00121088 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys
2014-03-18 11:09 - 2013-12-13 02:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-18 11:09 - 2013-12-13 01:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-18 11:09 - 2013-12-09 04:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-18 11:09 - 2013-12-09 00:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-18 03:34 - 2014-03-18 03:34 - 00003166 _____ () C:\WINDOWS\System32\Tasks\SmartDefrag3_Startup
2014-03-18 03:34 - 2014-03-18 03:34 - 00003164 _____ () C:\WINDOWS\System32\Tasks\SmartDefrag3_Update
2014-03-15 06:12 - 2014-03-16 19:56 - 00262656 ___SH () C:\Users\White\Documents\Thumbs.db
2014-03-14 20:04 - 2014-03-14 20:04 - 00000885 _____ () C:\Users\White\Desktop\P - Shortcut.lnk
2014-03-13 20:40 - 2014-03-13 20:40 - 00014044 _____ () C:\Users\A Lamar\Desktop\hijackthis.log
2014-03-13 20:35 - 2014-03-13 20:35 - 00105472 _____ () C:\Users\A Lamar\Desktop\Extras.Txt
2014-03-13 20:34 - 2014-03-30 09:59 - 00232338 _____ () C:\Users\A Lamar\Desktop\OTL.Txt
2014-03-13 20:10 - 2014-03-13 20:10 - 00625664 _____ () C:\Users\A Lamar\Desktop\dds.scr
2014-03-13 20:09 - 2014-03-13 20:09 - 00388608 _____ (Trend Micro Inc.) C:\Users\A Lamar\Desktop\HiJackThis.exe
2014-03-13 20:08 - 2014-03-13 20:08 - 00602112 _____ (OldTimer Tools) C:\Users\A Lamar\Desktop\OTL.exe
2014-03-12 23:54 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-12 23:54 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-12 23:54 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-12 23:54 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-12 23:54 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-12 23:54 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-12 23:54 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-12 23:54 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-12 23:54 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-12 23:54 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-12 23:54 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-12 23:54 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-12 23:54 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-12 23:54 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-12 23:54 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-12 23:54 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-12 23:54 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-12 23:54 - 2014-02-10 23:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-12 23:54 - 2014-02-10 22:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-12 23:54 - 2014-02-10 22:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-12 23:54 - 2014-01-31 12:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-12 23:54 - 2014-01-31 12:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-12 23:54 - 2014-01-31 12:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-12 23:54 - 2014-01-31 09:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-12 23:54 - 2014-01-31 05:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-12 23:54 - 2014-01-29 05:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-12 23:54 - 2014-01-29 04:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-12 23:54 - 2014-01-29 04:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-12 23:54 - 2014-01-29 04:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-12 23:54 - 2014-01-29 04:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-12 23:54 - 2014-01-29 03:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-12 23:54 - 2014-01-29 03:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-12 23:54 - 2014-01-29 03:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-12 23:54 - 2014-01-29 02:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-12 23:54 - 2014-01-28 20:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-12 23:54 - 2014-01-27 15:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-12 23:54 - 2014-01-27 15:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-12 23:54 - 2014-01-27 15:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-12 23:54 - 2014-01-27 14:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-12 23:54 - 2014-01-27 14:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-12 23:54 - 2014-01-27 14:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-12 23:54 - 2014-01-27 14:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-12 23:54 - 2014-01-27 14:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-12 23:54 - 2014-01-27 13:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-12 23:54 - 2014-01-27 13:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-12 23:54 - 2014-01-27 13:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-12 23:54 - 2014-01-27 11:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-12 23:54 - 2014-01-27 11:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-12 23:54 - 2014-01-27 07:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-12 23:54 - 2014-01-17 19:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-12 23:54 - 2014-01-17 17:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-12 23:54 - 2013-12-21 10:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-12 23:54 - 2013-12-21 04:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-12 23:54 - 2013-12-20 06:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-12 23:54 - 2013-12-20 06:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-12 23:54 - 2013-10-30 20:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-12 23:54 - 2013-10-30 20:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-12 23:54 - 2013-10-30 20:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-11 05:25 - 2014-03-11 05:25 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\Apple
2014-03-11 05:22 - 2014-03-11 05:22 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\Apple Computer
2014-03-07 21:39 - 2014-03-07 21:39 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\IDT
==================== One Month Modified Files and Folders =======
2038-09-13 09:42 - 2038-09-13 09:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1413375.txt
2038-09-13 09:42 - 2038-09-13 09:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1412921.txt
2038-09-13 09:41 - 2038-09-13 09:41 - 00000000 ____D () C:\Users\White\AppData\Roaming\Macromedia
2038-09-13 09:41 - 2012-09-10 10:31 - 00000000 _RSHD () C:\hp
2038-09-13 09:40 - 2038-09-13 09:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1323015.txt
2038-09-13 09:36 - 2038-09-13 09:36 - 00000000 ____D () C:\ProgramData\Recovery
2038-09-13 09:34 - 2038-09-13 09:34 - 00000117 _____ () C:\WINDOWS\system32\netcfg-955531.txt
2038-09-13 09:34 - 2038-09-13 09:34 - 00000117 _____ () C:\WINDOWS\system32\netcfg-952843.txt
2038-09-13 09:34 - 2038-09-13 09:34 - 00000117 _____ () C:\WINDOWS\system32\netcfg-952812.txt
2038-09-13 09:34 - 2038-09-13 09:34 - 00000117 _____ () C:\WINDOWS\system32\netcfg-952703.txt
2038-09-13 09:34 - 2038-09-13 09:34 - 00000117 _____ () C:\WINDOWS\system32\netcfg-950343.txt
2038-09-13 09:24 - 2038-09-13 09:24 - 00000000 ____D () C:\Users\White\Documents\CyberLink
2038-09-13 09:21 - 2038-09-13 09:21 - 00003902 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3C6296C1-DDF5-4314-8E7A-E313A6DB753F}
2038-09-13 09:21 - 2038-09-13 09:21 - 00000117 _____ () C:\WINDOWS\system32\netcfg-184906.txt
2038-09-13 09:21 - 2038-09-13 09:21 - 00000000 ____D () C:\Users\White\Documents\Bluetooth
2038-09-13 09:21 - 2038-09-13 09:21 - 00000000 ____D () C:\Users\White\AppData\Local\Power2Go8
2038-09-13 09:21 - 2038-09-13 07:53 - 00000000 ___RD () C:\Program Files\Online Services
2038-09-13 09:21 - 2038-09-13 07:43 - 00000000 ___RD () C:\Program Files (x86)\Online Services
2038-09-13 09:21 - 2038-09-13 07:35 - 00000000 __RSH () C:\WINDOWS\SysWOW64\Drivers\103C_HP_cPC_h8-1410_Y53316J_0U_Q4CE2370G93_E12NA3RR8605_4A_I2AD5_SPEGATRON CORPORATION_V1.03_B8.18_T130318_W8101-0_L409_M8059_J2000_7Intel_86A9_93.00_#380913_N19691091;18143290_Z_G80860152_Ohp DVD-RAM SW810.MRK
2038-09-13 09:21 - 2038-09-13 07:35 - 00000000 __RSH () C:\WINDOWS\system32\Drivers\103C_HP_cPC_h8-1410_Y53316J_0U_Q4CE2370G93_E12NA3RR8605_4A_I2AD5_SPEGATRON CORPORATION_V1.03_B8.18_T130318_W8101-0_L409_M8059_J2000_7Intel_86A9_93.00_#380913_N19691091;18143290_Z_G80860152_Ohp DVD-RAM SW810.MRK
2038-09-13 09:21 - 2012-08-01 23:15 - 00000000 ____D () C:\SWSETUP
2038-09-13 09:21 - 2012-08-01 05:57 - 00000000 _RSHD () C:\SYSTEM.SAV
2038-09-13 09:20 - 2038-09-13 09:20 - 00000117 _____ () C:\WINDOWS\system32\netcfg-90359.txt
2038-09-13 07:59 - 2038-09-13 07:59 - 00000142 _____ () C:\WINDOWS\system32\netcfg-138625.txt
2038-09-13 07:57 - 2038-09-13 07:57 - 00018630 _____ () C:\WINDOWS\system32\results.xml
2038-09-13 07:55 - 2038-09-13 07:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1340343.txt
2038-09-13 07:55 - 2038-09-13 07:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1335187.txt
2038-09-13 07:54 - 2038-09-13 07:54 - 00000000 ____D () C:\Users\Public\Symantec
2038-09-13 07:54 - 2038-09-13 07:54 - 00000000 ____D () C:\Program Files (x86)\SymSilent
2038-09-13 07:54 - 2038-09-13 07:36 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2038-09-13 07:53 - 2014-04-02 11:49 - 00002269 _____ () C:\Users\White\Desktop\eBay.lnk
2038-09-13 07:52 - 2038-09-13 07:52 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2038-09-13 07:52 - 2038-09-13 07:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2038-09-13 07:50 - 2038-09-13 07:50 - 00029480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2038-09-13 07:45 - 2038-09-13 07:45 - 00000000 ____D () C:\Program Files\Bonjour
2038-09-13 07:45 - 2038-09-13 07:45 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2038-09-13 07:45 - 2038-09-13 07:43 - 00000000 ____D () C:\ProgramData\install_clap
2038-09-13 07:41 - 2038-09-13 07:41 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Hewlett-Packard
2038-09-13 07:40 - 2038-09-13 07:40 - 00000000 ____D () C:\ProgramData\{AFF99647-6D64-46F2-934A-F12F468037F6}
2038-09-13 07:39 - 2038-09-13 07:39 - 00000318 _____ () C:\WINDOWS\system32\netcfg-390500.txt
2038-09-13 07:39 - 2038-09-13 07:39 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_BtL2caScoIf_01009.Wdf
2038-09-13 07:39 - 2038-09-13 07:39 - 00000000 ____D () C:\ProgramData\Ralink Driver
2038-09-13 07:38 - 2038-09-13 07:38 - 00001100 _____ () C:\WINDOWS\system32\netcfg-339656.txt
2038-09-13 07:38 - 2038-09-13 07:38 - 00000161 _____ () C:\WINDOWS\system32\netcfg-340406.txt
2038-09-13 07:38 - 2038-09-13 07:38 - 00000000 ____D () C:\Program Files (x86)\Ralink Corporation
2038-09-13 07:38 - 2038-09-13 07:38 - 00000000 _____ () C:\WINDOWS\system32\0
2038-09-13 07:37 - 2038-09-13 07:37 - 00000000 ____D () C:\ProgramData\Intel
2038-09-13 07:37 - 2038-09-13 07:37 - 00000000 ____D () C:\Program Files\IDT
2038-09-13 07:36 - 2038-09-13 07:36 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2038-09-13 07:34 - 2038-09-13 07:34 - 00000117 _____ () C:\WINDOWS\system32\netcfg-97406.txt
2038-09-13 07:34 - 2038-09-13 07:34 - 00000117 _____ () C:\WINDOWS\system32\netcfg-97375.txt
2038-09-13 07:33 - 2038-09-13 07:33 - 00001027 _____ () C:\WINDOWS\system32\netcfg-38765.txt
2038-09-13 07:33 - 2038-09-13 07:33 - 00000117 _____ () C:\WINDOWS\system32\netcfg-33265.txt
2038-09-13 07:33 - 2038-09-13 07:33 - 00000117 _____ () C:\WINDOWS\system32\netcfg-28359.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00001136 _____ () C:\WINDOWS\system32\netcfg-47015.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00001136 _____ () C:\WINDOWS\system32\netcfg-33125.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000197 _____ () C:\WINDOWS\system32\netcfg-47781.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000185 _____ () C:\WINDOWS\system32\netcfg-36093.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000164 _____ () C:\WINDOWS\system32\netcfg-32687.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000161 _____ () C:\WINDOWS\system32\netcfg-35812.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000160 _____ () C:\WINDOWS\system32\netcfg-35609.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000160 _____ () C:\WINDOWS\system32\netcfg-34921.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000160 _____ () C:\WINDOWS\system32\netcfg-32453.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000159 _____ () C:\WINDOWS\system32\netcfg-35093.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000157 _____ () C:\WINDOWS\system32\netcfg-35359.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000157 _____ () C:\WINDOWS\system32\netcfg-32812.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000150 _____ () C:\WINDOWS\system32\netcfg-34703.txt
2038-09-13 07:32 - 2038-09-13 07:32 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-04-04 03:27 - 2014-04-01 11:22 - 00036155 _____ () C:\Users\A Lamar\Desktop\FRST.txt
2014-04-04 03:27 - 2014-03-31 17:09 - 00000000 ____D () C:\FRST
2014-04-04 03:25 - 2014-01-03 01:31 - 00000000 ____D () C:\WINDOWS\Minidump
2014-04-04 03:25 - 2013-12-24 09:23 - 00000000 ____D () C:\ProgramData\VSO
2014-04-04 03:22 - 2013-12-23 19:26 - 00000000 ____D () C:\Users\White
2014-04-04 03:19 - 2014-01-03 16:14 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\ClassicShell
2014-04-04 03:17 - 2013-12-26 13:36 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4128554873-3097705083-3195864600-1004
2014-04-04 03:16 - 2013-11-14 03:28 - 00956476 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-04 03:13 - 2014-02-01 20:51 - 00000384 _____ () C:\WINDOWS\Tasks\WpsNotifyTask_A Lamar.job
2014-04-04 03:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-04-04 03:11 - 2038-09-13 07:57 - 00004524 _____ () C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2014-04-04 03:11 - 2014-04-01 04:09 - 00000761 _____ () C:\Users\Public\Desktop\Webroot SecureAnywhere.lnk
2014-04-04 03:11 - 2014-01-10 15:31 - 00000898 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-04 03:11 - 2013-12-24 07:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-04 03:11 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-04 03:11 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-04-04 03:11 - 2012-07-30 13:22 - 00000821 _____ () C:\WINDOWS\SysWOW64\bscs.ini
2014-04-04 03:10 - 2014-04-04 03:10 - 00001215 _____ () C:\Users\A Lamar\Desktop\my post 2.txt
2014-04-04 03:10 - 2014-02-01 20:51 - 00000384 _____ () C:\WINDOWS\Tasks\WpsUpdateTask_A Lamar.job
2014-04-04 03:10 - 2013-12-24 09:37 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-04 03:07 - 2013-12-23 20:38 - 00000000 ____D () C:\ProgramData\WRData
2014-04-04 03:03 - 2014-04-04 03:03 - 00000368 _____ () C:\Users\A Lamar\Desktop\Stephen_F_Austin_vs_VCU_Game_203_1850_662d7e873cdbc82d_p_Seg1_Frag232574743
2014-04-04 03:03 - 2014-04-02 12:13 - 00000368 _____ () C:\Users\A Lamar\Desktop\Stephen_F_Austin_vs_VCU_Game_203_1850_662d7e873cdbc82d_p_Seg1_Frag232574742
2014-04-04 03:03 - 2013-12-26 13:31 - 00000000 ____D () C:\Users\A Lamar
2014-04-04 03:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-04-04 02:53 - 2014-01-03 12:38 - 01050624 ___SH () C:\Users\A Lamar\Desktop\Thumbs.db
2014-04-04 02:53 - 2014-01-02 12:08 - 00000000 ____D () C:\Users\White\Desktop\TRASH
2014-04-04 02:52 - 2014-01-24 03:17 - 00000000 ____D () C:\Users\White\AppData\Roaming\vlc
2014-04-04 02:52 - 2014-01-10 15:31 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-04 02:51 - 2014-04-04 02:51 - 00000000 ____D () C:\Users\White\AppData\Roaming\KeePass
2014-04-04 02:50 - 2014-04-04 02:34 - 00000000 ____D () C:\Users\White\AppData\Roaming\FLV Extract
2014-04-04 02:48 - 2013-12-24 10:11 - 02623488 ___SH () C:\Users\White\Desktop\Thumbs.db
2014-04-04 02:47 - 2014-01-08 23:36 - 00000000 ____D () C:\Users\White\AppData\Roaming\ClassicShell
2014-04-04 02:39 - 2014-02-01 21:18 - 00000380 _____ () C:\WINDOWS\Tasks\WpsUpdateTask_White.job
2014-04-04 02:39 - 2014-02-01 21:18 - 00000380 _____ () C:\WINDOWS\Tasks\WpsNotifyTask_White.job
2014-04-04 01:25 - 2014-04-03 23:44 - 00106496 ___SH () C:\Users\White\Downloads\Thumbs.db
2014-04-03 23:45 - 2014-04-04 02:30 - 1249141143 _____ () C:\Users\White\Desktop\2014 gonz vs ok st rd 2 mm (adobe hds downloader test).flv
2014-04-03 23:16 - 2014-04-02 17:41 - 00000000 ____D () C:\Users\White\Desktop\New folder
2014-04-03 20:56 - 2014-02-05 06:22 - 00000000 ____D () C:\Users\White\AppData\Local\CrashDumps
2014-04-03 14:32 - 2038-09-13 09:40 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4128554873-3097705083-3195864600-1001
2014-04-03 14:18 - 2014-01-17 04:43 - 00000000 ____D () C:\Users\White\dwhelper
2014-04-03 12:40 - 2014-04-03 12:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-03 01:29 - 2014-04-02 11:53 - 00002387 _____ () C:\Users\White\Desktop\Torch DE3IK GV -.lnk
2014-04-03 01:26 - 2014-04-03 01:12 - 00000000 ____D () C:\Users\White\AppData\Roaming\Balabolka
2014-04-03 01:21 - 2014-04-03 01:21 - 00000000 ____D () C:\Users\White\AppData\Roaming\WebApp
2014-04-03 01:18 - 2014-04-03 01:18 - 00000000 ____D () C:\Users\White\AppData\Local\Cyberlink
2014-04-03 01:18 - 2014-04-03 00:22 - 00000000 ____D () C:\Users\White\AppData\Roaming\CyberLink
2014-04-03 01:15 - 2013-12-24 08:26 - 00000000 ____D () C:\Users\White\AppData\Local\Apple Computer
2014-04-03 01:12 - 2014-04-03 01:12 - 00000000 ____D () C:\Users\White\Documents\Balabolka
2014-04-03 01:07 - 2038-09-13 09:22 - 00000000 ____D () C:\Users\White\Documents\ConvertXtoDVD
2014-04-03 01:07 - 2014-02-21 22:29 - 00000000 ____D () C:\Users\White\AppData\Roaming\VSO
2014-04-03 00:23 - 2038-09-13 07:43 - 00000000 ____D () C:\ProgramData\CyberLink
2014-04-03 00:23 - 2014-02-22 17:42 - 00000000 ____D () C:\Users\Public\CyberLink
2014-04-03 00:00 - 2014-04-03 00:00 - 00000000 ____D () C:\Users\White\AppData\Local\Windows Live
2014-04-03 00:00 - 2014-04-03 00:00 - 00000000 ____D () C:\Users\White\AppData\Local\{6D6A07B6-366D-4773-AFF1-3864F0793073}
2014-04-02 23:28 - 2014-04-02 15:08 - 00004258 _____ () C:\WINDOWS\System32\Tasks\FREE FILE SYNC EVERY 5 MIN UNATTENDED BACKUP
2014-04-02 21:22 - 2038-09-13 07:57 - 00000043 _____ () C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2014-04-02 19:16 - 2014-04-02 14:05 - 00000000 ____D () C:\Users\White\AppData\Roaming\FreeFileSync
2014-04-02 17:43 - 2038-09-13 09:23 - 00000000 ____D () C:\Users\White\AppData\Roaming\Hewlett-Packard
2014-04-02 17:43 - 2013-12-18 15:43 - 00000000 ____D () C:\Users\White\AppData\Local\Hewlett-Packard
2014-04-02 17:42 - 2014-04-02 17:42 - 00002234 _____ () C:\Users\White\AppData\Roaming\Microsoft\Windows\Start Menu\Google Earth.lnk
2014-04-02 15:15 - 2014-01-03 20:30 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-04-02 15:07 - 2038-09-13 09:20 - 00000000 ____D () C:\Users\White\AppData\Local\VirtualStore
2014-04-02 14:52 - 2014-02-01 21:18 - 00000000 ____D () C:\Users\White\AppData\Local\Kingsoft
2014-04-02 13:17 - 2014-04-02 13:17 - 00000000 ____D () C:\Program Files\FreeFileSync
2014-04-02 13:15 - 2014-04-02 13:15 - 00000000 ____D () C:\Users\White\AppData\Roaming\SumatraPDF
2014-04-02 12:37 - 2014-04-02 12:37 - 00002387 _____ () C:\Users\White\Desktop\Torch DE3IK FB -.lnk
2014-04-02 12:25 - 2014-04-02 11:49 - 00002277 _____ () C:\Users\White\Desktop\Facebook.lnk
2014-04-02 12:25 - 2014-04-02 11:49 - 00002273 _____ () C:\Users\White\Desktop\Youtube.lnk
2014-04-02 12:25 - 2013-12-24 08:11 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-04-02 12:22 - 2014-04-01 06:05 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Media Player Classic
2014-04-02 12:22 - 2014-03-29 16:58 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Azureus
2014-04-02 12:22 - 2014-02-20 23:50 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\CrashDumps
2014-04-02 12:14 - 2014-03-31 17:13 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\Torch
2014-04-02 12:10 - 2014-04-02 12:08 - 00000000 ____D () C:\Users\A Lamar\Desktop\User Data
2014-04-02 11:54 - 2014-04-02 11:53 - 00001449 _____ () C:\Users\White\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
2014-04-02 11:53 - 2014-04-02 11:53 - 00000000 ____D () C:\Users\White\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch
2014-04-02 11:53 - 2014-04-02 11:51 - 00000000 ____D () C:\Users\White\AppData\Local\Torch
2014-04-02 11:53 - 2014-03-04 22:17 - 00000000 ____D () C:\ProgramData\eFax Messenger 4.4 Setup
2014-04-02 11:50 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-04-02 11:43 - 2014-03-30 03:29 - 00000000 ____D () C:\Users\A Lamar\Desktop\SHORTCUTS
2014-04-02 11:40 - 2014-04-01 01:58 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\vlc
2014-04-02 09:36 - 2014-03-30 05:35 - 00000000 ____D () C:\ProgramData\GlarySoft
2014-04-02 09:36 - 2014-03-30 05:17 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\GlarySoft
2014-04-02 09:34 - 2014-04-01 09:57 - 00000000 ____D () C:\Program Files (x86)\Applian Technologies
2014-04-02 09:34 - 2014-04-01 09:56 - 00000000 ____D () C:\Program Files (x86)\Freecorder extension
2014-04-02 09:27 - 2014-04-01 08:00 - 00014848 ___SH () C:\Users\A Lamar\Downloads\Thumbs.db
2014-04-01 22:31 - 2014-04-01 22:31 - 00000000 ____D () C:\Users\White\AppData\Roaming\MPC-HC
2014-04-01 14:42 - 2014-04-01 14:42 - 00000000 ____D () C:\Users\A Lamar\Documents\StreamTransport
2014-04-01 14:34 - 2014-04-01 14:33 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\HandBrake
2014-04-01 12:41 - 2014-04-01 12:41 - 00000000 _____ () C:\Users\A Lamar\mm_backup.cfg
2014-04-01 12:06 - 2014-02-14 14:14 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\NCH Software
2014-04-01 12:01 - 2014-04-01 11:17 - 00000408 _____ () C:\Users\A Lamar\AppData\Roaming\CamShapes.ini
2014-04-01 12:01 - 2014-04-01 11:17 - 00000408 _____ () C:\Users\A Lamar\AppData\Roaming\CamLayout.ini
2014-04-01 12:01 - 2014-04-01 11:17 - 00000249 _____ () C:\Users\A Lamar\AppData\Roaming\Camdata.ini
2014-04-01 12:00 - 2014-04-01 12:00 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\MPC-HC
2014-04-01 11:23 - 2014-04-01 11:22 - 00039308 _____ () C:\Users\A Lamar\Desktop\Addition.txt
2014-04-01 11:17 - 2013-12-24 02:16 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2014-04-01 09:57 - 2014-04-01 09:57 - 00000000 ____D () C:\WINDOWS\Jaksta
2014-04-01 09:56 - 2014-04-01 09:56 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\freecorder
2014-04-01 07:35 - 2013-12-26 13:31 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Hewlett-Packard
2014-04-01 07:34 - 2038-09-13 07:36 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-04-01 07:31 - 2014-04-01 06:32 - 00000000 ____D () C:\Program Files (x86)\Hensence.com
2014-04-01 07:29 - 2038-09-13 07:37 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-01 06:32 - 2014-04-01 06:32 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Hensense.com
2014-04-01 06:05 - 2014-03-31 22:49 - 00000000 ____D () C:\Users\A Lamar\dwhelper
2014-04-01 06:00 - 2013-12-26 14:01 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Macromedia
2014-04-01 06:00 - 2013-12-26 14:01 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\Macromedia
2014-04-01 06:00 - 2013-12-26 13:31 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Adobe
2014-04-01 05:40 - 2038-09-13 07:43 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-04-01 05:38 - 2014-03-31 23:44 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\StreamTorrent
2014-04-01 04:41 - 2014-01-17 07:12 - 00000000 ____D () C:\ProgramData\VMware
2014-04-01 04:27 - 2014-03-31 00:24 - 00000000 ____D () C:\AdwCleaner
2014-04-01 01:58 - 2014-04-01 01:58 - 00000889 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-04-01 01:57 - 2013-12-24 02:33 - 00000000 ____D () C:\Program Files\VideoLAN
2014-04-01 00:40 - 2014-04-01 00:32 - 00000000 ____D () C:\Program Files (x86)\FlashGet Network
2014-04-01 00:34 - 2014-04-01 00:34 - 00000204 _____ () C:\WINDOWS\SysWOW64\secustat.dat
2014-04-01 00:34 - 2014-04-01 00:32 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\FlashgetSetup
2014-04-01 00:34 - 2014-04-01 00:32 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\BITS
2014-04-01 00:32 - 2014-04-01 00:32 - 00001424 _____ () C:\Users\Eurceliakins\Desktop\FlashGet downloads.lnk
2014-04-01 00:32 - 2014-04-01 00:32 - 00000025 _____ () C:\WINDOWS\libem.INI
2014-03-31 23:01 - 2014-03-30 05:19 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\DiskDefrag
2014-03-31 22:59 - 2014-03-31 22:59 - 01005095 _____ () C:\Users\A Lamar\Desktop\QuarantineRestore_31032014225912.txt
2014-03-31 22:57 - 2014-03-31 17:15 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch
2014-03-31 18:36 - 2014-03-28 17:35 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\CutePDF Writer
2014-03-31 18:05 - 2014-03-29 18:13 - 00000024 _____ () C:\Users\A Lamar\AppData\Local\pdfshaper.ini
2014-03-31 17:46 - 2014-03-31 17:46 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\ABBYY
2014-03-31 17:19 - 2014-03-31 17:16 - 00002277 _____ () C:\Users\A Lamar\Desktop\Facebook.lnk
2014-03-31 17:19 - 2014-03-31 17:16 - 00002273 _____ () C:\Users\A Lamar\Desktop\Youtube.lnk
2014-03-31 17:19 - 2014-03-29 18:57 - 00001457 _____ () C:\Users\A Lamar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
2014-03-31 17:19 - 2014-01-06 21:53 - 00000000 ___RD () C:\Users\A Lamar\Desktop\TRASH
2014-03-31 17:16 - 2014-03-31 17:16 - 00000000 ____D () C:\ProgramData\TorchCrashHandler
2014-03-31 17:07 - 2014-03-31 22:59 - 00022787 _____ () C:\Users\A Lamar\Desktop\AdwCleaner[S0].txt
2014-03-31 16:32 - 2014-03-31 16:32 - 02157056 _____ (Farbar) C:\Users\A Lamar\Desktop\FRST64.exe
2014-03-31 00:23 - 2014-03-31 00:23 - 01950720 _____ () C:\Users\A Lamar\Desktop\AdwCleaner.exe
2014-03-30 23:10 - 2014-03-30 23:10 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mead & Company
2014-03-30 23:10 - 2014-03-30 23:10 - 00000000 ____D () C:\Program Files (x86)\MeadCo Neptune
2014-03-30 23:00 - 2014-03-30 23:00 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\PCPitstop
2014-03-30 22:59 - 2014-03-30 22:59 - 00761856 _____ () C:\Users\A Lamar\Desktop\PCMaticPlugin.msi
2014-03-30 22:11 - 2014-03-30 22:11 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\QuickScan
2014-03-30 21:26 - 2014-03-30 21:26 - 00002397 _____ () C:\Users\A Lamar\Desktop\DE3IK FB - Torch.lnk
2014-03-30 21:01 - 2014-03-30 21:01 - 00000305 _____ () C:\Users\A Lamar\Desktop\ClickClean-v8.3-Options.json
2014-03-30 20:24 - 2014-03-30 20:24 - 00002397 _____ () C:\Users\A Lamar\Desktop\DE3IK GV - Torch.lnk
2014-03-30 17:50 - 2014-03-30 17:50 - 00000125 _____ () C:\Users\A Lamar\Desktop\POST.txt
2014-03-30 17:40 - 2014-03-30 17:40 - 00008301 _____ () C:\Users\A Lamar\Desktop\ESETScan.txt
2014-03-30 12:30 - 2014-03-30 12:30 - 02347384 _____ (ESET) C:\Users\A Lamar\Desktop\esetsmartinstaller_enu.exe
2014-03-30 12:30 - 2014-03-30 12:30 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-30 12:22 - 2038-09-13 07:54 - 00000000 ____D () C:\ProgramData\Norton
2014-03-30 10:46 - 2014-03-30 10:46 - 00141713 _____ () C:\Users\A Lamar\Desktop\Malwarebytes Anti-Malware.txt
2014-03-30 10:04 - 2014-03-30 10:02 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-03-30 10:02 - 2014-03-30 10:02 - 00001080 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-30 10:02 - 2014-03-30 10:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-03-30 10:02 - 2014-01-03 18:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-30 09:59 - 2014-03-13 20:34 - 00232338 _____ () C:\Users\A Lamar\Desktop\OTL.Txt
2014-03-30 06:50 - 2014-04-02 11:49 - 00000931 _____ () C:\Users\White\Desktop\Balabolka.lnk
2014-03-30 06:50 - 2014-03-30 06:50 - 00000000 ____D () C:\Users\A Lamar\Documents\Balabolka
2014-03-30 06:50 - 2014-03-30 06:50 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Balabolka
2014-03-30 06:50 - 2014-03-30 06:50 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Balabolka
2014-03-30 06:50 - 2014-03-30 06:50 - 00000000 ____D () C:\Program Files (x86)\Balabolka
2014-03-30 06:49 - 2014-03-30 06:41 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\SumatraPDF
2014-03-30 06:44 - 2014-01-03 19:09 - 00000000 ____D () C:\Users\A Lamar\.Synkron
2014-03-30 06:41 - 2014-03-30 06:41 - 00000000 ____D () C:\Program Files (x86)\SumatraPDF
2014-03-30 06:39 - 2014-03-30 06:39 - 00000000 ____D () C:\Users\A Lamar\Desktop\FileSample_CSV
2014-03-30 05:59 - 2014-03-30 05:59 - 00000017 _____ () C:\Users\A Lamar\AppData\Local\resmon.resmoncfg
2014-03-30 05:49 - 2014-03-25 01:02 - 00003304 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4128554873-3097705083-3195864600-1004
2014-03-30 05:48 - 2014-03-23 01:18 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Orbit
2014-03-30 05:48 - 2014-01-03 15:00 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Vso
2014-03-30 05:48 - 2013-12-23 19:22 - 00000000 ___DC () C:\WINDOWS\Panther
2014-03-30 05:47 - 2013-12-24 08:11 - 00000000 ____D () C:\Program Files (x86)\SlimCleaner
2014-03-30 05:44 - 2014-01-03 18:33 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Malwarebytes
2014-03-30 05:42 - 2014-03-29 19:39 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\Comodo
2014-03-30 05:42 - 2014-02-20 23:26 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\AnvSoft
2014-03-30 05:17 - 2014-02-01 05:39 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Sony
2014-03-30 05:02 - 2014-01-15 10:05 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-03-30 04:43 - 2014-03-25 01:00 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Real
2014-03-30 04:43 - 2014-03-25 01:00 - 00000000 ____D () C:\Program Files (x86)\Real
2014-03-30 04:43 - 2014-03-25 00:51 - 00000000 ____D () C:\ProgramData\Real
2014-03-30 04:38 - 2014-03-30 04:38 - 00001115 _____ () C:\Users\A Lamar\Desktop\SpywareBlaster.lnk
2014-03-30 04:33 - 2014-03-30 04:33 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2014-03-30 04:33 - 2014-03-29 19:39 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Comodo
2014-03-30 04:33 - 2014-03-29 19:39 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-03-30 04:33 - 2013-12-31 03:28 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-03-30 04:11 - 2014-02-22 17:34 - 00000000 ____D () C:\Users\A Lamar\Documents\ConvertXtoDVD
2014-03-30 04:09 - 2014-03-30 04:09 - 00000000 ____D () C:\Users\A Lamar\Documents\StreamingStar
2014-03-30 03:38 - 2013-12-24 02:50 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-30 03:30 - 2014-04-02 11:49 - 00000988 _____ () C:\Users\White\Desktop\Audials 11.lnk
2014-03-30 00:48 - 2014-03-30 00:48 - 00000046 _____ () C:\WINDOWS\SysWOW64\DonationCoder_urlsnooper_InstallInfo.dat
2014-03-30 00:48 - 2014-03-30 00:48 - 00000000 ____D () C:\Users\A Lamar\Documents\DonationCoder
2014-03-30 00:48 - 2014-03-30 00:48 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\DonationCoder
2014-03-29 23:39 - 2014-03-25 01:02 - 00003354 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4128554873-3097705083-3195864600-1004
2014-03-29 23:15 - 2014-03-29 23:15 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\KeePass
2014-03-29 23:13 - 2014-04-02 11:49 - 00001069 _____ () C:\Users\White\Desktop\KeePass.lnk
2014-03-29 23:13 - 2014-03-29 23:13 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe
2014-03-29 19:59 - 2014-03-29 19:59 - 00000997 _____ () C:\Users\Public\Desktop\Unchecky.lnk
2014-03-29 19:59 - 2014-03-29 19:59 - 00000000 ____D () C:\Program Files (x86)\Unchecky
2014-03-29 19:38 - 2014-03-29 19:38 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2014-03-29 19:37 - 2014-04-02 11:49 - 00001358 _____ () C:\Users\White\Desktop\PROCESS EXPLORER (TASK MANAGER ALTERNATIVE) - Shortcut.lnk
2014-03-29 18:13 - 2014-03-29 18:00 - 00000134 _____ () C:\Users\A Lamar\AppData\Roaming\PDFShaper.ini
2014-03-29 17:56 - 2014-04-02 11:49 - 00001177 _____ () C:\Users\White\Desktop\PDF Shaper.lnk
2014-03-29 17:56 - 2014-03-29 17:56 - 00000000 ____D () C:\Program Files (x86)\Glorylogic
2014-03-29 16:58 - 2014-03-29 16:58 - 00000000 ____D () C:\ProgramData\Azureus
2014-03-29 16:57 - 2014-03-29 16:56 - 00006948 _____ () C:\Users\A Lamar\Desktop\error.log
2014-03-29 16:55 - 2014-03-29 16:55 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Oracle
2014-03-29 16:54 - 2014-03-29 16:54 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-03-29 16:54 - 2014-03-29 16:54 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-03-29 16:54 - 2014-03-29 16:54 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-03-29 16:54 - 2014-03-29 16:54 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-03-29 16:54 - 2014-03-29 16:54 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-27 18:39 - 2014-01-03 13:06 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\Adobe
2014-03-27 18:39 - 2013-12-24 09:37 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-27 06:47 - 2014-01-10 15:31 - 00003874 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-27 06:47 - 2014-01-10 15:31 - 00003638 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-26 16:16 - 2013-12-23 20:38 - 00154248 _____ (Webroot) C:\WINDOWS\SysWOW64\WRusr.dll
2014-03-26 16:16 - 2013-12-23 20:38 - 00115168 _____ (Webroot) C:\WINDOWS\system32\Drivers\WRkrn.sys
2014-03-26 16:16 - 2013-12-23 20:38 - 00105320 _____ (Webroot) C:\WINDOWS\system32\WRusr.dll
2014-03-26 15:18 - 2014-03-26 15:18 - 00000000 ____D () C:\Users\White\AppData\Roaming\Real
2014-03-25 13:55 - 2038-09-13 07:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-03-25 12:24 - 2014-03-25 12:24 - 00334223 _____ () C:\Users\A Lamar\Desktop\CBS.zip
2014-03-25 11:58 - 2014-03-22 05:44 - 00064158 _____ () C:\Users\A
2014-03-25 08:07 - 2014-03-25 08:07 - 11204416 _____ () C:\Users\A Lamar\Desktop\CBS.log
2014-03-25 06:56 - 2014-03-25 06:56 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\Intel_Corporation
2014-03-25 04:12 - 2014-04-02 11:49 - 00000810 _____ () C:\Users\White\Desktop\Speccy.lnk
2014-03-25 04:12 - 2014-03-25 04:12 - 00000000 ____D () C:\Program Files\Speccy
2014-03-25 01:01 - 2014-03-25 01:01 - 00201800 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\rmoc3260.dll
2014-03-24 19:59 - 2014-03-24 19:59 - 00001141 _____ () C:\Users\A Lamar\Desktop\FastStone Image Viewer.lnk
2014-03-24 14:00 - 2013-12-24 02:16 - 00112640 _____ () C:\WINDOWS\SysWOW64\ff_vfw.dll
2014-03-23 01:24 - 2013-12-26 13:31 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\VirtualStore
2014-03-23 01:18 - 2014-03-23 01:18 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\ProgSense
2014-03-23 01:18 - 2014-03-23 01:18 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\GrabPro
2014-03-23 01:18 - 2013-12-26 13:31 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-23 00:39 - 2014-01-07 00:47 - 00000000 ____D () C:\Users\A Lamar\Documents\Freemake
2014-03-23 00:02 - 2014-03-23 00:02 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\RapidSolution
2014-03-23 00:02 - 2014-03-23 00:02 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\CrashRpt
2014-03-22 17:16 - 2014-03-22 17:10 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\WORDsearch Basic 10
2014-03-22 17:10 - 2014-03-22 17:10 - 00001179 _____ () C:\Users\A Lamar\Desktop\WORDsearch Basic.lnk
2014-03-22 17:10 - 2014-03-22 17:10 - 00000000 ____D () C:\Users\A Lamar\Documents\WORDsearch
2014-03-22 07:55 - 2038-09-13 09:21 - 00000000 ___RD () C:\Users\White\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-22 07:55 - 2038-09-13 09:21 - 00000000 ___RD () C:\Users\White\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-22 04:33 - 2014-02-03 16:41 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Identity Safe
2014-03-22 04:16 - 2014-03-22 04:16 - 00004017 _____ () C:\Users\A Lamar\Desktop\RKreport[0]_D_03222014_041616.txt
2014-03-22 04:16 - 2014-03-21 21:08 - 00000000 ____D () C:\Users\A Lamar\Desktop\RK_Quarantine
2014-03-22 04:14 - 2014-03-22 04:14 - 00003821 _____ () C:\Users\A Lamar\Desktop\RKreport[0]_S_03222014_041456.txt
2014-03-21 21:13 - 2014-03-21 21:13 - 00003787 _____ () C:\Users\A Lamar\Desktop\RKreport[0]_S_03212014_211352.txt
2014-03-21 21:11 - 2014-03-21 21:11 - 00003754 _____ () C:\Users\A Lamar\Desktop\RKreport[0]_S_03212014_211107.txt
2014-03-20 04:23 - 2014-03-20 04:23 - 03901952 _____ () C:\Users\A Lamar\Desktop\RogueKiller.exe
2014-03-19 21:48 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-19 19:59 - 2013-12-26 13:31 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-19 19:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-19 19:54 - 2014-03-19 19:54 - 00000000 ____D () C:\_OTL
2014-03-18 18:37 - 2013-12-24 08:10 - 00000000 ____D () C:\Users\White\.Synkron
2014-03-18 13:38 - 2014-03-18 13:38 - 04745728 _____ (AVAST Software) C:\Users\White\Desktop\aswMBR.exe
2014-03-18 13:38 - 2014-03-18 13:38 - 00987442 _____ () C:\Users\White\Desktop\SecurityCheck.exe
2014-03-18 11:33 - 2013-12-23 15:25 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-18 11:32 - 2013-12-23 15:25 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-18 11:32 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-18 03:34 - 2014-03-18 03:34 - 00003166 _____ () C:\WINDOWS\System32\Tasks\SmartDefrag3_Startup
2014-03-18 03:34 - 2014-03-18 03:34 - 00003164 _____ () C:\WINDOWS\System32\Tasks\SmartDefrag3_Update
2014-03-16 19:56 - 2014-03-15 06:12 - 00262656 ___SH () C:\Users\White\Documents\Thumbs.db
2014-03-16 19:54 - 2013-12-24 07:55 - 00000000 ____D () C:\Users\White\AppData\Roaming\Media Player Classic
2014-03-15 00:16 - 2014-02-18 05:33 - 00000000 ____D () C:\Users\White\Desktop\SONY MP3 CD
2014-03-14 20:04 - 2014-03-14 20:04 - 00000885 _____ () C:\Users\White\Desktop\P - Shortcut.lnk
2014-03-14 02:26 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-14 02:26 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-14 02:26 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-14 02:26 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-13 20:40 - 2014-03-13 20:40 - 00014044 _____ () C:\Users\A Lamar\Desktop\hijackthis.log
2014-03-13 20:35 - 2014-03-13 20:35 - 00105472 _____ () C:\Users\A Lamar\Desktop\Extras.Txt
2014-03-13 20:10 - 2014-03-13 20:10 - 00625664 _____ () C:\Users\A Lamar\Desktop\dds.scr
2014-03-13 20:09 - 2014-03-13 20:09 - 00388608 _____ (Trend Micro Inc.) C:\Users\A Lamar\Desktop\HiJackThis.exe
2014-03-13 20:08 - 2014-03-18 15:50 - 00602112 _____ (OldTimer Tools) C:\Users\White\Desktop\OTL.exe
2014-03-13 20:08 - 2014-03-13 20:08 - 00602112 _____ (OldTimer Tools) C:\Users\A Lamar\Desktop\OTL.exe
2014-03-13 12:41 - 2014-03-24 20:15 - 23002558 _____ () C:\Users\A Lamar\CbsPersist_20140313164805.log
2014-03-13 12:36 - 2013-08-22 10:44 - 00496256 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-12 21:11 - 2013-12-24 08:32 - 00000000 ____D () C:\WINDOWS\System32\Tasks\NCH Software
2014-03-11 05:25 - 2014-03-11 05:25 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\Apple
2014-03-11 05:25 - 2013-12-26 13:32 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\Apple Computer
2014-03-11 05:22 - 2014-03-11 05:22 - 00000000 ____D () C:\Users\A Lamar\AppData\Local\Apple Computer
2014-03-10 18:17 - 2014-01-17 10:43 - 00128288 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2014-03-07 21:39 - 2014-03-07 21:39 - 00000000 ____D () C:\Users\A Lamar\AppData\Roaming\IDT
2014-03-06 06:39 - 2014-01-27 14:44 - 00002470 _____ () C:\Users\White\Desktop\Chrome A LAMAR -.lnk
2014-03-06 06:39 - 2014-01-17 12:22 - 00002470 _____ () C:\Users\White\Desktop\Chrome DE3IK(GOOGLEVOICE) -.lnk
2014-03-06 06:39 - 2014-01-17 12:21 - 00002470 _____ () C:\Users\White\Desktop\Chrome DE3IK (FACEBOOK) -.lnk
2014-03-06 06:39 - 2014-01-17 12:21 - 00002426 _____ () C:\Users\White\Desktop\CHROME atrandom97 (YOUTUBE) -.lnk
2014-03-06 00:04 - 2014-02-21 23:21 - 00000000 ____D () C:\ProgramData\vsosdk
2014-03-05 09:26 - 2014-03-30 10:02 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-03-30 10:02 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2014-03-30 10:02 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
Files to move or delete:
====================
C:\Users\A Lamar\AppData\Roaming\CamLayout.ini
C:\Users\A Lamar\AppData\Roaming\CamShapes.ini
Some content of TEMP:
====================
C:\Users\White\AppData\Local\Temp\PROCESS EXPLORER (TASK MANAGER ALTERNATIVE)64.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-12 23:54] - [2014-01-31 12:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02
LastRegBack: 2014-04-01 08:23
==================== End Of Log ============================