Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Documents and pictures encrypted by RSA-2048 using Cryptowall 2.0 [Clo


  • This topic is locked This topic is locked

#1
myoung0963

myoung0963

    New Member

  • Member
  • Pip
  • 1 posts

Attached File  OTL.Txt   357.2KB   65 downloads

 

OTL logfile created on: 1/25/2015 11:05:45 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\young\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.75 Gb Total Physical Memory | 0.81 Gb Available Physical Memory | 46.54% Memory free
3.50 Gb Paging File | 2.15 Gb Available in Paging File | 61.42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.33 Gb Total Space | 183.40 Gb Free Space | 82.12% Space Free | Partition Type: NTFS
 
Computer Name: YOUNG-PC | User Name: young | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 180 Days
 
========== Processes (SafeList) ==========
 
PRC - [2015/01/25 10:31:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\young\Desktop\OTL.exe
PRC - [2015/01/24 16:02:34 | 000,960,688 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_16_0_0_296_ActiveX.exe
PRC - [2015/01/09 17:36:21 | 001,099,336 | ---- | M] (Mindspark) -- C:\Program Files\GamingWonderland\bar\1.bin\CrExtPgt.exe
PRC - [2015/01/09 17:36:21 | 000,225,864 | ---- | M] (Mindspark) -- C:\Program Files\GamingWonderland\bar\1.bin\APPINTEGRATOR.EXE
PRC - [2015/01/09 17:36:17 | 000,090,696 | ---- | M] (Mindspark) -- C:\Program Files\GamingWonderland\bar\1.bin\gtbarsvc.exe
PRC - [2014/12/10 04:00:44 | 000,282,528 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security with Backup\Engine\22.1.0.9\NSBU.exe
PRC - [2014/11/19 19:32:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2014/10/07 15:39:30 | 001,241,472 | ---- | M] (Oracle Corporation) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/08/17 11:48:46 | 001,294,136 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
PRC - [2009/08/17 11:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
PRC - [2009/08/10 20:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
PRC - [2009/08/05 15:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2009/08/05 15:18:08 | 000,476,512 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2009/08/05 15:04:54 | 000,738,616 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2009/08/03 18:16:50 | 001,021,272 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
PRC - [2009/08/03 18:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
PRC - [2009/07/30 00:54:38 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/07/30 00:54:10 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/07/28 15:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2009/07/28 15:00:10 | 000,460,088 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2009/03/10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009/01/13 22:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/11/23 12:14:57 | 000,774,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5c093e6286545b5ee4b9d29e6bd24eb7\System.Runtime.Remoting.ni.dll
MOD - [2014/11/23 11:18:13 | 012,435,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\b63fb23d171f316e1c47c5cdbd97ec56\System.Windows.Forms.ni.dll
MOD - [2014/11/22 10:40:10 | 000,212,992 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\af1324443e5540135950578db84809d5\System.ServiceProcess.ni.dll
MOD - [2014/11/22 10:39:22 | 011,922,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\cef6560830fd889aff2917e1de716f1f\System.Web.ni.dll
MOD - [2014/11/22 10:39:09 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\b3fd0e68baabf3b45f59fe6df4166c6b\System.Drawing.ni.dll
MOD - [2014/11/22 10:39:04 | 005,467,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\7a042b46130d9b9c7498bf10af0cb036\System.Xml.ni.dll
MOD - [2014/11/22 10:38:59 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\1a6f4c47bfc15ff2361c89383c8dbffb\System.Configuration.ni.dll
MOD - [2014/11/22 10:38:52 | 007,991,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\ea649d6e9b7c95482ec8f75ba544ae5a\System.ni.dll
MOD - [2014/11/22 10:38:37 | 011,497,984 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014/11/17 19:23:17 | 001,736,704 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3497.38831__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2014/11/17 19:23:17 | 000,491,520 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3497.38899__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2014/11/17 19:23:17 | 000,339,968 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3497.38814__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2014/11/17 19:23:17 | 000,204,800 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3497.38833__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2014/11/17 19:23:17 | 000,077,824 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3497.38880__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2014/11/17 19:23:17 | 000,073,728 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3497.38822__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2014/11/17 19:23:17 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3497.38863__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2014/11/17 19:23:17 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3497.38828__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2014/11/17 19:23:17 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3497.38855__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2014/11/17 19:23:17 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3497.38823__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2014/11/17 19:23:16 | 000,331,776 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3497.38868__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2014/11/17 19:23:16 | 000,118,784 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3497.38898__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2014/11/17 19:23:16 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3497.38868__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2014/11/17 19:23:16 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3497.38867__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2014/11/17 19:23:16 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3497.38899__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2014/11/17 19:23:16 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3497.38898__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2014/11/17 19:23:15 | 000,782,336 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3497.38856__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2014/11/17 19:23:15 | 000,409,600 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3497.38875__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2014/11/17 19:23:15 | 000,196,608 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3497.38833__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2014/11/17 19:23:15 | 000,081,920 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3497.38856__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2014/11/17 19:23:14 | 000,950,272 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3497.38923__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll
MOD - [2014/11/17 19:23:14 | 000,573,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3497.38833__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2014/11/17 19:23:14 | 000,393,216 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3497.38855__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2014/11/17 19:23:14 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3497.38862__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2014/11/17 19:23:14 | 000,307,200 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3497.38837__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2014/11/17 19:23:14 | 000,270,336 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2014/11/17 19:23:14 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3497.38861__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2014/11/17 19:23:14 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3497.38855__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2014/11/17 19:23:14 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3497.38837__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2014/11/17 19:23:14 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3497.38856__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2014/11/17 19:23:14 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3497.38860__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2014/11/17 19:23:14 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3497.38862__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2014/11/17 19:23:13 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2014/11/17 19:23:13 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3428.28302__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2014/11/17 19:23:13 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2014/11/17 19:23:13 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3428.28329__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2014/11/17 19:23:13 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2014/11/17 19:23:13 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2014/11/17 19:23:13 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2014/11/17 19:23:13 | 000,007,168 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2014/11/17 19:23:12 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3428.28298__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2014/11/17 19:23:12 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2014/11/17 19:23:12 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3428.28296__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2014/11/17 19:23:12 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3428.28297__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2014/11/17 19:23:12 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3428.28354__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2014/11/17 19:23:12 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3428.28304__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2014/11/17 19:23:12 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2014/11/17 19:23:12 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3428.28310__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2014/11/17 19:23:12 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2014/11/17 19:23:12 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3428.28324__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2014/11/17 19:23:12 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2014/11/17 19:23:11 | 000,098,304 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3428.28305__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2014/11/17 19:23:11 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2014/11/17 19:23:11 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2014/11/17 19:23:11 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3428.28324__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2014/11/17 19:23:11 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3428.28323__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2014/11/17 19:23:11 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3428.28302__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2014/11/17 19:23:11 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3428.28303__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2014/11/17 19:23:11 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2014/11/17 19:23:11 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2014/11/17 19:23:10 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3428.28316__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2014/11/17 19:23:10 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2014/11/17 19:23:10 | 000,049,152 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2014/11/17 19:23:10 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3497.38904__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2014/11/17 19:23:10 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2014/11/17 19:23:10 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3428.28309__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2014/11/17 19:23:10 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2014/11/17 19:23:10 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2014/11/17 19:23:10 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3428.28311__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2014/11/17 19:23:10 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2014/11/17 19:23:10 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2014/11/17 19:23:10 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\APM.Foundation\2.0.3428.28310__90ba9c70f846762e\APM.Foundation.dll
MOD - [2014/11/17 19:23:10 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2014/11/17 19:23:10 | 000,007,168 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3497.38810__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2014/11/17 19:23:09 | 000,405,504 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3497.38827__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2014/11/17 19:23:09 | 000,106,496 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3497.38894__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2014/11/17 19:23:09 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3497.38892__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2014/11/17 19:23:09 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3497.38813__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2014/11/17 19:23:09 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3497.38812__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2014/11/17 19:23:09 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2014/11/17 19:23:09 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3428.28301__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2014/11/17 19:23:09 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2014/11/17 19:23:09 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2014/11/17 19:23:09 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2014/11/17 19:23:09 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3428.28310__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2014/11/17 19:23:08 | 001,212,416 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3497.38819__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2014/11/17 19:23:08 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\APM.Server\2.0.3497.38811__90ba9c70f846762e\APM.Server.dll
MOD - [2014/11/17 19:23:08 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Server\2.0.3497.38810__90ba9c70f846762e\AEM.Server.dll
MOD - [2014/11/17 19:23:08 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2014/11/17 19:23:08 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2014/11/17 19:23:08 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3428.28309__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2014/11/17 19:23:08 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3428.28316__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2014/11/17 19:23:08 | 000,019,456 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3497.38893__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2014/11/17 19:10:50 | 008,007,680 | ---- | M] () -- C:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2009/08/03 18:17:24 | 000,079,192 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
MOD - [2009/07/25 11:07:12 | 000,058,704 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
MOD - [2009/07/16 16:27:48 | 000,052,536 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
MOD - [2009/07/16 16:27:44 | 007,263,544 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
MOD - [2009/06/22 15:38:40 | 000,015,160 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
MOD - [2009/05/04 11:45:14 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009/03/12 20:08:04 | 000,049,152 | ---- | M] () -- C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2015/01/24 16:02:41 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/01/09 17:36:17 | 000,090,696 | ---- | M] (Mindspark) [Auto | Running] -- C:\Program Files\GamingWonderland\bar\1.bin\gtbarsvc.exe -- (GamingWonderlandService)
SRV - [2014/12/10 04:00:44 | 000,282,528 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Security with Backup\Engine\22.1.0.9\NSBU.exe -- (NSBU)
SRV - [2014/11/21 18:55:14 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013/05/26 21:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/08/27 21:17:26 | 000,332,272 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)
SRV - [2009/08/17 11:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/08/10 20:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -- (cfWiMAXService)
SRV - [2009/08/05 15:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2009/08/03 18:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2009/07/30 00:54:10 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/28 15:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/05/22 11:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/03/10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2015/01/20 19:58:01 | 001,636,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton Security with Backup\NortonData\22.1.0.9\Definitions\VirusDefs\20150124.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2015/01/20 19:58:01 | 000,095,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton Security with Backup\NortonData\22.1.0.9\Definitions\VirusDefs\20150124.003\NAVENG.SYS -- (NAVENG)
DRV - [2015/01/10 11:42:58 | 000,503,000 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Security with Backup\NortonData\22.1.0.9\Definitions\IPSDefs\20150123.001\IDSvix86.sys -- (IDSVix86)
DRV - [2015/01/06 12:15:27 | 001,164,504 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Security with Backup\NortonData\22.1.0.9\Definitions\BASHDefs\20150106.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2015/01/01 15:59:36 | 000,094,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2014/12/01 22:59:40 | 000,699,608 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\NSBU\1601000.009\srtsp.sys -- (SRTSP)
DRV - [2014/12/01 22:59:40 | 000,036,056 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NSBU\1601000.009\srtspx.sys -- (SRTSPX)
DRV - [2014/11/25 14:30:33 | 000,378,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2014/11/25 14:30:27 | 000,111,408 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/09/08 22:15:11 | 000,420,056 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NSBU\1601000.009\symnets.sys -- (SymNetS)
DRV - [2014/09/08 22:15:10 | 000,939,224 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NSBU\1601000.009\SymEFA.sys -- (SymEFA)
DRV - [2014/09/08 22:15:09 | 000,364,760 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NSBU\1601000.009\SymDS.sys -- (SymDS)
DRV - [2014/09/08 22:05:40 | 000,212,696 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NSBU\1601000.009\Ironx86.sys -- (SymIRON)
DRV - [2014/09/08 22:05:23 | 000,128,728 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NSBU\1601000.009\ccSetx86.sys -- (ccSet_NSBU)
DRV - [2013/10/01 17:42:31 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012/08/23 07:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2009/07/30 17:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2009/07/30 13:06:30 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/24 16:57:06 | 000,275,536 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2009/07/14 16:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2009/07/13 15:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/02 15:55:36 | 000,036,208 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter)
DRV - [2009/05/05 01:30:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2008/08/22 10:28:32 | 000,333,824 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187Se.sys -- (RTL8187Se)
 
 
========== Standard Registry (All) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {7C13A060-8CC2-4016-AF6B-C68DFD9EA7BD}
IE - HKLM\..\SearchScopes\{3d29c02b-bf3e-4d3b-8a7a-e0e7d0f6dbab}: "URL" = http://search.tb.ask...r={searchTerms}
IE - HKLM\..\SearchScopes\{7C13A060-8CC2-4016-AF6B-C68DFD9EA7BD}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSNA&bmod=TSNA
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\..\URLSearchHook: {a8625cb7-85fe-4936-92a4-b2a7c925209e} - No CLSID value found
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {BB1A66A5-7601-457A-BCEF-F70A42C8C18C}
IE - HKCU\..\SearchScopes\{3d29c02b-bf3e-4d3b-8a7a-e0e7d0f6dbab}: "URL" = http://search.tb.ask...r={searchTerms}
IE - HKCU\..\SearchScopes\{BB1A66A5-7601-457A-BCEF-F70A42C8C18C}: "URL" = https://www.google.c...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.1.0.9\coFFPlgn\ [2015/01/21 21:00:48 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\young\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\young\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\young\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\young\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\young\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\young\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\young\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009/06/10 14:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security with Backup\Engine\22.1.0.9\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Toolbar BHO) - {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} - C:\Program Files\GamingWonderland\bar\1.bin\gtbar.dll (Mindspark)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Search Assistant BHO) - {ab5d199e-9659-47a2-930b-fc3b69061353} - C:\Program Files\GamingWonderland\bar\1.bin\gtSrcAs.dll (Mindspark)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security with Backup\Engine\22.1.0.9\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (GamingWonderland) - {a899079d-206f-43a6-be6a-07e0fa648ea0} - C:\Program Files\GamingWonderland\bar\1.bin\gtbar.dll (Mindspark)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (GamingWonderland) - {A899079D-206F-43A6-BE6A-07E0FA648EA0} - C:\Program Files\GamingWonderland\bar\1.bin\gtbar.dll (Mindspark)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [GamingWonderland AppIntegrator 32-bit] C:\Program Files\GamingWonderland\bar\1.bin\APPINTEGRATOR.EXE (Mindspark)
O4 - HKLM..\Run: [GamingWonderland EPM Support] C:\Program Files\GamingWonderland\bar\1.bin\gtmedint.exe (Mindspark)
O4 - HKLM..\Run: [GamingWonderland Search Scope Monitor] "C:\PROGRA~1\GAMING~2\bar\1.bin\gtsrchmn.exe" /m=2 /w /h File not found
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe (Toshiba)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [MyTOSHIBA] C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe (TOSHIBA)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 11.25.2)
O16 - DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.8.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.8.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 71.10.216.1 71.10.216.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1498BDB2-C595-4949-9297-1E3FCCFA6C51}: DhcpNameServer = 71.10.216.1 71.10.216.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A2C832A-3E88-42DB-8D70-FFA7F014AFC6}: DhcpNameServer = 12.127.16.68 216.57.128.2 12.127.17.77 216.57.130.1 12.127.16.77
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29 - HKLM SecurityProviders - (credssp.dll) - C:\windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 180 Days ==========
 
[2015/01/25 10:31:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\young\Desktop\OTL.exe
[2015/01/21 19:54:09 | 000,000,000 | ---D | C] -- C:\Users\young\AppData\Roaming\ParetoLogic
[2015/01/21 19:53:52 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2015/01/21 19:47:59 | 000,000,000 | ---D | C] -- C:\Users\young\AppData\Local\IAC
[2015/01/21 16:43:29 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\OneNote Notebooks
[2015/01/21 16:06:25 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2015/01/21 15:33:34 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2015/01/21 15:33:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2015/01/21 15:31:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2015/01/21 15:27:42 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2015/01/21 15:27:40 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2015/01/21 15:18:37 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2015/01/17 15:45:58 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TSWbPrxy.exe
[2015/01/15 19:32:37 | 003,971,512 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2015/01/15 19:32:36 | 003,916,728 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2015/01/09 17:38:09 | 000,000,000 | ---D | C] -- C:\Users\young\AppData\Local\GamingWonderland
[2015/01/09 17:36:16 | 000,000,000 | ---D | C] -- C:\Program Files\GamingWonderland
[2015/01/08 22:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2015/01/08 22:48:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2015/01/08 22:46:49 | 000,096,680 | ---- | C] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll
[2015/01/08 22:46:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2015/01/08 22:46:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2015/01/08 22:39:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2015/01/08 22:38:55 | 000,000,000 | ---D | C] -- C:\Users\young\AppData\Local\Google
[2015/01/08 22:38:22 | 000,701,616 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2015/01/08 22:38:22 | 000,071,344 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2015/01/07 09:46:45 | 000,000,000 | ---D | C] -- C:\Users\young\AppData\Roaming\Template
[2015/01/07 09:21:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2015/01/05 22:25:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2015/01/04 11:06:30 | 000,000,000 | ---D | C] -- C:\Users\young\AppData\Local\Adobe
[2015/01/02 21:37:09 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2015/01/01 16:31:29 | 000,000,000 | ---D | C] -- C:\Users\young\Easy Tech
[2015/01/01 15:59:36 | 000,094,424 | ---- | C] (Symantec Corporation) -- C:\windows\System32\drivers\SYMEVENT.SYS
[2015/01/01 15:59:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2015/01/01 15:58:29 | 000,939,224 | R--- | C] (Symantec Corporation) -- C:\windows\System32\drivers\NSBU\1601000.009\SymEFA.sys
[2015/01/01 15:58:29 | 000,420,056 | R--- | C] (Symantec Corporation) -- C:\windows\System32\drivers\NSBU\1601000.009\symnets.sys
[2015/01/01 15:58:29 | 000,364,760 | R--- | C] (Symantec Corporation) -- C:\windows\System32\drivers\NSBU\1601000.009\SymDS.sys
[2015/01/01 15:58:29 | 000,036,056 | R--- | C] (Symantec Corporation) -- C:\windows\System32\drivers\NSBU\1601000.009\srtspx.sys
[2015/01/01 15:58:29 | 000,021,520 | R--- | C] (Symantec Corporation) -- C:\windows\System32\drivers\NSBU\1601000.009\SymELAM.sys
[2015/01/01 15:58:28 | 000,699,608 | R--- | C] (Symantec Corporation) -- C:\windows\System32\drivers\NSBU\1601000.009\srtsp.sys
[2015/01/01 15:58:28 | 000,212,696 | R--- | C] (Symantec Corporation) -- C:\windows\System32\drivers\NSBU\1601000.009\Ironx86.sys
[2015/01/01 15:58:28 | 000,128,728 | R--- | C] (Symantec Corporation) -- C:\windows\System32\drivers\NSBU\1601000.009\ccSetx86.sys
[2015/01/01 15:57:57 | 000,000,000 | ---D | C] -- C:\windows\System32\drivers\NSBU
[2015/01/01 15:57:57 | 000,000,000 | ---D | C] -- C:\windows\System32\drivers\NSBU\1601000.009
[2015/01/01 15:57:53 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security with Backup
[2015/01/01 15:57:53 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Security with Backup
[2015/01/01 15:55:00 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
[2015/01/01 15:46:50 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\Symantec
[2015/01/01 15:41:12 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2015/01/01 15:11:05 | 000,000,000 | ---D | C] -- C:\Users\young\AppData\Local\LogMeIn Rescue Applet
[2015/01/01 14:17:50 | 000,000,000 | ---D | C] -- C:\Users\young\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
[2015/01/01 14:15:41 | 000,000,000 | ---D | C] -- C:\Users\young\AppData\Roaming\Macromedia
[2014/12/27 09:30:47 | 000,000,000 | ---D | C] -- C:\windows\System32\appraiser
[2014/12/27 09:14:51 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfpmp.exe
[2014/12/27 09:14:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mferror.dll
[2014/12/27 09:14:50 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mf.dll
[2014/12/27 09:14:50 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfps.dll
[2014/12/27 09:14:50 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rrinstaller.exe
[2014/12/26 16:25:21 | 001,160,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\aitstatic.exe
[2014/12/26 16:25:21 | 000,873,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\aeinv.dll
[2014/12/26 16:25:21 | 000,728,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\appraiser.dll
[2014/12/26 16:25:21 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\aepic.dll
[2014/12/26 16:25:20 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\invagent.dll
[2014/12/26 16:25:19 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\generaltel.dll
[2014/12/26 16:25:19 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\devinv.dll
[2014/12/26 16:25:18 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\aepdu.dll
[2014/12/26 16:25:06 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieetwcollector.exe
[2014/12/26 16:25:06 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\JavaScriptCollectionAgent.dll
[2014/12/26 16:25:06 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieetwproxystub.dll
[2014/12/26 16:25:05 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MsSpellCheckingFacility.exe
[2014/12/26 16:25:05 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2014/12/26 16:25:04 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9diag.dll
[2014/12/26 16:25:04 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxtmsft.dll
[2014/12/26 16:25:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieetwcollectorres.dll
[2014/12/26 16:25:02 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2014/12/26 16:25:02 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxtrans.dll
[2014/12/26 16:25:00 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtmlmedia.dll
[2014/12/26 16:25:00 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MshtmlDac.dll
[2014/12/26 16:24:57 | 004,299,264 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2014/12/26 16:24:55 | 000,684,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2014/12/26 16:24:55 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2014/12/26 16:24:54 | 000,342,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2014/12/26 16:24:53 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dll
[2014/12/26 16:24:53 | 000,688,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2014/12/26 16:24:52 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2014/12/26 16:24:51 | 002,052,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2014/12/26 16:24:51 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msrating.dll
[2014/12/26 16:24:50 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2014/12/26 16:21:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll
[2014/12/26 16:21:39 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\charmap.exe
[2014/12/26 16:21:31 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WSManMigrationPlugin.dll
[2014/12/26 16:21:31 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WsmWmiPl.dll
[2014/12/26 16:21:31 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WSManHTTPConfig.exe
[2014/12/26 16:21:31 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WsmAuto.dll
[2014/12/26 16:16:15 | 000,000,000 | -HSD | C] -- C:\Users\young\AppData\Local\EmieUserList
[2014/12/26 16:16:15 | 000,000,000 | -HSD | C] -- C:\Users\young\AppData\Local\EmieSiteList
[2014/12/26 16:16:15 | 000,000,000 | -HSD | C] -- C:\Users\young\AppData\Local\EmieBrowserModeList
[2014/11/23 16:16:35 | 000,000,000 | ---D | C] -- C:\Users\young\Desktop\Guest
[2014/11/23 15:45:20 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\Work Training Aids
[2014/11/23 15:45:15 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\Work Schedule
[2014/11/23 15:45:09 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\Will
[2014/11/23 15:45:07 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\Tax Spreadsheets
[2014/11/23 15:45:00 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\Sunshine in Paris Novel
[2014/11/23 15:43:15 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\CD Labels
[2014/11/23 15:43:11 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\Canon Utilities
[2014/11/23 15:43:06 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\Business Plans
[2014/11/23 15:43:02 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\BookSmartData
[2014/11/23 15:42:45 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\Boarmasters
[2014/11/23 15:26:13 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\Social Services
[2014/11/23 15:26:12 | 000,000,000 | R--D | C] -- C:\Users\young\Documents\Scanned Documents
[2014/11/23 15:26:12 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\Social Security
[2014/11/23 15:26:12 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\Resume
[2014/11/23 15:26:12 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\Receipies
[2014/11/23 15:26:11 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\NE Restaurant Rules
[2014/11/23 15:26:10 | 000,000,000 | R-SD | C] -- C:\Users\young\Documents\My Stationery
[2014/11/23 15:26:10 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\My Smilebox Creations
[2014/11/23 15:26:10 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\My Scans
[2014/11/23 15:26:07 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\My Logo Design Studio Pro Projects
[2014/11/23 15:26:07 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\Monthly Budget
[2014/11/23 15:26:06 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\Misc
[2014/11/23 15:26:06 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\Juicers
[2014/11/23 15:26:06 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\Jeep pmts
[2014/11/23 15:26:06 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\House Remodel Receipts
[2014/11/23 15:26:06 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\Grandparents Rights
[2014/11/23 15:26:06 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\Family History
[2014/11/23 15:26:06 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\Court Documents
[2014/11/23 15:26:06 | 000,000,000 | ---D | C] -- C:\Users\young\Documents\Cougar
[2014/11/23 15:25:26 | 000,000,000 | ---D | C] -- C:\Users\young\Desktop\Adobe Reader 9 Installer
[2014/11/23 15:08:54 | 000,000,000 | ---D | C] -- C:\Users\young\AppData\Local\Apps
[2014/11/23 13:42:55 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\prevhost.exe
[2014/11/23 12:31:18 | 002,744,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcorets.dll
[2014/11/23 12:20:46 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RdpGroupPolicyExtension.dll
[2014/11/23 11:33:45 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\rdpvideominiport.sys
[2014/11/23 11:33:41 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpudd.dll
[2014/11/23 11:33:40 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpendp_winip.dll
[2014/11/23 11:32:21 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TsUsbGDCoInstaller.dll
[2014/11/23 11:32:18 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2014/11/23 11:32:17 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\TsUsbFlt.sys
[2014/11/23 11:32:15 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tsgqec.dll
[2014/11/23 11:32:15 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MsRdpWebAccess.dll
[2014/11/23 11:32:15 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wksprtPS.dll
[2014/11/23 11:32:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2014/11/23 11:32:14 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdvidcrl.dll
[2014/11/23 11:32:14 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wksprt.exe
[2014/11/23 11:03:37 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msmpeg2vdec.dll
[2014/11/22 10:53:46 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\fsutil.exe
[2014/11/22 10:53:31 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMPhoto.dll
[2014/11/22 10:53:26 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll
[2014/11/22 10:53:18 | 001,987,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10warp.dll
[2014/11/22 10:53:06 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe
[2014/11/22 10:53:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDYAK.DLL
[2014/11/22 10:53:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDTAT.DLL
[2014/11/22 10:53:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDRU1.DLL
[2014/11/22 10:53:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDBASH.DLL
[2014/11/22 10:53:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDRU.DLL
[2014/11/22 10:52:58 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d2d1.dll
[2014/11/22 10:37:39 | 000,000,000 | ---D | C] -- C:\Users\young\AppData\Roaming\Adobe
[2014/11/19 21:13:45 | 000,000,000 | ---D | C] -- C:\windows\Migration
[2014/11/19 20:18:09 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WUDFPlatform.dll
[2014/11/19 20:18:08 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WUDFCoinstaller.dll
[2014/11/19 20:18:07 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WUDFx.dll
[2014/11/19 20:14:56 | 000,099,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\infocardapi.dll
[2014/11/19 20:14:51 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\icardres.dll
[2014/11/19 20:14:43 | 000,619,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\icardagt.exe
[2014/11/19 20:14:38 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TsWpfWrp.exe
[2014/11/19 19:49:09 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmploc.DLL
[2014/11/19 19:34:36 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\elshyph.dll
[2014/11/19 19:34:35 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsIntl.dll
[2014/11/19 19:34:35 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dat
[2014/11/19 19:34:35 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec
[2014/11/19 19:34:35 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2014/11/19 19:34:35 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msls31.dll
[2014/11/19 19:34:35 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iexpress.exe
[2014/11/19 19:34:35 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wextract.exe
[2014/11/19 19:34:35 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inseng.dll
[2014/11/19 19:34:35 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe
[2014/11/19 19:34:35 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll
[2014/11/19 19:34:34 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
[2014/11/19 19:34:34 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\IEAdvpack.dll
[2014/11/19 19:34:34 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2014/11/19 19:34:34 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\SetIEInstalledDate.exe
[2014/11/19 19:34:34 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\pngfilt.dll
[2014/11/19 19:34:34 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtmler.dll
[2014/11/19 19:34:34 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
[2014/11/19 19:34:34 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\imgutil.dll
[2014/11/19 19:34:34 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe
[2014/11/19 19:33:07 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tdh.dll
[2014/11/19 19:33:07 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\csrsrv.dll
[2014/11/19 19:32:19 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskhost.exe
[2014/11/19 19:28:51 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsPrint.dll
[2014/11/19 19:28:51 | 001,080,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10.dll
[2014/11/19 19:28:51 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10level9.dll
[2014/11/19 19:28:51 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsGdiConverter.dll
[2014/11/19 19:28:51 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxgi.dll
[2014/11/19 19:28:51 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1core.dll
[2014/11/19 19:28:51 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10core.dll
[2014/11/19 19:28:51 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WindowsCodecsExt.dll
[2014/11/19 19:28:51 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\UIAnimation.dll
[2014/11/19 19:28:51 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1.dll
[2014/11/19 19:28:51 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/11/19 19:28:51 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/11/19 19:28:51 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/11/19 19:28:51 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/11/19 19:28:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/11/19 19:28:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/11/19 19:28:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2014/11/19 19:28:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/11/19 19:28:51 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/11/19 19:26:29 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d11.dll
[2014/11/19 19:15:25 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cryptdlg.dll
[2014/11/19 19:14:53 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\objsel.dll
[2014/11/19 19:14:52 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cngprovider.dll
[2014/11/19 19:14:52 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\adprovider.dll
[2014/11/19 19:14:52 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\capiprovider.dll
[2014/11/19 19:14:52 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dpapiprovider.dll
[2014/11/19 19:14:52 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dimsroam.dll
[2014/11/19 19:14:52 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wincredprovider.dll
[2014/11/19 19:14:35 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\System32\fpb.rs
[2014/11/19 19:14:35 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\System32\oflc-nz.rs
[2014/11/19 19:14:35 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\System32\pegibbfc.rs
[2014/11/19 19:14:35 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\System32\csrr.rs
[2014/11/19 19:14:35 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\System32\cob-au.rs
[2014/11/19 19:14:35 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\System32\usk.rs
[2014/11/19 19:14:35 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\System32\grb.rs
[2014/11/19 19:14:35 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi.rs
[2014/11/19 19:14:35 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\System32\djctq.rs
[2014/11/19 19:14:34 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\gameux.dll
[2014/11/19 19:14:34 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Wpc.dll
[2014/11/19 19:14:34 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi-pt.rs
[2014/11/19 19:14:33 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\System32\cero.rs
[2014/11/19 19:14:33 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\System32\esrb.rs
[2014/11/19 19:14:33 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\System32\oflc.rs
[2014/11/19 19:14:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi-fi.rs
[2014/11/19 19:13:26 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\certutil.exe
[2014/11/19 19:13:26 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\certenc.dll
[2014/11/19 19:13:01 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ncrypt.dll
[2014/11/19 19:12:31 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdrmemptylst.exe
[2014/11/19 19:12:30 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcorekmts.dll
[2014/11/19 19:12:30 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpwsx.dll
[2014/11/19 19:11:53 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ncsi.dll
[2014/11/19 19:11:52 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netcorehc.dll
[2014/11/19 19:11:52 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netevent.dll
[2014/11/19 19:11:43 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcore.dll
[2014/11/19 19:11:38 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\authui.dll
[2014/11/19 19:11:38 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msihnd.dll
[2014/11/19 19:11:38 | 000,101,824 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\consent.exe
[2014/11/19 19:10:17 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\srcore.dll
[2014/11/19 19:09:58 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\CPFilters.dll
[2014/11/19 19:09:57 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sbe.dll
[2014/11/19 19:09:57 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mpg2splt.ax
[2014/11/19 19:09:34 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TSWorkspace.dll
[2014/11/19 19:09:28 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\conhost.exe
[2014/11/19 19:09:28 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll
[2014/11/19 19:09:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/11/19 19:09:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2014/11/19 19:09:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/11/19 19:09:27 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-security-base-l1-1-0.dll
[2014/11/19 19:09:27 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-file-l1-1-0.dll
[2014/11/19 19:09:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2014/11/19 19:09:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2014/11/19 19:09:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2014/11/19 19:09:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2014/11/19 19:09:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2014/11/19 19:09:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2014/11/19 19:09:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/11/19 19:09:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/11/19 19:09:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2014/11/19 19:09:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2014/11/19 19:09:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2014/11/19 19:09:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-util-l1-1-0.dll
[2014/11/19 19:09:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-string-l1-1-0.dll
[2014/11/19 19:09:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/11/19 19:09:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2014/11/19 19:09:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-io-l1-1-0.dll
[2014/11/19 19:09:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2014/11/19 19:09:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2014/11/19 19:09:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/11/19 19:09:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2014/11/19 19:09:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2014/11/19 19:09:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2014/11/19 19:09:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-console-l1-1-0.dll
[2014/11/19 19:09:24 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\webio.dll
[2014/11/19 19:09:14 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\FXSCOVER.exe
[2014/11/19 19:09:12 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\OxpsConverter.exe
[2014/11/19 19:09:08 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\scavengeui.dll
[2014/11/19 19:08:56 | 000,240,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\netio.sys
[2014/11/19 19:08:56 | 000,187,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\FWPKCLNT.SYS
[2014/11/19 19:08:49 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\quartz.dll
[2014/11/19 19:08:47 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMVDECOD.DLL
[2014/11/19 19:08:44 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\EncDec.dll
[2014/11/19 19:08:30 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dhcpcore6.dll
[2014/11/19 19:08:30 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dhcpcsvc6.dll
[2014/11/19 19:08:24 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssrch.dll
[2014/11/19 19:08:23 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tquery.dll
[2014/11/19 19:08:23 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssph.dll
[2014/11/19 19:08:22 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssvp.dll
[2014/11/19 19:08:22 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssphtb.dll
[2014/11/19 19:08:22 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msscntrs.dll
[2014/11/19 19:08:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msxml3r.dll
[2014/11/19 19:08:17 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cdosys.dll
[2014/11/19 19:08:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msxml6r.dll
[2014/11/19 19:08:10 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\IMJP10K.DLL
[2014/11/19 19:08:09 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\AUDIOKSE.dll
[2014/11/19 19:08:09 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\AudioEng.dll
[2014/11/19 19:08:09 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\EncDump.dll
[2014/11/19 19:08:09 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\AudioSes.dll
[2014/11/19 19:08:03 | 000,156,824 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mscorier.dll
[2014/11/19 19:08:02 | 000,081,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mscories.dll
[2014/11/19 19:08:00 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbcjt32.dll
[2014/11/19 19:08:00 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbctrac.dll
[2014/11/19 19:08:00 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbccp32.dll
[2014/11/19 19:08:00 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbccu32.dll
[2014/11/19 19:08:00 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbccr32.dll
[2014/11/19 19:07:57 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll
[2014/11/19 19:07:57 | 000,219,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\dxgmms1.sys
[2014/11/19 19:07:57 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cdd.dll
[2014/11/19 19:07:57 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll
[2014/11/19 19:07:57 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dciman32.dll
[2014/11/19 19:07:56 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\fontsub.dll
[2014/11/19 19:07:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dnscacheugc.exe
[2014/11/19 19:07:53 | 000,149,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\storport.sys
[2014/11/19 19:07:53 | 000,027,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\Diskdump.sys
[2014/11/19 19:07:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iologmsg.dll
[2014/11/19 19:07:44 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\psisdecd.dll
[2014/11/19 19:07:44 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\psisrndr.ax
[2014/11/19 19:07:41 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\osk.exe
[2014/11/19 19:07:39 | 002,379,264 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2014/11/19 19:07:35 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\SmartcardCredentialProvider.dll
[2014/11/19 19:07:03 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\nshwfp.dll
[2014/11/19 19:07:03 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\FWPUCLNT.DLL
[2014/11/19 19:07:01 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2014/11/19 19:06:48 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wwanprotdim.dll
[2014/11/19 19:06:46 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qdvd.dll
[2014/11/19 19:06:43 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usb8023.sys
[2014/11/19 19:06:41 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dpnet.dll
[2014/11/19 19:06:39 | 000,133,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\ataport.sys
[2014/11/19 19:06:38 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\hidclass.sys
[2014/11/19 19:06:38 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\hidparse.sys
[2014/11/19 19:06:33 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\RNDISMP.sys
[2014/11/19 19:06:31 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\timedate.cpl
[2014/11/19 19:06:25 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\browcli.dll
[2014/11/19 19:06:23 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\portcls.sys
[2014/11/19 19:06:23 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\drmk.sys
[2014/11/19 19:06:21 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42.dll
[2014/11/19 19:06:20 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42u.dll
[2014/11/19 19:06:16 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wer.dll
[2014/11/19 19:06:15 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\packager.dll
[2014/11/19 19:06:14 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qedit.dll
[2014/11/19 19:06:11 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cscript.exe
[2014/11/19 19:06:07 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\synceng.dll
[2014/11/19 19:00:46 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\adtschema.dll
[2014/11/19 19:00:45 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msaudite.dll
[2014/11/19 19:00:45 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sspisrv.dll
[2014/11/19 18:59:47 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RMActivate_isv.exe
[2014/11/19 18:59:47 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RMActivate.exe
[2014/11/19 18:59:47 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RMActivate_ssp.exe
[2014/11/19 18:59:47 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RMActivate_ssp_isv.exe
[2014/11/19 18:59:46 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\secproc.dll
[2014/11/19 18:59:46 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\secproc_isv.dll
[2014/11/19 18:59:46 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msdrm.dll
[2014/11/19 18:59:46 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\secproc_ssp_isv.dll
[2014/11/19 18:59:46 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\secproc_ssp.dll
[2014/11/19 18:50:24 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\WdfLdr.sys
[2014/11/19 18:50:24 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Wdfres.dll
[2014/11/19 18:41:36 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usbport.sys
[2014/11/19 18:41:35 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usbd.sys
[2014/11/19 18:28:41 | 002,425,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll
[2014/11/19 18:28:41 | 000,045,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups2.dll
[2014/11/19 18:28:21 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll
[2014/11/19 18:28:21 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll
[2014/11/19 18:28:21 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups.dll
[2014/11/19 18:28:12 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuwebv.dll
[2014/11/19 18:28:11 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapp.exe
[2014/11/19 17:45:26 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview
[2014/11/19 17:45:10 | 000,000,000 | ---D | C] -- C:\windows\System32\EventProviders
[2014/11/19 10:01:23 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc40.dll
[2014/11/19 10:01:23 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc40u.dll
[2014/11/19 10:01:18 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\spwizui.dll
[2014/11/19 10:01:16 | 000,520,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mcupdate_GenuineIntel.dll
[2014/11/19 10:01:15 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\CertEnroll.dll
[2014/11/19 10:01:14 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PresentationHost.exe
[2014/11/19 10:01:14 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PresentationHostProxy.dll
[2014/11/19 10:01:12 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\AuthFWSnapin.dll
[2014/11/19 10:01:12 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RacEngn.dll
[2014/11/19 10:01:10 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ExplorerFrame.dll
[2014/11/19 10:01:09 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d9.dll
[2014/11/19 10:01:08 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskschd.dll
[2014/11/19 10:01:07 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\spinstall.exe
[2014/11/19 10:01:07 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\spreview.exe
[2014/11/19 10:01:05 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dwmcore.dll
[2014/11/19 10:01:05 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\diagperf.dll
[2014/11/19 10:01:04 | 003,367,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WinSAT.exe
[2014/11/19 10:01:03 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tsmf.dll
[2014/11/19 10:01:02 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dbgeng.dll
[2014/11/19 10:01:00 | 000,252,928 | ---- | C] (Microsoft) -- C:\windows\System32\DShowRdpFilter.dll
[2014/11/19 10:00:59 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mmcndmgr.dll
[2014/11/19 10:00:59 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sppobjs.dll
[2014/11/19 10:00:59 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\imapi2fs.dll
[2014/11/19 10:00:59 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netfxperf.dll
[2014/11/19 10:00:58 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\certmgr.dll
[2014/11/19 10:00:58 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PortableDeviceApi.dll
[2014/11/19 10:00:58 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mcbuilder.exe
[2014/11/19 10:00:57 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xpsservices.dll
[2014/11/19 10:00:57 | 000,508,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winload.exe
[2014/11/19 10:00:57 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sppwinob.dll
[2014/11/19 10:00:57 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drvstore.dll
[2014/11/19 10:00:56 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cmd.exe
[2014/11/19 10:00:56 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfds.dll
[2014/11/19 10:00:56 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\framedynos.dll
[2014/11/19 10:00:55 | 000,442,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winresume.exe
[2014/11/19 10:00:55 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmicmiplugin.dll
[2014/11/19 10:00:54 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\werconcpl.dll
[2014/11/19 10:00:54 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\azroles.dll
[2014/11/19 10:00:53 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfreadwrite.dll
[2014/11/19 10:00:53 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\basecsp.dll
[2014/11/19 10:00:52 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\NaturalLanguage6.dll
[2014/11/19 10:00:52 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sqlsrv32.dll
[2014/11/19 10:00:52 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\calc.exe
[2014/11/19 10:00:52 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\evr.dll
[2014/11/19 10:00:52 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WinSATAPI.dll
[2014/11/19 10:00:52 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskcomp.dll
[2014/11/19 10:00:51 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\UIRibbon.dll
[2014/11/19 10:00:51 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\lpksetup.exe
[2014/11/19 10:00:51 | 000,271,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\fveapi.dll
[2014/11/19 10:00:51 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vpnike.dll
[2014/11/19 10:00:50 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\hgprint.dll
[2014/11/19 10:00:49 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WSDApi.dll
[2014/11/19 10:00:49 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmpeffects.dll
[2014/11/19 10:00:49 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\net1.exe
[2014/11/19 10:00:49 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rpchttp.dll
[2014/11/19 10:00:49 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\prncache.dll
[2014/11/19 10:00:48 | 000,690,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ci.dll
[2014/11/19 10:00:48 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\scansetting.dll
[2014/11/19 10:00:48 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\aitagent.exe
[2014/11/19 10:00:47 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMVCORE.DLL
[2014/11/19 10:00:47 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\pnidui.dll
[2014/11/19 10:00:47 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wlangpui.dll
[2014/11/19 10:00:47 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MMDevAPI.dll
[2014/11/19 10:00:47 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\QSHVHOST.DLL
[2014/11/19 10:00:47 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\t2embed.dll
[2014/11/19 10:00:46 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\SyncCenter.dll
[2014/11/19 10:00:46 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sdengin2.dll
[2014/11/19 10:00:46 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\webservices.dll
[2014/11/19 10:00:46 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netdiagfx.dll
[2014/11/19 10:00:46 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\fde.dll
[2014/11/19 10:00:46 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wscapi.dll
[2014/11/19 10:00:45 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MSMPEG2ENC.DLL
[2014/11/19 10:00:45 | 000,802,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WFS.exe
[2014/11/19 10:00:45 | 000,727,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mcmde.dll
[2014/11/19 10:00:44 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DXPTaskRingtone.dll
[2014/11/19 10:00:44 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\imapi2.dll
[2014/11/19 10:00:44 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\setupcl.exe
[2014/11/19 10:00:43 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMPEncEn.dll
[2014/11/19 10:00:43 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dwmredir.dll
[2014/11/19 10:00:42 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\bootres.dll
[2014/11/19 10:00:42 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Narrator.exe
[2014/11/19 10:00:42 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\autoconv.exe
[2014/11/19 10:00:42 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\autofmt.exe
[2014/11/19 10:00:42 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vaultsvc.dll
[2014/11/19 10:00:42 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\halmacpi.dll
[2014/11/19 10:00:42 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\hal.dll
[2014/11/19 10:00:42 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netiohlp.dll
[2014/11/19 10:00:42 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\audiodg.exe
[2014/11/19 10:00:42 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\hbaapi.dll
[2014/11/19 10:00:42 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\proquota.exe
[2014/11/19 10:00:41 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\powercpl.dll
[2014/11/19 10:00:41 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ipsmsnap.dll
[2014/11/19 10:00:41 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msinfo32.exe
[2014/11/19 10:00:41 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\srchadmin.dll
[2014/11/19 10:00:41 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\eapphost.dll
[2014/11/19 10:00:41 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\framedyn.dll
[2014/11/19 10:00:41 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tcpipcfg.dll
[2014/11/19 10:00:41 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\schtasks.exe
[2014/11/19 10:00:41 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mimefilt.dll
[2014/11/19 10:00:40 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\AuxiliaryDisplayCpl.dll
[2014/11/19 10:00:40 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DXP.dll
[2014/11/19 10:00:40 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MSNP.ax
[2014/11/19 10:00:40 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\QAGENT.DLL
[2014/11/19 10:00:40 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netid.dll
[2014/11/19 10:00:39 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wdc.dll
[2014/11/19 10:00:38 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wlanpref.dll
[2014/11/19 10:00:38 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sdclt.exe
[2014/11/19 10:00:38 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMNetMgr.dll
[2014/11/19 10:00:38 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Vault.dll
[2014/11/19 10:00:38 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\untfs.dll
[2014/11/19 10:00:38 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\nci.dll
[2014/11/19 10:00:37 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DxpTaskSync.dll
[2014/11/19 10:00:37 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Display.dll
[2014/11/19 10:00:37 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msdri.dll
[2014/11/19 10:00:37 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sharemediacpl.dll
[2014/11/19 10:00:37 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsRasterService.dll
[2014/11/19 10:00:37 | 000,098,816 | ---- | C] (Microsoft) -- C:\windows\System32\Robocopy.exe
[2014/11/19 10:00:37 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\userinit.exe
[2014/11/19 10:00:36 | 001,188,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DiagCpl.dll
[2014/11/19 10:00:36 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msdtctm.dll
[2014/11/19 10:00:36 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\biocpl.dll
[2014/11/19 10:00:36 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wiadefui.dll
[2014/11/19 10:00:36 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\termmgr.dll
[2014/11/19 10:00:36 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\puiobj.dll
[2014/11/19 10:00:36 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\eudcedit.exe
[2014/11/19 10:00:36 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sppcomapi.dll
[2014/11/19 10:00:36 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\scsiport.sys
[2014/11/19 10:00:36 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\logoncli.dll
[2014/11/19 10:00:36 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\shsetup.dll
[2014/11/19 10:00:35 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\SensorsCpl.dll
[2014/11/19 10:00:35 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\themecpl.dll
[2014/11/19 10:00:35 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\FirewallControlPanel.dll
[2014/11/19 10:00:35 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wpccpl.dll
[2014/11/19 10:00:35 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msconfig.exe
[2014/11/19 10:00:35 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dnscmmc.dll
[2014/11/19 10:00:34 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mscms.dll
[2014/11/19 10:00:34 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\localsec.dll
[2014/11/19 10:00:34 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PhotoScreensaver.scr
[2014/11/19 10:00:34 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\hgcpl.dll
[2014/11/19 10:00:34 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mprddm.dll
[2014/11/19 10:00:33 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netcenter.dll
[2014/11/19 10:00:33 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mblctr.exe
[2014/11/19 10:00:33 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\VAN.dll
[2014/11/19 10:00:33 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PerfCenterCPL.dll
[2014/11/19 10:00:33 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\usercpl.dll
[2014/11/19 10:00:33 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wlanui.dll
[2014/11/19 10:00:33 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\SndVol.exe
[2014/11/19 10:00:33 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\SndVolSSO.dll
[2014/11/19 10:00:33 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\bcdsrv.dll
[2014/11/19 10:00:33 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\prntvpt.dll
[2014/11/19 10:00:33 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iasacct.dll
[2014/11/19 10:00:33 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\w32tm.exe
[2014/11/19 10:00:32 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\accessibilitycpl.dll
[2014/11/19 10:00:32 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\main.cpl
[2014/11/19 10:00:32 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\spwizeng.dll
[2014/11/19 10:00:32 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\azroleui.dll
[2014/11/19 10:00:32 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MSAC3ENC.DLL
[2014/11/19 10:00:32 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\ks.sys
[2014/11/19 10:00:32 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netjoin.dll
[2014/11/19 10:00:32 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\fdeploy.dll
[2014/11/19 10:00:31 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\networkmap.dll
[2014/11/19 10:00:31 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sud.dll
[2014/11/19 10:00:31 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ActionCenter.dll
[2014/11/19 10:00:31 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mspbda.dll
[2014/11/19 10:00:31 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\prnfldr.dll
[2014/11/19 10:00:31 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\slui.exe
[2014/11/19 10:00:31 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Faultrep.dll
[2014/11/19 10:00:31 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wusa.exe
[2014/11/19 10:00:31 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MCEWMDRMNDBootstrap.dll
[2014/11/19 10:00:31 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MediaMetadataHandler.dll
[2014/11/19 10:00:31 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskbarcpl.dll
[2014/11/19 10:00:31 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\OnLineIDCpl.dll
[2014/11/19 10:00:31 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\adsldp.dll
[2014/11/19 10:00:30 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sdcpl.dll
[2014/11/19 10:00:30 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\bthprops.cpl
[2014/11/19 10:00:30 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wpd_ci.dll
[2014/11/19 10:00:30 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ActionCenterCPL.dll
[2014/11/19 10:00:30 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\shwebsvc.dll
[2014/11/19 10:00:30 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sysmon.ocx
[2014/11/19 10:00:30 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\intl.cpl
[2014/11/19 10:00:30 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iprtrmgr.dll
[2014/11/19 10:00:30 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\defaultlocationcpl.dll
[2014/11/19 10:00:30 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\efscore.dll
[2014/11/19 10:00:30 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iasrad.dll
[2014/11/19 10:00:30 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ifsutil.dll
[2014/11/19 10:00:30 | 000,137,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\halacpi.dll
[2014/11/19 10:00:30 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\recovery.dll
[2014/11/19 10:00:30 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dot3cfg.dll
[2014/11/19 10:00:30 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ftp.exe
[2014/11/19 10:00:30 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sisbkup.dll
[2014/11/19 10:00:29 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\OobeFldr.dll
[2014/11/19 10:00:29 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmpmde.dll
[2014/11/19 10:00:29 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TabletPC.cpl
[2014/11/19 10:00:29 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DeviceCenter.dll
[2014/11/19 10:00:29 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\systemcpl.dll
[2014/11/19 10:00:29 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntprint.dll
[2014/11/19 10:00:29 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\bcdedit.exe
[2014/11/19 10:00:29 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\recdisc.exe
[2014/11/19 10:00:29 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vdsutil.dll
[2014/11/19 10:00:29 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\bcdboot.exe
[2014/11/19 10:00:29 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\autoplay.dll
[2014/11/19 10:00:29 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sppnp.dll
[2014/11/19 10:00:29 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WSTPager.ax
[2014/11/19 10:00:28 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\blackbox.dll
[2014/11/19 10:00:28 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\nshipsec.dll
[2014/11/19 10:00:28 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sethc.exe
[2014/11/19 10:00:28 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rstrui.exe
[2014/11/19 10:00:28 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dpx.dll
[2014/11/19 10:00:28 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ksproxy.ax
[2014/11/19 10:00:28 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmpsrcwp.dll
[2014/11/19 10:00:28 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\AuxiliaryDisplayServices.dll
[2014/11/19 10:00:28 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\NAPHLPR.DLL
[2014/11/19 10:00:28 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\migisol.dll
[2014/11/19 10:00:28 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\windows\System32\fms.dll
[2014/11/19 10:00:28 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\asycfilt.dll
[2014/11/19 10:00:27 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msftedit.dll
[2014/11/19 10:00:27 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dfrgui.exe
[2014/11/19 10:00:27 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wlanmsm.dll
[2014/11/19 10:00:27 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dot3ui.dll
[2014/11/19 10:00:27 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wsqmcons.exe
[2014/11/19 10:00:27 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ReAgent.dll
[2014/11/19 10:00:27 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wavemsp.dll
[2014/11/19 10:00:27 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sysclass.dll
[2014/11/19 10:00:27 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ocsetup.exe
[2014/11/19 10:00:27 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\isoburn.exe
[2014/11/19 10:00:27 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzutil.exe
[2014/11/19 10:00:26 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\SmiEngine.dll
[2014/11/19 10:00:26 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wvc.dll
[2014/11/19 10:00:26 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wimgapi.dll
[2014/11/19 10:00:26 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PkgMgr.exe
[2014/11/19 10:00:26 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qasf.dll
[2014/11/19 10:00:26 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qcap.dll
[2014/11/19 10:00:26 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\uxlib.dll
[2014/11/19 10:00:26 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\setupugc.exe
[2014/11/19 10:00:26 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\windows\twain_32.dll
[2014/11/19 10:00:26 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\slwga.dll
[2014/11/19 10:00:25 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmdrmsdk.dll
[2014/11/19 10:00:25 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msscp.dll
[2014/11/19 10:00:25 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ssText3d.scr
[2014/11/19 10:00:25 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\diskraid.exe
[2014/11/19 10:00:25 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\srrstr.dll
[2014/11/19 10:00:25 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DevicePairingFolder.dll
[2014/11/19 10:00:25 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wwanconn.dll
[2014/11/19 10:00:25 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\nslookup.exe
[2014/11/19 10:00:25 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mciavi32.dll
[2014/11/19 10:00:24 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\onexui.dll
[2014/11/19 10:00:24 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drmmgrtn.dll
[2014/11/19 10:00:24 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wimserv.exe
[2014/11/19 10:00:24 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\nltest.exe
[2014/11/19 10:00:24 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WindowsAnytimeUpgradeResults.exe
[2014/11/19 10:00:24 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iTVData.dll
[2014/11/19 10:00:24 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\input.dll
[2014/11/19 10:00:24 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wpdwcn.dll
[2014/11/19 10:00:24 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpencom.dll
[2014/11/19 10:00:24 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ocsetapi.dll
[2014/11/19 10:00:24 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vdsbas.dll
[2014/11/19 10:00:24 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\perfmon.exe
[2014/11/19 10:00:24 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\UserAccountControlSettings.dll
[2014/11/19 10:00:24 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\NAPCRYPT.DLL
[2014/11/19 10:00:24 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\acppage.dll
[2014/11/19 10:00:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vpnikeapi.dll
[2014/11/19 10:00:23 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\eapp3hst.dll
[2014/11/19 10:00:23 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxdiagn.dll
[2014/11/19 10:00:23 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MFPlay.dll
[2014/11/19 10:00:23 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\rmcast.sys
[2014/11/19 10:00:23 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\logagent.exe
[2014/11/19 10:00:23 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\bfsvc.exe
[2014/11/19 10:00:23 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\runonce.exe
[2014/11/19 10:00:22 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\OpcServices.dll
[2014/11/19 10:00:22 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Bubbles.scr
[2014/11/19 10:00:22 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmdrmdev.dll
[2014/11/19 10:00:22 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sqlcese30.dll
[2014/11/19 10:00:22 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\bitsadmin.exe
[2014/11/19 10:00:22 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\shacct.dll
[2014/11/19 10:00:22 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tabcal.exe
[2014/11/19 10:00:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PnPUnattend.exe
[2014/11/19 10:00:22 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\unimdmat.dll
[2014/11/19 10:00:22 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpd3d.dll
[2014/11/19 10:00:22 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iscsium.dll
[2014/11/19 10:00:22 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\lsmproxy.dll
[2014/11/19 10:00:21 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMADMOD.DLL
[2014/11/19 10:00:21 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PortableDeviceStatus.dll
[2014/11/19 10:00:21 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WPDSp.dll
[2014/11/19 10:00:21 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Mystify.scr
[2014/11/19 10:00:21 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Ribbons.scr
[2014/11/19 10:00:21 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PortableDeviceSyncProvider.dll
[2014/11/19 10:00:21 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ActionQueue.dll
[2014/11/19 10:00:21 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\powercfg.cpl
[2014/11/19 10:00:21 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MdSched.exe
[2014/11/19 10:00:21 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\QSVRMGMT.DLL
[2014/11/19 10:00:21 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\kstvtune.ax
[2014/11/19 10:00:21 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\logman.exe
[2014/11/19 10:00:21 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\olethk32.dll
[2014/11/19 10:00:21 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mapistub.dll
[2014/11/19 10:00:21 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mapi32.dll
[2014/11/19 10:00:21 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Mpeg2Data.ax
[2014/11/19 10:00:21 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\lpremove.exe
[2014/11/19 10:00:21 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ncryptui.dll
[2014/11/19 10:00:21 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\djoin.exe
[2014/11/19 10:00:21 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\utildll.dll
[2014/11/19 10:00:20 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMVSDECD.DLL
[2014/11/19 10:00:20 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmdrmnet.dll
[2014/11/19 10:00:20 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qdv.dll
[2014/11/19 10:00:20 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msnetobj.dll
[2014/11/19 10:00:20 | 000,257,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WindowsAnytimeUpgrade.exe
[2014/11/19 10:00:20 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\unattend.dll
[2014/11/19 10:00:20 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sqmapi.dll
[2014/11/19 10:00:20 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RelPost.exe
[2014/11/19 10:00:20 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\VBICodec.ax
[2014/11/19 10:00:20 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\EhStorAPI.dll
[2014/11/19 10:00:20 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dot3msm.dll
[2014/11/19 10:00:20 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wiavideo.dll
[2014/11/19 10:00:20 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Kswdmcap.ax
[2014/11/19 10:00:20 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sppinst.dll
[2014/11/19 10:00:20 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\fphc.dll
[2014/11/19 10:00:20 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cmstp.exe
[2014/11/19 10:00:20 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\QCLIPROV.DLL
[2014/11/19 10:00:20 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cca.dll
[2014/11/19 10:00:20 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\takeown.exe
[2014/11/19 10:00:19 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMSPDMOD.DLL
[2014/11/19 10:00:19 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msorcl32.dll
[2014/11/19 10:00:19 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iscsicli.exe
[2014/11/19 10:00:19 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\desk.cpl
[2014/11/19 10:00:19 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iasrecst.dll
[2014/11/19 10:00:19 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\setupcln.dll
[2014/11/19 10:00:19 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MuiUnattend.exe
[2014/11/19 10:00:19 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vfwwdm32.dll
[2014/11/19 10:00:19 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wsnmp32.dll
[2014/11/19 10:00:19 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\umb.dll
[2014/11/19 10:00:19 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WavDest.dll
[2014/11/19 10:00:19 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\pdhui.dll
[2014/11/19 10:00:19 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\basesrv.dll
[2014/11/19 10:00:19 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\relog.exe
[2014/11/19 10:00:19 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PrintIsolationProxy.dll
[2014/11/19 10:00:19 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\AzSqlExt.dll
[2014/11/19 10:00:19 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netiougc.exe
[2014/11/19 10:00:18 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\IMJP10.IME
[2014/11/19 10:00:18 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\FXSTIFF.dll
[2014/11/19 10:00:18 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\itircl.dll
[2014/11/19 10:00:18 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmpps.dll
[2014/11/19 10:00:18 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\diskpart.exe
[2014/11/19 10:00:18 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\amstream.dll
[2014/11/19 10:00:18 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\CertPolEng.dll
[2014/11/19 10:00:18 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\spbcd.dll
[2014/11/19 10:00:18 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MultiDigiMon.exe
[2014/11/19 10:00:18 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\setbcdlocale.dll
[2014/11/19 10:00:18 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ksxbar.ax
[2014/11/19 10:00:18 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wkscli.dll
[2014/11/19 10:00:18 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WerFaultSecure.exe
[2014/11/19 10:00:18 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netbtugc.exe
[2014/11/19 10:00:18 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\syssetup.dll
[2014/11/19 10:00:18 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\nrpsrv.dll
[2014/11/19 10:00:17 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sppc.dll
[2014/11/19 10:00:17 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\eappgnui.dll
[2014/11/19 10:00:17 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\windows\System32\iccvid.dll
[2014/11/19 10:00:17 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tlscsp.dll
[2014/11/19 10:00:17 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\findstr.exe
[2014/11/19 10:00:17 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MSDvbNP.ax
[2014/11/19 10:00:17 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\luainstall.dll
[2014/11/19 10:00:17 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mciqtz32.dll
[2014/11/19 10:00:17 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wiarpc.dll
[2014/11/19 10:00:17 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wdiasqmmodule.dll
[2014/11/19 10:00:17 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usbrpm.sys
[2014/11/19 10:00:17 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\HotStartUserAgent.dll
[2014/11/19 10:00:17 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ReAgentc.exe
[2014/11/19 10:00:17 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\tdi.sys
[2014/11/19 10:00:17 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\spopk.dll
[2014/11/19 10:00:17 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\muifontsetup.dll
[2014/11/19 10:00:16 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\UIRibbonRes.dll
[2014/11/19 10:00:16 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\manage-bde.exe
[2014/11/19 10:00:16 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\repair-bde.exe
[2014/11/19 10:00:16 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetmib1.dll
[2014/11/19 10:00:16 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\g711codc.ax
[2014/11/19 10:00:16 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbcconf.dll
[2014/11/19 10:00:16 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\unlodctr.exe
[2014/11/19 10:00:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vbisurf.ax
[2014/11/19 10:00:16 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msdmo.dll
[2014/11/19 10:00:16 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\profprov.dll
[2014/11/19 10:00:16 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netcfg.exe
[2014/11/19 10:00:16 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdprefdrvapi.dll
[2014/11/19 10:00:15 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RDPENCDD.dll
[2014/11/19 10:00:15 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\napdsnap.dll
[2014/11/19 10:00:15 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\FXSMON.dll
[2014/11/19 10:00:15 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\elsTrans.dll
[2014/11/19 10:00:15 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TRAPI.dll
[2014/11/19 10:00:15 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\bitsperf.dll
[2014/11/19 10:00:15 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\schedcli.dll
[2014/11/19 10:00:15 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\perfts.dll
[2014/11/19 10:00:14 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\imkr80.ime
[2014/11/19 10:00:14 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dsauth.dll
[2014/11/19 10:00:14 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wsdchngr.dll
[2014/11/19 10:00:14 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sscore.dll
[2014/11/19 10:00:14 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\riched32.dll
[2014/11/19 10:00:13 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wshirda.dll
[2014/11/19 10:00:13 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcfgex.dll
[2014/11/19 10:00:12 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\USBCAMD2.sys
[2014/11/19 10:00:12 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\USBCAMD.sys
[2014/11/19 10:00:11 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RDPREFDD.dll
[2014/11/19 10:00:11 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\C_ISCII.DLL
[2014/11/19 10:00:11 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\shunimpl.dll
[2014/11/19 10:00:11 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\spwmp.dll
[2014/11/19 10:00:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msdxm.ocx
[2014/11/19 10:00:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxmasf.dll
[2014/11/19 10:00:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDUS.DLL
[2014/11/19 10:00:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDINTEL.DLL
[2014/11/19 10:00:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDINKAN.DLL
[2014/11/19 10:00:09 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\nlsbres.dll
[2014/11/19 10:00:09 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\BlbEvents.dll
[2014/11/19 10:00:09 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\pifmgr.dll
[2014/11/19 10:00:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\spwizres.dll
[2014/11/19 10:00:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDSG.DLL
[2014/11/19 10:00:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\kbdlk41a.dll
[2014/11/19 10:00:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDCZ1.DLL
[2014/11/19 10:00:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDTUQ.DLL
[2014/11/19 10:00:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDTUF.DLL
[2014/11/19 10:00:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDSF.DLL
[2014/11/19 10:00:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDPO.DLL
[2014/11/19 10:00:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDNEPR.DLL
[2014/11/19 10:00:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDINBEN.DLL
[2014/11/19 10:00:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDGR1.DLL
[2014/11/19 10:00:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDGKL.DLL
[2014/11/19 10:00:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDUGHR1.DLL
[2014/11/19 10:00:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDTURME.DLL
[2014/11/19 10:00:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDTAJIK.DLL
[2014/11/19 10:00:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDMON.DLL
[2014/11/19 10:00:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDMAORI.DLL
[2014/11/19 10:00:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDLT1.DLL
[2014/11/19 10:00:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDINTAM.DLL
[2014/11/19 10:00:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDINORI.DLL
[2014/11/19 10:00:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDINMAR.DLL
[2014/11/19 10:00:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDINHIN.DLL
[2014/11/19 10:00:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDBULG.DLL
[2014/11/19 10:00:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDBLR.DLL
[2014/11/19 10:00:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDGEO.DLL
[2014/11/19 10:00:09 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dpnaddr.dll
[2014/11/19 10:00:03 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wdscore.dll
[2014/11/19 09:59:48 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wbemcomn.dll
[2014/11/18 14:56:48 | 001,202,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\FM20.DLL
[2014/11/18 08:33:41 | 000,000,000 | --SD | C] -- C:\windows\System32\CompatTel
[2014/11/18 08:33:35 | 000,000,000 | ---D | C] -- C:\Users\young\AppData\Local\TOSHIBA_Corporation
[2014/11/18 08:15:18 | 000,000,000 | ---D | C] -- C:\windows\System32\MRT
[2014/11/17 20:17:57 | 000,229,000 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MpSigStub.exe
[2014/11/17 20:14:18 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\poqexec.exe
[2014/11/17 19:59:17 | 000,000,000 | ---D | C] -- C:\Users\young\AppData\Local\Toshiba
[2014/11/17 19:59:10 | 000,000,000 | ---D | C] -- C:\Users\young\AppData\Roaming\ATI
[2014/11/17 19:59:10 | 000,000,000 | ---D | C] -- C:\Users\young\AppData\Local\ATI
[2014/11/17 19:58:19 | 000,000,000 | R--D | C] -- C:\Users\young\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/11/17 19:58:19 | 000,000,000 | R--D | C] -- C:\Users\young\Searches
[2014/11/17 19:58:19 | 000,000,000 | R--D | C] -- C:\Users\young\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/11/17 19:58:19 | 000,000,000 | -H-D | C] -- C:\Users\young\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/11/17 19:58:10 | 000,000,000 | ---D | C] -- C:\Users\young\AppData\Roaming\Identities
[2014/11/17 19:58:08 | 000,000,000 | R--D | C] -- C:\Users\young\Contacts
[2014/11/17 19:57:03 | 000,000,000 | ---D | C] -- C:\Users\young\AppData\Roaming\WinBatch
[2014/11/17 19:56:19 | 000,000,000 | ---D | C] -- C:\Users\young\AppData\Local\VirtualStore
[2014/11/17 19:56:17 | 000,000,000 | --SD | C] -- C:\Users\young\AppData\Roaming\Microsoft
[2014/11/17 19:56:17 | 000,000,000 | R--D | C] -- C:\Users\young\Videos
[2014/11/17 19:56:17 | 000,000,000 | R--D | C] -- C:\Users\young\Saved Games
[2014/11/17 19:56:17 | 000,000,000 | R--D | C] -- C:\Users\young\Pictures
[2014/11/17 19:56:17 | 000,000,000 | R--D | C] -- C:\Users\young\Music
[2014/11/17 19:56:17 | 000,000,000 | R--D | C] -- C:\Users\young\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/11/17 19:56:17 | 000,000,000 | R--D | C] -- C:\Users\young\Links
[2014/11/17 19:56:17 | 000,000,000 | R--D | C] -- C:\Users\young\Favorites
[2014/11/17 19:56:17 | 000,000,000 | R--D | C] -- C:\Users\young\Downloads
[2014/11/17 19:56:17 | 000,000,000 | R--D | C] -- C:\Users\young\Documents
[2014/11/17 19:56:17 | 000,000,000 | R--D | C] -- C:\Users\young\Desktop
[2014/11/17 19:56:17 | 000,000,000 | R--D | C] -- C:\Users\young\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/11/17 19:56:17 | 000,000,000 | -HSD | C] -- C:\Users\young\AppData\Local\Temporary Internet Files
[2014/11/17 19:56:17 | 000,000,000 | -HSD | C] -- C:\Users\young\Templates
[2014/11/17 19:56:17 | 000,000,000 | -HSD | C] -- C:\Users\young\Start Menu
[2014/11/17 19:56:17 | 000,000,000 | -HSD | C] -- C:\Users\young\SendTo
[2014/11/17 19:56:17 | 000,000,000 | -HSD | C] -- C:\Users\young\Recent
[2014/11/17 19:56:17 | 000,000,000 | -HSD | C] -- C:\Users\young\PrintHood
[2014/11/17 19:56:17 | 000,000,000 | -HSD | C] -- C:\Users\young\NetHood
[2014/11/17 19:56:17 | 000,000,000 | -HSD | C] -- C:\Users\young\Documents\My Videos
[2014/11/17 19:56:17 | 000,000,000 | -HSD | C] -- C:\Users\young\Documents\My Pictures
[2014/11/17 19:56:17 | 000,000,000 | -HSD | C] -- C:\Users\young\Documents\My Music
[2014/11/17 19:56:17 | 000,000,000 | -HSD | C] -- C:\Users\young\My Documents
[2014/11/17 19:56:17 | 000,000,000 | -HSD | C] -- C:\Users\young\Local Settings
[2014/11/17 19:56:17 | 000,000,000 | -HSD | C] -- C:\Users\young\AppData\Local\History
[2014/11/17 19:56:17 | 000,000,000 | -HSD | C] -- C:\Users\young\Cookies
[2014/11/17 19:56:17 | 000,000,000 | -HSD | C] -- C:\Users\young\Application Data
[2014/11/17 19:56:17 | 000,000,000 | -HSD | C] -- C:\Users\young\AppData\Local\Application Data
[2014/11/17 19:56:17 | 000,000,000 | -H-D | C] -- C:\Users\young\AppData
[2014/11/17 19:56:17 | 000,000,000 | ---D | C] -- C:\Users\young\AppData\Local\Temp
[2014/11/17 19:56:17 | 000,000,000 | ---D | C] -- C:\Users\young\AppData\Local\Microsoft
[2014/11/17 19:56:17 | 000,000,000 | ---D | C] -- C:\Users\young\AppData\Roaming\Media Center Programs
[2014/11/17 19:55:06 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/11/17 19:39:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Toshiba Shared
[2014/11/17 19:39:50 | 000,275,536 | ---- | C] (TOSHIBA Corporation) -- C:\windows\System32\drivers\tos_sps32.sys
[2014/11/17 19:39:49 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DX9_41.dll
[2014/11/17 19:39:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA DVD PLAYER
[2014/11/17 19:33:17 | 000,024,576 | ---- | C] (Toshiba) -- C:\windows\System32\TSCI.dll
[2014/11/17 19:33:17 | 000,024,576 | ---- | C] (Toshiba) -- C:\windows\System32\THCI.dll
[2014/11/17 19:32:31 | 000,024,576 | ---- | C] (COMPAL ELECTRONIC INC.) -- C:\windows\System32\TSBWLS.dll
[2014/11/17 19:31:52 | 000,000,000 | ---D | C] -- C:\windows\System32\Microsoft.VC80.MFC
[2014/11/17 19:31:51 | 000,000,000 | ---D | C] -- C:\ProgramData\XP
[2014/11/17 19:31:51 | 000,000,000 | ---D | C] -- C:\ProgramData\win7_64
[2014/11/17 19:31:51 | 000,000,000 | ---D | C] -- C:\ProgramData\win7_32
[2014/11/17 19:31:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Vista64
[2014/11/17 19:31:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Vista32
[2014/11/17 19:30:24 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2014/11/17 19:28:31 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek WLAN Driver
[2014/11/17 19:26:56 | 007,360,512 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RTSUSTORicon.dll
[2014/11/17 19:26:19 | 000,000,000 | ---D | C] -- C:\windows\System32\RTCOM
[2014/11/17 19:26:02 | 001,784,352 | ---- | C] (Waves Audio Ltd.) -- C:\windows\System32\WavesLib.dll
[2014/11/17 19:26:02 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\windows\System32\SRSTSXT.dll
[2014/11/17 19:26:02 | 000,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\windows\System32\SRSTSHD.dll
[2014/11/17 19:26:02 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\windows\System32\SRSHP360.dll
[2014/11/17 19:26:02 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\windows\System32\SRSWOW.dll
[2014/11/17 19:26:01 | 002,898,464 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RtkAPO.dll
[2014/11/17 19:26:01 | 001,933,312 | ---- | C] (Waves Audio Ltd.) -- C:\windows\System32\MaxxAudioEQ.dll
[2014/11/17 19:26:01 | 001,227,296 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RtkPgExt.dll
[2014/11/17 19:26:01 | 000,551,456 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RTSndMgr.cpl
[2014/11/17 19:26:01 | 000,326,176 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RtkApoApi.dll
[2014/11/17 19:26:01 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\System32\RP3DHT32.dll
[2014/11/17 19:26:01 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\System32\RP3DAA32.dll
[2014/11/17 19:26:01 | 000,159,744 | ---- | C] (Waves Audio Ltd.) -- C:\windows\System32\MaxxAudioAPO20.dll
[2014/11/17 19:26:01 | 000,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\windows\System32\MaxxAudioAPO.dll
[2014/11/17 19:26:01 | 000,052,256 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\RtkCoInst.dll
[2014/11/17 19:26:00 | 000,831,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\RtlExUpd.dll
[2014/11/17 19:26:00 | 000,266,240 | ---- | C] (Fortemedia Corporation) -- C:\windows\System32\FMAPO.dll
[2014/11/17 19:26:00 | 000,142,848 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\System32\AERTACap.dll
[2014/11/17 19:26:00 | 000,125,952 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\System32\AERTARen.dll
[2014/11/17 19:26:00 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2014/11/17 19:26:00 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014/11/17 19:25:16 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014/11/17 19:23:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2014/11/17 19:21:46 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2014/11/17 19:21:45 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2014/11/17 19:21:43 | 011,660,800 | ---- | C] (ATI Technologies Inc.) -- C:\windows\System32\atioglxx.dll
[2014/11/17 19:21:43 | 004,994,560 | ---- | C] (ATI Technologies Inc.) -- C:\windows\System32\drivers\atikmdag.sys
[2014/11/17 19:21:43 | 003,105,280 | ---- | C] (ATI Technologies Inc. ) -- C:\windows\System32\atiumdag.dll
[2014/11/17 19:21:43 | 002,868,736 | ---- | C] (ATI Technologies Inc. ) -- C:\windows\System32\atiumdva.dll
[2014/11/17 19:21:43 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\windows\System32\atipdlxx.dll
[2014/11/17 19:21:43 | 000,274,432 | ---- | C] (ATI Technologies, Inc.) -- C:\windows\System32\Oemdspif.dll
[2014/11/17 19:21:43 | 000,176,128 | ---- | C] (AMD) -- C:\windows\System32\atiesrxx.exe
[2014/11/17 19:21:43 | 000,159,744 | ---- | C] (AMD) -- C:\windows\System32\atitmmxx.dll
[2014/11/17 19:21:43 | 000,051,712 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\System32\atimpc32.dll
[2014/11/17 19:21:43 | 000,051,712 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\System32\amdpcom32.dll
[2014/11/17 19:21:43 | 000,014,392 | ---- | C] (Advanced Micro Devices Inc.) -- C:\windows\System32\drivers\AtiPcie.sys
[2014/11/17 19:21:43 | 000,011,776 | ---- | C] (AMD) -- C:\windows\System32\atimuixx.dll
[2014/11/17 19:21:42 | 003,264,512 | ---- | C] (Advanced Micro Devices Inc.) -- C:\windows\System32\aticaldd.dll
[2014/11/17 19:21:42 | 002,469,888 | ---- | C] (ATI Technologies Inc. ) -- C:\windows\System32\atidxx32.dll
[2014/11/17 19:21:42 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\System32\ATIDEMGX.dll
[2014/11/17 19:21:42 | 000,348,160 | ---- | C] (AMD) -- C:\windows\System32\atieclxx.exe
[2014/11/17 19:21:42 | 000,184,320 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\System32\atiadlxx.dll
[2014/11/17 19:21:42 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\System32\atibtmon.exe
[2014/11/17 19:21:42 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\windows\System32\drivers\ati2erec.dll
[2014/11/17 19:21:42 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\windows\System32\aticalrt.dll
[2014/11/17 19:21:42 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\windows\System32\aticalcl.dll
[2014/11/17 19:21:42 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\windows\System32\ati2edxx.dll
[2014/11/17 19:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office Suite Activation Assistant
[2014/11/17 19:11:25 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2014/11/17 19:11:19 | 000,031,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msonpmon.dll
[2014/11/17 19:10:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2014/11/17 19:09:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/11/17 19:08:29 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2014/11/17 19:04:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014/11/17 19:04:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
[2014/11/17 19:04:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2014/11/17 19:03:47 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files - Modified Within 180 Days ==========
 
[2015/01/25 11:07:31 | 001,310,720 | -HS- | M] () -- C:\Users\young\NTUSER.DAT
[2015/01/25 10:51:43 | 000,000,886 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/01/25 10:31:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\young\Desktop\OTL.exe
[2015/01/25 10:19:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2015/01/25 10:13:33 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2015/01/25 09:39:30 | 000,019,024 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/01/25 09:39:30 | 000,019,024 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/01/25 09:17:31 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/01/25 09:12:16 | 000,000,438 | ---- | M] () -- C:\windows\win.ini
[2015/01/24 16:02:36 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2015/01/24 16:02:34 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2015/01/22 20:35:35 | 000,002,140 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/01/21 20:57:58 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2015/01/21 20:57:49 | 1408,045,056 | -HS- | M] () -- C:\hiberfil.sys
[2015/01/21 20:57:03 | 000,782,366 | -H-- | M] () -- C:\Users\young\AppData\Local\IconCache.db
[2015/01/21 19:53:57 | 000,000,539 | ---- | M] () -- C:\windows\tasks\RegCure Pro_sch_E828F404-A1E1-11E4-A29D-002622F60C76.job
[2015/01/21 16:46:34 | 000,000,001 | ---- | M] () -- C:\Users\young\Documents\CryptoWall 2.0.html
[2015/01/21 16:44:26 | 001,715,072 | ---- | M] () -- C:\windows\System32\drivers\NSBU\1601000.009\Cat.DB
[2015/01/21 16:44:19 | 000,781,298 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI
[2015/01/21 16:44:19 | 000,661,894 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2015/01/21 16:44:19 | 000,121,730 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2015/01/21 15:37:25 | 000,001,020 | ---- | M] () -- C:\Users\young\AppData\Roaming\wklnhst.dat
[2015/01/21 15:34:17 | 000,148,910 | ---- | M] () -- C:\windows\hpoins19.dat
[2015/01/15 04:37:00 | 000,069,995 | ---- | M] () -- C:\windows\System32\drivers\NSBU\1601000.009\VT20150115.002
[2015/01/09 20:26:05 | 000,002,240 | ---- | M] () -- C:\Users\young\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/01/08 22:46:19 | 000,096,680 | ---- | M] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll
[2015/01/08 22:46:18 | 000,272,296 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaws.exe
[2015/01/08 22:46:18 | 000,176,552 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2015/01/08 22:46:18 | 000,176,552 | ---- | M] (Oracle Corporation) -- C:\windows\System32\java.exe
[2015/01/01 15:59:36 | 000,094,424 | ---- | M] (Symantec Corporation) -- C:\windows\System32\drivers\SYMEVENT.SYS
[2015/01/01 15:59:36 | 000,008,186 | ---- | M] () -- C:\windows\System32\drivers\SYMEVENT.CAT
[2015/01/01 15:59:36 | 000,000,806 | ---- | M] () -- C:\windows\System32\drivers\SYMEVENT.INF
[2015/01/01 15:59:22 | 000,002,542 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security with Backup.lnk
[2015/01/01 15:57:39 | 000,001,265 | ---- | M] () -- C:\Users\young\Desktop\Norton Installation Files.lnk
[2014/12/12 20:33:44 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2014/12/11 22:11:44 | 003,971,512 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2014/12/11 22:11:43 | 003,916,728 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2014/12/11 10:47:27 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\TSWbPrxy.exe
[2014/12/10 03:59:47 | 000,000,172 | ---- | M] () -- C:\windows\System32\drivers\NSBU\1601000.009\isolate.ini
[2014/12/03 21:38:59 | 000,337,920 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\generaltel.dll
[2014/12/03 21:38:45 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\invagent.dll
[2014/12/03 21:38:40 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\devinv.dll
[2014/12/03 21:38:37 | 000,728,576 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\appraiser.dll
[2014/12/03 21:38:36 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\aepdu.dll
[2014/12/03 21:38:36 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\aepic.dll
[2014/12/03 21:34:13 | 000,873,984 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\aeinv.dll
[2014/12/01 22:59:55 | 000,008,172 | R--- | M] () -- C:\windows\System32\drivers\NSBU\1601000.009\srtspx.cat
[2014/12/01 22:59:55 | 000,008,168 | R--- | M] () -- C:\windows\System32\drivers\NSBU\1601000.009\srtsp.cat
[2014/12/01 22:59:55 | 000,001,390 | R--- | M] () -- C:\windows\System32\drivers\NSBU\1601000.009\srtspx.inf
[2014/12/01 22:59:55 | 000,001,389 | R--- | M] () -- C:\windows\System32\drivers\NSBU\1601000.009\srtsp.inf
[2014/12/01 22:59:40 | 000,699,608 | R--- | M] (Symantec Corporation) -- C:\windows\System32\drivers\NSBU\1601000.009\srtsp.sys
[2014/12/01 22:59:40 | 000,036,056 | R--- | M] (Symantec Corporation) -- C:\windows\System32\drivers\NSBU\1601000.009\srtspx.sys
[2014/12/01 16:28:26 | 001,160,872 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\aitstatic.exe
[2014/11/26 18:10:45 | 000,342,200 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2014/11/25 16:24:03 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/11/24 14:04:58 | 000,229,000 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\MpSigStub.exe
[2014/11/23 12:13:25 | 000,336,232 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2014/11/22 10:38:19 | 000,079,592 | ---- | M] () -- C:\Users\young\AppData\Local\GDIPFONTCACHEV1.DAT
[2014/11/21 19:20:44 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2014/11/21 19:20:30 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieetwcollectorres.dll
[2014/11/21 19:07:17 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2014/11/21 19:06:32 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieetwproxystub.dll
[2014/11/21 19:05:02 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\MshtmlDac.dll
[2014/11/21 18:59:42 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2014/11/21 18:58:54 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2014/11/21 18:56:40 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2014/11/21 18:55:14 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieetwcollector.exe
[2014/11/21 18:54:30 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\jscript9diag.dll
[2014/11/21 18:48:26 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\MsSpellCheckingFacility.exe
[2014/11/21 18:45:18 | 000,418,304 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dxtmsft.dll
[2014/11/21 18:40:04 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\JavaScriptCollectionAgent.dll
[2014/11/21 18:36:14 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msrating.dll
[2014/11/21 18:33:22 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dxtrans.dll
[2014/11/21 18:29:26 | 004,299,264 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2014/11/21 18:23:48 | 000,688,640 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2014/11/21 18:23:06 | 000,684,544 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2014/11/21 18:22:49 | 002,052,096 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2014/11/21 18:21:57 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mshtmlmedia.dll
[2014/11/21 17:54:44 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dll
[2014/11/19 19:34:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\elshyph.dll
[2014/11/19 19:34:35 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\jsIntl.dll
[2014/11/19 19:34:35 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dat
[2014/11/19 19:34:35 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\html.iec
[2014/11/19 19:34:35 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2014/11/19 19:34:35 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msls31.dll
[2014/11/19 19:34:35 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iexpress.exe
[2014/11/19 19:34:35 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wextract.exe
[2014/11/19 19:34:35 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\inseng.dll
[2014/11/19 19:34:35 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe
[2014/11/19 19:34:35 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll
[2014/11/19 19:34:35 | 000,016,284 | ---- | M] () -- C:\windows\System32\ieuinit.inf
[2014/11/19 19:34:34 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
[2014/11/19 19:34:34 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\IEAdvpack.dll
[2014/11/19 19:34:34 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2014/11/19 19:34:34 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\SetIEInstalledDate.exe
[2014/11/19 19:34:34 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\pngfilt.dll
[2014/11/19 19:34:34 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mshtmler.dll
[2014/11/19 19:34:34 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
[2014/11/19 19:34:34 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\imgutil.dll
[2014/11/19 19:34:34 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe
[2014/11/19 19:33:07 | 000,619,520 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\tdh.dll
[2014/11/19 19:33:07 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\csrsrv.dll
[2014/11/19 19:32:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\taskhost.exe
[2014/11/19 19:28:51 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\XpsPrint.dll
[2014/11/19 19:28:51 | 001,080,832 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\d3d10.dll
[2014/11/19 19:28:51 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\d3d10level9.dll
[2014/11/19 19:28:51 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\XpsGdiConverter.dll
[2014/11/19 19:28:51 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dxgi.dll
[2014/11/19 19:28:51 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\d3d10_1core.dll
[2014/11/19 19:28:51 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\d3d10core.dll
[2014/11/19 19:28:51 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\WindowsCodecsExt.dll
[2014/11/19 19:28:51 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\UIAnimation.dll
[2014/11/19 19:28:51 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\d3d10_1.dll
[2014/11/19 19:28:51 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/11/19 19:28:51 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/11/19 19:28:51 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/11/19 19:28:51 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/11/19 19:28:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/11/19 19:28:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/11/19 19:28:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2014/11/19 19:28:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/11/19 19:28:51 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/11/19 19:26:29 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\d3d11.dll
[2014/11/19 17:51:27 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msclmd.dll
[2014/11/18 14:56:48 | 001,202,848 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\FM20.DLL
[2014/11/18 08:33:39 | 000,524,288 | -HS- | M] () -- C:\Users\young\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2014/11/18 08:33:39 | 000,524,288 | -HS- | M] () -- C:\Users\young\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2014/11/18 08:33:39 | 000,065,536 | -HS- | M] () -- C:\Users\young\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2014/11/17 19:57:26 | 000,000,017 | RHS- | M] () -- C:\windows\System32\drivers\fbd.sys
[2014/11/17 19:56:17 | 000,000,020 | -HS- | M] () -- C:\Users\young\ntuser.ini
[2014/11/17 19:55:15 | 000,039,252 | ---- | M] () -- C:\windows\System32\license.rtf
[2014/11/17 19:49:14 | 000,000,000 | ---- | M] () -- C:\windows\NDSTray.INI
[2014/11/17 19:30:30 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf
[2014/11/17 18:57:35 | 000,000,000 | ---- | M] () -- C:\windows\ativpsrm.bin
[2014/11/15 12:03:34 | 000,646,010 | ---- | M] () -- C:\Users\young\Documents\PostVirus-Spyware Status Report.mht
[2014/11/07 19:45:09 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\tzres.dll
[2014/10/29 18:45:43 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\charmap.exe
[2014/10/24 18:32:37 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\packager.dll
[2014/10/17 18:33:13 | 003,209,728 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mf.dll
[2014/10/13 18:47:30 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msaudite.dll
[2014/10/13 18:46:02 | 000,681,984 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\adtschema.dll
[2014/10/09 17:45:54 | 002,379,264 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2014/10/02 18:45:03 | 000,248,832 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\WSManMigrationPlugin.dll
[2014/10/02 18:45:03 | 000,214,016 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\WsmWmiPl.dll
[2014/10/02 18:45:03 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\WsmAuto.dll
[2014/10/02 18:44:42 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\AUDIOKSE.dll
[2014/10/02 18:44:31 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\EncDump.dll
[2014/10/02 18:44:26 | 000,374,784 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\AudioEng.dll
[2014/10/02 18:44:26 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\AudioSes.dll
[2014/10/02 18:44:25 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\WSManHTTPConfig.exe
[2014/09/24 18:40:50 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\qdvd.dll
[2014/09/20 08:10:49 | 000,218,976 | ---- | M] () -- C:\Users\young\Documents\Ovarian Cancer.pdf
[2014/09/19 02:23:46 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ncrypt.dll
[2014/09/08 22:15:11 | 000,420,056 | R--- | M] (Symantec Corporation) -- C:\windows\System32\drivers\NSBU\1601000.009\symnets.sys
[2014/09/08 22:15:10 | 000,939,224 | R--- | M] (Symantec Corporation) -- C:\windows\System32\drivers\NSBU\1601000.009\SymEFA.sys
[2014/09/08 22:15:10 | 000,042,291 | R--- | M] () -- C:\windows\System32\drivers\NSBU\1601000.009\SymVTcer.dat
[2014/09/08 22:15:10 | 000,021,520 | R--- | M] (Symantec Corporation) -- C:\windows\System32\drivers\NSBU\1601000.009\SymELAM.sys
[2014/09/08 22:15:10 | 000,009,931 | R--- | M] () -- C:\windows\System32\drivers\NSBU\1601000.009\SymELAM.cat
[2014/09/08 22:15:10 | 000,008,176 | R--- | M] () -- C:\windows\System32\drivers\NSBU\1601000.009\SymNet.cat
[2014/09/08 22:15:10 | 000,008,174 | R--- | M] () -- C:\windows\System32\drivers\NSBU\1601000.009\SymEFA.cat
[2014/09/08 22:15:10 | 000,003,434 | R--- | M] () -- C:\windows\System32\drivers\NSBU\1601000.009\SymEFA.inf
[2014/09/08 22:15:10 | 000,001,442 | R--- | M] () -- C:\windows\System32\drivers\NSBU\1601000.009\SymNet.inf
[2014/09/08 22:15:10 | 000,001,098 | R--- | M] () -- C:\windows\System32\drivers\NSBU\1601000.009\symELAM.inf
[2014/09/08 22:15:09 | 000,364,760 | R--- | M] (Symantec Corporation) -- C:\windows\System32\drivers\NSBU\1601000.009\SymDS.sys
[2014/09/08 22:15:09 | 000,008,248 | R--- | M] () -- C:\windows\System32\drivers\NSBU\1601000.009\SymDS.cat
[2014/09/08 22:15:09 | 000,002,852 | R--- | M] () -- C:\windows\System32\drivers\NSBU\1601000.009\SymDS.inf
[2014/09/08 22:05:40 | 000,212,696 | R--- | M] (Symantec Corporation) -- C:\windows\System32\drivers\NSBU\1601000.009\Ironx86.sys
[2014/09/08 22:05:40 | 000,008,168 | R--- | M] () -- C:\windows\System32\drivers\NSBU\1601000.009\iron.cat
[2014/09/08 22:05:40 | 000,000,737 | R--- | M] () -- C:\windows\System32\drivers\NSBU\1601000.009\Iron.inf
[2014/09/08 22:05:23 | 000,128,728 | R--- | M] (Symantec Corporation) -- C:\windows\System32\drivers\NSBU\1601000.009\ccSetx86.sys
[2014/09/08 22:05:23 | 000,008,186 | R--- | M] () -- C:\windows\System32\drivers\NSBU\1601000.009\ccSetx86.cat
[2014/09/08 22:05:23 | 000,000,828 | R--- | M] () -- C:\windows\System32\drivers\NSBU\1601000.009\ccSetx86.inf
[2014/08/28 18:44:52 | 002,744,320 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\rdpcorets.dll
[2014/08/20 23:23:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msxml3r.dll
[2014/08/11 18:36:37 | 000,701,440 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\IMJP10K.DLL
[2014/08/01 04:35:06 | 000,793,600 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\TSWorkspace.dll
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2015/01/21 20:55:29 | 000,782,366 | -H-- | C] () -- C:\Users\young\AppData\Local\IconCache.db
[2015/01/21 19:53:57 | 000,000,539 | ---- | C] () -- C:\windows\tasks\RegCure Pro_sch_E828F404-A1E1-11E4-A29D-002622F60C76.job
[2015/01/21 16:46:34 | 000,000,001 | ---- | C] () -- C:\Users\young\Documents\CryptoWall 2.0.html
[2015/01/21 15:19:16 | 000,148,910 | ---- | C] () -- C:\windows\hpoins19.dat
[2015/01/15 19:29:52 | 000,069,995 | ---- | C] () -- C:\windows\System32\drivers\NSBU\1601000.009\VT20150115.002
[2015/01/08 22:39:30 | 000,002,240 | ---- | C] () -- C:\Users\young\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/01/08 22:39:29 | 000,002,140 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/01/08 22:39:02 | 000,000,886 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/01/08 22:39:01 | 000,000,882 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/01/08 22:38:26 | 000,000,830 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2015/01/07 09:46:37 | 000,001,020 | ---- | C] () -- C:\Users\young\AppData\Roaming\wklnhst.dat
[2015/01/01 15:59:48 | 001,715,072 | ---- | C] () -- C:\windows\System32\drivers\NSBU\1601000.009\Cat.DB
[2015/01/01 15:59:36 | 000,008,186 | ---- | C] () -- C:\windows\System32\drivers\SYMEVENT.CAT
[2015/01/01 15:59:36 | 000,000,806 | ---- | C] () -- C:\windows\System32\drivers\SYMEVENT.INF
[2015/01/01 15:59:22 | 000,002,542 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security with Backup.lnk
[2015/01/01 15:57:58 | 000,042,291 | R--- | C] () -- C:\windows\System32\drivers\NSBU\1601000.009\SymVTcer.dat
[2015/01/01 15:57:58 | 000,009,931 | R--- | C] () -- C:\windows\System32\drivers\NSBU\1601000.009\SymELAM.cat
[2015/01/01 15:57:58 | 000,008,248 | R--- | C] () -- C:\windows\System32\drivers\NSBU\1601000.009\SymDS.cat
[2015/01/01 15:57:58 | 000,008,186 | R--- | C] () -- C:\windows\System32\drivers\NSBU\1601000.009\ccSetx86.cat
[2015/01/01 15:57:58 | 000,008,176 | R--- | C] () -- C:\windows\System32\drivers\NSBU\1601000.009\SymNet.cat
[2015/01/01 15:57:58 | 000,008,174 | R--- | C] () -- C:\windows\System32\drivers\NSBU\1601000.009\SymEFA.cat
[2015/01/01 15:57:58 | 000,008,172 | R--- | C] () -- C:\windows\System32\drivers\NSBU\1601000.009\srtspx.cat
[2015/01/01 15:57:58 | 000,008,168 | R--- | C] () -- C:\windows\System32\drivers\NSBU\1601000.009\srtsp.cat
[2015/01/01 15:57:58 | 000,008,168 | R--- | C] () -- C:\windows\System32\drivers\NSBU\1601000.009\iron.cat
[2015/01/01 15:57:58 | 000,003,434 | R--- | C] () -- C:\windows\System32\drivers\NSBU\1601000.009\SymEFA.inf
[2015/01/01 15:57:58 | 000,002,852 | R--- | C] () -- C:\windows\System32\drivers\NSBU\1601000.009\SymDS.inf
[2015/01/01 15:57:58 | 000,001,442 | R--- | C] () -- C:\windows\System32\drivers\NSBU\1601000.009\SymNet.inf
[2015/01/01 15:57:58 | 000,001,390 | R--- | C] () -- C:\windows\System32\drivers\NSBU\1601000.009\srtspx.inf
[2015/01/01 15:57:58 | 000,001,389 | R--- | C] () -- C:\windows\System32\drivers\NSBU\1601000.009\srtsp.inf
[2015/01/01 15:57:58 | 000,001,098 | R--- | C] () -- C:\windows\System32\drivers\NSBU\1601000.009\symELAM.inf
[2015/01/01 15:57:58 | 000,000,828 | R--- | C] () -- C:\windows\System32\drivers\NSBU\1601000.009\ccSetx86.inf
[2015/01/01 15:57:58 | 000,000,737 | R--- | C] () -- C:\windows\System32\drivers\NSBU\1601000.009\Iron.inf
[2015/01/01 15:57:57 | 000,000,172 | ---- | C] () -- C:\windows\System32\drivers\NSBU\1601000.009\isolate.ini
[2015/01/01 15:27:25 | 000,001,265 | ---- | C] () -- C:\Users\young\Desktop\Norton Installation Files.lnk
[2014/11/25 16:24:03 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/11/23 15:35:57 | 000,646,010 | ---- | C] () -- C:\Users\young\Documents\PostVirus-Spyware Status Report.mht
[2014/11/23 15:35:57 | 000,218,976 | ---- | C] () -- C:\Users\young\Documents\Ovarian Cancer.pdf
[2014/11/23 15:35:57 | 000,103,280 | ---- | C] () -- C:\Users\young\Documents\FTF_2014-03-31_1396298261486.pdf
[2014/11/23 15:35:57 | 000,047,312 | ---- | C] () -- C:\Users\young\Documents\STF_2014-03-31_1396298312156.pdf
[2014/11/23 15:35:57 | 000,000,438 | ---- | C] () -- C:\Users\young\Documents\Pictures - Shortcut.lnk
[2014/11/23 15:25:26 | 000,001,827 | ---- | C] () -- C:\Users\young\Desktop\Microsoft Office - Shortcut.lnk
[2014/11/23 15:25:25 | 000,000,172 | ---- | C] () -- C:\Users\young\Desktop\Genealogy, Family Trees and Family History Records online - Ancestry.com.url
[2014/11/22 10:53:03 | 000,419,992 | ---- | C] () -- C:\windows\System32\locale.nls
[2014/11/19 20:18:07 | 000,000,003 | ---- | C] () -- C:\windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/11/19 19:34:35 | 000,016,284 | ---- | C] () -- C:\windows\System32\ieuinit.inf
[2014/11/19 18:50:24 | 000,000,003 | ---- | C] () -- C:\windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/11/19 10:01:11 | 000,146,852 | ---- | C] () -- C:\windows\System32\systemsf.ebd
[2014/11/19 10:00:17 | 000,053,600 | ---- | C] () -- C:\windows\System32\dosx.exe
[2014/11/19 10:00:15 | 000,010,429 | ---- | C] () -- C:\windows\System32\ScavengeSpace.xml
[2014/11/19 10:00:08 | 000,105,559 | ---- | C] () -- C:\windows\System32\RacRules.xml
[2014/11/17 19:59:21 | 000,079,592 | ---- | C] () -- C:\Users\young\AppData\Local\GDIPFONTCACHEV1.DAT
[2014/11/17 19:58:23 | 000,001,428 | ---- | C] () -- C:\Users\young\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/11/17 19:57:26 | 000,000,017 | RHS- | C] () -- C:\windows\System32\drivers\fbd.sys
[2014/11/17 19:56:17 | 001,310,720 | -HS- | C] () -- C:\Users\young\NTUSER.DAT
[2014/11/17 19:56:17 | 000,524,288 | -HS- | C] () -- C:\Users\young\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2014/11/17 19:56:17 | 000,524,288 | -HS- | C] () -- C:\Users\young\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2014/11/17 19:56:17 | 000,065,536 | -HS- | C] () -- C:\Users\young\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2014/11/17 19:56:17 | 000,000,290 | ---- | C] () -- C:\Users\young\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/11/17 19:56:17 | 000,000,272 | ---- | C] () -- C:\Users\young\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/11/17 19:56:17 | 000,000,020 | -HS- | C] () -- C:\Users\young\ntuser.ini
[2014/11/17 19:49:14 | 000,000,000 | ---- | C] () -- C:\windows\NDSTray.INI
[2014/11/17 19:32:31 | 000,045,056 | ---- | C] () -- C:\windows\System32\HWS_Ctrl.dll
[2014/11/17 19:30:30 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf
[2014/11/17 19:27:19 | 000,073,728 | ---- | C] () -- C:\windows\System32\RtNicProp32.dll
[2014/11/17 19:26:03 | 000,000,520 | ---- | C] () -- C:\windows\System32\drivers\RTEQEX1.dat
[2014/11/17 19:26:03 | 000,000,520 | ---- | C] () -- C:\windows\System32\drivers\RTEQEX0.dat
[2014/11/17 19:21:43 | 000,219,120 | ---- | C] () -- C:\windows\System32\atiumdva.cap
[2014/11/17 19:21:43 | 000,197,654 | ---- | C] () -- C:\windows\System32\atiicdxx.dat
[2014/11/17 19:21:43 | 000,018,335 | ---- | C] () -- C:\windows\atiogl.xml
[2014/11/17 19:04:34 | 000,002,557 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
[2014/11/17 19:04:16 | 000,001,116 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk
[2014/11/17 18:57:35 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2014/11/17 18:56:07 | 1408,045,056 | -HS- | C] () -- C:\hiberfil.sys
 
========== ZeroAccess Check ==========
 
[2009/07/13 21:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 18:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 18:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2015/01/21 19:54:09 | 000,000,000 | ---D | M] -- C:\Users\young\AppData\Roaming\ParetoLogic
[2015/01/07 09:46:45 | 000,000,000 | ---D | M] -- C:\Users\young\AppData\Roaming\Template
[2014/11/17 19:57:03 | 000,000,000 | ---D | M] -- C:\Users\young\AppData\Roaming\WinBatch
 
========== Purity Check ==========
 
 
 
< End of report >

  • 0

Advertisements


#2
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,911 posts
We can hardly do anything since the files are encrypted. You may try this but no guarantee.
  • 0

#3
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,911 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP