Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

ooVoo has stopped working due to a problem, possible virus?

Windows 7 program has stopped working virus

  • Please log in to reply

#1
joymor57

joymor57

    New Member

  • Member
  • Pip
  • 1 posts

EDIT by paws; moved from Vista and 7 forums 

 

I have been having this issue since finding and resolving several viruses. I hink there must be something else still here. I have run Norton 360 scan and malwarebytes in safe mode and have found nothing.

Here is a copy of an OTL scan. Let me know if you need more. Thanks SO much.

JOY

 

 OTL logfile created on: 11/15/2015 8:18:18 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\joy\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18097)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
9.80 Gb Total Physical Memory | 7.37 Gb Available Physical Memory | 75.17% Memory free
19.61 Gb Paging File | 17.01 Gb Available in Paging File | 86.76% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 788.99 Gb Free Space | 84.71% Space Free | Partition Type: NTFS
Drive D: | 702.83 Mb Total Space | 579.38 Mb Free Space | 82.44% Space Free | Partition Type: UDF
 
Computer Name: JOY-PC | User Name: joy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\joy\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe (Garmin Ltd. or its subsidiaries)
PRC - C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\n360.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\iolo\System Mechanic\LiveBoost.exe (iolo technologies, LLC)
PRC - C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe (Siber Systems)
PRC - C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe (iSkySoft)
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll ()
MOD - C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\DAQExp.dll ()
MOD - C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSCreateVC.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (Intel® -- C:\Windows\SysNative\IPROSetMonitor.exe (Intel Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (CISVC) -- C:\Windows\SysNative\CISVC.EXE (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Garmin Device Interaction Service) -- C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe (Garmin Ltd. or its subsidiaries)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes)
SRV - (N360) -- C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\N360.exe (Symantec Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (ioloSystemService) -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
SRV - (kss) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe (Kaspersky Lab ZAO)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Backup8 Scheduler) -- C:\Program Files (x86)\Windows Live Mail Backup8\Backup8Sch.exe ()
SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes)
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\N360x64\1605040.018\symnets.sys (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\N360x64\1605040.018\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\N360x64\1605040.018\ironx64.sys (Symantec Corporation)
DRV:64bit: - (SymEFASI) -- C:\Windows\SysNative\drivers\N360x64\1605040.018\symefasi64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\N360x64\1605040.018\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (ccSet_N360) -- C:\Windows\SysNative\drivers\N360x64\1605040.018\ccsetx64.sys (Symantec Corporation)
DRV:64bit: - (PDFsFilter) -- C:\Windows\SysNative\drivers\PDFsFilter.sys (Raxco Software, Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (RawDisk3) -- C:\Windows\SysNative\drivers\rawdsk3.sys (EldoS Corporation)
DRV:64bit: - (ElRawDisk) -- C:\Windows\SysNative\drivers\ElRawDsk.sys (EldoS Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (e1kexpress) -- C:\Windows\SysNative\drivers\e1k62x64.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (CompFilter64) -- C:\Windows\SysNative\drivers\lvbflt64.sys (Logitech Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (RTL8192su) -- C:\Windows\SysNative\drivers\RTL8192su.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LVPr2M64) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:64bit: - (ss_bus) -- C:\Windows\SysNative\drivers\ss_bus.sys (MCCI Corporation)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (hxctlflt) -- C:\Windows\SysNative\drivers\hxctlflt.sys (Guillemot Corporation)
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\ManyCam_x64.sys (ManyCam LLC.)
DRV - (NAVEX15) -- C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20151115.001\ex64.sys (Symantec Corporation)
DRV - (EraserUtilDrv11511) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11511.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20151115.001\eng64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\IPSDefs\20151113.001\IDSviA64.sys (Symantec Corporation)
DRV - (BHDrvx64) -- C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\BASHDefs\20151102.001\BHDrvx64.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (All) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.6.0.32
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IESR02
IE - HKCU\..\SearchScopes\{92D26ACD-9BF7-4FB2-B372-34B1EA91E7AA}: "URL" = https://www.google.c...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.defaultenginename: "Bing "
FF - prefs.js..browser.search.defaultenginename.US: "Google"
FF - prefs.js..browser.search.hiddenOneOffs: "Bing,DuckDuckGo,eBay,Twitter,Wikipedia (en),Yahoo"
FF - prefs.js..browser.search.isUS: true
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..browser.search.selectedEngine: "Bing "
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"
FF - prefs.js..extensions.enabledAddons: zoompage%40DW-dev:14.0
FF - prefs.js..extensions.enabledAddons: ClassicThemeRestorer%40ArisT2Noia4dev:1.4.3beta17
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:42.0
FF - prefs.js..keyword.URL: "http://www.bing.com/...ADF&PC=SK2A&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.65.2: C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.65.2: C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\TorchVLC: C:\Users\joy\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll (VideoLAN)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C1A2A613-35F1-4FCF-B27F-2840527B6556}: C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\COFFADDON\ [2015/11/03 13:23:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2015/04/30 00:27:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\iSkysoft\Video Converter Ultimate\[email protected]\ [2015/07/13 23:31:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015/08/06 15:07:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C1A2A613-35F1-4FCF-B27F-2840527B6556}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon\ [2015/11/03 13:23:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 42.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 42.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2015/04/30 00:27:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015/08/06 15:07:07 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\BingSearchExtension: install
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\DSE: true
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\Market: en-us
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\Package: DefaultPack
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\OSVersion: 6.1.7601.1
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\LVersion: 1.7.46.0
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\MFVersion: MF38.0 (x86 en-US)
 
[2014/07/10 02:43:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\joy\AppData\Roaming\Mozilla\Extensions
[2015/11/15 11:25:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\joy\AppData\Roaming\Mozilla\Firefox\Profiles\jcz6zzfu.default\extensions
[2015/11/15 11:25:40 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\joy\AppData\Roaming\Mozilla\Firefox\Profiles\jcz6zzfu.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2015/11/14 21:32:15 | 000,658,585 | ---- | M] () (No name found) -- C:\Users\joy\AppData\Roaming\Mozilla\Firefox\Profiles\jcz6zzfu.default\extensions\[email protected]
[2015/11/06 01:24:48 | 000,098,359 | ---- | M] () (No name found) -- C:\Users\joy\AppData\Roaming\Mozilla\Firefox\Profiles\jcz6zzfu.default\extensions\[email protected]
[2015/10/27 22:02:50 | 000,962,762 | ---- | M] () (No name found) -- C:\Users\joy\AppData\Roaming\Mozilla\Firefox\Profiles\jcz6zzfu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2015/10/16 09:28:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2015/10/16 09:28:31 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2015/11/05 14:37:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/10/16 09:28:31 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2015/11/05 15:11:53 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\joy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\joy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\joy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\joy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\joy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe\2015.5.0.121_0\
CHR - Extension: No name found = C:\Users\joy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\joy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\joy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif\1.0.5_0\
CHR - Extension: No name found = C:\Users\joy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
CHR - Extension: First user = C:\Users\joy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncmdmcjifbkefpaijakdbgfjbpaonjhg\1.3.1.6_0\
CHR - Extension: No name found = C:\Users\joy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\
CHR - Extension: No name found = C:\Users\joy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\joy\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglhollagcmlahfflcpgpoemjpjfafeo\1.7_0\
CHR - Extension: No name found = C:\Users\joy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgfcegccddakkiegoanainejijnhpbae\3.1.29_0\
CHR - Extension: No name found = C:\Users\joy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
 
O1 HOSTS File: ([2015/04/20 22:08:59 | 000,000,278 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1 rad.msn.com
O1 - Hosts: 127.0.0.1 live.rads.msn.com
O1 - Hosts: 127.0.0.1 ads1.msn.com
O1 - Hosts: 127.0.0.1 static.2mdn.net
O1 - Hosts: 127.0.0.1 g.msn.com
O1 - Hosts: 127.0.0.1 a.ads2.msads.net
O1 - Hosts: 127.0.0.1 b.ads2.msads.net
O1 - Hosts: 127.0.0.1 ac3.msn.com
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\22.5.4.24\coieplg.dll (Symantec Corporation)
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\coieplg.dll (Symantec Corporation)
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (iSkysoft Video Converter Ultimate 5.1.0) - {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} - C:\ProgramData\iSkysoft\Video Converter Ultimate\WSBrowserAppMgr.dll (Wondershare)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.4.24\coieplg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.4.24\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\coieplg.dll (Symantec Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9:64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: skype.com ([]https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 207.255.0.43 207.255.0.45
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A7A1DC0-1237-47EC-9271-AAA73886A124}: DhcpNameServer = 207.255.0.43 207.255.0.45
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0618B5A-36A4-4A2F-85CA-7755D9EED302}: DhcpNameServer = 207.255.0.43 207.255.0.45
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0618B5A-36A4-4A2F-85CA-7755D9EED302}: NameServer = 207.255.0.43
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Handler\WSISVCUchrome - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Handler\WSISVCUchrome - No CLSID value found
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015/11/05 01:19:20 | 000,000,000 | RH-- | M] () - D:\autorun.wbcat -- [ UDF ]
O32 - AutoRun File - [2015/11/05 01:19:20 | 000,000,126 | ---- | M] () - D:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck)
O34 - HKLM BootExecute: (autocheck smrgdf C:\Users\joy\AppData\Roaming\iolo\)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2015/11/15 11:25:50 | 000,000,000 | ---D | C] -- C:\Users\joy\AppData\Roaming\QuickScan
[2015/11/15 01:57:33 | 000,000,000 | ---D | C] -- C:\N360_BACKUP
[2015/11/15 00:08:08 | 000,000,000 | ---D | C] -- C:\Users\joy\AppData\Roaming\Sun
[2015/11/15 00:08:08 | 000,000,000 | ---D | C] -- C:\Users\joy\.oracle_jre_usage
[2015/11/14 21:19:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
[2015/11/14 21:19:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\oovoo
[2015/11/10 15:33:14 | 003,168,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015/11/10 15:33:14 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015/11/10 15:33:14 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015/11/10 15:33:14 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015/11/10 15:33:14 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015/11/10 15:33:14 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015/11/10 15:33:14 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015/11/10 15:33:14 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015/11/10 15:33:14 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015/11/10 15:33:14 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015/11/10 15:33:14 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015/11/10 15:33:14 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015/11/10 15:33:14 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015/11/10 15:33:14 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015/11/10 15:33:14 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015/11/10 15:33:04 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015/11/10 15:33:04 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015/11/10 15:33:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015/11/10 15:33:04 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015/11/10 15:33:03 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015/11/10 15:33:03 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2015/11/10 15:33:03 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015/11/10 15:33:03 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015/11/10 15:33:03 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/11/10 15:33:03 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015/11/10 15:33:02 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015/11/10 15:33:02 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/11/10 15:33:02 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2015/11/10 15:33:02 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015/11/10 15:33:01 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015/11/10 15:33:01 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/11/10 15:33:01 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015/11/10 15:33:01 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015/11/10 15:33:01 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015/11/10 15:33:01 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015/11/10 15:33:01 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015/11/10 15:33:01 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015/11/10 15:33:00 | 002,126,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015/11/10 15:33:00 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/11/10 15:33:00 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015/11/10 15:32:59 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015/11/10 15:32:59 | 000,585,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/11/10 15:32:59 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015/11/10 15:32:59 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015/11/10 15:32:59 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015/11/10 15:32:58 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015/11/10 15:32:58 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015/11/10 15:32:57 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015/11/10 15:32:57 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015/11/10 15:32:57 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015/11/10 15:32:57 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015/11/10 15:32:57 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015/11/10 15:32:54 | 005,990,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/11/10 15:32:53 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015/11/10 15:32:53 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015/11/10 15:32:53 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015/11/10 15:32:47 | 005,570,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015/11/10 15:32:47 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015/11/10 15:32:46 | 003,991,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015/11/10 15:32:46 | 003,935,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015/11/10 15:32:45 | 001,730,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015/11/10 15:32:45 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015/11/10 15:32:45 | 001,216,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2015/11/10 15:32:45 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2015/11/10 15:32:45 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015/11/10 15:32:45 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2015/11/10 15:32:45 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2015/11/10 15:32:45 | 000,299,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcryptprimitives.dll
[2015/11/10 15:32:45 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015/11/10 15:32:45 | 000,251,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bcryptprimitives.dll
[2015/11/10 15:32:45 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2015/11/10 15:32:45 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2015/11/10 15:32:45 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015/11/10 15:32:45 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015/11/10 15:32:45 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015/11/10 15:32:45 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015/11/10 15:32:45 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015/11/10 15:32:45 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2015/11/10 15:32:45 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015/11/10 15:32:45 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015/11/10 15:32:45 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015/11/10 15:32:45 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2015/11/10 15:32:45 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2015/11/10 15:32:45 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2015/11/10 15:32:44 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015/11/10 15:32:44 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015/11/10 15:32:44 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2015/11/10 15:32:44 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015/11/10 15:32:44 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015/11/10 15:32:44 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015/11/10 15:32:44 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015/11/10 15:32:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2015/11/10 15:32:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2015/11/10 15:32:44 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015/11/10 15:32:44 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015/11/10 15:32:44 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015/11/10 15:32:44 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015/11/10 15:32:44 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015/11/10 15:32:44 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015/11/10 15:32:44 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2015/11/10 15:32:44 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015/11/10 15:32:44 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015/11/10 15:32:44 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015/11/10 15:32:44 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015/11/10 15:32:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/11/10 15:32:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/11/10 15:32:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015/11/10 15:32:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015/11/10 15:32:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015/11/10 15:32:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015/11/10 15:32:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015/11/10 15:32:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015/11/10 15:32:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015/11/10 15:32:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015/11/10 15:32:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2015/11/10 15:32:37 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll
[2015/11/10 15:32:37 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdbinst.exe
[2015/11/10 15:32:37 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdbinst.exe
[2015/11/10 15:32:37 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shimeng.dll
[2015/11/10 15:32:31 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll
[2015/11/10 15:32:31 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\InkEd.dll
[2015/11/10 15:32:30 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jnwmon.dll
[2015/11/06 12:41:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
[2015/11/06 12:40:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2015/11/06 12:40:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2015/11/06 12:09:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
[2015/11/06 03:31:37 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\GWX
[2015/11/06 03:31:37 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\GWX
[2015/11/06 03:21:57 | 000,124,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2015/11/06 03:21:57 | 000,103,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2015/11/06 03:15:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2015/11/05 14:46:48 | 007,077,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2015/11/05 14:46:48 | 006,131,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2015/11/05 14:46:48 | 001,057,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll
[2015/11/05 14:46:48 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll
[2015/11/05 14:46:48 | 000,429,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2015/11/05 14:46:48 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2015/11/05 14:46:48 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2015/11/05 14:46:41 | 001,866,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2015/11/05 14:46:39 | 001,498,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2015/11/05 14:46:27 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmmsp.dll
[2015/11/05 14:45:38 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
[2015/11/05 14:45:38 | 001,372,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
[2015/11/05 14:45:38 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmapi.dll
[2015/11/05 14:45:31 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basesrv.dll
[2015/11/05 14:45:04 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2015/11/05 14:44:44 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2015/11/05 14:44:43 | 000,692,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2015/11/05 14:44:43 | 000,616,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2015/11/05 14:44:43 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2015/11/05 14:44:43 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2015/11/05 14:44:43 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2015/11/05 14:44:43 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2015/11/05 14:44:36 | 001,291,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/11/05 14:44:36 | 001,163,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/11/05 14:44:36 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/11/05 14:44:36 | 000,700,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/11/05 14:44:36 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/11/05 14:44:36 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/11/05 14:44:36 | 000,025,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015/11/05 14:44:35 | 000,984,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ucrtbase.dll
[2015/11/05 14:44:35 | 000,901,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ucrtbase.dll
[2015/11/05 14:44:35 | 000,066,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-private-l1-1-0.dll
[2015/11/05 14:44:35 | 000,063,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-private-l1-1-0.dll
[2015/11/05 14:44:35 | 000,022,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-math-l1-1-0.dll
[2015/11/05 14:44:35 | 000,020,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-math-l1-1-0.dll
[2015/11/05 14:44:35 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-multibyte-l1-1-0.dll
[2015/11/05 14:44:35 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-multibyte-l1-1-0.dll
[2015/11/05 14:44:35 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-string-l1-1-0.dll
[2015/11/05 14:44:35 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-string-l1-1-0.dll
[2015/11/05 14:44:35 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-stdio-l1-1-0.dll
[2015/11/05 14:44:35 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-stdio-l1-1-0.dll
[2015/11/05 14:44:35 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-runtime-l1-1-0.dll
[2015/11/05 14:44:35 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-runtime-l1-1-0.dll
[2015/11/05 14:44:35 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-convert-l1-1-0.dll
[2015/11/05 14:44:35 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-convert-l1-1-0.dll
[2015/11/05 14:44:35 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-time-l1-1-0.dll
[2015/11/05 14:44:35 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-time-l1-1-0.dll
[2015/11/05 14:44:35 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-2-0.dll
[2015/11/05 14:44:35 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-2-0.dll
[2015/11/05 14:44:35 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-filesystem-l1-1-0.dll
[2015/11/05 14:44:35 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-filesystem-l1-1-0.dll
[2015/11/05 14:44:35 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-process-l1-1-0.dll
[2015/11/05 14:44:35 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-process-l1-1-0.dll
[2015/11/05 14:44:35 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-heap-l1-1-0.dll
[2015/11/05 14:44:35 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-heap-l1-1-0.dll
[2015/11/05 14:44:35 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-conio-l1-1-0.dll
[2015/11/05 14:44:35 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-conio-l1-1-0.dll
[2015/11/05 14:44:35 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-utility-l1-1-0.dll
[2015/11/05 14:44:35 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-utility-l1-1-0.dll
[2015/11/05 14:44:35 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-locale-l1-1-0.dll
[2015/11/05 14:44:35 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-locale-l1-1-0.dll
[2015/11/05 14:44:35 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-environment-l1-1-0.dll
[2015/11/05 14:44:35 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-environment-l1-1-0.dll
[2015/11/05 14:44:35 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-2-0.dll
[2015/11/05 14:44:35 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-2-0.dll
[2015/11/05 14:44:35 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-1.dll
[2015/11/05 14:44:35 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-1.dll
[2015/11/05 14:44:35 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-eventing-provider-l1-1-0.dll
[2015/11/05 14:44:35 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-eventing-provider-l1-1-0.dll
[2015/11/05 14:44:35 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l2-1-0.dll
[2015/11/05 14:44:35 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l2-1-0.dll
[2015/11/05 14:44:35 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-timezone-l1-1-0.dll
[2015/11/05 14:44:35 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-timezone-l1-1-0.dll
[2015/11/05 14:44:35 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l2-1-0.dll
[2015/11/05 14:44:35 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l2-1-0.dll
[2015/11/05 14:44:35 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-2-0.dll
[2015/11/05 14:44:35 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-2-0.dll
[2015/11/05 14:44:33 | 001,648,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2015/11/05 14:44:32 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2015/11/05 14:44:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll
[2015/11/05 14:44:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll
[2015/11/05 14:44:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2015/11/05 14:44:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2015/11/05 14:44:30 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\notepad.exe
[2015/11/05 14:44:24 | 001,390,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagtrack.dll
[2015/11/05 14:44:24 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UtcResources.dll
[2015/11/05 14:44:22 | 000,879,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2015/11/05 14:44:21 | 000,879,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2015/11/05 14:44:21 | 000,635,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2015/11/05 14:43:59 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2015/11/05 14:43:59 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2015/11/05 14:43:59 | 000,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2015/11/05 14:43:54 | 000,372,736 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015/11/05 14:43:54 | 000,299,520 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015/11/05 14:43:54 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015/11/05 14:43:54 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015/11/05 14:43:54 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015/11/05 14:43:54 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015/11/05 14:43:54 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015/11/05 14:43:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015/11/05 03:09:37 | 000,000,000 | ---D | C] -- C:\Users\joy\MyBackups
[2015/10/27 13:56:27 | 000,000,000 | ---D | C] -- C:\Users\joy\Desktop\Old Firefox Data
[2015/10/26 23:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2015/10/22 22:49:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
[2015/10/19 23:10:18 | 000,000,000 | ---D | C] -- C:\Users\joy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Audio Related Programs
 
========== Files - Modified Within 30 Days ==========
 
[2015/11/15 20:05:47 | 000,027,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/11/15 20:05:47 | 000,027,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/11/15 19:51:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/11/15 19:35:04 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/11/15 13:04:26 | 000,867,294 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/11/15 13:04:26 | 000,723,312 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/11/15 13:04:26 | 000,143,504 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/11/15 13:00:28 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/11/15 13:00:16 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2015/11/15 13:00:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/11/15 13:00:05 | 3600,109,567 | -HS- | M] () -- C:\hiberfil.sys
[2015/11/15 12:47:25 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/11/15 11:48:37 | 000,003,340 | ---- | M] () -- C:\Users\joy\Documents\cc_20151115_114824.reg
[2015/11/15 00:07:54 | 000,097,888 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2015/11/14 23:24:23 | 000,013,465 | ---- | M] () -- C:\Users\joy\Desktop\goodbye - Shortcut.lnk
[2015/11/13 03:22:11 | 000,268,392 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/11/12 00:44:18 | 000,004,125 | ---- | M] () -- C:\Users\joy\Documents\ThanksgivingDinner.rtf
[2015/11/11 17:37:26 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/11/11 03:02:51 | 000,859,416 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/11/10 19:51:06 | 000,780,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015/11/10 19:51:06 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015/11/06 12:40:55 | 000,001,055 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky Security Scan.lnk
[2015/11/05 14:38:10 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/11/04 23:33:03 | 000,005,068 | ---- | M] () -- C:\Users\joy\Documents\cc_20151104_233251.reg
[2015/11/04 22:59:57 | 000,007,594 | ---- | M] () -- C:\Users\joy\AppData\Local\Resmon.ResmonCfg
[2015/11/04 22:12:25 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/11/02 13:00:04 | 003,893,361 | ---- | M] () -- C:\Users\joy\Documents\Need You Now by Joy].mp3
[2015/10/30 18:40:38 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015/10/30 18:25:55 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015/10/30 18:25:15 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015/10/30 18:25:08 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015/10/30 18:24:50 | 000,585,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/10/30 18:24:34 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015/10/30 18:16:25 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015/10/30 18:13:14 | 000,616,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015/10/30 18:12:09 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015/10/30 18:12:09 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015/10/30 18:11:58 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015/10/30 18:11:51 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015/10/30 18:11:46 | 005,990,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/10/30 18:04:48 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015/10/30 18:01:22 | 000,489,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015/10/30 17:53:49 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015/10/30 17:49:46 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015/10/30 17:49:06 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015/10/30 17:46:32 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015/10/30 17:46:27 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015/10/30 17:45:51 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015/10/30 17:45:42 | 000,341,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015/10/30 17:44:57 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015/10/30 17:44:55 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2015/10/30 17:39:27 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015/10/30 17:37:31 | 000,480,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015/10/30 17:36:25 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015/10/30 17:36:24 | 000,663,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015/10/30 17:36:06 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015/10/30 17:32:13 | 000,720,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015/10/30 17:31:26 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/10/30 17:29:57 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015/10/30 17:29:52 | 002,126,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015/10/30 17:23:51 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/10/30 17:21:10 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015/10/30 17:19:51 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015/10/30 17:17:41 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2015/10/30 17:09:23 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015/10/30 17:09:15 | 002,052,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015/10/30 16:53:01 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/10/30 16:46:02 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/10/29 12:50:44 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\shimeng.dll
[2015/10/29 12:50:30 | 000,342,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll
[2015/10/29 12:50:14 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sdbinst.exe
[2015/10/29 12:49:35 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\sdbinst.exe
[2015/10/27 14:21:01 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/10/26 23:42:55 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2015/10/25 23:04:09 | 000,074,838 | ---- | M] () -- C:\Users\joy\Documents\larryscalling.mp3
[2015/10/25 23:00:02 | 000,028,905 | ---- | M] () -- C:\Users\joy\Documents\bye.mp3
[2015/10/25 22:59:15 | 000,001,122 | ---- | M] () -- C:\Users\Public\Desktop\WavePad Sound Editor.lnk
[2015/10/25 21:43:23 | 000,031,919 | ---- | M] () -- C:\Users\joy\Documents\bye2.wma
[2015/10/25 21:39:08 | 000,031,919 | ---- | M] () -- C:\Users\joy\Documents\bye.wma
[2015/10/25 21:39:08 | 000,031,919 | ---- | M] () -- C:\Users\joy\bye.wma
[2015/10/22 22:49:54 | 000,001,110 | ---- | M] () -- C:\Users\Public\Desktop\Prism Video File Converter.lnk
[2015/10/20 20:42:43 | 000,040,899 | ---- | M] () -- C:\Users\joy\Documents\joyscalling.wma
[2015/10/20 13:42:14 | 003,168,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015/10/20 13:42:14 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015/10/20 13:42:14 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015/10/20 13:42:14 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015/10/20 13:42:14 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015/10/20 13:42:13 | 000,696,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015/10/20 13:41:36 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015/10/20 13:41:25 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015/10/20 13:41:22 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015/10/20 13:41:22 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015/10/20 12:46:02 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015/10/20 12:46:02 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015/10/20 12:46:02 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015/10/20 12:46:01 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015/10/20 12:45:08 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015/10/19 23:14:05 | 000,039,355 | ---- | M] () -- C:\Users\joy\Documents\calling.mp3
[2015/10/19 23:13:29 | 000,036,409 | ---- | M] () -- C:\Users\joy\Documents\calling.wma
[2015/10/19 23:10:36 | 000,028,906 | ---- | M] () -- C:\Users\joy\Documents\goodbye.mp3
[2015/10/19 23:10:17 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\Switch Sound File Converter.lnk
[2015/10/19 23:08:11 | 000,027,429 | ---- | M] () -- C:\Users\joy\Documents\goodbye.wma
[2015/10/19 20:12:12 | 005,570,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015/10/19 20:09:05 | 001,730,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015/10/19 20:06:18 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2015/10/19 20:06:18 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2015/10/19 20:06:18 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2015/10/19 20:06:18 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2015/10/19 20:05:49 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015/10/19 20:05:49 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015/10/19 20:05:49 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015/10/19 20:05:49 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015/10/19 20:05:48 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015/10/19 20:05:47 | 001,216,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2015/10/19 20:05:44 | 000,312,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015/10/19 20:05:44 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2015/10/19 20:05:40 | 001,461,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015/10/19 20:05:40 | 001,164,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2015/10/19 20:05:40 | 000,424,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2015/10/19 20:05:34 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2015/10/19 20:05:34 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015/10/19 20:05:13 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015/10/19 20:05:07 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015/10/19 20:04:40 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2015/10/19 20:04:35 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015/10/19 20:00:20 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015/10/19 19:59:20 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015/10/19 19:53:47 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015/10/19 19:53:47 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015/10/19 19:53:47 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015/10/19 19:53:47 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015/10/19 19:53:47 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015/10/19 19:53:47 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/10/19 19:53:47 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015/10/19 19:53:47 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015/10/19 19:53:47 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015/10/19 19:53:47 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/10/19 19:53:47 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/10/19 19:53:47 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/10/19 19:53:47 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015/10/19 19:53:47 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015/10/19 19:53:47 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/10/19 19:53:47 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015/10/19 19:53:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015/10/19 19:53:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015/10/19 19:53:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015/10/19 19:53:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015/10/19 19:53:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015/10/19 19:53:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015/10/19 19:53:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015/10/19 19:53:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015/10/19 19:53:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/10/19 19:53:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015/10/19 19:53:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015/10/19 19:53:46 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015/10/19 19:53:46 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015/10/19 19:53:46 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015/10/19 19:52:02 | 003,991,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015/10/19 19:52:02 | 003,935,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015/10/19 19:45:41 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2015/10/19 19:45:07 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2015/10/19 19:44:35 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015/10/19 19:44:19 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2015/10/19 19:39:32 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015/10/19 19:39:11 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015/10/19 19:35:03 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015/10/19 19:35:03 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015/10/19 19:35:03 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015/10/19 19:35:03 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/10/19 19:35:03 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015/10/19 19:35:03 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015/10/19 19:35:03 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015/10/19 19:35:03 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015/10/19 19:35:03 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/10/19 19:35:03 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/10/19 19:35:03 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015/10/19 19:35:03 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/10/19 19:35:03 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015/10/19 19:35:03 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015/10/19 19:35:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015/10/19 19:35:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/10/19 19:35:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015/10/19 19:35:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015/10/19 19:35:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015/10/19 19:35:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015/10/19 19:35:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/10/19 19:35:02 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015/10/19 19:35:02 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015/10/19 19:35:02 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015/10/19 19:35:02 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015/10/19 19:35:00 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015/10/19 18:29:36 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2015/10/19 18:29:34 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2015/10/19 18:27:10 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015/10/19 18:27:10 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015/10/19 18:27:10 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015/10/19 18:27:10 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
 
========== Files Created - No Company Name ==========
 
[2015/11/15 11:48:35 | 000,003,340 | ---- | C] () -- C:\Users\joy\Documents\cc_20151115_114824.reg
[2015/11/14 23:24:23 | 000,013,465 | ---- | C] () -- C:\Users\joy\Desktop\goodbye - Shortcut.lnk
[2015/11/11 17:52:52 | 000,004,125 | ---- | C] () -- C:\Users\joy\Documents\ThanksgivingDinner.rtf
[2015/11/06 12:41:01 | 000,001,055 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky Security Scan.lnk
[2015/11/04 23:33:00 | 000,005,068 | ---- | C] () -- C:\Users\joy\Documents\cc_20151104_233251.reg
[2015/11/03 23:04:11 | 003,893,361 | ---- | C] () -- C:\Users\joy\Documents\Need You Now by Joy].mp3
[2015/10/26 23:42:55 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2015/10/25 23:04:07 | 000,074,838 | ---- | C] () -- C:\Users\joy\Documents\larryscalling.mp3
[2015/10/25 22:59:56 | 000,028,905 | ---- | C] () -- C:\Users\joy\Documents\bye.mp3
[2015/10/25 22:59:15 | 000,001,134 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk
[2015/10/25 22:59:15 | 000,001,122 | ---- | C] () -- C:\Users\Public\Desktop\WavePad Sound Editor.lnk
[2015/10/25 21:43:23 | 000,031,919 | ---- | C] () -- C:\Users\joy\Documents\bye2.wma
[2015/10/25 21:41:48 | 000,031,919 | ---- | C] () -- C:\Users\joy\bye.wma
[2015/10/25 21:39:07 | 000,031,919 | ---- | C] () -- C:\Users\joy\Documents\bye.wma
[2015/10/22 22:49:54 | 000,001,122 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Video File Converter.lnk
[2015/10/22 22:49:54 | 000,001,110 | ---- | C] () -- C:\Users\Public\Desktop\Prism Video File Converter.lnk
[2015/10/20 20:42:43 | 000,040,899 | ---- | C] () -- C:\Users\joy\Documents\joyscalling.wma
[2015/10/19 23:17:33 | 000,039,355 | ---- | C] () -- C:\Users\joy\Documents\calling.mp3
[2015/10/19 23:13:29 | 000,036,409 | ---- | C] () -- C:\Users\joy\Documents\calling.wma
[2015/10/19 23:11:40 | 000,028,906 | ---- | C] () -- C:\Users\joy\Documents\goodbye.mp3
[2015/10/19 23:10:17 | 000,001,138 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Switch Sound File Converter.lnk
[2015/10/19 23:10:17 | 000,001,126 | ---- | C] () -- C:\Users\Public\Desktop\Switch Sound File Converter.lnk
[2015/10/19 23:08:02 | 000,027,429 | ---- | C] () -- C:\Users\joy\Documents\goodbye.wma
[2015/08/06 15:03:29 | 000,164,707 | ---- | C] () -- C:\Windows\hpoins13.dat
[2015/08/06 15:03:29 | 000,000,457 | ---- | C] () -- C:\Windows\hpomdl13.dat
[2015/07/13 23:31:28 | 000,721,263 | ---- | C] () -- C:\Windows\SysWow64\ISCM64.dll
[2015/07/13 23:31:28 | 000,214,528 | ---- | C] () -- C:\Windows\SysWow64\ISCM32.dll
[2015/06/28 21:46:11 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2015/04/09 21:27:03 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2015/04/09 21:27:03 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2015/04/09 21:27:03 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2015/04/09 21:27:03 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2015/04/09 21:27:03 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2015/03/27 23:43:29 | 013,913,600 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2015/02/20 21:46:42 | 000,000,046 | ---- | C] () -- C:\Users\joy\AppData\Roaming\WB.CFG
[2014/12/31 16:20:23 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2014/09/09 23:37:23 | 000,007,594 | ---- | C] () -- C:\Users\joy\AppData\Local\Resmon.ResmonCfg
[2014/07/10 23:36:34 | 000,859,416 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/07/10 19:34:49 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dat
[2014/07/10 01:36:49 | 000,000,632 | RHS- | C] () -- C:\Users\joy\ntuser.pol
[2014/07/09 20:06:25 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2014/04/06 15:54:12 | 000,001,635 | ---- | C] () -- C:\Users\joy\166525_81230702_68bc992e29a3374ac73c_MediaStealer20140403211339.707.flv
[2014/03/20 22:03:47 | 013,065,190 | ---- | C] () -- C:\Users\joy\166525_39649723_5eee107d0ef460510528_mixed_MediaStealer20140320230247.909.flv
[2014/01/31 14:30:58 | 003,092,105 | ---- | C] () -- C:\Users\joy\God Only Knows.mp3
[2014/01/31 14:29:28 | 003,189,257 | ---- | C] () -- C:\Users\joy\Let It Be.mp3
[2014/01/31 14:28:48 | 004,277,129 | ---- | C] () -- C:\Users\joy\whenever you come around.mp3
[2014/01/31 14:22:44 | 002,389,001 | ---- | C] () -- C:\Users\joy\Over You.mp3
[2014/01/25 21:02:47 | 004,788,865 | ---- | C] () -- C:\Users\joy\166525_76035776_f4eed61d25c4fc53b9c8_MediaStealer20140125210246.165.flv
[2014/01/23 14:38:13 | 010,044,072 | ---- | C] () -- C:\Users\joy\166525_10930755_f464ed1e6ae576abede9_mixed_MediaStealer20140123143809.391.mp4
[2014/01/23 14:37:40 | 008,422,688 | ---- | C] () -- C:\Users\joy\166525_63602908_2d87aba1d98e54a1d806_mixed_MediaStealer20140123143736.332.mp4
[2014/01/23 14:37:14 | 007,039,941 | ---- | C] () -- C:\Users\joy\166525_57976638_95ac188a36ad9ca36123_mixed_MediaStealer20140123143709.389.mp4
[2014/01/23 14:35:14 | 005,943,630 | ---- | C] () -- C:\Users\joy\166525_83005382_986e5676ca35090ec641_mixed_MediaStealer20140123143508.357.mp4
[2014/01/23 14:34:32 | 007,386,364 | ---- | C] () -- C:\Users\joy\166525_45440096_887bebc19e723e1d55d5_mixed_MediaStealer20140123143413.565.mp4
[2014/01/23 14:32:13 | 005,028,417 | ---- | C] () -- C:\Users\joy\Over You.mp4
[2014/01/19 01:26:40 | 005,028,417 | ---- | C] () -- C:\Users\joy\166525_59836474_e24366674333c918e41e_mixed_MediaStealer20140119012542.400.mp4
[2012/10/21 21:55:37 | 000,000,843 | ---- | C] () -- C:\Users\joy\.recently-used.xbel
[2012/04/11 01:20:27 | 000,053,322 | ---- | C] () -- C:\Users\joy\me2012.png
 
========== ZeroAccess Check ==========
 
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/08/06 13:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/08/06 12:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2015/07/29 11:23:52 | 000,000,000 | ---D | M] -- C:\Users\joy\AppData\Roaming\backup8
[2014/10/07 15:25:37 | 000,000,000 | ---D | M] -- C:\Users\joy\AppData\Roaming\Garmin
[2015/06/25 21:31:15 | 000,000,000 | ---D | M] -- C:\Users\joy\AppData\Roaming\iolo
[2014/08/01 11:38:26 | 000,000,000 | ---D | M] -- C:\Users\joy\AppData\Roaming\ioloGovernor
[2015/07/13 23:32:25 | 000,000,000 | ---D | M] -- C:\Users\joy\AppData\Roaming\iSkysoft Video Converter Ultimate
[2014/07/10 19:51:33 | 000,000,000 | ---D | M] -- C:\Users\joy\AppData\Roaming\Leadertech
[2014/09/24 12:35:15 | 000,000,000 | ---D | M] -- C:\Users\joy\AppData\Roaming\ManyCam
[2015/07/06 22:37:43 | 000,000,000 | ---D | M] -- C:\Users\joy\AppData\Roaming\ooVoo Details
[2015/06/30 23:17:24 | 000,000,000 | ---D | M] -- C:\Users\joy\AppData\Roaming\Opera Software
[2014/10/07 22:00:25 | 000,000,000 | ---D | M] -- C:\Users\joy\AppData\Roaming\PhotoFiltre 7
[2015/11/15 11:33:44 | 000,000,000 | ---D | M] -- C:\Users\joy\AppData\Roaming\QuickScan
[2014/08/19 19:26:07 | 000,000,000 | ---D | M] -- C:\Users\joy\AppData\Roaming\RoboForm
[2014/07/10 23:41:25 | 000,000,000 | ---D | M] -- C:\Users\joy\AppData\Roaming\Windows Live Writer
[2015/06/15 18:56:35 | 000,000,000 | ---D | M] -- C:\Users\joy\AppData\Roaming\Zoner
[2015/07/13 23:32:09 | 000,000,000 | ---D | M] -- C:\Users\joy\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 793 bytes -> C:\Users\joy\Documents\4RX_com_ Order receipt #502869.eml:OECustomProperty

< End of report >


  • 0

Advertisements







Similar Topics


Also tagged with one or more of these keywords: Windows 7, program has stopped working, virus

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP