Hi
Thank you for your help
I was not able to remove bearshare using add remove programs or ccleaner uninstall - can you please advise how to remove it using another method.
Here are the logs you requested - mbam took over 10 hours !!
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.orgDatabase version: 5194
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11
27/11/2010 15:22:25
mbam-log-2010-11-27 (15-22-25).txt
Scan type: Full scan (C:\|)
Objects scanned: 351264
Time elapsed: 10 hour(s), 56 minute(s), 1 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Documents and Settings\julie\Local Settings\Temp\$0EAB0759.t$m (Trojan.P2P.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\julie\Local Settings\Temp\$6C333D54.t$m (Trojan.P2P.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\julie\Local Settings\Temp\$71085195.t$m (Trojan.P2P.Dropper) -> Quarantined and deleted successfully.
C:\Program Files\Windows Live\Messenger\riched20.dll (PUP.FunWebProducts) -> Quarantined and deleted successfully.
Here is the next one
Logfile of random's system information tool 1.08 (written by random/random)
Run by dave at 2010-11-27 15:27:36
Microsoft Windows XP Professional Service Pack 3
System drive C: has 199 GB (85%) free of 234 GB
Total RAM: 3071 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:27:55, on 27/11/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17091)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\blueyonder\PCguard advisor\PCguardadvisor.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Documents and Settings\dave\Desktop\RSIT.exe
C:\Program Files\trend micro\dave.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.sky.comR1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
http://search.bearshare.com/sidebar.html?src=ssbR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://search.bearshare.com/sidebar.html?src=ssbR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://search.bearshare.com/sidebar.html?src=ssbR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://uk.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://uk.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://search.bearshare.com/sidebar.html?src=ssbR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://uk.search.yahoo.com/search?fr=mcafee&p=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer Provided By Sky Broadband
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101103135822.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PCguardadvisor.exe] "C:\Program Files\blueyonder\PCguard advisor\PCguardadvisor.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search -
res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites -
http://favorites.live.com/quickadd.aspxO8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... -
res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} -
http://www.sky.com (file missing)
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\gemma\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.meshcomputers.com
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 13817 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-02-27 61816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL [2007-03-30 722472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mskapbho.dll [2010-05-03 245272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101103135822.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-26 297648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-10-26 843832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2010-08-04 228256]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-22 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-22 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2010-08-04 228256]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-26 297648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"Ptipbmf"=ptipbmf.dll,SetWriteCacheMode []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-08-11 7630848]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-08-11 86016]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-02 577536]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"PCguardadvisor.exe"=C:\Program Files\blueyonder\PCguard advisor\PCguardadvisor.exe [2006-04-28 1888256]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2010-09-10 1193848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"Power2GoExpress"= []
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-27 68856]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-10-18 204288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY]
C:\PROGRA~1\AVG\AVG8\avgtray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
C:\Program Files\CyberLink\PowerCinema\PCMService.exe [2005-01-14 110744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-03-18 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryCleanFixMFC]
C:\Program Files\RegistryCleaner\registrycleaner2008.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\REGSHAVE]
C:\Program Files\REGSHAVE\REGSHAVE.EXE [2002-02-04 53248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-11-18 2001648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-27 68856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2005-12-02 151597]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Workflow]
D:\Workflow.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [1999-02-17 65588]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NETGEAR WG111v3 Smart Wizard.lnk]
C:\PROGRA~1\NETGEAR\WG111v3\WG111v3.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NETGEAR WPN111 Smart Wizard.lnk]
C:\PROGRA~1\NETGEAR\WPN111\wpn111.exe []
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-22 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-23 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe"="C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe:*:Enabled:PowerCinema"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\SwiftSwitch\SwiftSwitch.exe"="C:\Program Files\SwiftSwitch\SwiftSwitch.exe:*:Enabled:World Switcher for RuneScape"
"C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe"
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Disabled:BearShare"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice"
"C:\Program Files\Steam\steamapps\twister625\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\twister625\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Steam\steamapps\0wn3dpl0z\condition zero\hl.exe"="C:\Program Files\Steam\steamapps\0wn3dpl0z\condition zero\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe"="C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe"="C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Steam\steamapps\0wn3dpl0z\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\0wn3dpl0z\counter-strike\hl.exe:*:Enabled:Counter-Strike"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
======File associations======
.scr - open - "%1" /S "%3"
======List of files/folders created in the last 1 months======
2019-03-07 17:57:37 ----RASH---- C:\boot.ini
2019-03-07 17:57:22 ----A---- C:\WINDOWS\system32\drivers\viamraid.sys
2019-03-07 17:57:21 ----A---- C:\WINDOWS\system32\ptipbmf.dll
2019-03-07 17:57:21 ----A---- C:\WINDOWS\system32\drivers\iaStor.sys
2019-03-07 17:57:21 ----A---- C:\WINDOWS\system32\drivers\Fasttx2k.sys
2019-03-07 17:57:20 ----A---- C:\WINDOWS\system32\oeminfo.ini
2019-03-07 17:57:18 ----AC---- C:\WINDOWS\system32\wmvdmoe2.dll
2019-03-07 17:57:18 ----AC---- C:\WINDOWS\system32\wmvdmod.dll
2019-03-07 17:57:18 ----AC---- C:\WINDOWS\system32\wmstream.dll
2019-03-07 17:57:18 ----AC---- C:\WINDOWS\system32\wmspdmoe.dll
2019-03-07 17:57:18 ----AC---- C:\WINDOWS\system32\wmsdmoe2.dll
2019-03-07 17:57:18 ----AC---- C:\WINDOWS\system32\wmsdmoe.dll
2019-03-07 17:57:18 ----AC---- C:\WINDOWS\system32\wmsdmod.dll
2019-03-07 17:57:18 ----AC---- C:\WINDOWS\system32\wmpui.dll
2019-03-07 17:57:18 ----AC---- C:\WINDOWS\system32\wmpasf.dll
2019-03-07 17:57:18 ----AC---- C:\WINDOWS\system32\blastcln.exe
2019-03-07 17:57:18 ----A---- C:\WINDOWS\system32\WMVCore.dll
2019-03-07 17:57:18 ----A---- C:\WINDOWS\system32\wmspdmod.dll
2019-03-07 17:57:18 ----A---- C:\WINDOWS\system32\wmpshell.dll
2019-03-07 17:57:18 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2019-03-07 17:57:18 ----A---- C:\WINDOWS\system32\wmp.dll
2019-03-07 17:57:18 ----A---- C:\WINDOWS\system32\winshfhc.dll
2019-03-07 17:57:17 ----AC---- C:\WINDOWS\system32\wmpcore.dll
2019-03-07 17:57:17 ----AC---- C:\WINDOWS\system32\wmpcd.dll
2019-03-07 17:57:17 ----AC---- C:\WINDOWS\system32\wmidx.dll
2019-03-07 17:57:17 ----AC---- C:\WINDOWS\system32\wmerror.dll
2019-03-07 17:57:17 ----AC---- C:\WINDOWS\system32\wmdmps.dll
2019-03-07 17:57:17 ----AC---- C:\WINDOWS\system32\wmdmlog.dll
2019-03-07 17:57:17 ----A---- C:\WINDOWS\system32\wmploc.dll
2019-03-07 17:57:17 ----A---- C:\WINDOWS\system32\WMNetmgr.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\wmadmoe.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\strmdll.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\msscp.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\msdxmlc.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\MPG4DMOD.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\MP4SDMOD.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\MP43DMOD.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\logagent.exe
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\dxmasf.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\drmv2clt.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\drmstor.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\drmclien.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\cewmdm.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\blackbox.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\asferror.dll
2019-03-07 17:57:16 ----A---- C:\WINDOWS\system32\wmasf.dll
2019-03-07 17:57:16 ----A---- C:\WINDOWS\system32\WMADMOD.dll
2019-03-07 17:57:16 ----A---- C:\WINDOWS\system32\shmedia.dll
2019-03-07 17:57:16 ----A---- C:\WINDOWS\system32\mswmdm.dll
2019-03-07 17:57:16 ----A---- C:\WINDOWS\system32\mspmsp.dll
2019-03-07 17:57:16 ----A---- C:\WINDOWS\system32\mspmsnsv.dll
2019-03-07 17:57:16 ----A---- C:\WINDOWS\system32\msnetobj.dll
2019-03-07 17:57:16 ----A---- C:\WINDOWS\system32\LAPRXY.dll
2019-03-07 17:57:13 ----RASH---- C:\NTDETECT.COM
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\vmmreg32.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\vga64k.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\vga256.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\spnpinst.exe
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\pentnt.exe
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\osuninst.exe
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\odtext32.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\odpdx32.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\odfox32.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\odexl32.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\oddbse32.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\msxbde40.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\msvcrt20.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\mstext40.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\msrepl40.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\msrecr40.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\msrd2x40.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\msrclr40.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\msr2cenu.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\msr2c.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\mspbde40.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\msltus40.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\msexcl40.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\msexch40.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\migpwd.exe
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\lnkstub.exe
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\krnl386.exe
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\ir50_qcx.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\ir50_qc.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\ir41_qcx.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\ir41_qc.dll
2019-03-07 17:57:13 ----A---- C:\WINDOWS\system32\ir50_32.dll
2019-03-07 17:57:13 ----A---- C:\WINDOWS\system32\drivers\update.sys
2019-03-07 17:57:13 ----A---- C:\WINDOWS\system32\drivers\mnmdd.sys
2019-03-07 17:57:12 ----AC---- C:\WINDOWS\system32\wmerrenu.dll
2019-03-07 17:57:12 ----AC---- C:\WINDOWS\system32\d3dramp.dll
2019-03-07 17:57:12 ----AC---- C:\WINDOWS\system32\ctl3d32.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\kbdycl.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\kbdycc.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\kbduzb.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\kbdtuq.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\kbdtuf.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\kbdtat.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\kbdsl1.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\kbdsl.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\kbdru1.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\kbdru.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\kbdro.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\edit.com
2019-03-07 17:57:11 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2019-03-07 17:57:11 ----A---- C:\WINDOWS\system32\xpsp1res.dll
2019-03-07 17:57:11 ----A---- C:\WINDOWS\system32\xpob2res.dll
2019-03-07 17:57:01 ----AC---- C:\WINDOWS\system32\mslbui.dll
2019-03-07 17:57:01 ----AC---- C:\WINDOWS\system32\msctfp.dll
2019-03-07 17:57:01 ----A---- C:\WINDOWS\system32\msutb.dll
2019-03-07 17:57:01 ----A---- C:\WINDOWS\system32\msimtf.dll
2019-03-07 17:57:01 ----A---- C:\WINDOWS\system32\msctf.dll
2019-03-07 17:57:01 ----A---- C:\WINDOWS\system32\ctfmon.exe
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\xmlprovi.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\xenroll.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\xcopy.exe
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\xactsrv.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wupdmgr.exe
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wstdecod.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wshrm.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wshnetbs.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wshisn.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wship6.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wshcon.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wshatm.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wsecedit.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wscript.exe
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wscntfy.exe
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wpnpinst.exe
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wpabaln.exe
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wowexec.exe
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\kbdinmal.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\kbdinben.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\kbdinbe1.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\drivers\ws2ifsl.sys
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\zipfldr.dll
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\xmlprov.dll
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\wsock32.dll
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\wshtcpip.dll
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\wshext.dll
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\wscsvc.dll
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\ws2help.dll
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\ws2_32.dll
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\wowdeb.exe
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\wow32.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\winhlp32.exe
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\winhelp.exe
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\wmiscmgr.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\wmiprop.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\winver.exe
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\winstrm.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\winntbbu.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\winnls.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\winmsd.exe
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\wininet(3).dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\wininet(2).dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\winhlp32.exe
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\winfax.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\win.com
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\wifeman.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\wiavusd.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\wiavideo.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\wiadss.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\wiadefui.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\wextract.exe
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\webvw.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\webhits.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\webcheck(2).dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\win.ini
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\wmi.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\wlnotify.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\wldap32.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\wkssvc.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\wintrust.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\winsta.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\winsrv.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\winspool.exe
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\winsock.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\winscard.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\winrnr.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\winmm.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\winlogon.exe
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\winipsec.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\wininet.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\winhttp.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\winbrand.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\win87em.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\win32spl.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\win32k.sys
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\wiashext.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\wiaservc.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\wiascr.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\webclnt.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\webcheck.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\drivers\wmilib.sys
2019-03-07 17:56:58 ----C---- C:\WINDOWS\system32\vbajet32.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\twunk_32.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\twunk_16.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\twain_32.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\twain.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\wavemsp.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\w32topl.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\w32tm.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\vwipxspx.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\vwipxspx.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\vssadmin.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\vss_ps.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\vjoy.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\vfpodbc.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\verifier.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\verifier.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\ver.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\vdmredir.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\vcdex.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\utilman.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\urlmon(3).dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\urlmon(2).dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\url(3).dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\url(2).dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\ureg.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\upnpui.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\upnpcont.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\untfs.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\unlodctr.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\umdmxfrm.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\umandlg.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\ulib.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\ufat.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\udhisapi.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\typeperf.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tsd32.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tsappcmp.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tree.com
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tracert6.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tracert.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tracerpt.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tlntsvrp.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tlntsess.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tlntadmn.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tftp.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\telnet.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tcpsvcs.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tcpmonui.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tcpmon.ini
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tcpmib.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tcmsetup.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\taskman.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tasklist.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\taskkill.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tapiui.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tapiperf.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tapi.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\systray.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\syssetup.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\syskey.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\sysinv.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\sysedit.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\synceng.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\syncapp.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\swprv.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\svcpack.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\subst.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\stimon.exe
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\wdigest.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\watchdog.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\w3ssl.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\w32time.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\vssvc.exe
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\vssapi.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\vga.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\version.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\vdmdbg.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\vbscript.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\uxtheme.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\utildll.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\usp10.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\userinit.exe
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\userenv.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\user32.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\user.exe
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\usbmon.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\urlmon.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\url.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\ups.exe
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\upnphost.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\upnp.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\uniplat.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\unimdmat.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\typelib.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\txflog.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\twext.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\tsddd.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\trkwks.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\traffic.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\toolhelp.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\tlntsvr.exe
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\themeui.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\termmgr.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\tcpmon.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\taskmgr.exe
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\tapisrv.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\tapi32.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\tapi3.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\t2embed.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\syncui.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\sxs.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\svchost.exe
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\strmfilt.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\storage.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\stobject.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\sti_ci.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\sti.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\srvsvc.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\osuninst.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\drivers\videoprt.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\drivers\vga.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\drivers\usb8023.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\drivers\tdi.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\drivers\tcpip6.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\drivers\tape.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system.ini
2019-03-07 17:56:57 ----AC---- C:\WINDOWS\system32\sqlwoa.dll
2019-03-07 17:56:57 ----AC---- C:\WINDOWS\system32\sqlwid.dll
2019-03-07 17:56:57 ----AC---- C:\WINDOWS\system32\sqlunirl.dll
2019-03-07 17:56:57 ----AC---- C:\WINDOWS\system32\sqlsrv32.dll
2019-03-07 17:56:57 ----AC---- C:\WINDOWS\system32\sprestrt.exe
2019-03-07 17:56:57 ----AC---- C:\WINDOWS\system32\spiisupd.exe
2019-03-07 17:56:57 ----AC---- C:\WINDOWS\system32\sort.exe
2019-03-07 17:56:57 ----AC---- C:\WINDOWS\system32\snmpsnap.dll
2019-03-07 17:56:57 ----AC---- C:\WINDOWS\system32\smlogcfg.dll
2019-03-07 17:56:57 ----AC---- C:\WINDOWS\system32\drivers\smclib.sys
2019-03-07 17:56:57 ----A---- C:\WINDOWS\system32\spoolsv.exe
2019-03-07 17:56:57 ----A---- C:\WINDOWS\system32\spoolss.dll
2019-03-07 17:56:57 ----A---- C:\WINDOWS\system32\softpub.dll
2019-03-07 17:56:57 ----A---- C:\WINDOWS\system32\snmpapi.dll
2019-03-07 17:56:57 ----A---- C:\WINDOWS\system32\smss.exe
2019-03-07 17:56:57 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2019-03-07 17:56:56 ----RC---- C:\WINDOWS\system32\rsop.msc
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\smbinst.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\skeys.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\skdll.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\sisbkup.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\sigverif.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\sigtab.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\shutdown.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\shrpubw.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\share.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\sfmapi.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\sfc.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\setver.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\setupdll.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\setup.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\sethc.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\serwvdrv.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\services.msc
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\serialui.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\senscfg.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\sendcmsg.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\secpol.msc
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\secedit.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\sdpblb.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\sdbinst.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\scriptpw.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\scredir.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\schtasks.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\scardssp.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\sc.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\sbeio.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\savedump.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\runonce.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\runas.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rtm.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rtipxmib.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rtcshare.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rsvpperf.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rsvpmsg.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rsvp.ini
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rsopprov.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rsnotify.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rsmui.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rsmsink.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rsmps.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rsm.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rsh.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rsfsaps.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rpcns4.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\routetab.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\routemon.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\route.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rnr20.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rexec.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\replace.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rend.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\relog.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\regwizc.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\regwiz.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\regedt32.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\reg.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\redir.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\recover.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rdpdd.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rcp.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rcimlby.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rasser.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rassapi.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rasrad.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rasphone.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rasmxs.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rasmontr.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rasdial.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rasctrs.ini
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rasctrs.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rasautou.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\qosname.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\qedwipes.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\qedit.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\qdvd.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\qdv.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\qcap.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\pubprn.vbs
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\pstorec.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\psnppagn.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\pschdprf.ini
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\pschdprf.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\proxycfg.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\proquota.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\prodspec.ini
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\prnqctl.vbs
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\prnport.vbs
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\prnmngr.vbs
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\prnjobs.vbs
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\prndrvr.vbs
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\prncnfg.vbs
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\print.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\prflbmsg.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\powercfg.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\polstore.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\gpupdate.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\drivers\rawwan.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\slbrccsp.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\slbiop.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\slbcsp.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\slayerxp.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shsvcs.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shscrap.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shmgrate.exe
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shlwapi.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shimgvw.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shimeng.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shgina.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shfolder.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shell32.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shell.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shdocvw.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shdoclc.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\sfcfiles.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\sfc_os.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\sfc.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\setupapi.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\services.exe
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\sensapi.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\sens.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\sendmail.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\security.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\secur32.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\seclogon.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\scrrun.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\scrobj.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\sclgntfy.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\schannel.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\scesrv.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\scecli.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\sccsccp.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\sccbase.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\scardsvr.exe
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\scarddlg.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\sbe.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\samsrv.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\samlib.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rundll32.exe
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rtutils.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rsvpsp.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rsvp.exe
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rshx32.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rsaenh.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rpcss.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\riched32.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\riched20.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\resutils.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\regsvr32.exe
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\regsvc.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\regapi.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rcbdyctl.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rastls.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rastapi.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rasppp.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rasmans.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rasman.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rasdlg.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\raschap.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rasauto.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rasapi32.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rasadhlp.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\query.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\quartz.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\qasf.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\pstorsvc.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\psbase.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\psapi.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\progman.exe
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\profmap.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\printui.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\powrprof.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\msftedit.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drprov.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\secdrv.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\rootmdm.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\rndismp.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\rdpcdd.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\raspti.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\raspptp.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\raspppoe.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\rasacd.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\ptilink.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\psched.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\regedit.exe
2019-03-07 17:56:55 ----RC---- C:\WINDOWS\system32\perfmon.msc
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\pnrpnsp.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\plustab.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ping6.exe
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ping.exe
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\pifmgr.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\perfwci.ini
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\perfts.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\perfnw.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\perfnet.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\perfmon.exe
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\perffilt.ini
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\perfctrs.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\perfci.ini
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\pautoenr.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\pathping.exe
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\panmap.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\packager.exe
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\p2psvc.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\p2pnetsh.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\p2pgraph.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\p2pgasvc.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\p2p.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\osk.exe
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\opengl32.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\oleprn.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\oleaccrc.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\offfilt.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbctrac.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbcp32r.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbcjt32.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbcji32.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbccu32.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbccr32.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbccp32.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbcconf.exe
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbcconf.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbcad32.exe
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbc32gt.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbc16gt.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\objsel.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\nwwks.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\nwscript.exe
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\nwprovau.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\nwevent.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\nwcfg.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\nwapi32.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\nwapi16.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\nw16.exe
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntvdmd.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntsdexts.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntprint.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntmsoprq.msc
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntmsmgr.msc
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntmsmgr.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntmsevt.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntmsdba.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntmsapi.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntlanui.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntio804.sys
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntio412.sys
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntio411.sys
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntio404.sys
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntio.sys
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntdsbcli.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntdos804.sys
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntdos412.sys
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntdos411.sys
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntdos404.sys
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntdos.sys
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\nslookup.exe
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\npptools.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\drivers\nwlnkspx.sys
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\drivers\nwlnknb.sys
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\pngfilt.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\pmspl.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\pidgen.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\photowiz.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\perfproc.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\perfos.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\perfdisk.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\pdh.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\olethk32.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\olesvr32.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\olesvr.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\olepro32.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\oledlg.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\olecnv32.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\olecli32.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\olecli.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\oleaut32.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\oleacc.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\ole32.dll