Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

corrupt system restore + virus scanner not detecting

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

corrupt system restore + virus scanner not detecting

Unread postby quazzer » July 20th, 2010, 11:27 am

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:26:31, on 20/07/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\M-Audio\Axiom\AudioDevMon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files 2\Digidesign\Drivers\MMERefresh.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Iconix\IconixService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdeserv.exe
C:\WINDOWS\system32\lxdecoms.exe
C:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\TalkTalk\bin\sprtsvc.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\PROGRA~1\BabylonIM\Bandoo.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\DeltaIITray.exe
C:\Program Files\Iconix\OEAddOn\OEdmn_6.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Program Files 2\Hijack This\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 0.0.0.0:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: IconixBHOClass Class - {761233B6-F228-49E4-8F6B-668499D4E55A} - C:\Program Files\Iconix\IEAddOn\IconixBHO_42.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - (no file)
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\system32\DeltaIITray.exe
O4 - HKLM\..\Run: [IconixOEAddOn] "C:\Program Files\Iconix\OEAddOn\OEdmn_6.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [DefaultP17] resdef.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [DefaultP17] resdef.exe (User 'Default user')
O4 - Startup: Logitech . Product Registration.lnk.disabled
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Oli\Application Data\DVDVideoSoftIEHelpers\youtubedownload.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.meshcomputers.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/ ... /CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B362AF29-CDCD-4F94-B295-4419DFF75298}: NameServer = 192.168.2.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: c:\progra~1\babylonim\bndhook.dll C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Axiom Audio Device Monitor (AxiomAudioDevMon) - M-Audio - C:\Program Files\M-Audio\Axiom\AudioDevMon.exe
O23 - Service: BabylonIM Coordinator - Discordia Limited - C:\PROGRA~1\BabylonIM\Bandoo.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - D:\Program Files 2\Digidesign\Drivers\MMERefresh.exe
O23 - Service: digiSPTIService - Digidesign, A Division of Avid Technology, Inc. - D:\Program Files 2\Digidesign\Pro Tools\digiSPTIService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Iconix Update Service (IconixService) - Unknown owner - C:\Program Files\Common Files\Iconix\IconixService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: lxdeCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdeserv.exe
O23 - Service: lxde_device - - C:\WINDOWS\system32\lxdecoms.exe
O23 - Service: MacDrive service (MacDriveService) - Mediafour Corporation - C:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SupportSoft Sprocket Service (TalkTalk) (sprtsvc_TalkTalk) - SupportSoft, Inc. - C:\Program Files\TalkTalk\bin\sprtsvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: SupportSoft Repair Service (TalkTalk) (tgsrvc_TalkTalk) - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 12079 bytes
quazzer
Regular Member
 
Posts: 76
Joined: January 21st, 2007, 3:49 pm
Location: South West
Advertisement
Register to Remove

Re: corrupt system restore + virus scanner not detecting

Unread postby MWR 3 day Mod » July 24th, 2010, 2:42 am

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.
MWR 3 day Mod
MRU Undergrad
MRU Undergrad
 
Posts: 2534
Joined: April 4th, 2008, 8:40 am

Re: corrupt system restore + virus scanner not detecting

Unread postby deltalima » July 26th, 2010, 3:30 am

Hi quazzer,

Welcome to the forum.

My nickname is deltalima and I will be helping you with your computer problems.

The logs can take some time to research, so please be patient with me.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.


Please note the following:
  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

Uninstall List
  • Open HijackThis.
  • Look under System tools.
  • Click on the Open Uninstall Manager... button.
  • Click on the Save list... button.
  • It will prompt you to save. Save this log in a convenient location. By default it's named uninstall_list.txt.
  • Notepad will open. Please copy and paste the contents of this log in your next reply.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: corrupt system restore + virus scanner not detecting

Unread postby quazzer » July 26th, 2010, 8:35 am

ABBYY FineReader 6.0 Sprint
AC3Filter 1.63b
Addictive Drums 1.1.1
Addictive Drums ADpak Retro
Adobe AIR
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Audition 3.0
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color Common Settings
Adobe Community Help
Adobe Community Help
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Download Manager
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Illustrator CS5
Adobe Linguistics CS3
Adobe Media Player
Adobe Media Player
Adobe PDF Library Files
Adobe Photoshop CS5
Adobe Premiere Pro CS3
Adobe Premiere Pro CS3
Adobe Premiere Pro CS3 Functional Content
Adobe Premiere Pro CS3 Third Party Content
Adobe Reader 9.3.3
Adobe Setup
Adobe SVG Viewer 3.0
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe XMP DVA Panels CS3
Adobe XMP Panels CS3
AKAI professional DCVocoder 1.0
Antares Autotune VST v5.09
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASAPI Update
Audacity 1.2.6
BassStation
Belarc Advisor 8.1
Bluetooth Stack for Windows by Toshiba
Bonjour
CCleaner
CmdHere Powertoy For Windows XP
COMODO Internet Security
Critical Update for Windows Media Player 11 (KB959772)
Data Lifeguard Diagnostic for Windows
Defraggler
Delta
Digidesign Free Bomb Factory Plug-Ins 7.4
Digidesign Music Production Toolkit 7.4
Digidesign Pro Tools M-Powered 7.4cs2
Digidesign Shared Plug-Ins 7.4
D-Link VGA Webcam
Enigma
eReg
erLT
FabFilter Pro-C VST RTAS v1.1.1
FabFilter Timeless v1.00 VST
FabFilter Twin VSTi RTAS v2.00
FabFilter Volcano VST RTAS v2.02
ffdshow v1.1.3489 [2010-06-28]
FileHippo.com Update Checker
Free Audio CD Burner version 1.2
Free YouTube Download 2.6
Free YouTube to MP3 Converter version 3.3
FreeRIP v3.03
GForce - Oddity
Haali Media Splitter
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HiJackThis
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 10 (KB910393)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB895961-v4)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Icon Restore 1.0
Iconix® eMail ID
ImTOO HD Video Converter
Interlok driver setup x32
IsoBuster 2.8
iTunes
iZotope Ozone 4
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 5
Java(TM) 6 Update 2
Java(TM) 6 Update 20
Java(TM) 6 Update 3
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
Lexmark 4800 Series
Live 8.0.4
Logitech Desktop Messenger
Logitech SetPoint 6.1
LogonStudio
MacDrive 7
Malwarebytes' Anti-Malware
M-Audio Axiom Driver 1.1.1 (x86)
M-Audio Delta Driver 6.0.2 (x86)
M-Audio Reason Control Surface
Medieval CUE Splitter
Melodyne 3.1
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Virtual PC 2007
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Microsoft WSE 3.0 Runtime
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Miroslav Philharmonik
Mozilla Firefox (3.6.8)
Mp3tag v2.45a
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
Music Cleaning Studio
Native Instruments Absynth 4
Native Instruments FM8 v1.0.1.002 VSTi DXi RTAS
Native Instruments Kontakt 3
Native Instruments Massive v1.0.1.008 VSTi DXi RTAS
Native.Instruments Battery v3.0.1.005 VSTi DXi RTAS
Nero 7
neroxml
NVIDIA Drivers
NVIDIA nView Desktop Manager
OrangeVocoder v2.0-OxYGeN
PDF Settings CS5
QuickTime
Rail Simulator
Realtek High Definition Audio Driver
Reason 3.0
Reason 4.0
Recover My Photos
reFX Nexus Demo
Revo Uninstaller 1.89
rgc:audio sfz VSTi v1.96
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB980376)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB982135)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB982381)
Segoe UI
Sonnox Oxford Inflator Native VST v1.5.1
Spybot - Search & Destroy
Spybot - Search & Destroy 1.5.2.20
SpywareBlaster 4.3
Steinberg Cubase 5
Steinberg Drum Loop Expansion 01
Steinberg Groove Agent ONE Content
Steinberg HALionOne
Steinberg HALionOne Additional Content Set 01
Steinberg HALionOne Expression Set
Steinberg HALionOne GM Drum Set
Steinberg HALionOne GM Set
Steinberg HALionOne Pro Set
Steinberg HALionOne Studio Drum Set
Steinberg HALionOne Studio Set
Steinberg LoopMash Content
Steinberg REVerence Content 01
SUPERAntiSpyware
TalkTalk Assist & Go
TightVNC 2.0.2
TL Space Native 7.4
TomTom HOME 2.7.4.1962
TomTom HOME Visual Studio Merge Modules
Trilogy
Tunatic
Tweak UI
Uninstall 1.0.0.1
Unity Web Player
Unlocker 1.8.7
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft Windows (KB971513)
Update for Outlook 2007 Junk Email Filter (kb2202131)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB943729)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951618-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
Videora iPod Converter 4.06
Viewpoint Media Player
Vista Icon Pack v3 System Patch
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.1.0
V-Station 1.5.1
Waves Mercury Complete VST DX RTAS v1.01
WinAVI Video Capture 2.0
Windows 7 Upgrade Advisor
Windows Imaging Component
Windows Internet Explorer 7
Windows Live Essentials
Windows Live Essentials
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows Presentation Foundation
Windows XP Media Center Edition 2005 KB905589
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinRAR archiver
quazzer
Regular Member
 
Posts: 76
Joined: January 21st, 2007, 3:49 pm
Location: South West

Re: corrupt system restore + virus scanner not detecting

Unread postby deltalima » July 26th, 2010, 8:49 am

Hi quazzer,

corrupt system restore + virus scanner not detecting


Please let me know if your antivirus program has detected any infections at all recently and if so please post the relevant logs.

Please also let me know what symptoms there are that suggest that a virus is present but not detected on the system.

Next

  • Please download this tool from Microsoft.
  • Double click on MGADiag.exe to run it.
  • Click Continue.
  • The program will run. It takes a while to finish the diagnosis, please be patient.
  • Once done, click on Copy.
  • Open Notepad and paste the contents in the window.
  • Save this file and copy/paste it in your next reply.

CKScanner

  • Please download CKScanner from here to your Desktop.
Make sure that CKScanner.exe is on the your Desktop before running the application!
  • Double-click on CKScanner.exe and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved
  • Double-click on the CKFiles.txt icon on your Desktop and copy/paste the contents in your next reply.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: corrupt system restore + virus scanner not detecting

Unread postby quazzer » July 26th, 2010, 10:21 am

Hi and thank you deltamina for assisting me.

I keep on getting the same warning by comodo antivirus indicating that I have a virus within my system restore. It keeps popping up every 5 days or so even though every time I quarantine it, so this indicates that it can't carry out this action properly.

When trying to restore my computer to an earlier point it fails to do so, also indicating that it must be corrupt.

The name of the virus detected is heur.supicious@20049611 in c:\System Volume Information\_Restore...

_________________________________________________________________________________________________________
MGADiag.exe Results...

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-Q7R8X-9TV93-6Y2DB
Windows Product Key Hash: T2VlDa5zFsjUQJi/LJqIb2c1c2w=
Windows Product ID: 76488-OEM-2284561-69176
Windows Product ID Type: 3
Windows License Type: OEM System Builder
Windows OS version: 5.1.2600.2.00010100.3.0.med
ID: {EC476C46-D847-4FCA-BC79-677D632C7B90}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.9.42.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: 0
File Exists: Yes
Version: 1.7.17.0
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: Microsoft

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 108 Invalid VLK
Microsoft Office Enterprise 2007 - 108 Invalid VLK
OGA Version: Registered, 1.6.21.0
Signed By: Microsoft
Office Diagnostics: B4D0AA8B-604-645_B4D0AA8B-604-645_025D1FF3-230-1_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{EC476C46-D847-4FCA-BC79-677D632C7B90}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.3.0.med</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-6Y2DB</PKey><PID>76488-OEM-2284561-69176</PID><PIDType>3</PIDType><SID>S-1-5-21-3139917023-2047343290-364979358</SID><SYSTEM><Manufacturer>System manufacturer</Manufacturer><Model>System Product Name</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>ASUS P5N-E SLI ACPI BIOS Revision 0202</Version><SMBIOSVersion major="2" minor="4"/><Date>20061122000000.000000+000</Date></BIOS><HWID>86E0361F0184CE7A</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>2</stat><msppid></msppid><name>MESH Computers</name><model>MESH</model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.7.17.0"/><File Name="WgaLogon.dll" Version="1.7.17.0"/></GANotification></MachineData><Software><Office><Result>108</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>108</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>272C5A7FCD82586</Val><Hash>KrUe+T3QuM5YYZUtKdfMGBsyuD8=</Hash><Pid>89388-707-5262724-65931</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="108"/><App Id="16" Version="12" Result="108"/><App Id="18" Version="12" Result="108"/><App Id="19" Version="12" Result="108"/><App Id="1A" Version="12" Result="108"/><App Id="1B" Version="12" Result="108"/><App Id="44" Version="12" Result="108"/><App Id="A1" Version="12" Result="108"/><App Id="BA" Version="12" Result="108"/></Applications></Office></Software></GenuineResults>

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: no
Marker string from BIOS: N/A
Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005

OEM Activation 2.0 Data-->
N/A

_________________________________________________________________________________________________________

CKScanner Log....

CKScanner - Additional Security Risks - These are not necessarily bad
c:\documents and settings\oli\my documents\ableton\library\presets\audio effects\vinyl distortion\crack.adv
c:\documents and settings\oli\my documents\college\memory stick backup\year 1\08-03-09\samples\sound fx\video copilot fx\designer sound fx\abstract (100)\sounds (80)\freeze icy crackling.wav.asd
c:\documents and settings\oli\my documents\college\memory stick backup\year 1\08-03-09\samples\sound fx\video copilot fx\designer sound fx\abstract (100)\sounds (80)\ice crackling 01, thin ice.wav.asd
c:\documents and settings\oli\my documents\college\memory stick backup\year 1\08-03-09\samples\sound fx\video copilot fx\designer sound fx\abstract (100)\sounds (80)\ice crackling 02, thin ice, louder.wav.asd
c:\documents and settings\oli\my documents\college\memory stick backup\year 1\08-03-09\samples\sound fx\video copilot fx\designer sound fx\abstract (100)\sounds (80)\window crack 01.wav.asd
c:\documents and settings\oli\my documents\college\memory stick backup\year 1\08-03-09\samples\sound fx\video copilot fx\designer sound fx\abstract (100)\sounds (80)\window crack 02.wav.asd
c:\documents and settings\oli\my documents\college\memory stick backup\year 1\08-03-09\samples\sound fx\video copilot fx\designer sound fx\impacts (100)\evil crack 01.wav.asd
c:\documents and settings\oli\my documents\college\memory stick backup\year 1\08-03-09\samples\sound fx\video copilot fx\designer sound fx\impacts (100)\evil crack 03.wav.asd
c:\documents and settings\oli\my documents\college\memory stick backup\year 1\08-03-09\samples\sound fx\video copilot fx\designer sound fx\impacts (100)\evil crack 04.wav.asd
c:\documents and settings\oli\my documents\college\year 2\paul\music 2 multimedia\music samples\h.e.samples 07\._cracker 1.aif
c:\documents and settings\oli\my documents\college\year 2\paul\music 2 multimedia\music samples\h.e.samples 07\._cracker 2.aif
c:\documents and settings\oli\my documents\college\year 2\paul\music 2 multimedia\music samples\h.e.samples 07\cracker 1.aif
c:\documents and settings\oli\my documents\college\year 2\paul\music 2 multimedia\music samples\h.e.samples 07\cracker 2.aif
c:\documents and settings\oli\my documents\imtoo software studio\hd video converter\crack.js
c:\program files\common files\digidesign\dae\plug-in settings\mastererizer\mc dj yuppie cracker.tfx
c:\program files\common files\digidesign\dae\plug-ins\waves plugins\plug-ins\xcrackle.dll
c:\program files\common files\digidesign\dae\plug-ins\waves plugins\plug-ins\documents\xcrackle.pdf
c:\program files\common files\native instruments\shared content\sounds\fm7\beam cracker bass.ksd
c:\program files\common files\native instruments\shared content\sounds\fm7\cracklephone.ksd
c:\program files\common files\native instruments\shared content\sounds\massive\crackle carl.ksd
c:\program files\imtoo\hd video converter\script\crack.js
c:\program files\native instruments\battery 3\battery 3 library\08 - battery 2 kits\4 - special kits\cd kit 1 samples\cd crack2.nov
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\01 - bass drums\analog\kick crackly (live srapyard).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\02 - snare drums\acoustic\firecracker drum rh (marching band).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\02 - snare drums\rim shot and side stick\firecracker drum rim rh (marching band).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\02 - snare drums\rolls and bounces\firecracker drum roll (marching band).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\cd crack2 (cd 1).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\chonge (orgami).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\clip (orgami).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\crackle11 (glitch).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\crackle6 (glitch).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\crackle8 (glitch).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\creak (dakeat).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\fm perc (robati).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\fubky tone (dusty circuit).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\fun9 (cd 2).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\gramonasty (toksin 2).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\grunker (robati).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\jingle roll 1 (orgami).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\kickroom (prepared percussion).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\mw fm c1 08 (microwave).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\paper (noise).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\perc 1 (alkaloid).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\pieces (robati).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\pipe drag 1 (prepared percussion).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\scrath1 (hip hop b1).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\static (rnb).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\swa_cl1 (apparat).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\crackle\violent (alais).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\glitch and click\crackle (glitch).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\glitch and click\crackle10 (glitch).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\glitch and click\crackle2 (glitch).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\glitch and click\crackle3 (glitch).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\glitch and click\crackle4 (glitch).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\glitch and click\crackle5 (glitch).cl3
c:\program files\native instruments\battery 3\battery 3 library\10 - cell library\07 - synthetic\glitch and click\crackle7 (glitch).cl3
c:\program files\native instruments\battery 3\battery 3 library\11 - synthetic drums 2\dust kit\dust kit samples\crackedsnare.nov
c:\program files\native instruments\battery 3\battery 3 library\11 - synthetic drums 2\kai tracid kit\kai tracid kit samples\1984 crackel tom kt.nov
c:\program files\native instruments\battery 3\battery 3 library\11 - synthetic drums 2\kai tracid kit\kai tracid kit samples\1986 crackfuzz kt.nov
c:\program files\native instruments\battery 3\presets\effects\convolution\small rooms\firecracker snare.b3p
c:\program files\native instruments\battery 3\presets\effects\strip-cell-ifx\snare cracker.b3p
c:\program files\waves\plug-ins\xcrackle.dll
c:\program files\waves\plug-ins\xcrackle.dll.rsr
c:\program files\waves\plug-ins\documents\xcrackle.pdf
c:\program files\waves\plug-ins\plug-in settings\x-crackle settings.xps
scanner sequence 3.ZZ.11
----- EOF -----
quazzer
Regular Member
 
Posts: 76
Joined: January 21st, 2007, 3:49 pm
Location: South West

Re: corrupt system restore + virus scanner not detecting

Unread postby deltalima » July 26th, 2010, 10:36 am

Hi quazzer,

Microsoft Office is showing as having invalid license keys, please see the forum policy

If you wish to continue then you must either remove the product or obtain a valid licence for Office.

Please let me know your decision.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: corrupt system restore + virus scanner not detecting

Unread postby quazzer » July 26th, 2010, 11:22 am

I* have uninstalled microsoft office. Sorry for not reading the forum policy before hand.

new MGADiag results to verify uninstall...

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-Q7R8X-9TV93-6Y2DB
Windows Product Key Hash: T2VlDa5zFsjUQJi/LJqIb2c1c2w=
Windows Product ID: 76488-OEM-2284561-69176
Windows Product ID Type: 3
Windows License Type: OEM System Builder
Windows OS version: 5.1.2600.2.00010100.3.0.med
ID: {EC476C46-D847-4FCA-BC79-677D632C7B90}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.9.42.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: 0
File Exists: Yes
Version: 1.7.17.0
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: Microsoft

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: Registered, 1.6.21.0
Signed By: Microsoft
Office Diagnostics: B4D0AA8B-604-645_B4D0AA8B-604-645_B4D0AA8B-604-645_025D1FF3-230-1

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{EC476C46-D847-4FCA-BC79-677D632C7B90}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.3.0.med</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-6Y2DB</PKey><PID>76488-OEM-2284561-69176</PID><PIDType>3</PIDType><SID>S-1-5-21-3139917023-2047343290-364979358</SID><SYSTEM><Manufacturer>System manufacturer</Manufacturer><Model>System Product Name</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>ASUS P5N-E SLI ACPI BIOS Revision 0202</Version><SMBIOSVersion major="2" minor="4"/><Date>20061122000000.000000+000</Date></BIOS><HWID>86E0361F0184CE7A</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>2</stat><msppid></msppid><name>MESH Computers</name><model>MESH</model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.7.17.0"/><File Name="WgaLogon.dll" Version="1.7.17.0"/></GANotification></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: no
Marker string from BIOS: N/A
Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005

OEM Activation 2.0 Data-->
N/A
quazzer
Regular Member
 
Posts: 76
Joined: January 21st, 2007, 3:49 pm
Location: South West

Re: corrupt system restore + virus scanner not detecting

Unread postby deltalima » July 26th, 2010, 1:52 pm

Hi quazzer,

MBRCheck

Please download MBRCheck.exe to your desktop.
  • Double-click on MBRCheck.exe to run it.
  • It will show a Black screen with some information.
  • if an unknown bootcode is found you will have further options available to you, at this time press N then press Enter twice.
  • If nothing unusual is found just press Enter
  • A .txt file named MBRCheck_mm.dd.yy_hh.mm.ss should appear on your desktop.
  • Please post the contents of that file in you're next reply.

Download Bootkit remover to your desktop
This is a rar file if you do not have a program to open it then download and install Peazip

  • Extract Remover.exe to your desktop
  • Double click Remover.exe to run it
  • It will show a Black screen with some data on it
  • Right click on the screen and select > Select All
  • Press Control+C
  • Now open a notepad and press Control+V
  • Post the resultant log here please
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: corrupt system restore + virus scanner not detecting

Unread postby quazzer » July 26th, 2010, 2:10 pm

MBRCheck Log...

MBRCheck, version 1.1.1

(c) 2010, AD

\\.\C: --> \\.\PhysicalDrive0

\\.\D: --> \\.\PhysicalDrive1

\\.\F: --> \\.\PhysicalDrive2

\\.\I: --> \\.\PhysicalDrive3

Size Device Name MBR Status

--------------------------------------------

232 GB \\.\PhysicalDrive0 Windows XP MBR code detected

232 GB \\.\PhysicalDrive1 Windows XP MBR code detected

931 GB \\.\PhysicalDrive2 Error reading raw MBR!

465 GB \\.\PhysicalDrive3 Error reading raw MBR!

Done! Press ENTER to exit...

__________________________________________________________________________________________________________
Remover Log...

Bootkit Remover
(c) 2009 eSage Lab
www.esagelab.com

Program version: 1.1.0.0
OS Version: Microsoft Windows XP Professional Service Pack 3 (build 2600)

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000001`19697c00
Boot sector MD5 is: 6def5ffcbcdbdb4082f1015625e597bd

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)


Done;
Press any key to quit...
quazzer
Regular Member
 
Posts: 76
Joined: January 21st, 2007, 3:49 pm
Location: South West

Re: corrupt system restore + virus scanner not detecting

Unread postby deltalima » July 26th, 2010, 2:15 pm

Hi quazzer,

Defogger
Disable Drivers
Please download DeFogger... by jpshortstuff. Save it to your desktop.
  1. Double click DeFogger.exe to run the tool. The application window will appear.
  2. Click the Disable button to disable your CD Emulation drivers.
  3. Click Yes to continue. A 'Finished!' message will appear. Click OK.
  4. Click OK when DeFogger asks to reboot the machine.
Do not re-enable these drivers until otherwise instructed.
IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

Download and run OTL
Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.

Please download GMER Rootkit Scanner from here.
  • Double click the .exe file. If asked to allow gmer.sys driver to load, please consent
  • If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO.
  • Run Gmer again and click on the Rootkit tab.
  • Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive.
  • Make sure all other boxes on the right of the screen are checked, EXCEPT for "Show All".
  • Click on the "Scan" and wait for the scan to finish.
    Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan.
  • When completed, click on the Copy button and right-click on your Desktop, choose "New" > Text document. Once the file is created, open it and right-click again and choose Paste or Ctrl+V. Save the file as gmer.txt and copy the information in your next reply.
  • Note: If you have any problems, try running GMER in SAFE MODE
Important! Please do not select the "Show all" checkbox during the scan..

Please post the GMER log along with OTL.txt and Extras.txt from the OTL scan into your next reply.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: corrupt system restore + virus scanner not detecting

Unread postby quazzer » July 26th, 2010, 4:21 pm

Ive tried to paste just the OTL log in a reply but that alone exceeds the amount of characters allowed within the post.

also, I ran the GMER Rootkit Scanner although my system reboots everytime (I think) the scan finishes. This disables me from obtaining any sort of log file. I have tried running it in safe mode but the same thing happens.
quazzer
Regular Member
 
Posts: 76
Joined: January 21st, 2007, 3:49 pm
Location: South West

Re: corrupt system restore + virus scanner not detecting

Unread postby deltalima » July 26th, 2010, 4:36 pm

Hi quazzer,

Ive tried to paste just the OTL log in a reply but that alone exceeds the amount of characters allowed within the post.


I will be interested to see what is making the log so large, please break it into multiple sections and post separately.

I ran the GMER Rootkit Scanner although my system reboots everytime (I think) the scan finishes.


OK, please run this alternative rootkit scan.

Scan With RKUnHooker

  • Please Download Rootkit Unhooker Save it to your desktop.
  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check (Tick) Drivers, Stealth, Files, Code Hooks. Uncheck the rest. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • Save the report somewhere where you can find it. Click Close.
  • Copy the entire contents of the report and paste it in a reply here.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: corrupt system restore + virus scanner not detecting

Unread postby quazzer » July 26th, 2010, 4:55 pm

OTL...

OTL logfile created on: 26/07/2010 19:31:36 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Oli\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 70.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.49 Gb Total Space | 39.20 Gb Free Space | 17.16% Space Free | Partition Type: NTFS
Drive D: | 232.88 Gb Total Space | 187.21 Gb Free Space | 80.39% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 931.51 Gb Total Space | 767.84 Gb Free Space | 82.43% Space Free | Partition Type: HFS+
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 465.76 Gb Total Space | 127.84 Gb Free Space | 27.45% Space Free | Partition Type: NTFS

Computer Name: OLI
Current User Name: Oli
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Oli\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Jumi\jumi.exe (Jumi Technologies)
PRC - C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\BabylonIM\Bandoo.exe (Discordia Limited)
PRC - C:\Program Files\Iconix\OEAddOn\OEdmn_6.exe ()
PRC - C:\Program Files\Common Files\Iconix\IconixService.exe ()
PRC - C:\Program Files\M-Audio\Axiom\AudioDevMon.exe (M-Audio)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\WINDOWS\system32\DeltaIITray.exe ()
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe (Mediafour Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - D:\Program Files 2\Digidesign\Drivers\MMERefresh.exe (Digidesign, A Division of Avid Technology, Inc.)
PRC - C:\Program Files\TalkTalk\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Common Files\SupportSoft\bin\tgsrvc.exe (SupportSoft, Inc.)
PRC - C:\WINDOWS\system32\lxdecoms.exe ( )
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdeserv.exe (Lexmark International, Inc.)
PRC - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (Rocket Division Software)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Oli\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\guard32.dll (COMODO)
MOD - C:\WINDOWS\system32\nvwddi.dll (NVIDIA Corporation)
MOD - C:\Program Files\NVIDIA Corporation\nView\nView.dll ()
MOD - C:\Program Files\Iconix\OEAddOn\OEldr_7.dll ()
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\system32\rsaenh.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe File not found
SRV - (aawservice) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe File not found
SRV - (tvnserver) -- C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (BabylonIM Coordinator) -- C:\Program Files\BabylonIM\Bandoo.exe (Discordia Limited)
SRV - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (IconixService) -- C:\Program Files\Common Files\Iconix\IconixService.exe ()
SRV - (AxiomAudioDevMon) -- C:\Program Files\M-Audio\Axiom\AudioDevMon.exe (M-Audio)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (getPlusHelper) getPlus(R) -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (MacDriveService) -- C:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe (Mediafour Corporation)
SRV - (DigiRefresh) -- D:\Program Files 2\Digidesign\Drivers\MMERefresh.exe (Digidesign, A Division of Avid Technology, Inc.)
SRV - (digiSPTIService) -- D:\Program Files 2\Digidesign\Pro Tools\digiSPTIService.exe (Digidesign, A Division of Avid Technology, Inc.)
SRV - (WLSetupSvc) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (sprtsvc_TalkTalk) SupportSoft Sprocket Service (TalkTalk) -- C:\Program Files\TalkTalk\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (SupportSoft RemoteAssist) -- C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe (SupportSoft, Inc.)
SRV - (tgsrvc_TalkTalk) SupportSoft Repair Service (TalkTalk) -- C:\Program Files\Common Files\Supportsoft\bin\tgsrvc.exe (SupportSoft, Inc.)
SRV - (lxde_device) -- C:\WINDOWS\System32\lxdecoms.exe ( )
SRV - (lxdeCATSCustConnectService) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdeserv.exe ()
SRV - (StarWindServiceAE) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)


========== Driver Services (SafeList) ==========

DRV - (SBFWIMCL) -- C:\WINDOWS\System32\DRIVERS\sbfwim.sys File not found
DRV - (SABKUTIL) -- C:\Program Files\SUPERAntiSpyware\SABKUTIL.sys File not found
DRV - (MA_CMIDI) -- C:\WINDOWS\System32\drivers\ma_cmidi.sys File not found
DRV - (kl1) -- C:\WINDOWS\System32\DRIVERS\kl1.sys File not found
DRV - (Inspect) -- C:\WINDOWS\System32\DRIVERS\inspect.sys (COMODO)
DRV - (cmdHlp) -- C:\WINDOWS\system32\drivers\cmdhlp.sys (COMODO)
DRV - (cmderd) -- C:\WINDOWS\system32\drivers\cmderd.sys (COMODO)
DRV - (cmdGuard) -- C:\WINDOWS\system32\drivers\cmdGuard.sys (COMODO)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (jumi) -- C:\WINDOWS\system32\drivers\jumi.sys (Windows (R) Win 7 DDK provider)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (LMouKE) -- C:\WINDOWS\system32\drivers\LMouKE.Sys (Logitech, Inc.)
DRV - (LBeepKE) -- C:\WINDOWS\system32\drivers\LBeepKE.sys (Logitech, Inc.)
DRV - (L8042mou) -- C:\WINDOWS\system32\drivers\L8042mou.Sys (Logitech, Inc.)
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV - (AXIOM) -- C:\WINDOWS\system32\drivers\MAudioAxiom.sys (M-Audio)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (tosrfbd) -- C:\WINDOWS\system32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (Tosrfusb) -- C:\WINDOWS\system32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (TosRfSnd) -- C:\WINDOWS\system32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (Tosrfcom) -- C:\WINDOWS\system32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (DELTAII) Service for M-Audio Delta Driver (WDM) -- C:\WINDOWS\system32\drivers\MAudioDelta.sys (Avid Technology, Inc.)
DRV - (tosrfnds) -- C:\WINDOWS\system32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (tosporte) -- C:\WINDOWS\system32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (tosrfbnp) -- C:\WINDOWS\system32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (Tosrfhid) -- C:\WINDOWS\system32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (MDFSYSNT) -- C:\WINDOWS\System32\drivers\MDFSYSNT.SYS (Mediafour Corporation)
DRV - (MDPMGRNT) -- C:\WINDOWS\System32\drivers\MDPMGRNT.SYS (Mediafour Corporation)
DRV - (Btcsrusb) -- C:\WINDOWS\system32\drivers\btcusb.sys (IVT Corporation.)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (USB_RNDIS) -- C:\WINDOWS\system32\drivers\usb8023.sys (Microsoft Corporation)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (BANTExt) -- C:\WINDOWS\System32\Drivers\BANTExt.sys ()
DRV - (P17xfi) -- C:\WINDOWS\system32\drivers\P17xfi.sys (Creative Technology Ltd.)
DRV - (p17xfilt) -- C:\WINDOWS\system32\drivers\p17xfilt.sys (Creative)
DRV - (TPkd) -- C:\WINDOWS\System32\drivers\TPkd.sys (PACE Anti-Piracy, Inc.)
DRV - (vmm) -- C:\WINDOWS\system32\drivers\VMM.sys (Microsoft Corporation)
DRV - (stppp) -- C:\WINDOWS\system32\drivers\stppp.sys (THOMSON Telecom Belgium)
DRV - (ST330) -- C:\WINDOWS\system32\drivers\st330.sys (THOMSON Telecom Belgium)
DRV - (STBUS) -- C:\WINDOWS\system32\drivers\stbus.sys (THOMSON Telecom Belgium)
DRV - (VPCNetS2) -- C:\WINDOWS\system32\drivers\VMNetSrv.sys (Microsoft Corporation)
DRV - (DELTA) Service for Delta Driver (WDM) -- C:\WINDOWS\system32\drivers\delta.sys (Midiman/M-Audio)
DRV - (DigiFilter) -- C:\WINDOWS\system32\drivers\DigiFilt.sys (Digidesign, A Division of Avid Technology, Inc.)
DRV - (JRAID) -- C:\WINDOWS\system32\DRIVERS\jraid.sys (JMicron Technology Corp.)
DRV - (se26unic) Sony Ericsson Device 038 USB Ethernet Emulation SEMC38 (WDM) -- C:\WINDOWS\system32\drivers\se26unic.sys (MCCI)
DRV - (SE26obex) -- C:\WINDOWS\system32\drivers\SE26obex.sys (MCCI)
DRV - (se26nd5) Sony Ericsson Device 038 USB Ethernet Emulation SEMC38 (NDIS) -- C:\WINDOWS\system32\drivers\se26nd5.sys (MCCI)
DRV - (SE26mgmt) Sony Ericsson Device 038 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\SE26mgmt.sys (MCCI)
DRV - (SE26mdm) -- C:\WINDOWS\system32\drivers\SE26mdm.sys (MCCI)
DRV - (SE26mdfl) -- C:\WINDOWS\system32\drivers\SE26mdfl.sys (MCCI)
DRV - (SE26bus) Sony Ericsson Device 038 Driver driver (WDM) -- C:\WINDOWS\system32\drivers\SE26bus.sys (MCCI)
DRV - (CTUSFSYN) -- C:\WINDOWS\system32\drivers\ctusfsyn.sys (Creative Technology Ltd.)
DRV - (ggsemc) -- C:\WINDOWS\system32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (JGOGO) -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys (JMicron )
DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (CLEDX) -- C:\WINDOWS\system32\drivers\cledx.sys (Team H2O)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (imagesrv) -- C:\WINDOWS\system32\DRIVERS\imagesrv.sys (Ahead Software AG)
DRV - (imagedrv) -- C:\WINDOWS\System32\Drivers\imagedrv.sys (Ahead Software AG)
DRV - (w800obex) -- C:\WINDOWS\system32\drivers\w800obex.sys (MCCI)
DRV - (w800mgmt) -- C:\WINDOWS\system32\drivers\w800mgmt.sys (MCCI)
DRV - (w800mdm) -- C:\WINDOWS\system32\drivers\w800mdm.sys (MCCI)
DRV - (w800mdfl) -- C:\WINDOWS\system32\drivers\w800mdfl.sys (MCCI)
DRV - (w800bus) Sony Ericsson W800 driver (WDM) -- C:\WINDOWS\system32\drivers\w800bus.sys (MCCI)
DRV - (m5287) -- C:\WINDOWS\system32\DRIVERS\m5287.sys (ULi Electronics Inc.)
DRV - (D500U) -- C:\WINDOWS\system32\drivers\D500U.sys (Mobile Action Technology Inc.)
DRV - (m5289) -- C:\WINDOWS\system32\DRIVERS\m5289.sys (ULi Electronics Inc.)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()
DRV - (iaStor) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN) -- C:\WINDOWS\system32\drivers\alcan5wn.sys (THOMSON)
DRV - (alcaudsl) -- C:\WINDOWS\system32\drivers\alcaudsl.sys (THOMSON)
DRV - (ovt519) -- C:\WINDOWS\system32\drivers\ov519vid.sys (OmniVision Technologies, Inc.)
DRV - (fasttx2k) -- C:\WINDOWS\system32\DRIVERS\fasttx2k.sys (Promise Technology, Inc.)
DRV - (SynasUSB) -- C:\WINDOWS\system32\drivers\synasUSB.sys (Syncrosoft GmbH)
DRV - (RDID1027) -- C:\WINDOWS\system32\drivers\rdwm1027.sys (Roland Corporation)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (Asapi) -- C:\WINDOWS\System32\drivers\asapi.sys (VOB Computersysteme GmbH)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.meshcomputers.com

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.meshcomputers.com

IE - HKU\S-1-5-21-3139917023-2047343290-364979358-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-3139917023-2047343290-364979358-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3139917023-2047343290-364979358-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-3139917023-2047343290-364979358-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 0.0.0.0:80

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.co.uk"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {37fa1426-b82d-11db-8314-0800200c9a66}:2.5.2
FF - prefs.js..extensions.enabledItems: {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:3.1.0625
FF - prefs.js..extensions.enabledItems: cfxHelper@Triton:1.2
FF - prefs.js..extensions.enabledItems: {62760FD6-B943-48C9-AB09-F99C6FE96088}:2.1
FF - prefs.js..extensions.enabledItems: {340c2bbc-ce74-4362-90b5-7c26312808ef}:1.4.2
FF - prefs.js..extensions.enabledItems: {1253D21B-263B-1843-275C-1726DA8B2A12}:3.92.1
FF - prefs.js..extensions.enabledItems: chromifox@altmusictv.com:3.6.5
FF - prefs.js..extensions.enabledItems: cfxe@Triton:3.6.5
FF - prefs.js..extensions.enabledItems: {00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}:0.7.2

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/25 23:22:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/25 23:22:01 | 000,000,000 | ---D | M]

[2010/07/16 22:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Oli\Application Data\Mozilla\Extensions
[2008/06/14 10:51:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Oli\Application Data\Mozilla\Extensions\home2@tomtom.com
[2010/07/25 22:26:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Oli\Application Data\Mozilla\Firefox\Profiles\3d8axl3i.default\extensions
[2010/07/16 23:32:34 | 000,000,000 | ---D | M] (MacOSX Theme) -- C:\Documents and Settings\Oli\Application Data\Mozilla\Firefox\Profiles\3d8axl3i.default\extensions\{00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}
[2010/07/17 23:02:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Oli\Application Data\Mozilla\Firefox\Profiles\3d8axl3i.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/24 22:19:15 | 000,000,000 | ---D | M] (Firefox Sync) -- C:\Documents and Settings\Oli\Application Data\Mozilla\Firefox\Profiles\3d8axl3i.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}
[2010/07/21 23:30:48 | 000,000,000 | ---D | M] (WebMail Notifier) -- C:\Documents and Settings\Oli\Application Data\Mozilla\Firefox\Profiles\3d8axl3i.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}
[2010/07/16 23:35:52 | 000,000,000 | ---D | M] (eBay Sidebar for Firefox) -- C:\Documents and Settings\Oli\Application Data\Mozilla\Firefox\Profiles\3d8axl3i.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}
[2010/07/16 23:32:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Oli\Application Data\Mozilla\Firefox\Profiles\3d8axl3i.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}
[2010/07/16 23:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Oli\Application Data\Mozilla\Firefox\Profiles\3d8axl3i.default\extensions\cfxe@Triton
[2010/07/16 23:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Oli\Application Data\Mozilla\Firefox\Profiles\3d8axl3i.default\extensions\cfxHelper@Triton
[2010/07/16 23:31:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Oli\Application Data\Mozilla\Firefox\Profiles\3d8axl3i.default\extensions\chromifox@altmusictv.com
[2010/07/25 22:26:50 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/19 20:56:59 | 000,000,000 | ---D | M] (Iconix) -- C:\Program Files\Mozilla Firefox\extensions\{1253D21B-263B-1843-275C-1726DA8B2A12}
[2010/07/19 20:56:53 | 000,195,928 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npIconixProxy36.dll

O1 HOSTS File: ([2010/07/20 21:52:06 | 000,413,156 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 125.252.224.90
O1 - Hosts: 127.0.0.1 125.252.224.91
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 14262 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (IconixBHOClass Class) - {761233B6-F228-49E4-8F6B-668499D4E55A} - C:\Program Files\Iconix\IEAddOn\IconixBHO_42.dll ()
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKU\S-1-5-21-3139917023-2047343290-364979358-1007\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [IconixOEAddOn] C:\Program Files\Iconix\OEAddOn\OEdmn_6.exe ()
O4 - HKLM..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\system32\DeltaIITray.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [tvncontrol] C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)
O4 - HKU\S-1-5-21-3139917023-2047343290-364979358-1007..\Run: [JumiController] C:\Program Files\Jumi\jumi.exe (Jumi Technologies)
O4 - HKU\.DEFAULT..\RunOnce: [DefaultP17] C:\WINDOWS\resdef.exe (Creative Technology Ltd.)
O4 - HKU\S-1-5-18..\RunOnce: [DefaultP17] C:\WINDOWS\resdef.exe (Creative Technology Ltd.)
O4 - Startup: C:\Documents and Settings\Oli\Start Menu\Programs\Startup\Logitech . Product Registration.lnk.disabled ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3139917023-2047343290-364979358-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3139917023-2047343290-364979358-1007\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-3139917023-2047343290-364979358-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 4
O7 - HKU\S-1-5-21-3139917023-2047343290-364979358-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Oli\Application Data\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://www.creative.com/softwareupdate/ ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O20 - AppInit_DLLs: (c:\progra~1\babylonim\bndhook.dll) - c:\progra~1\babylonim\bndhook.dll File not found
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Documents and Settings\Oli\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Oli\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/12/02 09:47:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2d7f5dba-70ff-11dc-90d5-54484d000031}\Shell\AutoRun\command - "" = K:\InstallTomTomHOME.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2019/03/07 18:57:21 | 000,472,960 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\drivers\iaStor.sys
[2019/03/07 18:57:21 | 000,159,744 | ---- | C] (Promise Technology, Inc.) -- C:\WINDOWS\System32\drivers\Fasttx2k.sys
[2019/03/07 18:57:18 | 010,841,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.dll
[2019/03/07 18:57:18 | 002,462,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WMVCore.dll
[2019/03/07 18:57:18 | 002,462,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMVCore.dll
[2019/03/07 18:57:18 | 001,329,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WMSPDMOE.dll
[2019/03/07 18:57:18 | 001,329,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMSPDMOE.dll
[2019/03/07 18:57:18 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmod.dll
[2019/03/07 18:57:18 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmod.dll
[2019/03/07 18:57:18 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmstream.dll
[2019/03/07 18:57:18 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll
[2019/03/07 18:57:18 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpdxm.dll
[2019/03/07 18:57:18 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmv8ds32.ax
[2019/03/07 18:57:18 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax
[2019/03/07 18:57:18 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvds32.ax
[2019/03/07 18:57:18 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvds32.ax
[2019/03/07 18:57:18 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpasf.dll
[2019/03/07 18:57:18 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll
[2019/03/07 18:57:18 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmoe.dll
[2019/03/07 18:57:18 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll
[2019/03/07 18:57:18 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpshell.dll
[2019/03/07 18:57:18 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blastcln.exe
[2019/03/07 18:57:18 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2019/03/07 18:57:18 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpui.dll
[2019/03/07 18:57:18 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpui.dll
[2019/03/07 18:57:18 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winshfhc.dll
[2019/03/07 18:57:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmoe2.dll
[2019/03/07 18:57:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll
[2019/03/07 18:57:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmod.dll
[2019/03/07 18:57:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll
[2019/03/07 18:57:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmoe2.dll
[2019/03/07 18:57:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll
[2019/03/07 18:57:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmod.dll
[2019/03/07 18:57:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmod.dll
[2019/03/07 18:57:17 | 008,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmploc.dll
[2019/03/07 18:57:17 | 008,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmploc.dll
[2019/03/07 18:57:17 | 000,938,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WMNetMgr.dll
[2019/03/07 18:57:17 | 000,938,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMNetMgr.dll
[2019/03/07 18:57:17 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmerror.dll
[2019/03/07 18:57:17 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll
[2019/03/07 18:57:17 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmidx.dll
[2019/03/07 18:57:17 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll
[2019/03/07 18:57:17 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmdmps.dll
[2019/03/07 18:57:17 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmps.dll
[2019/03/07 18:57:17 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmdmlog.dll
[2019/03/07 18:57:17 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmlog.dll
[2019/03/07 18:57:17 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpcore.dll
[2019/03/07 18:57:17 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcore.dll
[2019/03/07 18:57:17 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpcd.dll
[2019/03/07 18:57:17 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcd.dll
[2019/03/07 18:57:17 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmp.ocx
[2019/03/07 18:57:17 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.ocx
[2019/03/07 18:57:16 | 001,117,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WMADMOE.dll
[2019/03/07 18:57:16 | 001,117,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMADMOE.dll
[2019/03/07 18:57:16 | 000,991,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drmv2clt.dll
[2019/03/07 18:57:16 | 000,991,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmv2clt.dll
[2019/03/07 18:57:16 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WMADMOD.dll
[2019/03/07 18:57:16 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMADMOD.dll
[2019/03/07 18:57:16 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blackbox.dll
[2019/03/07 18:57:16 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blackbox.dll
[2019/03/07 18:57:16 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msscp.dll
[2019/03/07 18:57:16 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscp.dll
[2019/03/07 18:57:16 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mswmdm.dll
[2019/03/07 18:57:16 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswmdm.dll
[2019/03/07 18:57:16 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe
[2019/03/07 18:57:16 | 000,307,260 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\l3codeca.acm
[2019/03/07 18:57:16 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4ds32.ax
[2019/03/07 18:57:16 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax
[2019/03/07 18:57:16 | 000,247,326 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\strmdll.dll
[2019/03/07 18:57:16 | 000,247,326 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmdll.dll
[2019/03/07 18:57:16 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drmclien.dll
[2019/03/07 18:57:16 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmclien.dll
[2019/03/07 18:57:16 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cewmdm.dll
[2019/03/07 18:57:16 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cewmdm.dll
[2019/03/07 18:57:16 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WMASF.dll
[2019/03/07 18:57:16 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMASF.dll
[2019/03/07 18:57:16 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msadds32.ax
[2019/03/07 18:57:16 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds32.ax
[2019/03/07 18:57:16 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msnetobj.dll
[2019/03/07 18:57:16 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msnetobj.dll
[2019/03/07 18:57:16 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspmsp.dll
[2019/03/07 18:57:16 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsp.dll
[2019/03/07 18:57:16 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll
[2019/03/07 18:57:16 | 000,143,422 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\l3codecx.ax
[2019/03/07 18:57:16 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logagent.exe
[2019/03/07 18:57:16 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logagent.exe
[2019/03/07 18:57:16 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drmstor.dll
[2019/03/07 18:57:16 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmstor.dll
[2019/03/07 18:57:16 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\sl_anet.acm
[2019/03/07 18:57:16 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msscds32.ax
[2019/03/07 18:57:16 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscds32.ax
[2019/03/07 18:57:16 | 000,061,952 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\acelpdec.ax
[2019/03/07 18:57:16 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsnsv.dll
[2019/03/07 18:57:16 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\LAPRXY.dll
[2019/03/07 18:57:16 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\laprxy.dll
[2019/03/07 18:57:16 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asferror.dll
[2019/03/07 18:57:16 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\asferror.dll
[2019/03/07 18:57:16 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MPG4DMOD.dll
[2019/03/07 18:57:16 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\MPG4DMOD.dll
[2019/03/07 18:57:16 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MP4SDMOD.dll
[2019/03/07 18:57:16 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\MP4SDMOD.dll
[2019/03/07 18:57:16 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MP43DMOD.dll
[2019/03/07 18:57:16 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\MP43DMOD.dll
[2019/03/07 18:57:13 | 003,374,640 | ---- | C] (Macromedia, Inc.) -- C:\WINDOWS\System32\dllcache\tourW.exe
[2019/03/07 18:57:13 | 000,848,384 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ir41_32.ax
[2019/03/07 18:57:13 | 000,755,200 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ir50_32.dll
[2019/03/07 18:57:13 | 000,559,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrepl40.dll
[2019/03/07 18:57:13 | 000,559,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrepl40.dll
[2019/03/07 18:57:13 | 000,518,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msexch40.dll
[2019/03/07 18:57:13 | 000,518,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msexch40.dll
[2019/03/07 18:57:13 | 000,432,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrd2x40.dll
[2019/03/07 18:57:13 | 000,432,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrd2x40.dll
[2019/03/07 18:57:13 | 000,355,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxbde40.dll
[2019/03/07 18:57:13 | 000,355,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxbde40.dll
[2019/03/07 18:57:13 | 000,355,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspbde40.dll
[2019/03/07 18:57:13 | 000,355,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspbde40.dll
[2019/03/07 18:57:13 | 000,338,432 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir41_qcx.dll
[2019/03/07 18:57:13 | 000,326,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msexcl40.dll
[2019/03/07 18:57:13 | 000,326,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msexcl40.dll
[2019/03/07 18:57:13 | 000,264,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstext40.dll
[2019/03/07 18:57:13 | 000,264,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstext40.dll
[2019/03/07 18:57:13 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcrt20.dll
[2019/03/07 18:57:13 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvcrt20.dll
[2019/03/07 18:57:13 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migwiz_a.exe
[2019/03/07 18:57:13 | 000,219,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msltus40.dll
[2019/03/07 18:57:13 | 000,219,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msltus40.dll
[2019/03/07 18:57:13 | 000,200,192 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir50_qc.dll
[2019/03/07 18:57:13 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migism_a.dll
[2019/03/07 18:57:13 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\script_a.dll
[2019/03/07 18:57:13 | 000,183,808 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir50_qcx.dll
[2019/03/07 18:57:13 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysmod_a.dll
[2019/03/07 18:57:13 | 000,154,624 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ivfsrc.ax
[2019/03/07 18:57:13 | 000,120,320 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir41_qc.dll
[2019/03/07 18:57:13 | 000,092,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\krnl386.exe
[2019/03/07 18:57:13 | 000,092,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnl386.exe
[2019/03/07 18:57:13 | 000,081,920 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\proctexe.ocx
[2019/03/07 18:57:13 | 000,073,802 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrclr40.dll
[2019/03/07 18:57:13 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msr2c.dll
[2019/03/07 18:57:13 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msr2c.dll
[2019/03/07 18:57:13 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\migpwd.exe
[2019/03/07 18:57:13 | 000,051,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vga256.dll
[2019/03/07 18:57:13 | 000,051,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga256.dll
[2019/03/07 18:57:13 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\osuninst.exe
[2019/03/07 18:57:13 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\osuninst.exe
[2019/03/07 18:57:13 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migisol.exe
[2019/03/07 18:57:13 | 000,028,746 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrecr40.dll
[2019/03/07 18:57:13 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lnkstub.exe
[2019/03/07 18:57:13 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lnkstub.exe
[2019/03/07 18:57:13 | 000,020,511 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odtext32.dll
[2019/03/07 18:57:13 | 000,020,511 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odtext32.dll
[2019/03/07 18:57:13 | 000,020,511 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oddbse32.dll
[2019/03/07 18:57:13 | 000,020,511 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oddbse32.dll
[2019/03/07 18:57:13 | 000,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odpdx32.dll
[2019/03/07 18:57:13 | 000,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odpdx32.dll
[2019/03/07 18:57:13 | 000,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odfox32.dll
[2019/03/07 18:57:13 | 000,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odfox32.dll
[2019/03/07 18:57:13 | 000,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odexl32.dll
[2019/03/07 18:57:13 | 000,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odexl32.dll
[2019/03/07 18:57:13 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\vmmreg32.dll
[2019/03/07 18:57:13 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vmmreg32.dll
[2019/03/07 18:57:13 | 000,018,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vga64k.dll
[2019/03/07 18:57:13 | 000,018,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga64k.dll
[2019/03/07 18:57:13 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pentnt.exe
[2019/03/07 18:57:13 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pentnt.exe
[2019/03/07 18:57:13 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spnpinst.exe
[2019/03/07 18:57:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msr2cenu.dll
[2019/03/07 18:57:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msr2cenu.dll
[2019/03/07 18:57:13 | 000,004,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.sys
[2019/03/07 18:57:12 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dramp.dll
[2019/03/07 18:57:12 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dramp.dll
[2019/03/07 18:57:12 | 000,199,680 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\iac25_32.ax
[2019/03/07 18:57:12 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\guitrn_a.dll
[2019/03/07 18:57:12 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmerrenu.dll
[2019/03/07 18:57:12 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerrenu.dll
[2019/03/07 18:57:12 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ctl3d32.dll
[2019/03/07 18:57:12 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ctl3d32.dll
[2019/03/07 18:57:12 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fsconins.dll
[2019/03/07 18:57:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2019/03/07 18:57:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2019/03/07 18:57:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2019/03/07 18:57:11 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpob2res.dll
[2019/03/07 18:57:11 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp1res.dll
[2019/03/07 18:57:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2019/03/07 18:57:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2019/03/07 18:57:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2019/03/07 18:57:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2019/03/07 18:57:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2019/03/07 18:57:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2019/03/07 18:57:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2019/03/07 18:57:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2019/03/07 18:57:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2019/03/07 18:57:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2019/03/07 18:57:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2019/03/07 18:57:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2019/03/07 18:57:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2019/03/07 18:57:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2019/03/07 18:57:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2019/03/07 18:57:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2019/03/07 18:57:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2019/03/07 18:57:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2019/03/07 18:57:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2019/03/07 18:57:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2019/03/07 18:57:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2019/03/07 18:57:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2019/03/07 18:57:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2019/03/07 18:57:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2019/03/07 18:57:06 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2019/03/07 18:57:03 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\medctroc.dll
[2019/03/07 18:57:01 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msutb.dll
[2019/03/07 18:57:01 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msimtf.dll
[2019/03/07 18:57:01 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msctfp.dll
[2019/03/07 18:57:00 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wsecedit.dll
[2019/03/07 18:57:00 | 000,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wzcdlg.dll
[2019/03/07 18:57:00 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wow32.dll
[2019/03/07 18:57:00 | 000,174,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xenroll.dll
[2019/03/07 18:57:00 | 000,174,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xenroll.dll
[2019/03/07 18:57:00 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscui.cpl
[2019/03/07 18:57:00 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshom.ocx
[2019/03/07 18:57:00 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactsrv.dll
[2019/03/07 18:57:00 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wstdecod.dll
[2019/03/07 18:57:00 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprovi.dll
[2019/03/07 18:57:00 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wsnmp32.dll
[2019/03/07 18:57:00 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshcon.dll
[2019/03/07 18:57:00 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wupdmgr.exe
[2019/03/07 18:57:00 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wupdmgr.exe
[2019/03/07 18:57:00 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wpabaln.exe
[2019/03/07 18:57:00 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xcopy.exe
[2019/03/07 18:57:00 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wsock32.dll
[2019/03/07 18:57:00 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshtcpip.dll
[2019/03/07 18:57:00 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wtsapi32.dll
[2019/03/07 18:57:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wship6.dll
[2019/03/07 18:57:00 | 000,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ws2ifsl.sys
[2019/03/07 18:57:00 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshisn.dll
[2019/03/07 18:57:00 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshisn.dll
[2019/03/07 18:57:00 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshrm.dll
[2019/03/07 18:57:00 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wpnpinst.exe
[2019/03/07 18:57:00 | 000,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wowexec.exe
[2019/03/07 18:57:00 | 000,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wowexec.exe
[2019/03/07 18:57:00 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshatm.dll
[2019/03/07 18:57:00 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshatm.dll
[2019/03/07 18:57:00 | 000,008,261 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneoc.dll
[2019/03/07 18:57:00 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshnetbs.dll
[2019/03/07 18:57:00 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshnetbs.dll
[2019/03/07 18:57:00 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmal.dll
[2019/03/07 18:57:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2019/03/07 18:57:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2019/03/07 18:57:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2019/03/07 18:57:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinben.dll
[2019/03/07 18:57:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinbe1.dll
[2019/03/07 18:57:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2019/03/07 18:57:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2019/03/07 18:57:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2019/03/07 18:57:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2019/03/07 18:57:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2019/03/07 18:57:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2019/03/07 18:57:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2019/03/07 18:57:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2019/03/07 18:57:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2019/03/07 18:57:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2019/03/07 18:57:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2019/03/07 18:57:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2019/03/07 18:57:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2019/03/07 18:57:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2019/03/07 18:57:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2019/03/07 18:57:00 | 000,002,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wowdeb.exe
[2019/03/07 18:57:00 | 000,002,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wowdeb.exe
[2019/03/07 18:56:59 | 001,647,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winbrand.dll
[2019/03/07 18:56:59 | 000,832,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2019/03/07 18:56:59 | 000,756,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winntbbu.dll
[2019/03/07 18:56:59 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wininet(3).dll
[2019/03/07 18:56:59 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winlogon.exe
[2019/03/07 18:56:59 | 000,463,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiadefui.dll
[2019/03/07 18:56:59 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiaacmgr.exe
[2019/03/07 18:56:59 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winsrv.dll
[2019/03/07 18:56:59 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\winhlp32.exe
[2019/03/07 18:56:59 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\webcheck(2).dll
[2019/03/07 18:56:59 | 000,256,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\winhelp.exe
[2019/03/07 18:56:59 | 000,256,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhelp.exe
[2019/03/07 18:56:59 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wintrust.dll
[2019/03/07 18:56:59 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiavusd.dll
[2019/03/07 18:56:59 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiavusd.dll
[2019/03/07 18:56:59 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\webvw.dll
[2019/03/07 18:56:59 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiadss.dll
[2019/03/07 18:56:59 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiavideo.dll
[2019/03/07 18:56:59 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winscard.dll
[2019/03/07 18:56:59 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wextract.exe
[2019/03/07 18:56:59 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmiscmgr.dll
[2019/03/07 18:56:59 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiscmgr.dll
[2019/03/07 18:56:59 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winsta.dll
[2019/03/07 18:56:59 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\webhits.dll
[2019/03/07 18:56:59 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webhits.dll
[2019/03/07 18:56:59 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winipsec.dll
[2019/03/07 18:56:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmiprop.dll
[2019/03/07 18:56:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprop.dll
[2019/03/07 18:56:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winstrm.dll
[2019/03/07 18:56:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winstrm.dll
[2019/03/07 18:56:59 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win.com
[2019/03/07 18:56:59 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wfwnet.drv
[2019/03/07 18:56:59 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wfwnet.drv
[2019/03/07 18:56:59 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmsd.exe
[2019/03/07 18:56:59 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmsd.exe
[2019/03/07 18:56:59 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winfax.dll
[2019/03/07 18:56:59 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winfax.dll
[2019/03/07 18:56:59 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wifeman.dll
[2019/03/07 18:56:59 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wifeman.dll
[2019/03/07 18:56:59 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhstb.exe
[2019/03/07 18:56:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmi.dll
[2019/03/07 18:56:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winver.exe
[2019/03/07 18:56:59 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winnls.dll
[2019/03/07 18:56:59 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winnls.dll
[2019/03/07 18:56:59 | 000,004,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wmilib.sys
[2019/03/07 18:56:59 | 000,004,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmilib.sys
[2019/03/07 18:56:59 | 000,002,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsock.dll
[2019/03/07 18:56:59 | 000,002,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winspool.exe
[2019/03/07 18:56:59 | 000,002,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winspool.exe
[2019/03/07 18:56:59 | 000,002,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winoldap.mod
[2019/03/07 18:56:58 | 001,168,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2019/03/07 18:56:58 | 000,858,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tapi3.dll
[2019/03/07 18:56:58 | 000,713,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sxs.dll
[2019/03/07 18:56:58 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ss3dfo.scr
[2019/03/07 18:56:58 | 000,679,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sstext3d.scr
[2019/03/07 18:56:58 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sspipes.scr
[2019/03/07 18:56:58 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\urlmon(3).dll
[2019/03/07 18:56:58 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vbscript.dll
[2019/03/07 18:56:58 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbscript.dll
[2019/03/07 18:56:58 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssflwbox.scr
[2019/03/07 18:56:58 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termmgr.dll
[2019/03/07 18:56:58 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tracerpt.exe
[2019/03/07 18:56:58 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sysmon.ocx
[2019/03/07 18:56:58 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wavemsp.dll
[2019/03/07 18:56:58 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unimdm.tsp
[2019/03/07 18:56:58 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tapi32.dll
[2019/03/07 18:56:58 | 000,177,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\typelib.dll
[2019/03/07 18:56:58 | 000,177,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\typelib.dll
[2019/03/07 18:56:58 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swprv.dll
[2019/03/07 18:56:58 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sti_ci.dll
[2019/03/07 18:56:58 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\upnp.dll
[2019/03/07 18:56:58 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umpnpmgr.dll
[2019/03/07 18:56:58 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\t2embed.dll
[2019/03/07 18:56:58 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sysocmgr.exe
[2019/03/07 18:56:58 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysocmgr.exe
[2019/03/07 18:56:58 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2019/03/07 18:56:58 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2019/03/07 18:56:58 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\txflog.dll
[2019/03/07 18:56:58 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verifier.exe
[2019/03/07 18:56:58 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\verifier.exe
[2019/03/07 18:56:58 | 000,094,784 | ---- | C] (Twain Working Group) -- C:\WINDOWS\twain.dll
[2019/03/07 18:56:58 | 000,094,784 | ---- | C] (Twain Working Group) -- C:\WINDOWS\System32\dllcache\twain.dll
[2019/03/07 18:56:58 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\timedate.cpl
[2019/03/07 18:56:58 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ufat.dll
[2019/03/07 18:56:58 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ufat.dll
[2019/03/07 18:56:58 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntsess.exe
[2019/03/07 18:56:58 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tapiui.dll
[2019/03/07 18:56:58 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapiui.dll
[2019/03/07 18:56:58 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tasklist.exe
[2019/03/07 18:56:58 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\telnet.exe
[2019/03/07 18:56:58 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\taskkill.exe
[2019/03/07 18:56:58 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\strmfilt.dll
[2019/03/07 18:56:58 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unimdmat.dll
[2019/03/07 18:56:58 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sti.dll
[2019/03/07 18:56:58 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\osuninst.dll
[2019/03/07 18:56:58 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdc.ocx
[2019/03/07 18:56:58 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntadmn.exe
[2019/03/07 18:56:58 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\synceng.dll
[2019/03/07 18:56:58 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsappcmp.dll
[2019/03/07 18:56:58 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsappcmp.dll
[2019/03/07 18:56:58 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vdmredir.dll
[2019/03/07 18:56:58 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\syncapp.exe
[2019/03/07 18:56:58 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\syncapp.exe
[2019/03/07 18:56:58 | 000,050,688 | ---- | C] (Twain Working Group) -- C:\WINDOWS\twain_32.dll
[2019/03/07 18:56:58 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\utilman.exe
[2019/03/07 18:56:58 | 000,049,680 | ---- | C] (Twain Working Group) -- C:\WINDOWS\twunk_16.exe
[2019/03/07 18:56:58 | 000,049,680 | ---- | C] (Twain Working Group) -- C:\WINDOWS\System32\dllcache\twunk_16.exe
[2019/03/07 18:56:58 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\w32tm.exe
[2019/03/07 18:56:58 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32tm.exe
[2019/03/07 18:56:58 | 000,047,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\user.exe
[2019/03/07 18:56:58 | 000,047,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user.exe
[2019/03/07 18:56:58 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmypics.scr
[2019/03/07 18:56:58 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpmon.dll
[2019/03/07 18:56:58 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\url(3).dll
[2019/03/07 18:56:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\syskey.exe
[2019/03/07 18:56:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\syskey.exe
[2019/03/07 18:56:58 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\typeperf.exe
[2019/03/07 18:56:58 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\typeperf.exe
[2019/03/07 18:56:58 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\umandlg.dll
[2019/03/07 18:56:58 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssdpapi.dll
[2019/03/07 18:56:58 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vssadmin.exe
[2019/03/07 18:56:58 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vssadmin.exe
[2019/03/07 18:56:58 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tracert6.exe
[2019/03/07 18:56:58 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tracert6.exe
[2019/03/07 18:56:58 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\traffic.dll
[2019/03/07 18:56:58 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\traffic.dll
[2019/03/07 18:56:58 | 000,030,749 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vbajet32.dll
[2019/03/07 18:56:58 | 000,030,749 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbajet32.dll
[2019/03/07 18:56:58 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vbisurf.ax
[2019/03/07 18:56:58 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\telephon.cpl
[2019/03/07 18:56:58 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\telephon.cpl
[2019/03/07 18:56:58 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verifier.dll
[2019/03/07 18:56:58 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\udhisapi.dll
[2019/03/07 18:56:58 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vdmdbg.dll
[2019/03/07 18:56:58 | 000,025,600 | ---- | C] (Twain Working Group) -- C:\WINDOWS\twunk_32.exe
[2019/03/07 18:56:58 | 000,025,600 | ---- | C] (Twain Working Group) -- C:\WINDOWS\System32\dllcache\twunk_32.exe
[2019/03/07 18:56:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\utildll.dll
[2019/03/07 18:56:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\utildll.dll
[2019/03/07 18:56:58 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\w32topl.dll
[2019/03/07 18:56:58 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32topl.dll
[2019/03/07 18:56:58 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmarque.scr
[2019/03/07 18:56:58 | 000,020,535 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfpodbc.dll
[2019/03/07 18:56:58 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssbezier.scr
[2019/03/07 18:56:58 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vwipxspx.dll
[2019/03/07 18:56:58 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vwipxspx.dll
[2019/03/07 18:56:58 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpsvcs.exe
[2019/03/07 18:56:58 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpsvcs.exe
[2019/03/07 18:56:58 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tapi.dll
[2019/03/07 18:56:58 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapi.dll
[2019/03/07 18:56:58 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmyst.scr
[2019/03/07 18:56:58 | 000,018,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sysedit.exe
[2019/03/07 18:56:58 | 000,018,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysedit.exe
[2019/03/07 18:56:58 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ureg.dll
[2019/03/07 18:56:58 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ureg.dll
[2019/03/07 18:56:58 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\watchdog.sys
[2019/03/07 18:56:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vss_ps.dll
[2019/03/07 18:56:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vss_ps.dll
[2019/03/07 18:56:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbmon.dll
[2019/03/07 18:56:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\upnpcont.exe
[2019/03/07 18:56:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tftp.exe
[2019/03/07 18:56:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tftp.exe
[2019/03/07 18:56:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stdole2.tlb
[2019/03/07 18:56:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdole2.tlb
[2019/03/07 18:56:58 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sysinv.dll
[2019/03/07 18:56:58 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysinv.dll
[2019/03/07 18:56:58 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\taskman.exe
[2019/03/07 18:56:58 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpmib.dll
[2019/03/07 18:56:58 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stimon.exe
[2019/03/07 18:56:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssstars.scr
[2019/03/07 18:56:58 | 000,013,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\toolhelp.dll
[2019/03/07 18:56:58 | 000,013,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\toolhelp.dll
[2019/03/07 18:56:58 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uniplat.dll
[2019/03/07 18:56:58 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\umdmxfrm.dll
[2019/03/07 18:56:58 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umdmxfrm.dll
[2019/03/07 18:56:58 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tree.com
[2019/03/07 18:56:58 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tracert.exe
[2019/03/07 18:56:58 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tcmsetup.exe
[2019/03/07 18:56:58 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcmsetup.exe
[2019/03/07 18:56:58 | 000,012,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsddd.dll
[2019/03/07 18:56:58 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vga.dll
[2019/03/07 18:56:58 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga.dll
[2019/03/07 18:56:58 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\subst.exe
[2019/03/07 18:56:58 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\subst.exe
[2019/03/07 18:56:58 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ver.dll
[2019/03/07 18:56:58 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ver.dll
[2019/03/07 18:56:58 | 000,008,192 | ---- | C] (DSP GROUP, INC.) -- C:\WINDOWS\System32\tssoft32.acm
[2019/03/07 18:56:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vcdex.dll
[2019/03/07 18:56:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vcdex.dll
[2019/03/07 18:56:58 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntsvrp.dll
[2019/03/07 18:56:58 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stdole32.tlb
[2019/03/07 18:56:58 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdole32.tlb
[2019/03/07 18:56:58 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\svcpack.dll
[2019/03/07 18:56:58 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcpack.dll
[2019/03/07 18:56:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tapiperf.dll
[2019/03/07 18:56:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapiperf.dll
[2019/03/07 18:56:58 | 000,005,532 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdole.tlb
[2019/03/07 18:56:58 | 000,005,532 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\stdole.tlb
[2019/03/07 18:56:58 | 000,005,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgaoem.fon
[2019/03/07 18:56:58 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vjoy.dll
[2019/03/07 18:56:58 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vjoy.dll
[2019/03/07 18:56:58 | 000,004,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storage.dll
[2019/03/07 18:56:58 | 000,004,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\storage.dll
[2019/03/07 18:56:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unlodctr.exe
[2019/03/07 18:56:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unlodctr.exe
[2019/03/07 18:56:58 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\timer.drv
[2019/03/07 18:56:58 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\timer.drv
[2019/03/07 18:56:58 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\system.drv
[2019/03/07 18:56:58 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\system.drv
[2019/03/07 18:56:58 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\systray.exe
[2019/03/07 18:56:58 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\systray.exe
[2019/03/07 18:56:58 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vga.drv
[2019/03/07 18:56:58 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga.drv
quazzer
Regular Member
 
Posts: 76
Joined: January 21st, 2007, 3:49 pm
Location: South West

Re: corrupt system restore + virus scanner not detecting

Unread postby quazzer » July 26th, 2010, 4:56 pm

[2019/03/07 18:56:57 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlsrv32.dll
[2019/03/07 18:56:57 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smlogcfg.dll
[2019/03/07 18:56:57 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\snmpsnap.dll
[2019/03/07 18:56:57 | 000,180,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlunirl.dll
[2019/03/07 18:56:57 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlsrv32.rll
[2019/03/07 18:56:57 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spoolss.dll
[2019/03/07 18:56:57 | 000,049,179 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlwoa.dll
[2019/03/07 18:56:57 | 000,024,603 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlwid.dll
[2019/03/07 18:56:57 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sort.exe
[2019/03/07 18:56:57 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\snmpapi.dll
[2019/03/07 18:56:57 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smclib.sys
[2019/03/07 18:56:57 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smclib.sys
[2019/03/07 18:56:57 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spiisupd.exe
[2019/03/07 18:56:57 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sprestrt.exe
[2019/03/07 18:56:57 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprestrt.exe
[2019/03/07 18:56:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\softpub.dll
[2019/03/07 18:56:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softpub.dll
[2019/03/07 18:56:57 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sound.drv
[2019/03/07 18:56:57 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sound.drv
[2019/03/07 18:56:56 | 001,614,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sfcfiles.dll
[2019/03/07 18:56:56 | 001,614,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sfcfiles.dll
[2019/03/07 18:56:56 | 001,435,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\query.dll
[2019/03/07 18:56:56 | 000,549,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shdoclc.dll
[2019/03/07 18:56:56 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msftedit.dll
[2019/03/07 18:56:56 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\riched20.dll
[2019/03/07 18:56:56 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\riched20.dll
[2019/03/07 18:56:56 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupdll.dll
[2019/03/07 18:56:56 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setupdll.dll
[2019/03/07 18:56:56 | 000,397,824 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\regwizc.dll
[2019/03/07 18:56:56 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scesrv.dll
[2019/03/07 18:56:56 | 000,306,176 | ---- | C] (Schlumberger Technology Corporation) -- C:\WINDOWS\System32\slbcsp.dll
[2019/03/07 18:56:56 | 000,306,176 | ---- | C] (Schlumberger Technology Corporation) -- C:\WINDOWS\System32\dllcache\slbcsp.dll
[2019/03/07 18:56:56 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qasf.dll
[2019/03/07 18:56:56 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qasf.dll
[2019/03/07 18:56:56 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasppp.dll
[2019/03/07 18:56:56 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsaenh.dll
[2019/03/07 18:56:56 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsaenh.dll
[2019/03/07 18:56:56 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scecli.dll
[2019/03/07 18:56:56 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scrobj.dll
[2019/03/07 18:56:56 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrobj.dll
[2019/03/07 18:56:56 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrrun.dll
[2019/03/07 18:56:56 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sccsccp.dll
[2019/03/07 18:56:56 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sccbase.dll
[2019/03/07 18:56:56 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sccbase.dll
[2019/03/07 18:56:56 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sbeio.dll
[2019/03/07 18:56:56 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rastls.dll
[2019/03/07 18:56:56 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasmontr.dll
[2019/03/07 18:56:56 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasmontr.dll
[2019/03/07 18:56:56 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sfc_os.dll
[2019/03/07 18:56:56 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsvp.exe
[2019/03/07 18:56:56 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdpblb.dll
[2019/03/07 18:56:56 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sdpblb.dll
[2019/03/07 18:56:56 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schtasks.exe
[2019/03/07 18:56:56 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scardssp.dll
[2019/03/07 18:56:56 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scardssp.dll
[2019/03/07 18:56:56 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.cpl
[2019/03/07 18:56:56 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\progman.exe
[2019/03/07 18:56:56 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsnotify.exe
[2019/03/07 18:56:56 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rend.dll
[2019/03/07 18:56:56 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rend.dll
[2019/03/07 18:56:56 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\polstore.dll
[2019/03/07 18:56:56 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rcbdyctl.dll
[2019/03/07 18:56:56 | 000,098,304 | ---- | C] (Schlumberger Technology Corporation) -- C:\WINDOWS\System32\slbiop.dll
[2019/03/07 18:56:56 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rtm.dll
[2019/03/07 18:56:56 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rtm.dll
[2019/03/07 18:56:56 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\psbase.dll
[2019/03/07 18:56:56 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\raschap.dll
[2019/03/07 18:56:56 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shrpubw.exe
[2019/03/07 18:56:56 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdbinst.exe
[2019/03/07 18:56:56 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sdbinst.exe
[2019/03/07 18:56:56 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rtcshare.exe
[2019/03/07 18:56:56 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotesp.tsp
[2019/03/07 18:56:56 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sigverif.exe
[2019/03/07 18:56:56 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scarddlg.dll
[2019/03/07 18:56:56 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shgina.dll
[2019/03/07 18:56:56 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimeng.dll
[2019/03/07 18:56:56 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsopprov.exe
[2019/03/07 18:56:56 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsopprov.exe
[2019/03/07 18:56:56 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\resutils.dll
[2019/03/07 18:56:56 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gpupdate.exe
[2019/03/07 18:56:56 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gpupdate.exe
[2019/03/07 18:56:56 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasphone.exe
[2019/03/07 18:56:56 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reg.exe
[2019/03/07 18:56:56 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\proquota.exe
[2019/03/07 18:56:56 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regapi.dll
[2019/03/07 18:56:56 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmui.exe
[2019/03/07 18:56:56 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsmui.exe
[2019/03/07 18:56:56 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2019/03/07 18:56:56 | 000,049,152 | ---- | C] (Microsoft Corp) -- C:\WINDOWS\System32\rsm.exe
[2019/03/07 18:56:56 | 000,049,152 | ---- | C] (Microsoft Corp) -- C:\WINDOWS\System32\dllcache\rsm.exe
[2019/03/07 18:56:56 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shmgrate.exe
[2019/03/07 18:56:56 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rtutils.dll
[2019/03/07 18:56:56 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pstorec.dll
[2019/03/07 18:56:56 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rcimlby.exe
[2019/03/07 18:56:56 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sc.exe
[2019/03/07 18:56:56 | 000,034,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rawwan.sys
[2019/03/07 18:56:56 | 000,034,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rawwan.sys
[2019/03/07 18:56:56 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pstorsvc.dll
[2019/03/07 18:56:56 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\relog.exe
[2019/03/07 18:56:56 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\relog.exe
[2019/03/07 18:56:56 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rtipxmib.dll
[2019/03/07 18:56:56 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sethc.exe
[2019/03/07 18:56:56 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sendcmsg.dll
[2019/03/07 18:56:56 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsfsaps.dll
[2019/03/07 18:56:56 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsfsaps.dll
[2019/03/07 18:56:56 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\profmap.dll
[2019/03/07 18:56:56 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scredir.dll
[2019/03/07 18:56:56 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scredir.dll
[2019/03/07 18:56:56 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\skeys.exe
[2019/03/07 18:56:56 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\routemon.exe
[2019/03/07 18:56:56 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\routemon.exe
[2019/03/07 18:56:56 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slayerxp.dll
[2019/03/07 18:56:56 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shfolder.dll
[2019/03/07 18:56:56 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmsink.exe
[2019/03/07 18:56:56 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsmsink.exe
[2019/03/07 18:56:56 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sfmapi.dll
[2019/03/07 18:56:56 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sfmapi.dll
[2019/03/07 18:56:56 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsvpmsg.dll
[2019/03/07 18:56:56 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsvpmsg.dll
[2019/03/07 18:56:56 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasrad.dll
[2019/03/07 18:56:56 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasrad.dll
[2019/03/07 18:56:56 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setup.exe
[2019/03/07 18:56:56 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasmxs.dll
[2019/03/07 18:56:56 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasmxs.dll
[2019/03/07 18:56:56 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rpcns4.dll
[2019/03/07 18:56:56 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcns4.dll
[2019/03/07 18:56:56 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rcp.exe
[2019/03/07 18:56:56 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\route.exe
[2019/03/07 18:56:56 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\route.exe
[2019/03/07 18:56:56 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shutdown.exe
[2019/03/07 18:56:56 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\secedit.exe
[2019/03/07 18:56:56 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmps.dll
[2019/03/07 18:56:56 | 000,017,792 | ---- | C] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ptilink.sys
[2019/03/07 18:56:56 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powrprof.dll
[2019/03/07 18:56:56 | 000,016,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raspti.sys
[2019/03/07 18:56:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\simpdata.tlb
[2019/03/07 18:56:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\runas.exe
[2019/03/07 18:56:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\runas.exe
[2019/03/07 18:56:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rassapi.dll
[2019/03/07 18:56:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prflbmsg.dll
[2019/03/07 18:56:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\prflbmsg.dll
[2019/03/07 18:56:56 | 000,014,848 | ---- | C] (Schlumberger Technology Corporation) -- C:\WINDOWS\System32\slbrccsp.dll
[2019/03/07 18:56:56 | 000,014,848 | ---- | C] (Schlumberger Technology Corporation) -- C:\WINDOWS\System32\dllcache\slbrccsp.dll
[2019/03/07 18:56:56 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\serwvdrv.dll
[2019/03/07 18:56:56 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serwvdrv.dll
[2019/03/07 18:56:56 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsh.exe
[2019/03/07 18:56:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\serialui.dll
[2019/03/07 18:56:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serialui.dll
[2019/03/07 18:56:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\runonce.exe
[2019/03/07 18:56:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drprov.dll
[2019/03/07 18:56:56 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sisbkup.dll
[2019/03/07 18:56:56 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sisbkup.dll
[2019/03/07 18:56:56 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\senscfg.dll
[2019/03/07 18:56:56 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\senscfg.dll
[2019/03/07 18:56:56 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rexec.exe
[2019/03/07 18:56:56 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sigtab.dll
[2019/03/07 18:56:56 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\replace.exe
[2019/03/07 18:56:56 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\replace.exe
[2019/03/07 18:56:56 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasser.dll
[2019/03/07 18:56:56 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasser.dll
[2019/03/07 18:56:56 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\script.fon
[2019/03/07 18:56:56 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regsvr32.exe
[2019/03/07 18:56:56 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasctrs.dll
[2019/03/07 18:56:56 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasctrs.dll
[2019/03/07 18:56:56 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasautou.exe
[2019/03/07 18:56:56 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasautou.exe
[2019/03/07 18:56:56 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasdial.exe
[2019/03/07 18:56:56 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasdial.exe
[2019/03/07 18:56:56 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pschdprf.dll
[2019/03/07 18:56:56 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pschdprf.dll
[2019/03/07 18:56:56 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sfc.exe
[2019/03/07 18:56:56 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sfc.exe
[2019/03/07 18:56:56 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsvpperf.dll
[2019/03/07 18:56:56 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsvpperf.dll
[2019/03/07 18:56:56 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scrnsave.scr
[2019/03/07 18:56:56 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\proxycfg.exe
[2019/03/07 18:56:56 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\print.exe
[2019/03/07 18:56:56 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\print.exe
[2019/03/07 18:56:56 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasacd.sys
[2019/03/07 18:56:56 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2019/03/07 18:56:56 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qosname.dll
[2019/03/07 18:56:56 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qosname.dll
[2019/03/07 18:56:56 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\psnppagn.dll
[2019/03/07 18:56:56 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psnppagn.dll
[2019/03/07 18:56:56 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasadhlp.dll
[2019/03/07 18:56:56 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sensapi.dll
[2019/03/07 18:56:56 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\recover.exe
[2019/03/07 18:56:56 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\recover.exe
[2019/03/07 18:56:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\routetab.dll
[2019/03/07 18:56:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\routetab.dll
[2019/03/07 18:56:56 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rootmdm.sys
[2019/03/07 18:56:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\skdll.dll
[2019/03/07 18:56:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\skdll.dll
[2019/03/07 18:56:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\security.dll
[2019/03/07 18:56:56 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shell.dll
[2019/03/07 18:56:56 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell.dll
[2019/03/07 18:56:56 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sfc.dll
[2019/03/07 18:56:56 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sfc.dll
[2019/03/07 18:56:56 | 000,004,608 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\regwiz.exe
[2019/03/07 18:56:56 | 000,004,608 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\dllcache\regwiz.exe
[2019/03/07 18:56:56 | 000,004,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcdd.sys
[2019/03/07 18:56:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\riched32.dll
[2019/03/07 18:56:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\riched32.dll
[2019/03/07 18:56:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regedt32.exe
[2019/03/07 18:56:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regedt32.exe
[2019/03/07 18:56:56 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rnr20.dll
[2019/03/07 18:56:56 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rnr20.dll
[2019/03/07 18:56:55 | 001,287,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ole32.dll
[2019/03/07 18:56:55 | 001,200,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntbackup.exe
[2019/03/07 18:56:55 | 000,713,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\opengl32.dll
[2019/03/07 18:56:55 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmsmgr.dll
[2019/03/07 18:56:55 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgraph.dll
[2019/03/07 18:56:55 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\objsel.dll
[2019/03/07 18:56:55 | 000,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pdh.dll
[2019/03/07 18:56:55 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcjt32.dll
[2019/03/07 18:56:55 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcjt32.dll
[2019/03/07 18:56:55 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oakley.dll
[2019/03/07 18:56:55 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nusrmgr.cpl
[2019/03/07 18:56:55 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbc32.dll
[2019/03/07 18:56:55 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbc32.dll
[2019/03/07 18:56:55 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleacc.dll
[2019/03/07 18:56:55 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\osk.exe
[2019/03/07 18:56:55 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\offfilt.dll
[2019/03/07 18:56:55 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\offfilt.dll
[2019/03/07 18:56:55 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmsdba.dll
[2019/03/07 18:56:55 | 000,169,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ole2disp.dll
[2019/03/07 18:56:55 | 000,169,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ole2disp.dll
[2019/03/07 18:56:55 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2p.dll
[2019/03/07 18:56:55 | 000,153,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ole2nls.dll
[2019/03/07 18:56:55 | 000,153,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ole2nls.dll
[2019/03/07 18:56:55 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbctrac.dll
[2019/03/07 18:56:55 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbctrac.dll
[2019/03/07 18:56:55 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcconf.dll
[2019/03/07 18:56:55 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcconf.dll
[2019/03/07 18:56:55 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nwscript.exe
[2019/03/07 18:56:55 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwscript.exe
[2019/03/07 18:56:55 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oledlg.dll
[2019/03/07 18:56:55 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pnetsh.dll
[2019/03/07 18:56:55 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oleprn.dll
[2019/03/07 18:56:55 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccp32.dll
[2019/03/07 18:56:55 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbccp32.dll
[2019/03/07 18:56:55 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgasvc.dll
[2019/03/07 18:56:55 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcint.dll
[2019/03/07 18:56:55 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcint.dll
[2019/03/07 18:56:55 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olepro32.dll
[2019/03/07 18:56:55 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olecli.dll
[2019/03/07 18:56:55 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olecli.dll
[2019/03/07 18:56:55 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olecli32.dll
[2019/03/07 18:56:55 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcconf.exe
[2019/03/07 18:56:55 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcconf.exe
[2019/03/07 18:56:55 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olethk32.dll
[2019/03/07 18:56:55 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olethk32.dll
[2019/03/07 18:56:55 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pautoenr.dll
[2019/03/07 18:56:55 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ocmanage.dll
[2019/03/07 18:56:55 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ocmanage.dll
[2019/03/07 18:56:55 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccu32.dll
[2019/03/07 18:56:55 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbccu32.dll
[2019/03/07 18:56:55 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccr32.dll
[2019/03/07 18:56:55 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbccr32.dll
[2019/03/07 18:56:55 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nwapi32.dll
[2019/03/07 18:56:55 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwapi32.dll
[2019/03/07 18:56:55 | 000,063,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnknb.sys
[2019/03/07 18:56:55 | 000,063,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwlnknb.sys
[2019/03/07 18:56:55 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\packager.exe
[2019/03/07 18:56:55 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntlanui.dll
[2019/03/07 18:56:55 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntlanui.dll
[2019/03/07 18:56:55 | 000,055,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkspx.sys
[2019/03/07 18:56:55 | 000,055,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwlnkspx.sys
[2019/03/07 18:56:55 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\npptools.dll
[2019/03/07 18:56:55 | 000,053,279 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcji32.dll
[2019/03/07 18:56:55 | 000,053,279 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcji32.dll
[2019/03/07 18:56:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pmspl.dll
[2019/03/07 18:56:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmspl.dll
[2019/03/07 18:56:55 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pngfilt.dll
[2019/03/07 18:56:55 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntlanman.dll
[2019/03/07 18:56:55 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmsapi.dll
[2019/03/07 18:56:55 | 000,039,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ole2.dll
[2019/03/07 18:56:55 | 000,039,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ole2.dll
[2019/03/07 18:56:55 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nwc.cpl
[2019/03/07 18:56:55 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwc.cpl
[2019/03/07 18:56:55 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntsdexts.dll
[2019/03/07 18:56:55 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntsdexts.dll
[2019/03/07 18:56:55 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmsevt.dll
[2019/03/07 18:56:55 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntmsevt.dll
[2019/03/07 18:56:55 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pifmgr.dll
[2019/03/07 18:56:55 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pifmgr.dll
[2019/03/07 18:56:55 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfproc.dll
[2019/03/07 18:56:55 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ping6.exe
[2019/03/07 18:56:55 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ping6.exe
[2019/03/07 18:56:55 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccp32.cpl
[2019/03/07 18:56:55 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbccp32.cpl
[2019/03/07 18:56:55 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcad32.exe
[2019/03/07 18:56:55 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcad32.exe
[2019/03/07 18:56:55 | 000,032,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwlnkfwd.sys
[2019/03/07 18:56:55 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntsd.exe
[2019/03/07 18:56:55 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\plustab.dll
[2019/03/07 18:56:55 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\plustab.dll
[2019/03/07 18:56:55 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfdisk.dll
[2019/03/07 18:56:55 | 000,026,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbc16gt.dll
[2019/03/07 18:56:55 | 000,026,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbc16gt.dll
[2019/03/07 18:56:55 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntdsbcli.dll
[2019/03/07 18:56:55 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdsbcli.dll
[2019/03/07 18:56:55 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfos.dll
[2019/03/07 18:56:55 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcbcp.dll
[2019/03/07 18:56:55 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pidgen.dll
[2019/03/07 18:56:55 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olesvr.dll
[2019/03/07 18:56:55 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olesvr.dll
[2019/03/07 18:56:55 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olesvr32.dll
[2019/03/07 18:56:55 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olesvr32.dll
[2019/03/07 18:56:55 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pathping.exe
[2019/03/07 18:56:55 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pathping.exe
[2019/03/07 18:56:55 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oleaccrc.dll
[2019/03/07 18:56:55 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaccrc.dll
[2019/03/07 18:56:55 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nwcfg.dll
[2019/03/07 18:56:55 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwcfg.dll
[2019/03/07 18:56:55 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ping.exe
[2019/03/07 18:56:55 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfnet.dll
[2019/03/07 18:56:55 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nwapi16.dll
[2019/03/07 18:56:55 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwapi16.dll
[2019/03/07 18:56:55 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbc32gt.dll
[2019/03/07 18:56:55 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbc32gt.dll
[2019/03/07 18:56:55 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfmon.exe
[2019/03/07 18:56:55 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntvdmd.dll
[2019/03/07 18:56:55 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntlanui2.dll
[2019/03/07 18:56:55 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwlnkflt.sys
[2019/03/07 18:56:55 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfts.dll
[2019/03/07 18:56:55 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfts.dll
[2019/03/07 18:56:55 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcp32r.dll
[2019/03/07 18:56:55 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\panmap.dll
[2019/03/07 18:56:55 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\panmap.dll
[2019/03/07 18:56:55 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\parvdm.sys
[2019/03/07 18:56:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nwevent.dll
[2019/03/07 18:56:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwevent.dll
[2019/03/07 18:56:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfnw.dll
[2019/03/07 18:56:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfnw.dll
[2019/03/07 18:56:55 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\null.sys
[2019/03/07 18:56:54 | 001,384,479 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvbvm60.dll
[2019/03/07 18:56:54 | 001,355,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvbvm50.dll
[2019/03/07 18:56:54 | 000,838,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mswdat10.dll
[2019/03/07 18:56:54 | 000,838,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswdat10.dll
[2019/03/07 18:56:54 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml2.dll
[2019/03/07 18:56:54 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2019/03/07 18:56:54 | 000,622,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netcfgx.dll
[2019/03/07 18:56:54 | 000,621,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mswstr10.dll
[2019/03/07 18:56:54 | 000,621,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswstr10.dll
[2019/03/07 18:56:54 | 000,565,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp50.dll
[2019/03/07 18:56:54 | 000,565,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvcp50.dll
[2019/03/07 18:56:54 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml.dll
[2019/03/07 18:56:54 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp60.dll
[2019/03/07 18:56:54 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netlogon.dll
[2019/03/07 18:56:54 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvcrt.dll
[2019/03/07 18:56:54 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2019/03/07 18:56:54 | 000,322,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrd3x40.dll
[2019/03/07 18:56:54 | 000,322,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrd3x40.dll
[2019/03/07 18:56:54 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netui2.dll
[2019/03/07 18:56:54 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netui2.dll
[2019/03/07 18:56:54 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\neth.dll
[2019/03/07 18:56:54 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\neth.dll
[2019/03/07 18:56:54 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\newdev.dll
[2019/03/07 18:56:54 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netui1.dll
[2019/03/07 18:56:54 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netevent.dll
[2019/03/07 18:56:54 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netevent.dll
[2019/03/07 18:56:54 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll
[2019/03/07 18:56:54 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll
[2019/03/07 18:56:54 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netmsg.dll
[2019/03/07 18:56:54 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netmsg.dll
[2019/03/07 18:56:54 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msorcl32.dll
[2019/03/07 18:56:54 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msorcl32.dll
[2019/03/07 18:56:54 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netid.dll
[2019/03/07 18:56:54 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssap.dll
[2019/03/07 18:56:54 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netfxocm.dll
[2019/03/07 18:56:54 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvideo.dll
[2019/03/07 18:56:54 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvideo.dll
[2019/03/07 18:56:54 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\net1.exe
[2019/03/07 18:56:54 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvfw32.dll
[2019/03/07 18:56:54 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstlsapi.dll
[2019/03/07 18:56:54 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msscript.ocx
[2019/03/07 18:56:54 | 000,108,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netapi.dll
[2019/03/07 18:56:54 | 000,108,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi.dll
[2019/03/07 18:56:54 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nlhtml.dll
[2019/03/07 18:56:54 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nlhtml.dll
[2019/03/07 18:56:54 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mycomput.dll
[2019/03/07 18:56:54 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mycomput.dll
[2019/03/07 18:56:54 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsh.exe
[2019/03/07 18:56:54 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netui0.dll
[2019/03/07 18:56:54 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msw3prt.dll
[2019/03/07 18:56:54 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxclu.dll
[2019/03/07 18:56:54 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcrt40.dll
[2019/03/07 18:56:54 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvcrt40.dll
[2019/03/07 18:56:54 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msratelc.dll
[2019/03/07 18:56:54 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msratelc.dll
[2019/03/07 18:56:54 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcirt.dll
[2019/03/07 18:56:54 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ndptsp.tsp
[2019/03/07 18:56:54 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\narrator.exe
[2019/03/07 18:56:54 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msprivs.dll
[2019/03/07 18:56:54 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3r.dll
[2019/03/07 18:56:54 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3r.dll
[2019/03/07 18:56:54 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\net.exe
[2019/03/07 18:56:54 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msports.dll
[2019/03/07 18:56:54 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msports.dll
[2019/03/07 18:56:54 | 000,037,916 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml2r.dll
[2019/03/07 18:56:54 | 000,037,916 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml2r.dll
[2019/03/07 18:56:54 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netstat.exe
[2019/03/07 18:56:54 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ncobjapi.dll
[2019/03/07 18:56:54 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ncpa.cpl
[2019/03/07 18:56:54 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncpa.cpl
[2019/03/07 18:56:54 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\narrhook.dll
[2019/03/07 18:56:54 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\narrhook.dll
[2019/03/07 18:56:54 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssign32.dll
[2019/03/07 18:56:54 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssign32.dll
[2019/03/07 18:56:54 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msobjs.dll
[2019/03/07 18:56:54 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobjs.dll
[2019/03/07 18:56:54 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspatcha.dll
[2019/03/07 18:56:54 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidc32.dll
[2019/03/07 18:56:54 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxmlr.dll
[2019/03/07 18:56:54 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxmlr.dll
[2019/03/07 18:56:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.cpl
[2019/03/07 18:56:54 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nbtstat.exe
[2019/03/07 18:56:54 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nbtstat.exe
[2019/03/07 18:56:54 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msorc32r.dll
[2019/03/07 18:56:54 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nddenb32.dll
[2019/03/07 18:56:54 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nddeapi.dll
[2019/03/07 18:56:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msswch.dll
[2019/03/07 18:56:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msswch.dll
[2019/03/07 18:56:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netrap.dll
[2019/03/07 18:56:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ncxpnt.dll
[2019/03/07 18:56:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncxpnt.dll
[2019/03/07 18:56:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msswchx.exe
[2019/03/07 18:56:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msswchx.exe
[2019/03/07 18:56:54 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssip32.dll
[2019/03/07 18:56:54 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssip32.dll
[2019/03/07 18:56:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nddeapir.exe
[2019/03/07 18:56:53 | 002,843,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msi.dll
[2019/03/07 18:56:53 | 001,872,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcndmgr.dll
[2019/03/07 18:56:53 | 001,516,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjet40.dll
[2019/03/07 18:56:53 | 001,516,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjet40.dll
[2019/03/07 18:56:53 | 001,414,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmc.exe
[2019/03/07 18:56:53 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.tlb
[2019/03/07 18:56:53 | 001,028,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc42.dll
[2019/03/07 18:56:53 | 001,028,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2019/03/07 18:56:53 | 000,997,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msgina.dll
[2019/03/07 18:56:53 | 000,981,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc42u.dll
[2019/03/07 18:56:53 | 000,981,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42u.dll
[2019/03/07 18:56:53 | 000,927,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc40u.dll
[2019/03/07 18:56:53 | 000,927,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2019/03/07 18:56:53 | 000,924,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc40.dll
[2019/03/07 18:56:53 | 000,924,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40.dll
[2019/03/07 18:56:53 | 000,884,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msimsg.dll
[2019/03/07 18:56:53 | 000,661,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqqm.dll
[2019/03/07 18:56:53 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mlang.dll
[2019/03/07 18:56:53 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqsnap.dll
[2019/03/07 18:56:53 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqutil.dll
[2019/03/07 18:56:53 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metal_ss.dll
[2019/03/07 18:56:53 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msihnd.dll
[2019/03/07 18:56:53 | 000,248,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjtes40.dll
[2019/03/07 18:56:53 | 000,248,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjtes40.dll
[2019/03/07 18:56:53 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqoa.dll
[2019/03/07 18:56:53 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\moricons.dll
[2019/03/07 18:56:53 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqtrig.dll
[2019/03/07 18:56:53 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqrt.dll
[2019/03/07 18:56:53 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcbase.dll
[2019/03/07 18:56:53 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msls31.dll
[2019/03/07 18:56:53 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msls31.dll
[2019/03/07 18:56:53 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\modemui.dll
[2019/03/07 18:56:53 | 000,151,583 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjint40.dll
[2019/03/07 18:56:53 | 000,151,583 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjint40.dll
[2019/03/07 18:56:53 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdart.dll
[2019/03/07 18:56:53 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqad.dll
[2019/03/07 18:56:53 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqrtdep.dll
[2019/03/07 18:56:53 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmutilse.dll
[2019/03/07 18:56:53 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmutilse.dll
[2019/03/07 18:56:53 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdadiag.dll
[2019/03/07 18:56:53 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msaatext.dll
[2019/03/07 18:56:53 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaatext.dll
[2019/03/07 18:56:53 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mprmsg.dll
[2019/03/07 18:56:53 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mprmsg.dll
[2019/03/07 18:56:53 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqsec.dll
[2019/03/07 18:56:53 | 000,091,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mqac.sys
[2019/03/07 18:56:53 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqlogmgr.dll
[2019/03/07 18:56:53 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mprapi.dll
[2019/03/07 18:56:53 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqoa.tlb
[2019/03/07 18:56:53 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqoa.tlb
[2019/03/07 18:56:53 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscms.dll
[2019/03/07 18:56:53 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msacm32.dll
[2019/03/07 18:56:53 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mprddm.dll
[2019/03/07 18:56:53 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mprddm.dll
[2019/03/07 18:56:53 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmsystem.dll
[2019/03/07 18:56:53 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmsystem.dll
[2019/03/07 18:56:53 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msaudite.dll
[2019/03/07 18:56:53 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaudite.dll
[2019/03/07 18:56:53 | 000,061,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msacm.dll
[2019/03/07 18:56:53 | 000,061,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msacm.dll
[2019/03/07 18:56:53 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqgentr.dll
[2019/03/07 18:56:53 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqgentr.dll
[2019/03/07 18:56:53 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\miglibnt.dll
[2019/03/07 18:56:53 | 000,060,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjter40.dll
[2019/03/07 18:56:53 | 000,060,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjter40.dll
[2019/03/07 18:56:53 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqoa20.tlb
[2019/03/07 18:56:53 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqoa20.tlb
[2019/03/07 18:56:53 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msident.dll
[2019/03/07 18:56:53 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqupgrd.dll
[2019/03/07 18:56:53 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtmler.dll
[2019/03/07 18:56:53 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqdscli.dll
[2019/03/07 18:56:53 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mprui.dll
[2019/03/07 18:56:53 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mprui.dll
[2019/03/07 18:56:53 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mf3216.dll
[2019/03/07 18:56:53 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscpxl32.dll
[2019/03/07 18:56:53 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscpxl32.dll
[2019/03/07 18:56:53 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqoa10.tlb
[2019/03/07 18:56:53 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqoa10.tlb
[2019/03/07 18:56:53 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mimefilt.dll
[2019/03/07 18:56:53 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mimefilt.dll
[2019/03/07 18:56:53 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfcsubs.dll
[2019/03/07 18:56:53 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfcsubs.dll
[2019/03/07 18:56:53 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpnotify.exe
[2019/03/07 18:56:53 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpnotify.exe
[2019/03/07 18:56:53 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqbkup.exe
[2019/03/07 18:56:53 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mode.com
[2019/03/07 18:56:53 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqise.dll
[2019/03/07 18:56:53 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\more.com
[2019/03/07 18:56:53 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msisip.dll
[2019/03/07 18:56:53 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msidntld.dll
[2019/03/07 18:56:53 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msidntld.dll
[2019/03/07 18:56:53 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mrinfo.exe
[2019/03/07 18:56:53 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrinfo.exe
[2019/03/07 18:56:53 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdatsrc.tlb
[2019/03/07 18:56:53 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatsrc.tlb
[2019/03/07 18:56:53 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscpx32r.dll
[2019/03/07 18:56:53 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmdrv.dll
[2019/03/07 18:56:53 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmdrv.dll
[2019/03/07 18:56:53 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqcertui.dll
[2019/03/07 18:56:53 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqcertui.dll
[2019/03/07 18:56:53 | 000,010,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\modex.dll
[2019/03/07 18:56:53 | 000,010,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modex.dll
[2019/03/07 18:56:53 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modern.fon
[2019/03/07 18:56:53 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqperf.dll
[2019/03/07 18:56:53 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqperf.dll
[2019/03/07 18:56:53 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mountvol.exe
[2019/03/07 18:56:53 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mountvol.exe
[2019/03/07 18:56:53 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mll_mtf.dll
[2019/03/07 18:56:53 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mll_mtf.dll
[2019/03/07 18:56:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscat32.dll
[2019/03/07 18:56:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscat32.dll
[2019/03/07 18:56:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msidle.dll
[2019/03/07 18:56:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mll_qic.dll
[2019/03/07 18:56:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mll_qic.dll
[2019/03/07 18:56:53 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msafd.dll
[2019/03/07 18:56:53 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mll_hp.dll
[2019/03/07 18:56:53 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mll_hp.dll
[2019/03/07 18:56:53 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mouse.drv
[2019/03/07 18:56:53 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouse.drv
[2019/03/07 18:56:53 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmtask.tsk
[2019/03/07 18:56:53 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmtask.tsk
[2019/03/07 18:56:52 | 004,153,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logonuiX.exe
[2019/03/07 18:56:52 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licdll.dll
[2019/03/07 18:56:52 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\localsec.dll
[2019/03/07 18:56:52 | 000,221,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lanman.drv
[2019/03/07 18:56:52 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logon.scr
[2019/03/07 18:56:52 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\main.cpl
[2019/03/07 18:56:52 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\main.cpl
[2019/03/07 18:56:52 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\keymgr.dll
[2019/03/07 18:56:52 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdminst.dll
[2019/03/07 18:56:52 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapistub.dll
[2019/03/07 18:56:52 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\loadperf.dll
[2019/03/07 18:56:52 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\langwrbk.dll
[2019/03/07 18:56:52 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\langwrbk.dll
[2019/03/07 18:56:52 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciavi32.dll
[2019/03/07 18:56:52 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciavi.drv
[2019/03/07 18:56:52 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciavi.drv
[2019/03/07 18:56:52 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\magnify.exe
[2019/03/07 18:56:52 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logman.exe
[2019/03/07 18:56:52 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\makecab.exe
[2019/03/07 18:56:52 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdhcp.dll
[2019/03/07 18:56:52 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdhcp.dll
[2019/03/07 18:56:52 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\loghours.dll
[2019/03/07 18:56:52 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loghours.dll
[2019/03/07 18:56:52 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2019/03/07 18:56:52 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmddsp.tsp
[2019/03/07 18:56:52 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lights.exe
[2019/03/07 18:56:52 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lights.exe
[2019/03/07 18:56:52 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciwave.drv
[2019/03/07 18:56:52 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciwave.drv
[2019/03/07 18:56:52 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciseq.drv
[2019/03/07 18:56:52 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciseq.drv
[2019/03/07 18:56:52 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciwave.dll
[2019/03/07 18:56:52 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciseq.dll
[2019/03/07 18:56:52 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mcicda.dll
[2019/03/07 18:56:52 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mcicda.dll
[2019/03/07 18:56:52 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mcastmib.dll
[2019/03/07 18:56:52 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\localui.dll
[2019/03/07 18:56:52 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mcdsrv32.dll
[2019/03/07 18:56:52 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mcdsrv32.dll
[2019/03/07 18:56:52 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mcd32.dll
[2019/03/07 18:56:52 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mcd32.dll
[2019/03/07 18:56:52 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lprhelp.dll
[2019/03/07 18:56:52 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lzexpand.dll
[2019/03/07 18:56:52 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lzexpand.dll
[2019/03/07 18:56:52 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\label.exe
[2019/03/07 18:56:52 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\label.exe
[2019/03/07 18:56:52 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lprmonui.dll
[2019/03/07 18:56:52 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmonui.dll
[2019/03/07 18:56:52 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciole16.dll
[2019/03/07 18:56:52 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciole16.dll
[2019/03/07 18:56:52 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mag_hook.dll
[2019/03/07 18:56:52 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mag_hook.dll
[2019/03/07 18:56:52 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lpr.exe
[2019/03/07 18:56:52 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpr.exe
[2019/03/07 18:56:52 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciole32.dll
[2019/03/07 18:56:52 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciole32.dll
[2019/03/07 18:56:52 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mcd.sys
[2019/03/07 18:56:52 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mcd.sys
[2019/03/07 18:56:52 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kd1394.dll
[2019/03/07 18:56:52 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kdcom.dll
[2019/03/07 18:56:52 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdcom.dll
[2019/03/07 18:56:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lpq.exe
[2019/03/07 18:56:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpq.exe
[2019/03/07 18:56:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lodctr.exe
[2019/03/07 18:56:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lodctr.exe
[2019/03/07 18:56:52 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mchgrcoi.dll
[2019/03/07 18:56:52 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mchgrcoi.dll
[2019/03/07 18:56:52 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lz32.dll
[2019/03/07 18:56:52 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lz32.dll
[2019/03/07 18:56:52 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\keyboard.drv
[2019/03/07 18:56:52 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\keyboard.drv
[2019/03/07 18:56:51 | 001,830,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2019/03/07 18:56:51 | 000,614,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\h323msp.dll
[2019/03/07 18:56:51 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hhctrl.ocx
[2019/03/07 18:56:51 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript.dll
[2019/03/07 18:56:51 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll
[2019/03/07 18:56:51 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\infosoft.dll
[2019/03/07 18:56:51 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infosoft.dll
[2019/03/07 18:56:51 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2019/03/07 18:56:51 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2019/03/07 18:56:51 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsmsnap.dll
[2019/03/07 18:56:51 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jet500.dll
[2019/03/07 18:56:51 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jet500.dll
[2019/03/07 18:56:51 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\home_ss.dll
[2019/03/07 18:56:51 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsecsnp.dll
[2019/03/07 18:56:51 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hnetcfg.dll
[2019/03/07 18:56:51 | 000,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ippromon.dll
[2019/03/07 18:56:51 | 000,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hnetwiz.dll
[2019/03/07 18:56:51 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.exe
[2019/03/07 18:56:51 | 000,265,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\h323.tsp
[2019/03/07 18:56:51 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icm32.dll
[2019/03/07 18:56:51 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iassdo.dll
[2019/03/07 18:56:51 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iassdo.dll
[2019/03/07 18:56:51 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieaksie.dll
[2019/03/07 18:56:51 | 000,198,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iuengine.dll
[2019/03/07 18:56:51 | 000,198,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iuengine.dll
[2019/03/07 18:56:51 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2019/03/07 18:56:51 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iprtrmgr.dll
[2019/03/07 18:56:51 | 000,163,840 | ---- | C] (America Online) -- C:\WINDOWS\System32\jgdw400.dll
quazzer
Regular Member
 
Posts: 76
Joined: January 21st, 2007, 3:49 pm
Location: South West
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 215 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware