Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Best version of firefox to use for old pc [Solved]

Started by evolutionpill , Mar 24 2016 04:10 AM

Page 3 of 6
1
2
3
4
5

This topic is locked

#31
RKinner

Posted 31 March 2016 - 08:58 AM

Malware Expert

Expert
24,625 posts

I don't see the results for the last scan.

From the OTL log it appears that you may have had a bad download of SP3. Since it's unstable even in Safe Mode I think you should try and back it out:

https://support.micr...en-us/kb/950249

#32
evolutionpill

Posted 31 March 2016 - 09:55 AM

Member

Topic Starter
Member
127 posts

I will do the uninstall, not exactly sure what logged but in previous post I pasted the second set of logs from otl, I'll paste again

OTL logfile created on: 3/31/2016 10:07:54 PM - Run 1
OTL by OldTimer - Version 3.2.70.2 Folder = C:\Documents and Settings\sf\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

494.42 Mb Total Physical Memory | 339.83 Mb Available Physical Memory | 68.73% Memory free
1.13 Gb Paging File | 0.94 Gb Available in Paging File | 83.41% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 9.23 Gb Free Space | 47.24% Space Free | Partition Type: NTFS
Drive D: | 29.29 Gb Total Space | 5.29 Gb Free Space | 18.04% Space Free | Partition Type: NTFS
Drive E: | 29.29 Gb Total Space | 2.95 Gb Free Space | 10.08% Space Free | Partition Type: NTFS
Drive F: | 33.66 Gb Total Space | 3.33 Gb Free Space | 9.90% Space Free | Partition Type: NTFS

Computer Name: SS | User Name: sf | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2016/03/31 15:52:05 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\sf\Desktop\OTL.exe
PRC - [2015/02/27 07:35:55 | 000,038,136 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe
PRC - [2015/02/27 07:04:25 | 000,142,584 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
PRC - [2008/04/14 09:55:22 | 001,134,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/09/07 16:08:02 | 000,389,120 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe

========== Modules (No Company Name) ==========

MOD - [2013/04/13 01:23:30 | 000,612,664 | ---- | M] () -- C:\Program Files\Panda Security\Panda Security Protection\sqlite3.dll

========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Wondershare\TunesGoRetro\DriverInstall.exe -- (WsDrvInst)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2015/02/27 07:35:55 | 000,038,136 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe -- (PSUAService)
SRV - [2015/02/27 07:04:25 | 000,142,584 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe -- (NanoServiceMain)
SRV - [2014/10/09 15:40:48 | 000,066,808 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe -- (PandaAgent)
SRV - [2008/02/05 13:05:14 | 000,026,488 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\spupdsvc.exe -- (spupdsvc)
SRV - [2004/09/07 16:12:32 | 000,225,353 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Unknown (0) | Unavailable | Unknown] -- -- (msahci)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2015/06/17 22:57:29 | 000,140,792 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\PSINAflt.sys -- (PSINAflt)
DRV - [2015/02/26 03:03:45 | 000,100,624 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\PSINReg.sys -- (PSINReg)
DRV - [2015/02/26 03:03:44 | 000,124,944 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\PSINProt.sys -- (PSINProt)
DRV - [2015/02/26 03:03:44 | 000,114,704 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\PSINProc.sys -- (PSINProc)
DRV - [2015/02/26 03:03:43 | 000,172,432 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\PSINKNC.sys -- (PSINKNC)
DRV - [2015/02/26 03:03:43 | 000,103,312 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\PSINFile.sys -- (PSINFile)
DRV - [2015/02/10 05:02:21 | 000,094,864 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNStlsc.sys -- (NNSTLSC)
DRV - [2015/02/10 05:02:20 | 000,239,888 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNSStrm.sys -- (NNSSTRM)
DRV - [2015/02/10 05:02:20 | 000,108,432 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNSSmtp.sys -- (NNSSMTP)
DRV - [2015/02/10 05:02:19 | 000,281,232 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNSProt.sys -- (NNSPROT)
DRV - [2015/02/10 05:02:19 | 000,205,456 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNSPrv.sys -- (NNSPRV)
DRV - [2015/02/10 05:02:18 | 000,120,592 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNSPop3.sys -- (NNSPOP3)
DRV - [2015/02/10 05:02:17 | 000,099,856 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNSpicc.sys -- (NNSPICC)
DRV - [2015/02/10 05:02:17 | 000,052,112 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNSpihs.sys -- (NNSPIHS)
DRV - [2015/02/10 05:02:16 | 000,202,128 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNSHttp.sys -- (NNSHTTP)
DRV - [2015/02/10 05:02:16 | 000,126,480 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNSIds.sys -- (NNSIDS)
DRV - [2015/02/10 05:02:16 | 000,109,584 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNSHttps.sys -- (NNSHTTPS)
DRV - [2015/02/10 05:02:15 | 000,086,800 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNSAlpc.sys -- (NNSALPC)
DRV - [2014/10/21 20:18:36 | 000,046,480 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NNSNAHS.sys -- (NNSNAHS)
DRV - [2014/03/07 10:18:06 | 000,032,968 | R--- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)
DRV - [2013/10/28 16:04:08 | 000,046,160 | ---- | M] (Fuzhou Rockchip Electronics Co,Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rockusb.sys -- (Rockusb)
DRV - [2012/12/30 04:59:38 | 000,024,184 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2004/11/15 15:37:52 | 000,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\stac97.sys -- (STAC97)
DRV - [2004/10/21 15:56:04 | 003,210,496 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51)
DRV - [2004/08/31 08:53:04 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2004/08/12 08:44:04 | 000,234,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iwca.sys -- (IWCA)
DRV - [2004/05/21 14:18:56 | 000,067,072 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tifm.sys -- (tifm)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\omci.sys -- (OMCI)
DRV - [1996/04/04 03:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CN"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.region: "CN"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:45.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 45.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 45.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2014/10/01 21:27:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sf\Application Data\Mozilla\Extensions
[2016/03/26 16:55:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sf\Application Data\Mozilla\Firefox\Profiles\hgx4pa98.default\extensions
[2014/10/02 00:02:51 | 000,000,000 | ---D | M] ("Web Counselor") -- C:\Documents and Settings\sf\Application Data\Mozilla\Firefox\Profiles\hgx4pa98.default\extensions\{25dd52dc-89a8-469d-9e8f-8d483095d1e8}
[2016/03/26 16:55:47 | 000,000,000 | ---D | M] (Panda Security Toolbar) -- C:\Documents and Settings\sf\Application Data\Mozilla\Firefox\Profiles\hgx4pa98.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[2014/10/02 00:02:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sf\Application Data\Mozilla\Firefox\Profileshgx4pa98.default\extensions
[2014/10/02 00:02:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sf\Application Data\Mozilla\Firefox\Profileshgx4pa98.default\extensions\staged
[2015/06/16 10:49:49 | 000,033,429 | ---- | M] () (No name found) -- C:\Documents and Settings\sf\Application Data\Mozilla\Firefox\Profiles\hgx4pa98.default\extensions\{95ab36d4-fb6f-47b0-8b8d-e5f3bd547953}.xpi
[2016/03/24 22:26:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions

O1 HOSTS File: ([2004/08/04 20:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll ()
O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll ()
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Panda Security URL Filtering] C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe (Visicom Media Inc.)
O4 - HKLM..\Run: [PSUAMain] C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe (Panda Security, S.L.)
O4 - HKLM..\RunOnce: [OE_WMPDRM_Install_1] C:\WINDOWS\System32\drmstor.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPDRM_Install_2] C:\WINDOWS\System32\drmclien.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPDRM_Install_4] C:\WINDOWS\System32\drmv2clt.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPDRM_Install_5] C:\WINDOWS\System32\blackbox.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPDRM_Install_6] C:\WINDOWS\System32\msnetobj.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_10] C:\WINDOWS\System32\wmsdmoe2.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_2] C:\WINDOWS\System32\wmnetmgr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_20] C:\WINDOWS\System32\wmadmod.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_21] C:\WINDOWS\System32\mpg4dmod.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_22] C:\WINDOWS\System32\mp43dmod.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_23] C:\WINDOWS\System32\mp4sdmod.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_24] C:\WINDOWS\System32\wmsdmod.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_3] C:\WINDOWS\system32\regsvr32 /s /u "C:\WINDOWS\system32\wmv8dmod.dll" File not found
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_30] C:\WINDOWS\System32\laprxy.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_31] C:\WINDOWS\System32\logagent.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_32] C:\WINDOWS\System32\wmvcore.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_4] C:\WINDOWS\System32\wmvdmod.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_5] C:\WINDOWS\System32\wmvdmoe2.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_6] C:\WINDOWS\System32\wmadmoe.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_7] C:\WINDOWS\System32\wmspdmod.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_8] C:\WINDOWS\System32\wmspdmoe.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_9] C:\WINDOWS\System32\wmsdmoe.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMP7_Install_0] C:\WINDOWS\INF\unregmp2.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMP7_Install_20] C:\WINDOWS\INF\unregmp2.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMP7_Install_9] C:\WINDOWS\system32\wmpasf.dll (Microsoft Corporation)
O4 - HKCU..\RunOnce: [TSClientAXDisabler] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [TSClientMSIUninstaller] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: MaxGPOScriptWait = 600
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D7107B94-1DDC-4D20-A2B4-35619214B37B}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\IntelWireless: DllName - (C:\Program Files\Intel\Wireless\Bin\LgNotify.dll) - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/10/01 20:14:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/03/13 13:44:31 | 000,000,000 | R--D | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/03/13 13:44:31 | 000,000,000 | R--D | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/03/13 13:44:31 | 000,000,000 | R--D | M] - F:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2016/03/31 15:51:43 | 000,601,088 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\sf\Desktop\OTL.exe
[2016/03/29 01:10:24 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2016/03/29 01:06:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2016/03/28 12:08:19 | 002,470,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2016/03/28 12:08:19 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2016/03/28 12:08:19 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2016/03/28 12:08:17 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2016/03/28 12:08:14 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2016/03/28 12:08:13 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2016/03/28 12:08:12 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2016/03/28 12:08:08 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2016/03/28 12:07:57 | 000,104,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2016/03/28 12:07:57 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2016/03/28 12:07:57 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2016/03/28 12:07:57 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2016/03/28 12:07:54 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2016/03/28 12:07:54 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2016/03/28 12:07:53 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2016/03/28 12:07:53 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2016/03/28 12:07:53 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2016/03/28 12:07:53 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2016/03/28 12:07:53 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2016/03/28 12:07:53 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2016/03/28 12:07:53 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2016/03/28 12:07:53 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2016/03/28 12:07:53 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2016/03/28 12:07:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2016/03/28 12:07:52 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2016/03/28 12:07:52 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2016/03/28 12:07:52 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2016/03/28 12:07:52 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2016/03/28 12:07:52 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2016/03/28 12:07:52 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2016/03/28 12:07:51 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2016/03/28 12:07:51 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2016/03/28 12:07:51 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2016/03/28 12:07:51 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2016/03/28 12:07:51 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2016/03/28 12:07:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2016/03/28 12:07:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2016/03/28 12:07:49 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2016/03/28 12:07:49 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2016/03/28 12:07:49 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2016/03/28 12:07:49 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2016/03/28 12:07:49 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2016/03/28 12:07:49 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2016/03/28 12:07:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2016/03/28 12:07:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2016/03/28 12:07:48 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2016/03/28 12:07:48 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2016/03/28 12:07:48 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2016/03/28 12:07:48 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2016/03/28 12:07:48 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2016/03/28 12:07:48 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2016/03/28 12:07:47 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2016/03/28 12:07:47 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2016/03/28 12:07:47 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2016/03/28 12:07:46 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2016/03/28 12:07:46 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2016/03/28 12:07:46 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2016/03/28 12:07:46 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2016/03/28 12:07:46 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2016/03/28 12:07:46 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2016/03/28 12:07:46 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2016/03/28 12:07:46 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2016/03/28 12:07:46 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2016/03/28 12:07:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2016/03/28 12:07:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2016/03/28 12:07:45 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2016/03/28 12:07:42 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2016/03/28 12:07:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2016/03/28 12:07:39 | 000,000,000 | ---D | C] -- C:\Program Files\msn
[2016/03/28 12:07:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2016/03/28 12:07:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2016/03/28 12:07:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2016/03/28 12:05:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2016/03/28 12:04:41 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2016/03/28 12:02:27 | 000,004,255 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2016/03/28 12:02:27 | 000,003,967 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2016/03/28 12:02:27 | 000,003,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2016/03/28 12:02:27 | 000,003,711 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2016/03/28 12:02:27 | 000,003,647 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2016/03/28 12:02:27 | 000,003,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2016/03/28 12:02:27 | 000,003,135 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2016/03/28 12:02:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2016/03/28 12:02:26 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2016/03/28 12:02:26 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2016/03/28 12:02:26 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2016/03/28 12:02:26 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2016/03/28 12:02:26 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2016/03/28 12:02:25 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2016/03/28 12:02:25 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2016/03/28 12:02:25 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2016/03/28 12:02:25 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2016/03/28 12:02:25 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2016/03/28 12:02:25 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2016/03/28 12:02:25 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2016/03/28 12:02:25 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2016/03/28 12:02:25 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2016/03/28 12:02:25 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2016/03/28 12:02:25 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2016/03/28 12:02:25 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2016/03/28 12:02:25 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2016/03/28 12:02:25 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2016/03/28 12:02:25 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2016/03/28 12:02:25 | 000,021,183 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2016/03/28 12:02:25 | 000,017,279 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2016/03/28 12:02:25 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2016/03/28 12:02:25 | 000,014,143 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2016/03/28 12:02:25 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2016/03/28 12:02:25 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2016/03/28 12:02:25 | 000,011,359 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2016/03/28 12:02:24 | 000,082,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2016/03/28 12:02:24 | 000,015,423 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2016/03/28 12:02:23 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2016/03/28 12:02:23 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2016/03/28 12:02:23 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2016/03/28 12:02:23 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2016/03/28 12:02:23 | 000,040,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2016/03/28 12:02:22 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2016/03/28 12:02:22 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2016/03/28 12:02:22 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2016/03/28 12:02:22 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2016/03/28 12:02:22 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2016/03/28 12:02:22 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2016/03/28 12:02:22 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2016/03/28 12:02:22 | 000,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2016/03/28 12:02:22 | 000,003,901 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2016/03/28 12:02:21 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2016/03/28 12:02:21 | 000,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2016/03/28 12:02:21 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2016/03/28 12:02:21 | 000,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2016/03/28 12:02:21 | 000,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2016/03/28 12:02:21 | 000,011,325 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2016/03/28 12:02:21 | 000,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2016/03/28 11:57:37 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2016/03/28 10:56:38 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2016/03/28 10:56:38 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2016/03/28 10:56:38 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2016/03/28 10:56:38 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2016/03/28 10:56:31 | 000,000,000 | --SD | C] -- C:\ComboFix
[2016/03/28 10:56:26 | 000,000,000 | ---D | C] -- C:\Qoobox
[2016/03/28 10:56:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2016/03/28 10:56:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2016/03/28 10:56:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2016/03/28 10:53:30 | 005,658,151 | R--- | C] (Swearware) -- C:\Documents and Settings\sf\Desktop\ComboFix.exe
[2016/03/28 10:49:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2016/03/27 21:26:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sf\Local Settings\Application Data\Opera Software
[2016/03/27 21:26:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sf\Application Data\Opera Software
[2016/03/27 21:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2016/03/27 14:35:54 | 005,111,240 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\sf\Desktop\spsetup129.exe
[2016/03/27 14:31:19 | 002,694,816 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\sf\Desktop\procexp.exe
[2016/03/26 20:18:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2016/03/26 16:56:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sf\Local Settings\Application Data\panda
[2016/03/26 16:56:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering
[2016/03/26 16:55:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sf\Application Data\pandasecuritytb
[2016/03/26 16:55:11 | 000,000,000 | ---D | C] -- C:\Program Files\pandasecuritytb
[2016/03/26 16:54:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Panda Free Antivirus
[2016/03/26 15:46:09 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll
[2016/03/26 15:31:48 | 002,310,144 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\iglicd32.dll
[2016/03/26 15:31:47 | 000,524,288 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igldev32.dll
[2016/03/26 15:31:42 | 000,147,456 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnld.lrc
[2016/03/26 15:31:42 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrrus.lrc
[2016/03/26 15:31:42 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptg.lrc
[2016/03/26 15:31:42 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrplk.lrc
[2016/03/26 15:31:42 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrhun.lrc
[2016/03/26 15:31:42 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrsve.lrc
[2016/03/26 15:31:42 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnor.lrc
[2016/03/26 15:31:42 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfin.lrc
[2016/03/26 15:31:42 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtrk.lrc
[2016/03/26 15:31:42 | 000,118,784 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrheb.lrc
[2016/03/26 15:31:41 | 000,155,648 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrell.lrc
[2016/03/26 15:31:41 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdan.lrc
[2016/03/26 15:31:41 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcsy.lrc
[2016/03/26 15:31:41 | 000,122,880 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrara.lrc
[2016/03/26 15:31:33 | 000,077,824 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcpl.cpl
[2016/03/26 15:31:31 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuTRK.dll
[2016/03/26 15:31:29 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuTHA.dll
[2016/03/26 15:31:28 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuSVE.dll
[2016/03/26 15:31:27 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuRUS.dll
[2016/03/26 15:31:26 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuPTG.dll
[2016/03/26 15:31:25 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuPTB.dll
[2016/03/26 15:31:24 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuPLK.dll
[2016/03/26 15:31:23 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuNOR.dll
[2016/03/26 15:31:22 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuNLD.dll
[2016/03/26 15:31:21 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuKOR.dll
[2016/03/26 15:31:20 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuJPN.dll
[2016/03/26 15:31:18 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuITA.dll
[2016/03/26 15:31:17 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuHUN.dll
[2016/03/26 15:31:16 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuHEB.dll
[2016/03/26 15:31:15 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuFRC.dll
[2016/03/26 15:31:14 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuFRA.dll
[2016/03/26 15:31:13 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuFIN.dll
[2016/03/26 15:31:12 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuESP.dll
[2016/03/26 15:31:11 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuENG.dll
[2016/03/26 15:31:10 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuELL.dll
[2016/03/26 15:31:09 | 000,114,688 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmudlg.exe
[2016/03/26 15:31:07 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuDEU.dll
[2016/03/26 15:31:06 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuDAN.dll
[2016/03/26 15:31:05 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCSY.dll
[2016/03/26 15:31:04 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCHT.dll
[2016/03/26 15:31:03 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCHS.dll
[2016/03/26 15:31:02 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuARB.dll
[2016/03/26 15:31:01 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuARA.dll
[2016/03/26 15:30:53 | 000,061,440 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\iAlmCoIn_v4363.dll
[2016/03/26 11:51:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2016/03/26 11:50:46 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2016/03/26 11:50:23 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2016/03/26 11:49:39 | 006,112,864 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll
[2016/03/26 11:48:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2016/03/26 00:16:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
[2016/03/26 00:16:06 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2016/03/25 22:38:57 | 000,000,000 | ---D | C] -- C:\FRST
[2016/03/25 22:34:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sf\Application Data\FLV and Media Player
[2016/03/25 22:22:42 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2016/03/25 22:17:39 | 001,610,352 | ---- | C] (Malwarebytes) -- C:\Documents and Settings\sf\Desktop\JRT.exe
[2016/03/25 22:14:11 | 001,725,440 | ---- | C] (Farbar) -- C:\Documents and Settings\sf\Desktop\FRST.exe
[2016/03/24 22:24:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2016/03/24 21:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sf\Application Data\CrystalIdea Software
[2016/03/24 21:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sf\Start Menu\Programs\SpeedFan
[2016/03/24 21:14:27 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2016/03/24 16:37:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\sf\Start Menu\Programs\Administrative Tools
[2016/03/23 18:49:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2013/10/14 10:44:12 | 002,174,976 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Program Files\Common Files\atimpenc.dll
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2016/03/31 21:50:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2016/03/31 15:52:05 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\sf\Desktop\OTL.exe
[2016/03/31 15:43:44 | 000,005,840 | ---- | M] () -- C:\SIPOBJ.DBG
[2016/03/31 15:38:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2016/03/29 01:19:12 | 000,405,320 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2016/03/29 01:19:12 | 000,054,472 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2016/03/29 01:13:37 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2016/03/28 22:42:17 | 000,125,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2016/03/28 12:13:42 | 000,006,643 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2016/03/28 12:02:01 | 000,275,136 | RHS- | M] () -- C:\ntldr
[2016/03/28 10:54:46 | 005,658,151 | R--- | M] (Swearware) -- C:\Documents and Settings\sf\Desktop\ComboFix.exe
[2016/03/28 09:53:31 | 000,000,382 | ---- | M] () -- C:\WINDOWS\tasks\Opera scheduled Autoupdate 1459085101.job
[2016/03/27 23:09:51 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2016/03/27 21:25:32 | 000,000,675 | ---- | M] () -- C:\Documents and Settings\sf\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2016/03/27 21:25:32 | 000,000,675 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2016/03/27 14:37:34 | 005,111,240 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\sf\Desktop\spsetup129.exe
[2016/03/27 14:32:07 | 002,694,816 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\sf\Desktop\procexp.exe
[2016/03/26 20:20:58 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2016/03/26 15:31:13 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuFIN.dll
[2016/03/26 15:31:12 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuESP.dll
[2016/03/26 15:31:11 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuENG.dll
[2016/03/26 15:31:10 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuELL.dll
[2016/03/26 15:31:09 | 000,114,688 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmudlg.exe
[2016/03/26 15:31:07 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuDEU.dll
[2016/03/26 15:31:04 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCHT.dll
[2016/03/26 15:31:03 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCHS.dll
[2016/03/26 15:31:02 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuARB.dll
[2016/03/26 15:31:01 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuARA.dll
[2016/03/26 15:31:00 | 000,038,014 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\ialmrnt5.dll
[2016/03/26 15:30:59 | 000,049,152 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\ialmrem.dll
[2016/03/26 15:30:56 | 000,116,859 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\ialmdnt5.dll
[2016/03/26 15:30:54 | 000,899,706 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\ialmdd5.dll
[2016/03/26 15:30:53 | 000,061,440 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\iAlmCoIn_v4363.dll
[2016/03/26 15:30:51 | 000,073,728 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\hccutils.dll
[2016/03/26 14:58:48 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2016/03/25 23:32:09 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\sf\Desktop\VEW.exe
[2016/03/25 22:18:26 | 001,610,352 | ---- | M] (Malwarebytes) -- C:\Documents and Settings\sf\Desktop\JRT.exe
[2016/03/25 22:16:31 | 001,530,368 | ---- | M] () -- C:\Documents and Settings\sf\Desktop\adwcleaner_5.105.exe
[2016/03/25 22:14:52 | 001,725,440 | ---- | M] (Farbar) -- C:\Documents and Settings\sf\Desktop\FRST.exe
[2016/03/24 21:14:39 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\sf\Desktop\SpeedFan.lnk
[2016/03/24 21:14:26 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2016/03/24 17:07:15 | 000,105,984 | ---- | M] () -- C:\Documents and Settings\sf\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2016/03/07 10:44:42 | 000,001,473 | ---- | M] () -- C:\Documents and Settings\sf\Application Data\Microsoft\Internet Explorer\Quick Launch\WPS Writer.lnk
[2016/03/06 10:19:47 | 000,000,289 | ---- | M] () -- C:\Documents and Settings\sf\Application Data\FotoSketcher.ini
[2016/03/04 17:01:22 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\windrvrz.vxd
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2016/03/31 15:43:43 | 000,005,840 | ---- | C] () -- C:\SIPOBJ.DBG
[2016/03/28 12:13:29 | 000,006,643 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf
[2016/03/28 12:08:16 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2016/03/28 12:08:16 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2016/03/28 12:08:16 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2016/03/28 12:08:16 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2016/03/28 12:08:15 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2016/03/28 12:08:15 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2016/03/28 12:08:15 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2016/03/28 12:08:15 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2016/03/28 12:08:15 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2016/03/28 12:08:15 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2016/03/28 12:08:15 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2016/03/28 12:08:15 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2016/03/28 12:08:15 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2016/03/28 12:08:15 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2016/03/28 12:08:15 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2016/03/28 12:08:15 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2016/03/28 12:08:15 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2016/03/28 12:08:14 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2016/03/28 12:08:14 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2016/03/28 12:08:14 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2016/03/28 12:08:14 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2016/03/28 12:08:14 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2016/03/28 12:08:14 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2016/03/28 12:08:14 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2016/03/28 12:08:14 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2016/03/28 12:08:14 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2016/03/28 12:08:14 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2016/03/28 12:08:14 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2016/03/28 12:08:14 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2016/03/28 12:08:14 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2016/03/28 12:08:14 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2016/03/28 12:08:14 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2016/03/28 12:08:14 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2016/03/28 12:08:14 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2016/03/28 12:08:14 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2016/03/28 12:08:14 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2016/03/28 12:08:14 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2016/03/28 12:08:14 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2016/03/28 12:08:14 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2016/03/28 12:08:14 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2016/03/28 12:08:14 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2016/03/28 12:08:14 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2016/03/28 12:08:14 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2016/03/28 12:08:14 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2016/03/28 12:08:13 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2016/03/28 12:08:13 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2016/03/28 12:08:13 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2016/03/28 12:08:13 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2016/03/28 12:08:13 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2016/03/28 12:08:13 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2016/03/28 12:08:13 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2016/03/28 12:08:13 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2016/03/28 12:08:13 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2016/03/28 12:08:13 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2016/03/28 12:08:13 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2016/03/28 12:08:13 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2016/03/28 12:08:13 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2016/03/28 12:08:13 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2016/03/28 12:08:13 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2016/03/28 12:08:13 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2016/03/28 12:08:13 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2016/03/28 12:08:13 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2016/03/28 12:08:13 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2016/03/28 12:08:13 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2016/03/28 12:08:13 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2016/03/28 12:08:13 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2016/03/28 12:08:13 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2016/03/28 12:08:12 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2016/03/28 12:08:12 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2016/03/28 12:08:12 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2016/03/28 12:08:12 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2016/03/28 12:08:12 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2016/03/28 12:08:12 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2016/03/28 12:08:12 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2016/03/28 12:08:12 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2016/03/28 12:08:12 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2016/03/28 12:08:12 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2016/03/28 12:08:12 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2016/03/28 12:08:12 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2016/03/28 12:08:12 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2016/03/28 12:02:25 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2016/03/28 12:02:24 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2016/03/28 12:02:23 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2016/03/28 10:56:38 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2016/03/28 10:56:38 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2016/03/28 10:56:38 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2016/03/28 10:56:38 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2016/03/28 10:56:38 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2016/03/27 21:25:42 | 000,000,382 | ---- | C] () -- C:\WINDOWS\tasks\Opera scheduled Autoupdate 1459085101.job
[2016/03/27 21:25:32 | 000,000,675 | ---- | C] () -- C:\Documents and Settings\sf\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2016/03/27 21:25:32 | 000,000,675 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Opera.lnk
[2016/03/27 21:25:32 | 000,000,675 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2016/03/27 20:02:40 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2016/03/26 15:31:49 | 000,524,850 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa
[2016/03/26 15:31:49 | 000,058,675 | ---- | C] () -- C:\WINDOWS\System32\igxpxk32.vp
[2016/03/26 15:31:49 | 000,018,496 | ---- | C] () -- C:\WINDOWS\System32\igxpxs32.vp
[2016/03/26 15:31:49 | 000,000,900 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.vp
[2016/03/26 11:51:47 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2016/03/25 23:26:46 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\sf\Desktop\VEW.exe
[2016/03/25 22:15:54 | 001,530,368 | ---- | C] () -- C:\Documents and Settings\sf\Desktop\adwcleaner_5.105.exe
[2016/03/24 21:14:38 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\sf\Desktop\SpeedFan.lnk
[2016/03/24 21:14:16 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2016/03/07 10:44:42 | 000,001,473 | ---- | C] () -- C:\Documents and Settings\sf\Application Data\Microsoft\Internet Explorer\Quick Launch\WPS Writer.lnk
[2016/02/07 18:00:07 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2016/02/07 17:10:11 | 001,180,048 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2016/02/07 17:10:11 | 000,048,288 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2015/10/25 19:14:26 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\DriverCoInstaller.dll
[2015/09/19 21:53:36 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\Lagarith.dll
[2015/09/19 21:53:33 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2015/09/19 21:53:33 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2015/08/22 05:49:14 | 000,000,289 | ---- | C] () -- C:\Documents and Settings\sf\Application Data\FotoSketcher.ini
[2015/07/24 14:07:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2014/10/17 23:26:02 | 000,945,683 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1085031214-688789844-1343024091-1003-0.dat
[2014/10/17 23:25:57 | 000,113,618 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2014/10/02 03:58:55 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2014/10/02 03:56:14 | 000,125,784 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/10/01 21:27:46 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/10/01 20:46:05 | 000,105,984 | ---- | C] () -- C:\Documents and Settings\sf\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/10/01 20:18:38 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2014/10/01 20:09:48 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== ZeroAccess Check ==========

[2012/11/29 14:02:44 | 000,000,227 | ---- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 09:55:12 | 002,164,224 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2008/04/14 09:55:08 | 000,477,184 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 09:55:14 | 000,275,456 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:16EAB5F6

< End of report >
OTL Extras logfile created on: 3/31/2016 10:07:54 PM - Run 1
OTL by OldTimer - Version 3.2.70.2 Folder = C:\Documents and Settings\sf\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

494.42 Mb Total Physical Memory | 339.83 Mb Available Physical Memory | 68.73% Memory free
1.13 Gb Paging File | 0.94 Gb Available in Paging File | 83.41% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 9.23 Gb Free Space | 47.24% Space Free | Partition Type: NTFS
Drive D: | 29.29 Gb Total Space | 5.29 Gb Free Space | 18.04% Space Free | Partition Type: NTFS
Drive E: | 29.29 Gb Total Space | 2.95 Gb Free Space | 10.08% Space Free | Partition Type: NTFS
Drive F: | 33.66 Gb Total Space | 3.33 Gb Free Space | 9.90% Space Free | Partition Type: NTFS

Computer Name: SS | User Name: sf | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files\Opera\Launcher.exe (Opera Software)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = OperaStable] -- C:\Program Files\Opera\Launcher.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Unable to open value key
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Unable to open value key
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Unable to open value key
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1" (Applian Technologies Inc)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1" (Applian Technologies Inc)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"F:\Microsoft Age of Empires - Rise of Rome\AOE\Empires.exe" = F:\Microsoft Age of Empires - Rise of Rome\AOE\Empires.exe:*:Disabled:Age of Empires -- (Microsoft Corporation)
"F:\Microsoft Age of Empires - Rise of Rome\AOE\EMPIRESX.EXE" = F:\Microsoft Age of Empires - Rise of Rome\AOE\EMPIRESX.EXE:*:Disabled:Age of Empires, the Rise of Rome -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"E:\Microsoft Age of Empires - Rise of Rome\Microsoft Age of Empires - Rise of Rome\AOE\EMPIRESX.EXE" = E:\Microsoft Age of Empires - Rise of Rome\Microsoft Age of Empires - Rise of Rome\AOE\EMPIRESX.EXE:*:Enabled:Age of Empires, the Rise of Rome -- (Microsoft Corporation)
"C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe" = C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe:*:Enabled:VSDC Free Video Editor -- (Flash-Integro LLC)
"C:\Program Files\FlashIntegro\VideoEditor\Updater.exe" = C:\Program Files\FlashIntegro\VideoEditor\Updater.exe:*:Enabled:VSDC Free Video Editor Updater -- (Flash-Integro LLC)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox) -- (Mozilla Corporation)
"C:\Program Files\pandasecuritytb\dtuser.exe" = C:\Program Files\pandasecuritytb\dtuser.exe:*:Enabled:Panda Security Toolbar DTX Broker -- (Visicom Media Inc.)
"C:\Program Files\pandasecuritytb\ToolbarCleaner.exe" = C:\Program Files\pandasecuritytb\ToolbarCleaner.exe:*:Enabled:ToolbarCleaner -- (Visicom Media Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{0FD155A3-DF78-43ee-84B0-3CC86BA962F2}_is1" = Sothink Video Converter
"{10E4121C-8181-4217-8DA9-6CD38DDC34F9}_is1" = Microsoft .NET Framework 2.0 Client Profile Basic SP2 Version 1.0.1.22
"{113C4F3B-C1FB-41B1-877C-193AFE330007}" = Panda Free Antivirus
"{18D47FA1-0440-48D3-A7E0-DA09537FF471}" = Apple Mobile Device Support
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}" = iTunes
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6F30B469-5ED7-4734-8252-B9BC962A2AB3}" = PCIxx20
"{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}" = mIWCA
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{949F1EA1-D3E2-472E-BC7C-CB72374C0E55}" = Panda Devices Agent
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support
"{B0C5249A-E603-450A-B19A-D9989D24C855}}_is1" = FreeSizer v.1.0.0
"{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}" = mToolkit
"{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1" = FotoSketcher 3.10
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 15.14
"iMacsoft iPhone Photo to PC Transfer" = iMacsoft iPhone Photo to PC Transfer
"InstallShield_{6F30B469-5ED7-4734-8252-B9BC962A2AB3}" = Texas Instruments PCIxx20 drivers.
"lavfilters_is1" = LAV Filters 0.51.3
"Mozilla Firefox 45.0.1 (x86 en-US)" = Mozilla Firefox 45.0.1 (x86 en-US)
"NingPo MahJong Deluxe 1.04" = NingPo MahJong Deluxe 1.04
"Opera 34.0.2036.50" = Opera Stable 34.0.2036.50
"Panda Devices Agent" = Panda Devices Agent
"Panda Universal Agent Endpoint" = Panda Free Antivirus
"pandasecuritytb" = Panda Security Toolbar
"PhotoBulk_is1" = PhotoBulk 1.0.257
"PhotoToolkit_is1" = Photo! Editor 1.1
"ProInst" = Intel® PROSet/Wireless Software
"SpeedFan" = SpeedFan (remove only)
"VSDC Free Video Editor_is1" = VSDC Free Video Editor version 3.3.0.394
"WIC" = Windows Imaging Component
"Windows XP Service Pack" = Windows XP Service Pack 3

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"WPS Office" = WPS Office (9.1.0.4746)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3/25/2016 11:26:50 PM | Computer Name = SS | Source = MsiInstaller | ID = 10005
Description = Product: iTunes -- iTunes requires that your computer is running Windows
7 or newer.

Error - 3/25/2016 11:32:17 PM | Computer Name = SS | Source = MsiInstaller | ID = 10005
Description = Product: iTunes -- iTunes requires that your computer is running Windows
7 or newer.

Error - 3/26/2016 4:25:58 AM | Computer Name = SS | Source = MsiInstaller | ID = 10005
Description = Product: iTunes -- iTunes requires that your computer is running Windows
7 or newer.

Error - 3/28/2016 1:19:09 PM | Computer Name = SS | Source = LoadPerf | ID = 3001
Description = The performance counter name string value in the registry is incorrectly
formatted.
The bogus string is 2764, the bogus index value is the first DWORD in Data section
while the last valid index values are the second and third DWORD in Data section.

Error - 3/28/2016 1:19:09 PM | Computer Name = SS | Source = LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The Error code is the first DWORD in Data section.

Error - 3/28/2016 1:19:12 PM | Computer Name = SS | Source = LoadPerf | ID = 3001
Description = The performance counter name string value in the registry is incorrectly
formatted.
The bogus string is 2764, the bogus index value is the first DWORD in Data section
while the last valid index values are the second and third DWORD in Data section.

[ System Events ]
Error - 3/25/2016 11:44:39 AM | Computer Name = SS | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Apple Mobile Device service
to connect.

Error - 3/25/2016 11:44:39 AM | Computer Name = SS | Source = Service Control Manager | ID = 7000
Description = The Apple Mobile Device service failed to start due to the following
error: %%1053

Error - 3/26/2016 2:34:24 AM | Computer Name = SS | Source = Service Control Manager | ID = 7034
Description = The aunhelper service terminated unexpectedly. It has done this 1
time(s).

Error - 3/26/2016 3:18:29 AM | Computer Name = SS | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 3/26/2016 3:18:42 AM | Computer Name = SS | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 3/26/2016 3:18:51 AM | Computer Name = SS | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 3/26/2016 3:18:58 AM | Computer Name = SS | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

< End of report >

#33
RKinner

Posted 31 March 2016 - 11:57 AM

Malware Expert

Expert
24,625 posts

No I saw the OTL log but it was empty under

========== Custom Scans ==========

which if I remember correctly should have been where it shows the results from

/md5start
wmv8dmod.dll
msahci.sys
/md5stop

#34
evolutionpill

Posted 31 March 2016 - 07:49 PM

Member

Topic Starter
Member
127 posts

Correct I certainly did copy and paste and pressed scan not fix, could have been the system rebooting, I will do uninstall of sp3 and run otl again

#35
RKinner

Posted 31 March 2016 - 08:15 PM

Malware Expert

Expert
24,625 posts

Might be just that the files did not exist so there was nothing to report.

#36
evolutionpill

Posted 31 March 2016 - 08:50 PM

Member

Topic Starter
Member
127 posts

Hi

I have run otl as instructed.. But I see there is still no custom scan in the log..... Attached a picture.... In the instruction it said run scan (which I did ) should I have pressed fix button.

Below scan run but still no custom

OTL logfile created on: 4/1/2016 10:14:24 AM - Run 1
OTL by OldTimer - Version 3.2.70.2 Folder = C:\Documents and Settings\sf\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

494.42 Mb Total Physical Memory | 265.06 Mb Available Physical Memory | 53.61% Memory free
1.13 Gb Paging File | 0.96 Gb Available in Paging File | 85.55% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 9.23 Gb Free Space | 47.23% Space Free | Partition Type: NTFS
Drive D: | 29.29 Gb Total Space | 5.29 Gb Free Space | 18.04% Space Free | Partition Type: NTFS
Drive E: | 29.29 Gb Total Space | 2.95 Gb Free Space | 10.08% Space Free | Partition Type: NTFS
Drive F: | 33.66 Gb Total Space | 3.33 Gb Free Space | 9.90% Space Free | Partition Type: NTFS

Computer Name: SS | User Name: sf | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2016/03/31 15:52:05 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\sf\Desktop\OTL.exe
PRC - [2015/02/27 07:35:55 | 000,038,136 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe
PRC - [2015/02/27 07:04:25 | 000,142,584 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
PRC - [2008/04/14 09:55:22 | 001,134,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/09/07 16:08:02 | 000,389,120 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe

========== Modules (No Company Name) ==========

MOD - [2013/04/13 01:23:30 | 000,612,664 | ---- | M] () -- C:\Program Files\Panda Security\Panda Security Protection\sqlite3.dll

========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Wondershare\TunesGoRetro\DriverInstall.exe -- (WsDrvInst)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2015/02/27 07:35:55 | 000,038,136 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe -- (PSUAService)
SRV - [2015/02/27 07:04:25 | 000,142,584 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe -- (NanoServiceMain)
SRV - [2014/10/09 15:40:48 | 000,066,808 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe -- (PandaAgent)
SRV - [2008/02/05 13:05:14 | 000,026,488 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\spupdsvc.exe -- (spupdsvc)
SRV - [2004/09/07 16:12:32 | 000,225,353 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Unknown (0) | Unavailable | Unknown] -- -- (msahci)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2015/06/17 22:57:29 | 000,140,792 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\PSINAflt.sys -- (PSINAflt)
DRV - [2015/02/26 03:03:45 | 000,100,624 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\PSINReg.sys -- (PSINReg)
DRV - [2015/02/26 03:03:44 | 000,124,944 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\PSINProt.sys -- (PSINProt)
DRV - [2015/02/26 03:03:44 | 000,114,704 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\PSINProc.sys -- (PSINProc)
DRV - [2015/02/26 03:03:43 | 000,172,432 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\PSINKNC.sys -- (PSINKNC)
DRV - [2015/02/26 03:03:43 | 000,103,312 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\PSINFile.sys -- (PSINFile)
DRV - [2015/02/10 05:02:21 | 000,094,864 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNStlsc.sys -- (NNSTLSC)
DRV - [2015/02/10 05:02:20 | 000,239,888 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNSStrm.sys -- (NNSSTRM)
DRV - [2015/02/10 05:02:20 | 000,108,432 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNSSmtp.sys -- (NNSSMTP)
DRV - [2015/02/10 05:02:19 | 000,281,232 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNSProt.sys -- (NNSPROT)
DRV - [2015/02/10 05:02:19 | 000,205,456 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNSPrv.sys -- (NNSPRV)
DRV - [2015/02/10 05:02:18 | 000,120,592 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNSPop3.sys -- (NNSPOP3)
DRV - [2015/02/10 05:02:17 | 000,099,856 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNSpicc.sys -- (NNSPICC)
DRV - [2015/02/10 05:02:17 | 000,052,112 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNSpihs.sys -- (NNSPIHS)
DRV - [2015/02/10 05:02:16 | 000,202,128 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNSHttp.sys -- (NNSHTTP)
DRV - [2015/02/10 05:02:16 | 000,126,480 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNSIds.sys -- (NNSIDS)
DRV - [2015/02/10 05:02:16 | 000,109,584 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNSHttps.sys -- (NNSHTTPS)
DRV - [2015/02/10 05:02:15 | 000,086,800 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NNSAlpc.sys -- (NNSALPC)
DRV - [2014/10/21 20:18:36 | 000,046,480 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NNSNAHS.sys -- (NNSNAHS)
DRV - [2014/03/07 10:18:06 | 000,032,968 | R--- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)
DRV - [2013/10/28 16:04:08 | 000,046,160 | ---- | M] (Fuzhou Rockchip Electronics Co,Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rockusb.sys -- (Rockusb)
DRV - [2012/12/30 04:59:38 | 000,024,184 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2004/11/15 15:37:52 | 000,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\stac97.sys -- (STAC97)
DRV - [2004/10/21 15:56:04 | 003,210,496 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51)
DRV - [2004/08/31 08:53:04 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2004/08/12 08:44:04 | 000,234,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iwca.sys -- (IWCA)
DRV - [2004/05/21 14:18:56 | 000,067,072 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tifm.sys -- (tifm)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\omci.sys -- (OMCI)
DRV - [1996/04/04 03:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CN"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.region: "CN"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:45.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 45.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 45.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2014/10/01 21:27:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sf\Application Data\Mozilla\Extensions
[2016/03/26 16:55:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sf\Application Data\Mozilla\Firefox\Profiles\hgx4pa98.default\extensions
[2014/10/02 00:02:51 | 000,000,000 | ---D | M] ("Web Counselor") -- C:\Documents and Settings\sf\Application Data\Mozilla\Firefox\Profiles\hgx4pa98.default\extensions\{25dd52dc-89a8-469d-9e8f-8d483095d1e8}
[2016/03/26 16:55:47 | 000,000,000 | ---D | M] (Panda Security Toolbar) -- C:\Documents and Settings\sf\Application Data\Mozilla\Firefox\Profiles\hgx4pa98.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[2014/10/02 00:02:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sf\Application Data\Mozilla\Firefox\Profileshgx4pa98.default\extensions
[2014/10/02 00:02:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sf\Application Data\Mozilla\Firefox\Profileshgx4pa98.default\extensions\staged
[2015/06/16 10:49:49 | 000,033,429 | ---- | M] () (No name found) -- C:\Documents and Settings\sf\Application Data\Mozilla\Firefox\Profiles\hgx4pa98.default\extensions\{95ab36d4-fb6f-47b0-8b8d-e5f3bd547953}.xpi
[2016/03/24 22:26:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions

O1 HOSTS File: ([2004/08/04 20:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll ()
O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll ()
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Panda Security URL Filtering] C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe (Visicom Media Inc.)
O4 - HKLM..\Run: [PSUAMain] C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe (Panda Security, S.L.)
O4 - HKLM..\RunOnce: [OE_WMPDRM_Install_1] C:\WINDOWS\System32\drmstor.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPDRM_Install_2] C:\WINDOWS\System32\drmclien.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPDRM_Install_4] C:\WINDOWS\System32\drmv2clt.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPDRM_Install_5] C:\WINDOWS\System32\blackbox.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPDRM_Install_6] C:\WINDOWS\System32\msnetobj.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_10] C:\WINDOWS\System32\wmsdmoe2.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_2] C:\WINDOWS\System32\wmnetmgr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_20] C:\WINDOWS\System32\wmadmod.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_21] C:\WINDOWS\System32\mpg4dmod.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_22] C:\WINDOWS\System32\mp43dmod.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_23] C:\WINDOWS\System32\mp4sdmod.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_24] C:\WINDOWS\System32\wmsdmod.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_3] C:\WINDOWS\system32\regsvr32 /s /u "C:\WINDOWS\system32\wmv8dmod.dll" File not found
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_30] C:\WINDOWS\System32\laprxy.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_31] C:\WINDOWS\System32\logagent.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_32] C:\WINDOWS\System32\wmvcore.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_4] C:\WINDOWS\System32\wmvdmod.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_5] C:\WINDOWS\System32\wmvdmoe2.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_6] C:\WINDOWS\System32\wmadmoe.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_7] C:\WINDOWS\System32\wmspdmod.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_8] C:\WINDOWS\System32\wmspdmoe.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_9] C:\WINDOWS\System32\wmsdmoe.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMP7_Install_0] C:\WINDOWS\INF\unregmp2.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMP7_Install_20] C:\WINDOWS\INF\unregmp2.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMP7_Install_9] C:\WINDOWS\system32\wmpasf.dll (Microsoft Corporation)
O4 - HKCU..\RunOnce: [TSClientAXDisabler] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [TSClientMSIUninstaller] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: MaxGPOScriptWait = 600
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D7107B94-1DDC-4D20-A2B4-35619214B37B}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\IntelWireless: DllName - (C:\Program Files\Intel\Wireless\Bin\LgNotify.dll) - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/10/01 20:14:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/03/13 13:44:31 | 000,000,000 | R--D | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/03/13 13:44:31 | 000,000,000 | R--D | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/03/13 13:44:31 | 000,000,000 | R--D | M] - F:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2016/03/31 15:51:43 | 000,601,088 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\sf\Desktop\OTL.exe
[2016/03/29 01:10:24 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2016/03/29 01:06:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2016/03/28 12:08:19 | 002,470,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2016/03/28 12:08:19 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2016/03/28 12:08:19 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2016/03/28 12:08:17 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2016/03/28 12:08:14 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2016/03/28 12:08:13 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2016/03/28 12:08:12 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2016/03/28 12:08:08 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2016/03/28 12:07:57 | 000,104,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2016/03/28 12:07:57 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2016/03/28 12:07:57 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2016/03/28 12:07:57 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2016/03/28 12:07:54 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2016/03/28 12:07:54 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2016/03/28 12:07:53 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2016/03/28 12:07:53 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2016/03/28 12:07:53 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2016/03/28 12:07:53 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2016/03/28 12:07:53 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2016/03/28 12:07:53 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2016/03/28 12:07:53 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2016/03/28 12:07:53 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2016/03/28 12:07:53 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2016/03/28 12:07:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2016/03/28 12:07:52 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2016/03/28 12:07:52 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2016/03/28 12:07:52 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2016/03/28 12:07:52 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2016/03/28 12:07:52 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2016/03/28 12:07:52 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2016/03/28 12:07:51 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2016/03/28 12:07:51 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2016/03/28 12:07:51 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2016/03/28 12:07:51 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2016/03/28 12:07:51 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2016/03/28 12:07:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2016/03/28 12:07:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2016/03/28 12:07:49 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2016/03/28 12:07:49 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2016/03/28 12:07:49 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2016/03/28 12:07:49 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2016/03/28 12:07:49 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2016/03/28 12:07:49 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2016/03/28 12:07:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2016/03/28 12:07:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2016/03/28 12:07:48 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2016/03/28 12:07:48 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2016/03/28 12:07:48 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2016/03/28 12:07:48 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2016/03/28 12:07:48 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2016/03/28 12:07:48 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2016/03/28 12:07:47 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2016/03/28 12:07:47 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2016/03/28 12:07:47 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2016/03/28 12:07:46 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2016/03/28 12:07:46 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2016/03/28 12:07:46 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2016/03/28 12:07:46 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2016/03/28 12:07:46 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2016/03/28 12:07:46 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2016/03/28 12:07:46 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2016/03/28 12:07:46 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2016/03/28 12:07:46 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2016/03/28 12:07:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2016/03/28 12:07:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2016/03/28 12:07:45 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2016/03/28 12:07:42 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2016/03/28 12:07:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2016/03/28 12:07:39 | 000,000,000 | ---D | C] -- C:\Program Files\msn
[2016/03/28 12:07:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2016/03/28 12:07:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2016/03/28 12:07:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2016/03/28 12:05:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2016/03/28 12:04:41 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2016/03/28 12:02:27 | 000,004,255 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2016/03/28 12:02:27 | 000,003,967 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2016/03/28 12:02:27 | 000,003,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2016/03/28 12:02:27 | 000,003,711 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2016/03/28 12:02:27 | 000,003,647 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2016/03/28 12:02:27 | 000,003,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2016/03/28 12:02:27 | 000,003,135 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2016/03/28 12:02:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2016/03/28 12:02:26 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2016/03/28 12:02:26 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2016/03/28 12:02:26 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2016/03/28 12:02:26 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2016/03/28 12:02:26 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2016/03/28 12:02:25 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2016/03/28 12:02:25 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2016/03/28 12:02:25 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2016/03/28 12:02:25 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2016/03/28 12:02:25 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2016/03/28 12:02:25 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2016/03/28 12:02:25 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2016/03/28 12:02:25 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2016/03/28 12:02:25 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2016/03/28 12:02:25 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2016/03/28 12:02:25 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2016/03/28 12:02:25 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2016/03/28 12:02:25 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2016/03/28 12:02:25 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2016/03/28 12:02:25 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2016/03/28 12:02:25 | 000,021,183 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2016/03/28 12:02:25 | 000,017,279 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2016/03/28 12:02:25 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2016/03/28 12:02:25 | 000,014,143 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2016/03/28 12:02:25 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2016/03/28 12:02:25 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2016/03/28 12:02:25 | 000,011,359 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2016/03/28 12:02:24 | 000,082,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2016/03/28 12:02:24 | 000,015,423 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2016/03/28 12:02:23 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2016/03/28 12:02:23 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2016/03/28 12:02:23 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2016/03/28 12:02:23 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2016/03/28 12:02:23 | 000,040,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2016/03/28 12:02:22 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2016/03/28 12:02:22 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2016/03/28 12:02:22 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2016/03/28 12:02:22 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2016/03/28 12:02:22 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2016/03/28 12:02:22 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2016/03/28 12:02:22 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2016/03/28 12:02:22 | 000,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2016/03/28 12:02:22 | 000,003,901 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2016/03/28 12:02:21 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2016/03/28 12:02:21 | 000,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2016/03/28 12:02:21 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2016/03/28 12:02:21 | 000,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2016/03/28 12:02:21 | 000,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2016/03/28 12:02:21 | 000,011,325 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2016/03/28 12:02:21 | 000,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2016/03/28 11:57:37 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2016/03/28 10:56:38 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2016/03/28 10:56:38 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2016/03/28 10:56:38 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2016/03/28 10:56:38 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2016/03/28 10:56:31 | 000,000,000 | --SD | C] -- C:\ComboFix
[2016/03/28 10:56:26 | 000,000,000 | ---D | C] -- C:\Qoobox
[2016/03/28 10:56:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2016/03/28 10:56:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2016/03/28 10:56:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2016/03/28 10:53:30 | 005,658,151 | R--- | C] (Swearware) -- C:\Documents and Settings\sf\Desktop\ComboFix.exe
[2016/03/28 10:49:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2016/03/27 21:26:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sf\Local Settings\Application Data\Opera Software
[2016/03/27 21:26:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sf\Application Data\Opera Software
[2016/03/27 21:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2016/03/27 14:35:54 | 005,111,240 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\sf\Desktop\spsetup129.exe
[2016/03/27 14:31:19 | 002,694,816 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\sf\Desktop\procexp.exe
[2016/03/26 20:18:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2016/03/26 16:56:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sf\Local Settings\Application Data\panda
[2016/03/26 16:56:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering
[2016/03/26 16:55:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sf\Application Data\pandasecuritytb
[2016/03/26 16:55:11 | 000,000,000 | ---D | C] -- C:\Program Files\pandasecuritytb
[2016/03/26 16:54:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Panda Free Antivirus
[2016/03/26 15:46:09 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll
[2016/03/26 15:31:48 | 002,310,144 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\iglicd32.dll
[2016/03/26 15:31:47 | 000,524,288 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igldev32.dll
[2016/03/26 15:31:42 | 000,147,456 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnld.lrc
[2016/03/26 15:31:42 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrrus.lrc
[2016/03/26 15:31:42 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptg.lrc
[2016/03/26 15:31:42 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrplk.lrc
[2016/03/26 15:31:42 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrhun.lrc
[2016/03/26 15:31:42 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrsve.lrc
[2016/03/26 15:31:42 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnor.lrc
[2016/03/26 15:31:42 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfin.lrc
[2016/03/26 15:31:42 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtrk.lrc
[2016/03/26 15:31:42 | 000,118,784 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrheb.lrc
[2016/03/26 15:31:41 | 000,155,648 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrell.lrc
[2016/03/26 15:31:41 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdan.lrc
[2016/03/26 15:31:41 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcsy.lrc
[2016/03/26 15:31:41 | 000,122,880 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrara.lrc
[2016/03/26 15:31:33 | 000,077,824 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcpl.cpl
[2016/03/26 15:31:31 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuTRK.dll
[2016/03/26 15:31:29 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuTHA.dll
[2016/03/26 15:31:28 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuSVE.dll
[2016/03/26 15:31:27 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuRUS.dll
[2016/03/26 15:31:26 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuPTG.dll
[2016/03/26 15:31:25 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuPTB.dll
[2016/03/26 15:31:24 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuPLK.dll
[2016/03/26 15:31:23 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuNOR.dll
[2016/03/26 15:31:22 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuNLD.dll
[2016/03/26 15:31:21 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuKOR.dll
[2016/03/26 15:31:20 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuJPN.dll
[2016/03/26 15:31:18 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuITA.dll
[2016/03/26 15:31:17 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuHUN.dll
[2016/03/26 15:31:16 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuHEB.dll
[2016/03/26 15:31:15 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuFRC.dll
[2016/03/26 15:31:14 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuFRA.dll
[2016/03/26 15:31:13 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuFIN.dll
[2016/03/26 15:31:12 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuESP.dll
[2016/03/26 15:31:11 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuENG.dll
[2016/03/26 15:31:10 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuELL.dll
[2016/03/26 15:31:09 | 000,114,688 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmudlg.exe
[2016/03/26 15:31:07 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuDEU.dll
[2016/03/26 15:31:06 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuDAN.dll
[2016/03/26 15:31:05 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCSY.dll
[2016/03/26 15:31:04 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCHT.dll
[2016/03/26 15:31:03 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCHS.dll
[2016/03/26 15:31:02 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuARB.dll
[2016/03/26 15:31:01 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuARA.dll
[2016/03/26 15:30:53 | 000,061,440 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\iAlmCoIn_v4363.dll
[2016/03/26 11:51:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2016/03/26 11:50:46 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2016/03/26 11:50:23 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2016/03/26 11:49:39 | 006,112,864 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll
[2016/03/26 11:48:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2016/03/26 00:16:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
[2016/03/26 00:16:06 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2016/03/25 22:38:57 | 000,000,000 | ---D | C] -- C:\FRST
[2016/03/25 22:34:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sf\Application Data\FLV and Media Player
[2016/03/25 22:22:42 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2016/03/25 22:17:39 | 001,610,352 | ---- | C] (Malwarebytes) -- C:\Documents and Settings\sf\Desktop\JRT.exe
[2016/03/25 22:14:11 | 001,725,440 | ---- | C] (Farbar) -- C:\Documents and Settings\sf\Desktop\FRST.exe
[2016/03/24 22:24:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2016/03/24 21:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sf\Application Data\CrystalIdea Software
[2016/03/24 21:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sf\Start Menu\Programs\SpeedFan
[2016/03/24 21:14:27 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2016/03/24 16:37:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\sf\Start Menu\Programs\Administrative Tools
[2016/03/23 18:49:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2013/10/14 10:44:12 | 002,174,976 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Program Files\Common Files\atimpenc.dll
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2016/04/01 10:10:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2016/03/31 15:52:05 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\sf\Desktop\OTL.exe
[2016/03/31 15:43:44 | 000,005,840 | ---- | M] () -- C:\SIPOBJ.DBG
[2016/03/31 15:38:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2016/03/29 01:19:12 | 000,405,320 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2016/03/29 01:19:12 | 000,054,472 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2016/03/29 01:13:37 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2016/03/28 22:42:17 | 000,125,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2016/03/28 12:13:42 | 000,006,643 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2016/03/28 12:02:01 | 000,275,136 | RHS- | M] () -- C:\ntldr
[2016/03/28 10:54:46 | 005,658,151 | R--- | M] (Swearware) -- C:\Documents and Settings\sf\Desktop\ComboFix.exe
[2016/03/28 09:53:31 | 000,000,382 | ---- | M] () -- C:\WINDOWS\tasks\Opera scheduled Autoupdate 1459085101.job
[2016/03/27 23:09:51 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2016/03/27 21:25:32 | 000,000,675 | ---- | M] () -- C:\Documents and Settings\sf\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2016/03/27 21:25:32 | 000,000,675 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2016/03/27 14:37:34 | 005,111,240 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\sf\Desktop\spsetup129.exe
[2016/03/27 14:32:07 | 002,694,816 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\sf\Desktop\procexp.exe
[2016/03/26 20:20:58 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2016/03/26 15:31:13 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuFIN.dll
[2016/03/26 15:31:12 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuESP.dll
[2016/03/26 15:31:11 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuENG.dll
[2016/03/26 15:31:10 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuELL.dll
[2016/03/26 15:31:09 | 000,114,688 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmudlg.exe
[2016/03/26 15:31:07 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuDEU.dll
[2016/03/26 15:31:04 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCHT.dll
[2016/03/26 15:31:03 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCHS.dll
[2016/03/26 15:31:02 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuARB.dll
[2016/03/26 15:31:01 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuARA.dll
[2016/03/26 15:31:00 | 000,038,014 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\ialmrnt5.dll
[2016/03/26 15:30:59 | 000,049,152 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\ialmrem.dll
[2016/03/26 15:30:56 | 000,116,859 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\ialmdnt5.dll
[2016/03/26 15:30:54 | 000,899,706 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\ialmdd5.dll
[2016/03/26 15:30:53 | 000,061,440 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\iAlmCoIn_v4363.dll
[2016/03/26 15:30:51 | 000,073,728 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\hccutils.dll
[2016/03/26 14:58:48 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2016/03/25 23:32:09 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\sf\Desktop\VEW.exe
[2016/03/25 22:18:26 | 001,610,352 | ---- | M] (Malwarebytes) -- C:\Documents and Settings\sf\Desktop\JRT.exe
[2016/03/25 22:16:31 | 001,530,368 | ---- | M] () -- C:\Documents and Settings\sf\Desktop\adwcleaner_5.105.exe
[2016/03/25 22:14:52 | 001,725,440 | ---- | M] (Farbar) -- C:\Documents and Settings\sf\Desktop\FRST.exe
[2016/03/24 21:14:39 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\sf\Desktop\SpeedFan.lnk
[2016/03/24 21:14:26 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2016/03/24 17:07:15 | 000,105,984 | ---- | M] () -- C:\Documents and Settings\sf\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2016/03/07 10:44:42 | 000,001,473 | ---- | M] () -- C:\Documents and Settings\sf\Application Data\Microsoft\Internet Explorer\Quick Launch\WPS Writer.lnk
[2016/03/06 10:19:47 | 000,000,289 | ---- | M] () -- C:\Documents and Settings\sf\Application Data\FotoSketcher.ini
[2016/03/04 17:01:22 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\windrvrz.vxd
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2016/03/31 15:43:43 | 000,005,840 | ---- | C] () -- C:\SIPOBJ.DBG
[2016/03/28 12:13:29 | 000,006,643 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf
[2016/03/28 12:08:16 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2016/03/28 12:08:16 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2016/03/28 12:08:16 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2016/03/28 12:08:16 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2016/03/28 12:08:15 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2016/03/28 12:08:15 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2016/03/28 12:08:15 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2016/03/28 12:08:15 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2016/03/28 12:08:15 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2016/03/28 12:08:15 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2016/03/28 12:08:15 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2016/03/28 12:08:15 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2016/03/28 12:08:15 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2016/03/28 12:08:15 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2016/03/28 12:08:15 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2016/03/28 12:08:15 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2016/03/28 12:08:15 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2016/03/28 12:08:14 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2016/03/28 12:08:14 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2016/03/28 12:08:14 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2016/03/28 12:08:14 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2016/03/28 12:08:14 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2016/03/28 12:08:14 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2016/03/28 12:08:14 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2016/03/28 12:08:14 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2016/03/28 12:08:14 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2016/03/28 12:08:14 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2016/03/28 12:08:14 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2016/03/28 12:08:14 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2016/03/28 12:08:14 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2016/03/28 12:08:14 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2016/03/28 12:08:14 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2016/03/28 12:08:14 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2016/03/28 12:08:14 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2016/03/28 12:08:14 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2016/03/28 12:08:14 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2016/03/28 12:08:14 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2016/03/28 12:08:14 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2016/03/28 12:08:14 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2016/03/28 12:08:14 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2016/03/28 12:08:14 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2016/03/28 12:08:14 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2016/03/28 12:08:14 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2016/03/28 12:08:14 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2016/03/28 12:08:13 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2016/03/28 12:08:13 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2016/03/28 12:08:13 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2016/03/28 12:08:13 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2016/03/28 12:08:13 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2016/03/28 12:08:13 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2016/03/28 12:08:13 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2016/03/28 12:08:13 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2016/03/28 12:08:13 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2016/03/28 12:08:13 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2016/03/28 12:08:13 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2016/03/28 12:08:13 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2016/03/28 12:08:13 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2016/03/28 12:08:13 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2016/03/28 12:08:13 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2016/03/28 12:08:13 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2016/03/28 12:08:13 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2016/03/28 12:08:13 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2016/03/28 12:08:13 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2016/03/28 12:08:13 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2016/03/28 12:08:13 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2016/03/28 12:08:13 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2016/03/28 12:08:13 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2016/03/28 12:08:12 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2016/03/28 12:08:12 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2016/03/28 12:08:12 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2016/03/28 12:08:12 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2016/03/28 12:08:12 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2016/03/28 12:08:12 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2016/03/28 12:08:12 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2016/03/28 12:08:12 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2016/03/28 12:08:12 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2016/03/28 12:08:12 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2016/03/28 12:08:12 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2016/03/28 12:08:12 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2016/03/28 12:08:12 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2016/03/28 12:02:25 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2016/03/28 12:02:24 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2016/03/28 12:02:23 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2016/03/28 10:56:38 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2016/03/28 10:56:38 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2016/03/28 10:56:38 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2016/03/28 10:56:38 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2016/03/28 10:56:38 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2016/03/27 21:25:42 | 000,000,382 | ---- | C] () -- C:\WINDOWS\tasks\Opera scheduled Autoupdate 1459085101.job
[2016/03/27 21:25:32 | 000,000,675 | ---- | C] () -- C:\Documents and Settings\sf\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2016/03/27 21:25:32 | 000,000,675 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Opera.lnk
[2016/03/27 21:25:32 | 000,000,675 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2016/03/27 20:02:40 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2016/03/26 15:31:49 | 000,524,850 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa
[2016/03/26 15:31:49 | 000,058,675 | ---- | C] () -- C:\WINDOWS\System32\igxpxk32.vp
[2016/03/26 15:31:49 | 000,018,496 | ---- | C] () -- C:\WINDOWS\System32\igxpxs32.vp
[2016/03/26 15:31:49 | 000,000,900 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.vp
[2016/03/26 11:51:47 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2016/03/25 23:26:46 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\sf\Desktop\VEW.exe
[2016/03/25 22:15:54 | 001,530,368 | ---- | C] () -- C:\Documents and Settings\sf\Desktop\adwcleaner_5.105.exe
[2016/03/24 21:14:38 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\sf\Desktop\SpeedFan.lnk
[2016/03/24 21:14:16 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2016/03/07 10:44:42 | 000,001,473 | ---- | C] () -- C:\Documents and Settings\sf\Application Data\Microsoft\Internet Explorer\Quick Launch\WPS Writer.lnk
[2016/02/07 18:00:07 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2016/02/07 17:10:11 | 001,180,048 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2016/02/07 17:10:11 | 000,048,288 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2015/10/25 19:14:26 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\DriverCoInstaller.dll
[2015/09/19 21:53:36 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\Lagarith.dll
[2015/09/19 21:53:33 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2015/09/19 21:53:33 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2015/08/22 05:49:14 | 000,000,289 | ---- | C] () -- C:\Documents and Settings\sf\Application Data\FotoSketcher.ini
[2015/07/24 14:07:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2014/10/17 23:26:02 | 000,945,683 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1085031214-688789844-1343024091-1003-0.dat
[2014/10/17 23:25:57 | 000,113,618 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2014/10/02 03:58:55 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2014/10/02 03:56:14 | 000,125,784 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/10/01 21:27:46 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/10/01 20:46:05 | 000,105,984 | ---- | C] () -- C:\Documents and Settings\sf\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/10/01 20:18:38 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2014/10/01 20:09:48 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== ZeroAccess Check ==========

[2012/11/29 14:02:44 | 000,000,227 | ---- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 09:55:12 | 002,164,224 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2008/04/14 09:55:08 | 000,477,184 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 09:55:14 | 000,275,456 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:16EAB5F6

< End of report >

Attached Thumbnails

#37
evolutionpill

Posted 31 March 2016 - 08:52 PM

Member

Topic Starter
Member
127 posts

Just saw ur last post... Just so that we on the same page.. Please advise what my next step should be...I still hve not uninstalled sp3, should I do that, thanks for ur patience in this

#38
evolutionpill

Posted 31 March 2016 - 10:16 PM

Member

Topic Starter
Member
127 posts

Update, I uninstalled sp3 from the link provided, using method two.."Click Start, click Run, type c:\windows\$NtServicePackUninstall$\spuninst\spuninst.exe in the Open box, and then click OK."

The pc rebooted and started in normal mode and seems stable, however when I go to add remove I still see Windows Xp sp3 with option to remove.

#39
RKinner

Posted 01 April 2016 - 05:23 AM

Malware Expert

Expert
24,625 posts

If I remember correctly you can now uninstall SP3. It may just tell you that it has already been uninstalled.

Run another OTL scan (without the custom stuff) and let's see if the run once stuff is gone.

When you installed SP3 you were missing at least one file:

O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_3] C:\WINDOWS\system32\regsvr32 /s /u "C:\WINDOWS\system32\wmv8dmod.dll" File not found

That was one of the files we tried to get OTL to find that I think was added by SP3. It should have been there if you had a good download of SP3. That's why I feel you had a bad download. It happens more than you would think. It took me three tries to get a good download of Windows 7 from Microsoft's site. I would download it again and then use the Microsoft File Checksum Integrity Verifier:

https://www.microsof...s.aspx?id=11533

Combofix should have run OK on your PC. I wonder if there is a problem with the hard drive. Have we run a disk check?

1. Double-click My Computer, and then right-click the hard disk that you want to check. C:

2. Click Properties, and then click Tools.

3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,

4. Check both boxes and then click Start.

You will receive the following message:

The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?

Click Yes to schedule the disk check,

Reboot and the drive test should run and take an hour or two to complete.

#40
evolutionpill

Posted 01 April 2016 - 07:45 AM

Member

Topic Starter
Member
127 posts

HI

1. That is exactly what i thought however when i pressed remove button in add/remove, SP3 opened a screen "software removal wizard.
Should I remove anyway?

2. The pc is functioning OK, just far slower then usual, takes a good 5-9seconds to open a window and firefox is extremely slow and causes entire pc to become even more slower. I completed error check.

3. To clarify with windows sp3,Should I be downloading from the same site you gave me or directly from windows. Once I have it, do I install?, should i experience same problems should I uninstall and try another download? Im still unclear regarding Kb953356, do I have to install it again?

4. I tried combo fix, same one I downloaded, started run, asked to update, and once pressing yes, error box "error opening file for writing ... C:/32788R22fwjfw/pev.3xe

Logs:

OTL logfile created on: 4/1/2016 8:42:28 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\sf\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

494.42 Mb Total Physical Memory | 140.79 Mb Available Physical Memory | 28.48% Memory free
1.13 Gb Paging File | 0.79 Gb Available in Paging File | 70.06% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 11.57 Gb Free Space | 59.24% Space Free | Partition Type: NTFS
Drive D: | 29.29 Gb Total Space | 5.29 Gb Free Space | 18.04% Space Free | Partition Type: NTFS
Drive E: | 29.29 Gb Total Space | 2.95 Gb Free Space | 10.08% Space Free | Partition Type: NTFS
Drive F: | 33.66 Gb Total Space | 3.33 Gb Free Space | 9.90% Space Free | Partition Type: NTFS

Computer Name: SS | User Name: sf | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2016/04/01 10:35:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\sf\Desktop\OTL.exe
PRC - [2016/01/18 15:19:18 | 003,799,160 | ---- | M] (Opera Software) -- C:\Program Files\Opera\34.0.2036.50\opera_autoupdate.exe
PRC - [2016/01/18 15:19:16 | 000,696,952 | ---- | M] (Opera Software) -- C:\Program Files\Opera\launcher.exe
PRC - [2015/10/23 00:42:51 | 000,038,136 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe
PRC - [2015/10/23 00:42:40 | 000,054,520 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe
PRC - [2015/10/18 17:32:44 | 000,142,072 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
PRC - [2015/10/03 04:09:08 | 000,254,472 | ---- | M] (Visicom Media Inc.) -- C:\Program Files\Panda Security URL Filtering\Panda_URL_Filtering.exe
PRC - [2014/10/09 15:40:48 | 000,066,808 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
PRC - [2004/10/30 14:59:54 | 000,385,024 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2004/09/07 16:12:32 | 000,225,353 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2004/09/07 16:08:02 | 000,389,120 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2004/09/07 16:03:40 | 000,245,760 | ---- | M] (Intel) -- C:\Program Files\Intel\Wireless\Bin\1XConfig.exe
PRC - [2004/08/04 20:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2014/02/12 20:58:32 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/12 20:58:10 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/04/13 01:23:30 | 000,612,664 | ---- | M] () -- C:\Program Files\Panda Security\Panda Security Protection\sqlite3.dll
MOD - [2004/09/07 16:03:46 | 000,073,728 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\D8021Xps.DLL

========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Wondershare\TunesGoRetro\DriverInstall.exe -- (WsDrvInst)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2015/10/23 00:42:51 | 000,038,136 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe -- (PSUAService)
SRV - [2015/10/18 17:32:44 | 000,142,072 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe -- (NanoServiceMain)
SRV - [2014/10/09 15:40:48 | 000,066,808 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe -- (PandaAgent)
SRV - [2004/09/07 16:12:32 | 000,225,353 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Unknown (0) | Unavailable | Unknown] -- -- (msahci)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2015/07/20 00:46:09 | 000,125,176 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINProt.sys -- (PSINProt)
DRV - [2015/07/20 00:46:09 | 000,100,600 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINReg.sys -- (PSINReg)
DRV - [2015/07/20 00:46:08 | 000,172,792 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PSINKNC.sys -- (PSINKNC)
DRV - [2015/07/20 00:46:08 | 000,114,680 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINProc.sys -- (PSINProc)
DRV - [2015/07/20 00:46:07 | 000,140,792 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINAflt.sys -- (PSINAflt)
DRV - [2015/07/20 00:46:07 | 000,103,288 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINFile.sys -- (PSINFile)
DRV - [2015/07/09 23:37:25 | 000,240,376 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NNSStrm.sys -- (NNSSTRM)
DRV - [2015/07/09 23:37:25 | 000,094,968 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NNStlsc.sys -- (NNSTLSC)
DRV - [2015/07/09 23:37:24 | 000,209,016 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NNSPrv.sys -- (NNSPRV)
DRV - [2015/07/09 23:37:24 | 000,108,408 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NNSSmtp.sys -- (NNSSMTP)
DRV - [2015/07/09 23:37:23 | 000,281,720 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NNSProt.sys -- (NNSPROT)
DRV - [2015/07/09 23:37:23 | 000,120,568 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NNSPop3.sys -- (NNSPOP3)
DRV - [2015/07/09 23:37:22 | 000,102,264 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NNSpicc.sys -- (NNSPICC)
DRV - [2015/07/09 23:37:22 | 000,052,088 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NNSpihs.sys -- (NNSPIHS)
DRV - [2015/07/09 23:37:21 | 000,121,720 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NNSIds.sys -- (NNSIDS)
DRV - [2015/07/09 23:37:21 | 000,109,688 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NNSHttps.sys -- (NNSHTTPS)
DRV - [2015/07/09 23:37:20 | 000,202,104 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NNSHttp.sys -- (NNSHTTP)
DRV - [2015/07/09 23:37:19 | 000,087,032 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NNSAlpc.sys -- (NNSALPC)
DRV - [2015/05/22 16:45:58 | 000,050,832 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\PSKMAD.sys -- (PSKMAD)
DRV - [2015/05/20 18:18:14 | 000,055,216 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NNSNAHS.sys -- (NNSNAHS)
DRV - [2014/03/07 10:18:06 | 000,032,968 | R--- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)
DRV - [2013/10/28 16:04:08 | 000,046,160 | ---- | M] (Fuzhou Rockchip Electronics Co,Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rockusb.sys -- (Rockusb)
DRV - [2012/12/30 04:59:38 | 000,024,184 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2004/11/15 15:37:52 | 000,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97.sys -- (STAC97)
DRV - [2004/10/21 15:56:04 | 003,210,496 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51)
DRV - [2004/08/31 08:53:04 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2004/08/12 08:44:04 | 000,234,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iwca.sys -- (IWCA)
DRV - [2004/05/21 14:18:56 | 000,067,072 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm.sys -- (tifm)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (OMCI)
DRV - [1996/04/04 03:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CN"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.region: "CN"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:45.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 45.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 45.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2014/10/01 21:27:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sf\Application Data\Mozilla\Extensions
[2016/04/01 20:10:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sf\Application Data\Mozilla\Firefox\Profiles\hgx4pa98.default\extensions
[2014/10/02 00:02:51 | 000,000,000 | ---D | M] ("Web Counselor") -- C:\Documents and Settings\sf\Application Data\Mozilla\Firefox\Profiles\hgx4pa98.default\extensions\{25dd52dc-89a8-469d-9e8f-8d483095d1e8}
[2014/10/02 00:02:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sf\Application Data\Mozilla\Firefox\Profileshgx4pa98.default\extensions
[2014/10/02 00:02:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sf\Application Data\Mozilla\Firefox\Profileshgx4pa98.default\extensions\staged
[2015/06/16 10:49:49 | 000,033,429 | ---- | M] () (No name found) -- C:\Documents and Settings\sf\Application Data\Mozilla\Firefox\Profiles\hgx4pa98.default\extensions\{95ab36d4-fb6f-47b0-8b8d-e5f3bd547953}.xpi
[2015/09/30 21:35:42 | 000,807,071 | ---- | M] () (No name found) -- C:\Documents and Settings\sf\Application Data\Mozilla\Firefox\Profiles\hgx4pa98.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}.xpi
[2016/03/24 22:26:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions

O1 HOSTS File: ([2004/08/04 20:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll ()
O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll ()
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Panda Security URL Filtering] C:\Program Files\Panda Security URL Filtering\Panda_URL_Filtering.exe (Visicom Media Inc.)
O4 - HKLM..\Run: [PSUAMain] C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe (Panda Security, S.L.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: MaxGPOScriptWait = 600
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D7107B94-1DDC-4D20-A2B4-35619214B37B}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - File not found
O20 - Winlogon\Notify\IntelWireless: DllName - (C:\Program Files\Intel\Wireless\Bin\LgNotify.dll) - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/10/01 20:14:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/03/13 13:44:31 | 000,000,000 | R--D | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/03/13 13:44:31 | 000,000,000 | R--D | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/03/13 13:44:31 | 000,000,000 | R--D | M] - F:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2016/04/01 20:33:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Panda Free Antivirus
[2016/04/01 20:10:58 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security URL Filtering
[2016/04/01 20:10:27 | 000,000,000 | ---D | C] -- C:\Program Files\pandasecuritytb
[2016/04/01 19:54:12 | 000,050,832 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\PSKMAD.sys
[2016/04/01 12:03:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2016/03/31 15:51:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\sf\Desktop\OTL.exe
[2016/03/29 01:10:24 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2016/03/29 01:06:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2016/03/28 12:08:17 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2016/03/28 12:08:08 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2016/03/28 12:07:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2016/03/28 12:07:39 | 000,000,000 | ---D | C] -- C:\Program Files\msn
[2016/03/28 12:07:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2016/03/28 12:07:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2016/03/28 12:07:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2016/03/28 12:05:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2016/03/28 12:02:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2016/03/28 11:58:56 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb040c.dll
[2016/03/28 11:58:56 | 000,562,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0411.dll
[2016/03/28 11:58:56 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra040c.dll
[2016/03/28 11:58:56 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0413.dll
[2016/03/28 11:58:56 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra040e.dll
[2016/03/28 11:58:56 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0411.dll
[2016/03/28 11:58:56 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0404.dll
[2016/03/28 11:58:55 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2016/03/28 11:58:55 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb040e.dll
[2016/03/28 11:58:55 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0413.dll
[2016/03/28 11:58:55 | 000,759,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0415.dll
[2016/03/28 11:58:55 | 000,742,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0406.dll
[2016/03/28 11:58:55 | 000,724,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb041d.dll
[2016/03/28 11:58:55 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0404.dll
[2016/03/28 11:58:55 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb040c.dll
[2016/03/28 11:58:55 | 000,401,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0413.dll
[2016/03/28 11:58:55 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0411.dll
[2016/03/28 11:58:55 | 000,212,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0404.dll
[2016/03/28 11:58:55 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0408.dll
[2016/03/28 11:58:55 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0415.dll
[2016/03/28 11:58:55 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0406.dll
[2016/03/28 11:58:55 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0426.dll
[2016/03/28 11:58:55 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra041f.dll
[2016/03/28 11:58:55 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra041d.dll
[2016/03/28 11:58:55 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2016/03/28 11:58:54 | 002,869,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0401.dll
[2016/03/28 11:58:54 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0408.dll
[2016/03/28 11:58:54 | 000,773,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0c0a.dll
[2016/03/28 11:58:54 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0410.dll
[2016/03/28 11:58:54 | 000,736,768 | ---- | C] (Корпорация Майкрософт) -- C:\WINDOWS\System32\dllcache\sprb0419.dll
[2016/03/28 11:58:54 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb040b.dll
[2016/03/28 11:58:54 | 000,724,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb041f.dll
[2016/03/28 11:58:54 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0804.dll
[2016/03/28 11:58:54 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0c0a.dll
[2016/03/28 11:58:54 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb040e.dll
[2016/03/28 11:58:54 | 000,427,008 | ---- | C] (Корпорация Майкрософт) -- C:\WINDOWS\System32\dllcache\obrb0419.dll
[2016/03/28 11:58:54 | 000,419,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0408.dll
[2016/03/28 11:58:54 | 000,418,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0406.dll
[2016/03/28 11:58:54 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0415.dll
[2016/03/28 11:58:54 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb041f.dll
[2016/03/28 11:58:54 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb041d.dll
[2016/03/28 11:58:54 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0804.dll
[2016/03/28 11:58:54 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0c0a.dll
[2016/03/28 11:58:54 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0410.dll
[2016/03/28 11:58:54 | 000,192,512 | ---- | C] (Корпорация Майкрософт) -- C:\WINDOWS\System32\dllcache\spra0419.dll
[2016/03/28 11:58:54 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra041a.dll
[2016/03/28 11:58:54 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0401.dll
[2016/03/28 11:58:54 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra040b.dll
[2016/03/28 11:58:54 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0412.dll
[2016/03/28 11:58:54 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0804.dll
[2016/03/28 11:58:54 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spiisupd.exe
[2016/03/28 11:58:54 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2016/03/28 11:58:53 | 002,842,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb040d.dll
[2016/03/28 11:58:53 | 000,788,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0407.dll
[2016/03/28 11:58:53 | 000,734,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0405.dll
[2016/03/28 11:58:53 | 000,716,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0414.dll
[2016/03/28 11:58:53 | 000,543,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0412.dll
[2016/03/28 11:58:53 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0405.dll
[2016/03/28 11:58:53 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0410.dll
[2016/03/28 11:58:53 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb040b.dll
[2016/03/28 11:58:53 | 000,393,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0401.dll
[2016/03/28 11:58:53 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb040d.dll
[2016/03/28 11:58:53 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0412.dll
[2016/03/28 11:58:53 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2016/03/28 11:58:53 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0407.dll
[2016/03/28 11:58:53 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0416.dll
[2016/03/28 11:58:53 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0414.dll
[2016/03/28 11:58:53 | 000,188,928 | ---- | C] (Společnost Microsoft) -- C:\WINDOWS\System32\dllcache\spra0405.dll
[2016/03/28 11:58:53 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra041e.dll
[2016/03/28 11:58:53 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0425.dll
[2016/03/28 11:58:53 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra040d.dll
[2016/03/28 11:58:53 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tabletoc.dll
[2016/03/28 11:58:53 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asr_pfu.exe
[2016/03/28 11:58:53 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\medctroc.dll
[2016/03/28 11:58:52 | 002,113,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiagn.dll
[2016/03/28 11:58:52 | 000,752,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0416.dll
[2016/03/28 11:58:52 | 000,751,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0816.dll
[2016/03/28 11:58:52 | 000,435,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0816.dll
[2016/03/28 11:58:52 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0416.dll
[2016/03/28 11:58:52 | 000,403,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0407.dll
[2016/03/28 11:58:52 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0414.dll
[2016/03/28 11:58:52 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0816.dll
[2016/03/28 11:58:52 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0418.dll
[2016/03/28 11:58:52 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0427.dll
[2016/03/28 11:58:52 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0402.dll
[2016/03/28 11:58:52 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2016/03/28 11:58:52 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\secedit.exe
[2016/03/28 11:58:51 | 002,897,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsp2res.dll
[2016/03/28 11:58:51 | 000,537,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msftedit.dll
[2016/03/28 11:58:51 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\p2psvc.dll
[2016/03/28 11:58:51 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2016/03/28 11:58:51 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\p2pgraph.dll
[2016/03/28 11:58:51 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2016/03/28 11:58:51 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscui.cpl
[2016/03/28 11:58:51 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\p2pgasvc.dll
[2016/03/28 11:58:51 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\firewall.cpl
[2016/03/28 11:58:51 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extmgr.dll
[2016/03/28 11:58:51 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrpnsp.dll
[2016/03/28 11:58:51 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2016/03/28 11:58:51 | 000,029,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ip6fw.sys
[2016/03/28 11:58:51 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2016/03/28 11:58:51 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2016/03/28 11:58:51 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ssl.dll
[2016/03/28 11:58:51 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscntfy.exe
[2016/03/28 11:58:51 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2016/03/28 11:58:51 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsmsno.dll
[2016/03/28 11:58:51 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdukx.dll
[2016/03/28 11:58:51 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfi1.dll
[2016/03/28 11:58:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll
[2016/03/28 11:58:51 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprpres.dll
[2016/03/28 11:58:50 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbeio.dll
[2016/03/28 11:58:50 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadiag.dll
[2016/03/28 11:58:50 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2016/03/28 11:58:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netsetup.cpl
[2016/03/28 11:58:50 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpapi.dll
[2016/03/28 11:58:50 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2016/03/28 11:58:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmlt47.dll
[2016/03/28 11:58:49 | 004,256,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll
[2016/03/28 11:58:49 | 001,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d9.dll
[2016/03/28 11:58:49 | 000,937,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winbrand.dll
[2016/03/28 11:58:49 | 000,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2016/03/28 11:58:49 | 000,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2016/03/28 11:58:49 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iuengine.dll
[2016/03/28 11:58:49 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll
[2016/03/28 11:58:49 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2016/03/28 11:58:49 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssap.dll
[2016/03/28 11:58:49 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xmlprov.dll
[2016/03/28 11:58:49 | 000,124,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2016/03/28 11:58:49 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\p2pnetsh.dll
[2016/03/28 11:58:49 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2016/03/28 11:58:49 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwcfg.dll
[2016/03/28 11:58:49 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xmlprovi.dll
[2016/03/28 11:58:49 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\twext.dll
[2016/03/28 11:58:49 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmsetacl.dll
[2016/03/28 11:58:49 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spnpinst.exe
[2016/03/28 11:58:49 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbinst.exe
[2016/03/28 11:58:49 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmal.dll
[2016/03/28 11:58:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinbe1.dll
[2016/03/28 11:58:49 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll
[2016/03/28 11:58:48 | 001,134,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2016/03/28 11:58:48 | 000,430,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2016/03/28 11:58:48 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll
[2016/03/28 11:58:48 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra041b.dll
[2016/03/28 11:58:48 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsp1res.dll
[2016/03/28 11:58:48 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2016/03/28 11:58:48 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqldb20.dll
[2016/03/28 11:58:48 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2016/03/28 11:58:48 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlse20.dll
[2016/03/28 11:58:48 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\btpanui.dll
[2016/03/28 11:58:48 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powercfg.exe
[2016/03/28 11:58:48 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2016/03/28 11:58:48 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsmsfi.dll
[2016/03/28 11:58:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2016/03/28 11:58:47 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb041b.dll
[2016/03/28 11:58:47 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0424.dll
[2016/03/28 11:58:47 | 000,462,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlqp20.dll
[2016/03/28 11:58:47 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2016/03/28 11:58:47 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpob2res.dll
[2016/03/28 11:58:47 | 000,408,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0424.dll
[2016/03/28 11:58:47 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb041b.dll
[2016/03/28 11:58:47 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll
[2016/03/28 11:58:47 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0424.dll
[2016/03/28 11:58:47 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msctfime.ime
[2016/03/28 11:58:47 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\p2p.dll
[2016/03/28 11:58:47 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2016/03/28 11:58:47 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscsvc.dll
[2016/03/28 11:58:47 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmfilt.dll
[2016/03/28 11:58:47 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blastcln.exe
[2016/03/28 11:58:47 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdm.dll
[2016/03/28 11:58:47 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spgrmr.dll
[2016/03/28 11:58:47 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\encapi.dll
[2016/03/28 11:58:47 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winshfhc.dll
[2016/03/28 11:58:47 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\auditusr.exe
[2016/03/28 11:58:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll
[2016/03/28 11:58:47 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdno1.dll
[2016/03/28 11:58:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2016/03/28 11:58:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmlt48.dll
[2016/03/28 11:58:46 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2016/03/28 11:58:46 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2016/03/28 11:58:46 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appmgr.dll
[2016/03/28 11:58:46 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2016/03/28 11:58:46 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2016/03/28 11:58:46 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appmgmts.dll
[2016/03/28 11:58:46 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bootcfg.exe
[2016/03/28 11:58:46 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsnw.dll
[2016/03/28 11:58:46 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2016/03/28 11:58:46 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2016/03/28 11:58:46 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cipher.exe
[2016/03/28 11:58:46 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2016/03/28 11:58:46 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2016/03/28 11:58:46 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asr_fmt.exe
[2016/03/28 11:58:46 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2016/03/28 11:58:46 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2016/03/28 11:58:46 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2016/03/28 11:58:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinben.dll
[2016/03/28 11:58:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmaori.dll
[2016/03/28 11:58:45 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gpedit.dll
[2016/03/28 11:58:45 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2016/03/28 11:58:45 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gptext.dll
[2016/03/28 11:58:45 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2016/03/28 11:58:45 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2016/03/28 11:58:45 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gprslt.exe
[2016/03/28 11:58:45 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fde.dll
[2016/03/28 11:58:45 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2016/03/28 11:58:45 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evtrig.exe
[2016/03/28 11:58:45 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fdeploy.dll
[2016/03/28 11:58:45 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2016/03/28 11:58:45 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2016/03/28 11:58:45 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drvqry.exe
[2016/03/28 11:58:45 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getmac.exe
[2016/03/28 11:58:45 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evcreate.exe
[2016/03/28 11:58:45 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evtgprov.dll
[2016/03/28 11:58:45 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2016/03/28 11:58:45 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2016/03/28 11:58:45 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\efsadu.dll
[2016/03/28 11:58:45 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2016/03/28 11:58:45 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2016/03/28 11:58:45 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2016/03/28 11:58:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2016/03/28 11:58:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2016/03/28 11:58:44 | 001,200,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntbackup.exe
[2016/03/28 11:58:44 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2016/03/28 11:58:44 | 000,660,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqqm.dll
[2016/03/28 11:58:44 | 000,517,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqsnap.dll
[2016/03/28 11:58:44 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqutil.dll
[2016/03/28 11:58:44 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2016/03/28 11:58:44 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqoa.dll
[2016/03/28 11:58:44 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqtrig.dll
[2016/03/28 11:58:44 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqrt.dll
[2016/03/28 11:58:44 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmqocm.dll
[2016/03/28 11:58:44 | 000,163,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwrdr.sys
[2016/03/28 11:58:44 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqad.dll
[2016/03/28 11:58:44 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2016/03/28 11:58:44 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqrtdep.dll
[2016/03/28 11:58:44 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sctasks.exe
[2016/03/28 11:58:44 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqtgsvc.exe
[2016/03/28 11:58:44 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsnotify.exe
[2016/03/28 11:58:44 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqsec.dll
[2016/03/28 11:58:44 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2016/03/28 11:58:44 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqlogmgr.dll
[2016/03/28 11:58:44 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2016/03/28 11:58:44 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2016/03/28 11:58:44 | 000,072,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqac.sys
[2016/03/28 11:58:44 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2016/03/28 11:58:44 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\opnfiles.exe
[2016/03/28 11:58:44 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2016/03/28 11:58:44 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwwks.dll
[2016/03/28 11:58:44 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logman.exe
[2016/03/28 11:58:44 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwapi32.dll
[2016/03/28 11:58:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqupgrd.dll
[2016/03/28 11:58:44 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqdscli.dll
[2016/03/28 11:58:44 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2016/03/28 11:58:44 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2016/03/28 11:58:44 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2016/03/28 11:58:44 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2016/03/28 11:58:44 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqbkup.exe
[2016/03/28 11:58:44 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqise.dll
[2016/03/28 11:58:44 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2016/03/28 11:58:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2016/03/28 11:58:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2016/03/28 11:58:44 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\proxycfg.exe
[2016/03/28 11:58:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2016/03/28 11:58:44 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqsvc.exe
[2016/03/28 11:58:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2016/03/28 11:58:43 | 000,596,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wsecedit.dll
[2016/03/28 11:58:43 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2016/03/28 11:58:43 | 000,358,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2016/03/28 11:58:43 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tracerpt.exe
[2016/03/28 11:58:43 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2016/03/28 11:58:43 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntsess.exe
[2016/03/28 11:58:43 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2016/03/28 11:58:43 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntsvr.exe
[2016/03/28 11:58:43 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tasklist.exe
[2016/03/28 11:58:43 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskkill.exe
[2016/03/28 11:58:43 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysinfo.exe
[2016/03/28 11:58:43 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntadmn.exe
[2016/03/28 11:58:43 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2016/03/28 11:58:43 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2016/03/28 11:58:43 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2016/03/28 11:58:43 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2016/03/28 11:58:43 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2016/03/28 11:58:43 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2016/03/28 11:58:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntsvrp.dll
[2016/03/28 11:58:40 | 001,852,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acgenral.dll
[2016/03/28 11:58:40 | 001,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2016/03/28 11:58:40 | 000,450,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2016/03/28 11:58:40 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2016/03/28 11:58:40 | 000,256,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentsvr.exe
[2016/03/28 11:58:40 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acspecfc.dll
[2016/03/28 11:58:40 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentctl.dll
[2016/03/28 11:58:40 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2016/03/28 11:58:40 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2016/03/28 11:58:40 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclua.dll
[2016/03/28 11:58:40 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acxtrnal.dll
[2016/03/28 11:58:40 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentdpv.dll
[2016/03/28 11:58:40 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentmpx.dll
[2016/03/28 11:58:40 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2016/03/28 11:58:40 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentsr.dll
[2016/03/28 11:58:40 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentdp2.dll
[2016/03/28 11:58:40 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agtintl.dll
[2016/03/28 11:58:40 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentpsh.dll
[2016/03/28 11:58:40 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentanm.dll
[2016/03/28 11:58:40 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2016/03/28 11:58:40 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040c.dll
[2016/03/28 11:58:40 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0407.dll
[2016/03/28 11:58:40 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0816.dll
[2016/03/28 11:58:40 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0413.dll
[2016/03/28 11:58:40 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0410.dll
[2016/03/28 11:58:40 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2016/03/28 11:58:40 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2016/03/28 11:58:40 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0c0a.dll
[2016/03/28 11:58:40 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0416.dll
[2016/03/28 11:58:40 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2016/03/28 11:58:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2016/03/28 11:58:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2016/03/28 11:58:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041d.dll
[2016/03/28 11:58:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2016/03/28 11:58:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2016/03/28 11:58:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0414.dll
[2016/03/28 11:58:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2016/03/28 11:58:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2016/03/28 11:58:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2016/03/28 11:58:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040b.dll
[2016/03/28 11:58:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0409.dll
[2016/03/28 11:58:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0406.dll
[2016/03/28 11:58:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2016/03/28 11:58:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2016/03/28 11:58:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2016/03/28 11:58:40 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agtctl15.tlb
[2016/03/28 11:58:40 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2016/03/28 11:58:40 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2016/03/28 11:58:40 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2016/03/28 11:58:40 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2016/03/28 11:58:39 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2016/03/28 11:58:39 | 000,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2016/03/28 11:58:39 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2016/03/28 11:58:39 | 000,561,179 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2016/03/28 11:58:39 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2016/03/28 11:58:39 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2016/03/28 11:58:39 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2016/03/28 11:58:39 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2016/03/28 11:58:39 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2016/03/28 11:58:39 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2016/03/28 11:58:39 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2016/03/28 11:58:39 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2016/03/28 11:58:39 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2016/03/28 11:58:39 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2016/03/28 11:58:39 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2016/03/28 11:58:39 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2016/03/28 11:58:39 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2016/03/28 11:58:39 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2016/03/28 11:58:39 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2016/03/28 11:58:39 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2016/03/28 11:58:39 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2016/03/28 11:58:39 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2016/03/28 11:58:39 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2016/03/28 11:58:39 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2016/03/28 11:58:39 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2016/03/28 11:58:39 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2016/03/28 11:58:39 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2016/03/28 11:58:39 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2016/03/28 11:58:39 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2016/03/28 11:58:39 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2016/03/28 11:58:39 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2016/03/28 11:58:39 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2016/03/28 11:58:39 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2016/03/28 11:58:39 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2016/03/28 11:58:39 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2016/03/28 11:58:38 | 000,768,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2016/03/28 11:58:38 | 000,743,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2016/03/28 11:58:38 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2016/03/28 11:58:38 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2016/03/28 11:58:38 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2016/03/28 11:58:38 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2016/03/28 11:58:38 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2016/03/28 11:58:38 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2016/03/28 11:58:38 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2016/03/28 11:58:38 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2016/03/28 11:58:38 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2016/03/28 11:58:38 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2016/03/28 11:58:38 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2016/03/28 11:58:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2016/03/28 11:58:37 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2016/03/28 11:58:37 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2016/03/28 11:58:37 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2016/03/28 11:58:37 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2016/03/28 11:58:37 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2016/03/28 11:58:37 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2016/03/28 11:58:37 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2016/03/28 11:58:37 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2016/03/28 11:58:36 | 004,190,352 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\dllcache\luna.mst
[2016/03/28 11:58:36 | 003,555,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2016/03/28 11:58:36 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2016/03/28 11:58:36 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2016/03/28 11:58:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2016/03/28 11:58:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2016/03/28 11:58:36 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2016/03/28 11:58:36 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2016/03/28 11:58:36 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2016/03/28 11:58:36 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2016/03/28 11:58:36 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2016/03/28 11:58:36 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2016/03/28 11:58:36 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2016/03/28 11:58:36 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2016/03/28 11:58:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2016/03/28 11:58:36 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2016/03/28 11:58:35 | 003,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2016/03/28 11:58:35 | 002,479,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2016/03/28 11:58:35 | 000,358,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjetol1.dll
[2016/03/28 11:58:35 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2016/03/28 11:58:35 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2016/03/28 11:58:35 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscandui.dll
[2016/03/28 11:58:35 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2016/03/28 11:58:35 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2016/03/28 11:58:35 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2016/03/28 11:58:35 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2016/03/28 11:58:35 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\muisetup.exe
[2016/03/28 11:58:35 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2016/03/28 11:58:35 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisnpp.dll
[2016/03/28 11:58:35 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2016/03/28 11:58:35 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2016/03/28 11:58:35 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2016/03/28 11:58:35 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mslwvtts.dll
[2016/03/28 11:58:34 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2016/03/28 11:58:34 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2016/03/28 11:58:34 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2016/03/28 11:58:34 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2016/03/28 11:58:34 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2016/03/28 11:58:34 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2016/03/28 11:58:34 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2016/03/28 11:58:34 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2016/03/28 11:58:34 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2016/03/28 11:58:34 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2016/03/28 11:58:34 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2016/03/28 11:58:34 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2016/03/28 11:58:34 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2016/03/28 11:58:34 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2016/03/28 11:58:34 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2016/03/28 11:58:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nppagent.exe
[2016/03/28 11:58:33 | 000,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2016/03/28 11:58:33 | 000,725,566 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2016/03/28 11:58:33 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2016/03/28 11:58:33 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tourstrt.exe
[2016/03/28 11:58:33 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2016/03/28 11:58:33 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sptip.dll
[2016/03/28 11:58:33 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2016/03/28 11:58:33 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2016/03/28 11:58:33 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2016/03/28 11:58:33 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkbd.dll
[2016/03/28 11:58:33 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2016/03/28 11:58:33 | 000,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2016/03/28 11:58:33 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2016/03/28 11:58:33 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2016/03/28 11:58:33 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2016/03/28 11:58:33 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2016/03/28 11:58:33 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2016/03/28 11:58:33 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2016/03/28 11:58:33 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2016/03/28 11:58:33 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2016/03/28 11:58:33 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2016/03/28 11:58:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2016/03/28 11:58:32 | 001,352,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2016/03/28 11:58:32 | 000,848,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2016/03/28 11:58:32 | 000,504,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2016/03/28 11:58:32 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2016/03/28 11:58:32 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2016/03/28 11:58:32 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2016/03/28 11:58:32 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2016/03/28 11:58:32 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2016/03/28 11:58:32 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2016/03/28 11:58:32 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2016/03/28 11:58:31 | 000,530,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2016/03/28 11:58:31 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2016/03/28 11:58:31 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2016/03/28 11:58:31 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2016/03/28 11:58:31 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2016/03/28 11:58:31 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2016/03/28 11:58:31 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2016/03/28 11:58:31 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2016/03/28 11:58:31 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2016/03/28 11:58:31 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2016/03/28 11:58:31 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2016/03/28 11:58:31 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2016/03/28 11:58:31 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2016/03/28 11:58:31 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2016/03/28 11:58:31 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2016/03/28 11:58:31 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2016/03/28 11:58:31 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2016/03/28 11:58:31 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2016/03/28 11:58:31 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2016/03/28 11:58:31 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2016/03/28 11:58:31 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2016/03/28 11:58:31 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemperf.dll
[2016/03/28 11:58:31 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2016/03/28 11:58:31 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2016/03/28 11:58:31 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntrprv.dll
[2016/03/28 11:58:31 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2016/03/28 11:58:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2016/03/28 11:58:31 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2016/03/28 11:58:30 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iis.dll
[2016/03/28 11:58:30 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2016/03/28 11:58:30 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsetup.dll
[2016/03/28 11:58:30 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2016/03/28 11:58:30 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2016/03/28 11:58:30 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2016/03/28 11:58:30 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2016/03/28 11:58:30 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2016/03/28 11:58:30 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2016/03/28 11:58:30 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsocm.dll
[2016/03/28 11:58:30 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2016/03/28 11:58:30 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsoc.dll
[2016/03/28 11:58:30 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imsinsnt.dll
[2016/03/28 11:58:30 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setupqry.dll
[2016/03/28 11:58:30 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2016/03/28 11:58:30 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2016/03/28 11:58:30 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcstp.dll
[2016/03/28 11:58:30 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2016/03/28 11:58:30 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netoc.dll
[2016/03/28 11:58:30 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2016/03/28 11:58:30 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoc.dll
[2016/03/28 11:58:30 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2016/03/28 11:58:30 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2016/03/28 11:58:30 | 000,032,828 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp40ext.dll
[2016/03/28 11:58:30 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2016/03/28 11:58:30 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2016/03/28 11:58:30 | 000,017,408 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\ocmsn.dll
[2016/03/28 11:58:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2016/03/28 11:58:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2016/03/28 11:58:30 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ocgen.dll
[2016/03/28 11:58:30 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgrocm.dll
[2016/03/28 11:58:30 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2016/03/28 11:58:30 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2016/03/28 11:58:30 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2016/03/28 11:58:30 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2016/03/28 11:58:30 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2016/03/28 11:58:29 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2016/03/28 11:58:29 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2016/03/28 11:58:29 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2016/03/28 11:58:27 | 001,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\explorer.exe
[2016/03/28 11:58:27 | 000,561,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2016/03/28 11:58:27 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhlp32.exe
[2016/03/28 11:58:27 | 000,240,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migwiz.exe
[2016/03/28 11:58:27 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\script.dll
[2016/03/28 11:58:27 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migism.dll
[2016/03/28 11:58:27 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regedit.exe
[2016/03/28 11:58:27 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\guitrn.dll
[2016/03/28 11:58:27 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2016/03/28 11:58:27 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migload.exe
[2016/03/28 11:58:27 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2016/03/28 11:58:27 | 000,050,688 | ---- | C] (Twain Working Group) -- C:\WINDOWS\System32\dllcache\twain_32.dll
[2016/03/28 11:58:27 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2016/03/28 11:58:27 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2016/03/28 11:58:27 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\log.dll
[2016/03/28 11:58:27 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2016/03/28 11:58:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2016/03/28 11:58:27 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hh.exe
[2016/03/28 11:58:26 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appwiz.cpl
[2016/03/28 11:58:26 | 000,285,696 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2016/03/28 11:58:26 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsnt.dll
[2016/03/28 11:58:26 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\activeds.dll
[2016/03/28 11:58:26 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2016/03/28 11:58:26 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsldp.dll
[2016/03/28 11:58:26 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysmod.dll
[2016/03/28 11:58:26 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsldpc.dll
[2016/03/28 11:58:26 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apphelp.dll
[2016/03/28 11:58:26 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asctrls.ocx
[2016/03/28 11:58:26 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclui.dll
[2016/03/28 11:58:26 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\actxprxy.dll
[2016/03/28 11:58:26 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\6to4svc.dll
[2016/03/28 11:58:26 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advpack.dll
[2016/03/28 11:58:26 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ahui.exe
[2016/03/28 11:58:26 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2016/03/28 11:58:26 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsmsext.dll
[2016/03/28 11:58:26 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asycfilt.dll
[2016/03/28 11:58:26 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admparse.dll
[2016/03/28 11:58:26 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atl.dll
[2016/03/28 11:58:26 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\alg.exe
[2016/03/28 11:58:26 | 000,030,208 | ---- | C] (Adobe Systems) -- C:\WINDOWS\System32\dllcache\atmlib.dll
[2016/03/28 11:58:26 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\at.exe
[2016/03/28 11:58:26 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\alrsvc.dll
[2016/03/28 11:58:26 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\attrib.exe
[2016/03/28 11:58:26 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atmadm.exe
[2016/03/28 11:58:26 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\actmovie.exe
[2016/03/28 11:58:25 | 002,067,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdosys.dll
[2016/03/28 11:58:25 | 001,016,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browseui.dll
[2016/03/28 11:58:25 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2016/03/28 11:58:25 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\autofmt.exe
[2016/03/28 11:58:25 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2016/03/28 11:58:25 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2016/03/28 11:58:25 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdfview.dll
[2016/03/28 11:58:25 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\capesnpn.dll
[2016/03/28 11:58:25 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2016/03/28 11:58:25 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifil32.dll
[2016/03/28 11:58:25 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabview.dll
[2016/03/28 11:58:25 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browsewm.dll
[2016/03/28 11:58:25 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browser.dll
[2016/03/28 11:58:25 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browselc.dll
[2016/03/28 11:58:25 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabinet.dll
[2016/03/28 11:58:25 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authz.dll
[2016/03/28 11:58:25 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\basesrv.dll
[2016/03/28 11:58:25 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camocx.dll
[2016/03/28 11:58:25 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\audiosrv.dll
[2016/03/28 11:58:25 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batmeter.dll
[2016/03/28 11:58:25 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bidispl.dll
[2016/03/28 11:58:25 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\autolfn.exe
[2016/03/28 11:58:25 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2016/03/28 11:58:24 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2016/03/28 11:58:24 | 000,457,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmgr.dll
[2016/03/28 11:58:24 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certcli.dll
[2016/03/28 11:58:24 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2016/03/28 11:58:24 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cic.dll
[2016/03/28 11:58:24 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2016/03/28 11:58:24 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ciodm.dll
[2016/03/28 11:58:24 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cleanmgr.exe
[2016/03/28 11:58:24 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2016/03/28 11:58:24 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipsrv.exe
[2016/03/28 11:58:24 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgmgr32.dll
[2016/03/28 11:58:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cisvc.exe
[2016/03/28 11:58:23 | 001,251,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2016/03/28 11:58:23 | 000,792,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comres.dll
[2016/03/28 11:58:23 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2016/03/28 11:58:23 | 000,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2016/03/28 11:58:23 | 000,512,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cryptui.dll
[2016/03/28 11:58:23 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmsp.dll
[2016/03/28 11:58:23 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmdial32.dll
[2016/03/28 11:58:23 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compstui.dll
[2016/03/28 11:58:23 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2016/03/28 11:58:23 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\credui.dll
[2016/03/28 11:58:23 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2016/03/28 11:58:23 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cscdll.dll
[2016/03/28 11:58:23 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cscript.exe
[2016/03/28 11:58:23 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2016/03/28 11:58:23 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cryptdlg.dll
[2016/03/28 11:58:23 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cryptnet.dll
[2016/03/28 11:58:23 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmstp.exe
[2016/03/28 11:58:23 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2016/03/28 11:58:23 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cryptsvc.dll
[2016/03/28 11:58:23 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clusapi.dll
[2016/03/28 11:58:23 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cryptext.dll
[2016/03/28 11:58:23 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmdl32.exe
[2016/03/28 11:58:23 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmutil.dll
[2016/03/28 11:58:23 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmmon32.exe
[2016/03/28 11:58:23 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[2016/03/28 11:58:23 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cryptdll.dll
[2016/03/28 11:58:23 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conime.exe
[2016/03/28 11:58:23 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2016/03/28 11:58:23 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmcfg32.dll
[2016/03/28 11:58:22 | 001,179,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8.dll
[2016/03/28 11:58:22 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\danim.dll
[2016/03/28 11:58:22 | 000,825,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim700.dll
[2016/03/28 11:58:22 | 000,640,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dbghelp.dll
[2016/03/28 11:58:22 | 000,326,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cscui.dll
[2016/03/28 11:58:22 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\devmgr.dll
[2016/03/28 11:58:22 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddraw.dll
[2016/03/28 11:58:22 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\daxctle.ocx
[2016/03/28 11:58:22 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\datime.dll
[2016/03/28 11:58:22 | 000,123,904 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgui.dll
[2016/03/28 11:58:22 | 000,111,104 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\dllcache\dgnet.dll
[2016/03/28 11:58:22 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dbnetlib.dll
[2016/03/28 11:58:22 | 000,104,960 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgntfs.exe
[2016/03/28 11:58:22 | 000,082,432 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgfat.exe
[2016/03/28 11:58:22 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dataclen.dll
[2016/03/28 11:58:22 | 000,038,912 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgsnap.dll
[2016/03/28 11:58:22 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddeshare.exe
[2016/03/28 11:58:22 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dfsshlex.dll
[2016/03/28 11:58:22 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddrawex.dll
[2016/03/28 11:58:22 | 000,025,088 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\defrag.exe
[2016/03/28 11:58:22 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davclnt.dll
[2016/03/28 11:58:22 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ctfmon.exe
[2016/03/28 11:58:22 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dciman32.dll
[2016/03/28 11:58:22 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8thk.dll
[2016/03/28 11:58:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csrss.exe
[2016/03/28 11:58:22 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2016/03/28 11:58:21 | 001,501,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diskcopy.dll
[2016/03/28 11:58:21 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll
[2016/03/28 11:58:21 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhcpmon.dll
[2016/03/28 11:58:21 | 000,273,920 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmdlgs.dll
[2016/03/28 11:58:21 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplayx.dll
[2016/03/28 11:58:21 | 000,224,768 | ---- | C] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dllcache\dmadmin.exe
[2016/03/28 11:58:21 | 000,200,704 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmdskmgr.dll
[2016/03/28 11:58:21 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput8.dll
[2016/03/28 11:58:21 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmime.dll
[2016/03/28 11:58:21 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diskpart.exe
[2016/03/28 11:58:21 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput.dll
[2016/03/28 11:58:21 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll
[2016/03/28 11:58:21 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmstyle.dll
[2016/03/28 11:58:21 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.dll
[2016/03/28 11:58:21 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmsynth.dll
[2016/03/28 11:58:21 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diantz.exe
[2016/03/28 11:58:21 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmscript.dll
[2016/03/28 11:58:21 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\digest.dll
[2016/03/28 11:58:21 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmcompos.dll
[2016/03/28 11:58:21 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhupnp.dll
[2016/03/28 11:58:21 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\docprop2.dll
[2016/03/28 11:58:21 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsrslvr.dll
[2016/03/28 11:58:21 | 000,045,083 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dispex.dll
[2016/03/28 11:58:21 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmloader.dll
[2016/03/28 11:58:21 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhpast.dll
[2016/03/28 11:58:21 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe
[2016/03/28 11:58:21 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmband.dll
[2016/03/28 11:58:21 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpmodemx.dll
[2016/03/28 11:58:21 | 000,023,552 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmserver.dll
[2016/03/28 11:58:21 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvacm.dll
[2016/03/28 11:58:21 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe
[2016/03/28 11:58:21 | 000,015,872 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmremote.exe
[2016/03/28 11:58:21 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dllhost.exe
[2016/03/28 11:58:21 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnlobby.dll
[2016/03/28 11:58:21 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnaddr.dll
[2016/03/28 11:58:20 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound3d.dll
[2016/03/28 11:58:20 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound.dll
[2016/03/28 11:58:20 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\duser.dll
[2016/03/28 11:58:20 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsquery.dll
[2016/03/28 11:58:20 | 000,212,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvoice.dll
[2016/03/28 11:58:20 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmo.dll
[2016/03/28 11:58:20 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dwwin.exe
[2016/03/28 11:58:20 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dskquoui.dll
[2016/03/28 11:58:20 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprop.dll
[2016/03/28 11:58:20 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dssenh.dll
[2016/03/28 11:58:20 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvvox.dll
[2016/03/28 11:58:20 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsuiext.dll
[2016/03/28 11:58:20 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dskquota.dll
[2016/03/28 11:58:20 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe
[2016/03/28 11:58:20 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmoprp.dll
[2016/03/28 11:58:20 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpwsockx.dll
[2016/03/28 11:58:20 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dssec.dll
[2016/03/28 11:58:20 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dswave.dll
[2016/03/28 11:58:20 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dvdupgrd.exe
[2016/03/28 11:58:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ds32gt.dll
[2016/03/28 11:58:20 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drprov.dll
[2016/03/28 11:58:20 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dumprep.exe
[2016/03/28 11:58:20 | 000,004,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ds16gt.dll
[2016/03/28 11:58:19 | 001,298,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe
[2016/03/28 11:58:19 | 001,227,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx8vb.dll
[2016/03/28 11:58:19 | 001,082,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esent.dll
[2016/03/28 11:58:19 | 000,619,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx7vb.dll
[2016/03/28 11:58:19 | 000,382,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontext.dll
[2016/03/28 11:58:19 | 000,380,957 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\expsrv.dll
[2016/03/28 11:58:19 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtmsft.dll
[2016/03/28 11:58:19 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filemgmt.dll
[2016/03/28 11:58:19 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\es.dll
[2016/03/28 11:58:19 | 000,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtrans.dll
[2016/03/28 11:58:19 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\eudcedit.exe
[2016/03/28 11:58:19 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\els.dll
[2016/03/28 11:58:19 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exts.dll
[2016/03/28 11:58:19 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fldrclnr.dll
[2016/03/28 11:58:19 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\faultrep.dll
[2016/03/28 11:58:19 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2016/03/28 11:58:19 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\eventlog.dll
[2016/03/28 11:58:19 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extrac32.exe
[2016/03/28 11:58:19 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\findstr.exe
[2016/03/28 11:58:19 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ersvc.dll
[2016/03/28 11:58:19 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\feclient.dll
[2016/03/28 11:58:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2016/03/28 11:58:18 | 000,614,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323msp.dll
[2016/03/28 11:58:18 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hhctrl.ocx
[2016/03/28 11:58:18 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hnetcfg.dll
[2016/03/28 11:58:18 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gdi32.dll
[2016/03/28 11:58:18 | 000,265,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323.tsp
[2016/03/28 11:58:18 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hdwwiz.cpl
[2016/03/28 11:58:18 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\glu32.dll
[2016/03/28 11:58:18 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gpkcsp.dll
[2016/03/28 11:58:18 | 000,077,850 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hlink.dll
[2016/03/28 11:58:18 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\grpconv.exe
[2016/03/28 11:58:18 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hhsetup.dll
[2016/03/28 11:58:18 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidphone.tsp
[2016/03/28 11:58:18 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontview.exe
[2016/03/28 11:58:18 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\help.exe
[2016/03/28 11:58:18 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gpkrsrc.dll
[2016/03/28 11:58:18 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framebuf.dll
[2016/03/28 11:58:18 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\forcedos.exe
[2016/03/28 11:58:17 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2016/03/28 11:58:17 | 000,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hnetwiz.dll
[2016/03/28 11:58:17 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2016/03/28 11:58:17 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2016/03/28 11:58:17 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icm32.dll
[2016/03/28 11:58:17 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2016/03/28 11:58:17 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieaksie.dll
[2016/03/28 11:58:17 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imapi.exe
[2016/03/28 11:58:17 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hotplug.dll
[2016/03/28 11:58:17 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakeng.dll
[2016/03/28 11:58:17 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ifmon.dll
[2016/03/28 11:58:17 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\idq.dll
[2016/03/28 11:58:17 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iasrad.dll
[2016/03/28 11:58:17 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexpress.exe
[2016/03/28 11:58:17 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imm32.dll
[2016/03/28 11:58:17 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2016/03/28 11:58:17 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2016/03/28 11:58:17 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2016/03/28 11:58:17 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iesetup.dll
[2016/03/28 11:58:17 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iernonce.dll
[2016/03/28 11:58:17 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\htui.dll
[2016/03/28 11:58:17 | 000,036,921 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imeshare.dll
[2016/03/28 11:58:17 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imgutil.dll
[2016/03/28 11:58:17 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2016/03/28 11:58:17 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2016/03/28 11:58:17 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\igmpagnt.dll
[2016/03/28 11:58:17 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icmp.dll
[2016/03/28 11:58:16 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsmsnap.dll
[2016/03/28 11:58:16 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2016/03/28 11:58:16 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsecsnp.dll
[2016/03/28 11:58:16 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipnathlp.dll
[2016/03/28 11:58:16 | 000,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ippromon.dll
[2016/03/28 11:58:16 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsecsvc.dll
[2016/03/28 11:58:16 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprtrmgr.dll
[2016/03/28 11:58:16 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipmontr.dll
[2016/03/28 11:58:16 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\initpki.dll
[2016/03/28 11:58:16 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\itircl.dll
[2016/03/28 11:58:16 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\itss.dll
[2016/03/28 11:58:16 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\intl.cpl
[2016/03/28 11:58:16 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\input.dll
[2016/03/28 11:58:16 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inseng.dll
[2016/03/28 11:58:16 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iphlpapi.dll
[2016/03/28 11:58:16 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2016/03/28 11:58:16 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetpp.dll
[2016/03/28 11:58:16 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipv6mon.dll
[2016/03/28 11:58:16 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipconfig.exe
[2016/03/28 11:58:16 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ixsso.dll
[2016/03/28 11:58:16 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipv6.exe
[2016/03/28 11:58:16 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2016/03/28 11:58:16 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmib1.dll
[2016/03/28 11:58:16 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2016/03/28 11:58:16 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipxroute.exe
[2016/03/28 11:58:16 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipxwan.dll
[2016/03/28 11:58:16 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipconf.tsp
[2016/03/28 11:58:16 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetppui.dll
[2016/03/28 11:58:15 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logonui.exe
[2016/03/28 11:58:15 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll
[2016/03/28 11:58:15 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licdll.dll
[2016/03/28 11:58:15 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmrt.dll
[2016/03/28 11:58:15 | 000,294,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kerberos.dll
[2016/03/28 11:58:15 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\localsec.dll
[2016/03/28 11:58:15 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logon.scr
[2016/03/28 11:58:15 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\keymgr.dll
[2016/03/28 11:58:15 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2016/03/28 11:58:15 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loadperf.dll
[2016/03/28 11:58:15 | 000,092,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnl386.exe
[2016/03/28 11:58:15 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\magnify.exe
[2016/03/28 11:58:15 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\joy.cpl
[2016/03/28 11:58:15 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2016/03/28 11:58:15 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmddsp.tsp
[2016/03/28 11:58:15 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpk.dll
[2016/03/28 11:58:15 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2016/03/28 11:58:15 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\linkinfo.dll
[2016/03/28 11:58:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2016/03/28 11:58:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsass.exe
[2016/03/28 11:58:15 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\localui.dll
[2016/03/28 11:58:15 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprhelp.dll
[2016/03/28 11:58:15 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kd1394.dll
[2016/03/28 11:58:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec.dll
[2016/03/28 11:58:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2016/03/28 11:58:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2016/03/28 11:58:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2016/03/28 11:58:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2016/03/28 11:58:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2016/03/28 11:58:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2016/03/28 11:58:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2016/03/28 11:58:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2016/03/28 11:58:14 | 001,192,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmcndmgr.dll
[2016/03/28 11:58:14 | 001,028,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2016/03/28 11:58:14 | 001,024,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42u.dll
[2016/03/28 11:58:14 | 000,924,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2016/03/28 11:58:14 | 000,815,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmc.exe
[2016/03/28 11:58:14 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmsys.cpl
[2016/03/28 11:58:14 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mlang.dll
[2016/03/28 11:58:14 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mobsync.dll
[2016/03/28 11:58:14 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mobsync.exe
[2016/03/28 11:58:14 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdminst.dll
[2016/03/28 11:58:14 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\makecab.exe
[2016/03/28 11:58:14 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciavi32.dll
[2016/03/28 11:58:14 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmcbase.dll
[2016/03/28 11:58:14 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmsystem.dll
[2016/03/28 11:58:14 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miglibnt.dll
[2016/03/28 11:58:14 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmcshext.dll
[2016/03/28 11:58:14 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mf3216.dll
[2016/03/28 11:58:14 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2016/03/28 11:58:14 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2016/03/28 11:58:14 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciwave.dll
[2016/03/28 11:58:14 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciseq.dll
[2016/03/28 11:58:14 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfcsubs.dll
[2016/03/28 11:58:14 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mimefilt.dll
[2016/03/28 11:58:14 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\midimap.dll
[2016/03/28 11:58:14 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2016/03/28 11:58:14 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mcastmib.dll
[2016/03/28 11:58:13 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2016/03/28 11:58:13 | 000,294,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msctf.dll
[2016/03/28 11:58:13 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moricons.dll
[2016/03/28 11:58:13 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemui.dll
[2016/03/28 11:58:13 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdart.dll
[2016/03/28 11:58:13 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mprapi.dll
[2016/03/28 11:58:13 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msapsspc.dll
[2016/03/28 11:58:13 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscms.dll
[2016/03/28 11:58:13 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msacm32.dll
[2016/03/28 11:58:13 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2016/03/28 11:58:13 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msctfp.dll
[2016/03/28 11:58:13 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpr.dll
[2016/03/28 11:58:13 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2016/03/28 11:58:13 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msasn1.dll
[2016/03/28 11:58:13 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mprdim.dll
[2016/03/28 11:58:13 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscpxl32.dll
[2016/03/28 11:58:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatsrc.tlb
[2016/03/28 11:58:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscpx32r.dll
[2016/03/28 11:58:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2016/03/28 11:58:13 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msafd.dll
[2016/03/28 11:58:12 | 000,994,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgina.dll
[2016/03/28 11:58:12 | 000,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2016/03/28 11:58:12 | 000,512,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msexch40.dll
[2016/03/28 11:58:12 | 000,319,517 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msexcl40.dll
[2016/03/28 11:58:12 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2016/03/28 11:58:12 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshta.exe
[2016/03/28 11:58:11 | 003,003,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2016/03/28 11:58:11 | 001,507,356 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjet40.dll
[2016/03/28 11:58:11 | 001,351,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.tlb
[2016/03/28 11:58:11 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2016/03/28 11:58:11 | 000,348,189 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspbde40.dll
[2016/03/28 11:58:11 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2016/03/28 11:58:11 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msnsspc.dll
[2016/03/28 11:58:11 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2016/03/28 11:58:11 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msieftp.dll
[2016/03/28 11:58:11 | 000,241,693 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjtes40.dll
[2016/03/28 11:58:11 | 000,213,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msltus40.dll
[2016/03/28 11:58:11 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimtf.dll
[2016/03/28 11:58:11 | 000,151,583 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjint40.dll
[2016/03/28 11:58:11 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msorcl32.dll
[2016/03/28 11:58:11 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2016/03/28 11:58:11 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmler.dll
[2016/03/28 11:58:11 | 000,053,279 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjter40.dll
[2016/03/28 11:58:11 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msident.dll
[2016/03/28 11:58:11 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspatcha.dll
[2016/03/28 11:58:11 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mslbui.dll
[2016/03/28 11:58:11 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msorc32r.dll
[2016/03/28 11:58:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msidle.dll
[2016/03/28 11:58:11 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimg32.dll
[2016/03/28 11:58:10 | 000,552,989 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrepl40.dll
[2016/03/28 11:58:10 | 000,530,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2016/03/28 11:58:10 | 000,421,919 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrd2x40.dll
[2016/03/28 11:58:10 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvcp60.dll
[2016/03/28 11:58:10 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvcrt.dll
[2016/03/28 11:58:10 | 000,315,423 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrd3x40.dll
[2016/03/28 11:58:10 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2016/03/28 11:58:10 | 000,258,077 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstext40.dll
[2016/03/28 11:58:10 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msutb.dll
[2016/03/28 11:58:10 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrating.dll
[2016/03/28 11:58:10 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstlsapi.dll
[2016/03/28 11:58:10 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscript.ocx
[2016/03/28 11:58:10 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvcrt40.dll
[2016/03/28 11:58:10 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvcirt.dll
[2016/03/28 11:58:10 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msprivs.dll
[2016/03/28 11:58:10 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2016/03/28 11:58:10 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrle32.dll
[2016/03/28 11:58:09 | 001,428,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidctl.dll
[2016/03/28 11:58:09 | 001,236,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2016/03/28 11:58:09 | 000,831,519 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswdat10.dll
[2016/03/28 11:58:09 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml2.dll
[2016/03/28 11:58:09 | 000,614,429 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswstr10.dll
[2016/03/28 11:58:09 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml.dll
[2016/03/28 11:58:09 | 000,348,189 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxbde40.dll
[2016/03/28 11:58:09 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswsock.dll
[2016/03/28 11:58:09 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2016/03/28 11:58:09 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvfw32.dll
[2016/03/28 11:58:09 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mydocs.dll
[2016/03/28 11:58:09 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2016/03/28 11:58:09 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msw3prt.dll
[2016/03/28 11:58:09 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxclu.dll
[2016/03/28 11:58:09 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\narrator.exe
[2016/03/28 11:58:09 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncobjapi.dll
[2016/03/28 11:58:09 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2016/03/28 11:58:09 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2016/03/28 11:58:09 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2016/03/28 11:58:08 | 001,708,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netshell.dll
[2016/03/28 11:58:08 | 000,875,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netplwiz.dll
[2016/03/28 11:58:08 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netcfgx.dll
[2016/03/28 11:58:08 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netlogon.dll
[2016/03/28 11:58:08 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2016/03/28 11:58:08 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netsetup.exe
[2016/03/28 11:58:08 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\newdev.dll
[2016/03/28 11:58:08 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netui1.dll
[2016/03/28 11:58:08 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netman.dll
[2016/03/28 11:58:08 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netid.dll
[2016/03/28 11:58:08 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\net1.exe
[2016/03/28 11:58:08 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntmarta.dll
[2016/03/28 11:58:08 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netdde.exe
[2016/03/28 11:58:08 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nlhtml.dll
[2016/03/28 11:58:08 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netsh.exe
[2016/03/28 11:58:08 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netui0.dll
[2016/03/28 11:58:08 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notepad.exe
[2016/03/28 11:58:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdsapi.dll
[2016/03/28 11:58:08 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndptsp.tsp
[2016/03/28 11:58:08 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npptools.dll
[2016/03/28 11:58:08 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntlanman.dll
[2016/03/28 11:58:08 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\net.exe
[2016/03/28 11:58:08 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netstat.exe
[2016/03/28 11:58:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2016/03/28 11:58:08 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nddenb32.dll
[2016/03/28 11:58:08 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nddeapi.dll
[2016/03/28 11:58:08 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netrap.dll
[2016/03/28 11:58:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nddeapir.exe
[2016/03/28 11:58:07 | 001,281,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ole32.dll
[2016/03/28 11:58:07 | 000,713,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\opengl32.dll
[2016/03/28 11:58:07 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntmsmgr.dll
[2016/03/28 11:58:07 | 000,435,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntmssvc.dll
[2016/03/28 11:58:07 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\objsel.dll
[2016/03/28 11:58:07 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcjt32.dll
[2016/03/28 11:58:07 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oakley.dll
[2016/03/28 11:58:07 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nusrmgr.cpl
[2016/03/28 11:58:07 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbc32.dll
[2016/03/28 11:58:07 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\osk.exe
[2016/03/28 11:58:07 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntmsdba.dll
[2016/03/28 11:58:07 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbctrac.dll
[2016/03/28 11:58:07 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntshrui.dll
[2016/03/28 11:58:07 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcconf.dll
[2016/03/28 11:58:07 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\offfilt.dll
[2016/03/28 11:58:07 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledlg.dll
[2016/03/28 11:58:07 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleprn.dll
[2016/03/28 11:58:07 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbccp32.dll
[2016/03/28 11:58:07 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2016/03/28 11:58:07 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcint.dll
[2016/03/28 11:58:07 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olepro32.dll
[2016/03/28 11:58:07 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcconf.exe
[2016/03/28 11:58:07 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olecli32.dll
[2016/03/28 11:58:07 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\osuninst.dll
[2016/03/28 11:58:07 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbccu32.dll
[2016/03/28 11:58:07 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbccr32.dll
[2016/03/28 11:58:07 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pautoenr.dll
[2016/03/28 11:58:07 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ocmanage.dll
[2016/03/28 11:58:07 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\packager.exe
[2016/03/28 11:58:07 | 000,053,279 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcji32.dll
[2016/03/28 11:58:07 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntmsapi.dll
[2016/03/28 11:58:07 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbccp32.cpl
[2016/03/28 11:58:07 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcad32.exe
[2016/03/28 11:58:07 | 000,020,511 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odtext32.dll
[2016/03/28 11:58:07 | 000,020,511 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oddbse32.dll
[2016/03/28 11:58:07 | 000,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odpdx32.dll
[2016/03/28 11:58:07 | 000,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odfox32.dll
[2016/03/28 11:58:07 | 000,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odexl32.dll
[2016/03/28 11:58:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbc32gt.dll
[2016/03/28 11:58:07 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntvdmd.dll
[2016/03/28 11:58:07 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcp32r.dll
[2016/03/28 11:58:06 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\photowiz.dll
[2016/03/28 11:58:06 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powercfg.cpl
[2016/03/28 11:58:06 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\progman.exe
[2016/03/28 11:58:06 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\polstore.dll
[2016/03/28 11:58:06 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psbase.dll
[2016/03/28 11:58:06 | 000,081,920 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\proctexe.ocx
[2016/03/28 11:58:06 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\proquota.exe
[2016/03/28 11:58:06 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pngfilt.dll
[2016/03/28 11:58:06 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfproc.dll
[2016/03/28 11:58:06 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\profmap.dll
[2016/03/28 11:58:06 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfdisk.dll
[2016/03/28 11:58:06 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfos.dll
[2016/03/28 11:58:06 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psapi.dll
[2016/03/28 11:58:06 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ping.exe
[2016/03/28 11:58:06 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powrprof.dll
[2016/03/28 11:58:06 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfnet.dll
[2016/03/28 11:58:06 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfmon.exe
[2016/03/28 11:58:05 | 001,435,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.dll
[2016/03/28 11:58:05 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qasf.dll
[2016/03/28 11:58:05 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasppp.dll
[2016/03/28 11:58:05 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasmans.dll
[2016/03/28 11:58:05 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2016/03/28 11:58:05 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rastls.dll
[2016/03/28 11:58:05 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rcbdyctl.dll
[2016/03/28 11:58:05 | 000,092,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpdd.dll
[2016/03/28 11:58:05 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2016/03/28 11:58:05 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raschap.dll
[2016/03/28 11:58:05 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2016/03/28 11:58:05 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2016/03/28 11:58:05 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regsvc.dll
[2016/03/28 11:58:05 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasphone.exe
[2016/03/28 11:58:05 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reg.exe
[2016/03/28 11:58:05 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regapi.dll
[2016/03/28 11:58:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2016/03/28 11:58:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pstorec.dll
[2016/03/28 11:58:05 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rcimlby.exe
[2016/03/28 11:58:05 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pstorsvc.dll
[2016/03/28 11:58:05 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rcp.exe
[2016/03/28 11:58:05 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2016/03/28 11:58:05 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2016/03/28 11:58:05 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2016/03/28 11:58:05 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rassapi.dll
[2016/03/28 11:58:05 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2016/03/28 11:58:05 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasadhlp.dll
[2016/03/28 11:58:04 | 000,581,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2016/03/28 11:58:04 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\riched20.dll
[2016/03/28 11:58:04 | 000,397,824 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\dllcache\regwizc.dll
[2016/03/28 11:58:04 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scesrv.dll
[2016/03/28 11:58:04 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2016/03/28 11:58:04 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scecli.dll
[2016/03/28 11:58:04 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sccsccp.dll
[2016/03/28 11:58:04 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrobj.dll
[2016/03/28 11:58:04 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsaenh.dll
[2016/03/28 11:58:04 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrrun.dll
[2016/03/28 11:58:04 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsvpsp.dll
[2016/03/28 11:58:04 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sdbinst.exe
[2016/03/28 11:58:04 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rtcshare.exe
[2016/03/28 11:58:04 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotesp.tsp
[2016/03/28 11:58:04 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scarddlg.dll
[2016/03/28 11:58:04 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2016/03/28 11:58:04 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\resutils.dll
[2016/03/28 11:58:04 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\secur32.dll
[2016/03/28 11:58:04 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2016/03/28 11:58:04 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rtutils.dll
[2016/03/28 11:58:04 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2016/03/28 11:58:04 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rundll32.exe
[2016/03/28 11:58:04 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rtipxmib.dll
[2016/03/28 11:58:04 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2016/03/28 11:58:04 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sclgntfy.dll
[2016/03/28 11:58:04 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seclogon.dll
[2016/03/28 11:58:04 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsmps.dll
[2016/03/28 11:58:04 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsh.exe
[2016/03/28 11:58:04 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\runonce.exe
[2016/03/28 11:58:04 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rexec.exe
[2016/03/28 11:58:04 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regsvr32.exe
[2016/03/28 11:58:04 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrnsave.scr
[2016/03/28 11:58:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\security.dll
[2016/03/28 11:58:03 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sfc_os.dll
[2016/03/28 11:58:03 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2016/03/28 11:58:03 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sendmail.dll
[2016/03/28 11:58:03 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sens.dll
[2016/03/28 11:58:03 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sethc.exe
[2016/03/28 11:58:03 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sendcmsg.dll
[2016/03/28 11:58:03 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup.exe
[2016/03/28 11:58:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sensapi.dll
[2016/03/28 11:58:03 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sfc.dll
[2016/03/28 11:58:02 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sfcfiles.dll
[2016/03/28 11:58:02 | 001,483,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2016/03/28 11:58:02 | 000,549,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdoclc.dll
[2016/03/28 11:58:01 | 008,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2016/03/28 11:58:01 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shlwapi.dll
[2016/03/28 11:58:01 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimgvw.dll
[2016/03/28 11:58:01 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shsvcs.dll
[2016/03/28 11:58:01 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shrpubw.exe
[2016/03/28 11:58:01 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sigverif.exe
[2016/03/28 11:58:01 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shgina.dll
[2016/03/28 11:58:01 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimeng.dll
[2016/03/28 11:58:01 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmgrate.exe
[2016/03/28 11:58:01 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shscrap.dll
[2016/03/28 11:58:01 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\skeys.exe
[2016/03/28 11:58:01 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shfolder.dll
[2016/03/28 11:58:01 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shutdown.exe
[2016/03/28 11:58:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simpdata.tlb
[2016/03/28 11:58:01 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sigtab.dll
[2016/03/28 11:58:00 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2016/03/28 11:58:00 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smlogcfg.dll
[2016/03/28 11:58:00 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsnap.dll
[2016/03/28 11:58:00 | 000,180,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlunirl.dll
[2016/03/28 11:58:00 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2016/03/28 11:58:00 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smlogsvc.exe
[2016/03/28 11:58:00 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spoolss.dll
[2016/03/28 11:58:00 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2016/03/28 11:58:00 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spoolsv.exe
[2016/03/28 11:58:00 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slayerxp.dll
[2016/03/28 11:58:00 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sort.exe
[2016/03/28 11:58:00 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpapi.dll
[2016/03/28 11:57:59 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ss3dfo.scr
[2016/03/28 11:57:59 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2016/03/28 11:57:59 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2016/03/28 11:57:59 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssbezier.scr
[2016/03/28 11:57:58 | 000,713,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sxs.dll
[2016/03/28 11:57:58 | 000,679,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sstext3d.scr
[2016/03/28 11:57:58 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspipes.scr
[2016/03/28 11:57:58 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssflwbox.scr
[2016/03/28 11:57:58 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysmon.ocx
[2016/03/28 11:57:58 | 000,210,432 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2016/03/28 11:57:58 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\syncui.dll
[2016/03/28 11:57:58 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sti_ci.dll
[2016/03/28 11:57:58 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stobject.dll
[2016/03/28 11:57:58 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysocmgr.exe
[2016/03/28 11:57:58 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssdpsrv.dll
[2016/03/28 11:57:58 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sti.dll
[2016/03/28 11:57:58 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\synceng.dll
[2016/03/28 11:57:58 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2016/03/28 11:57:58 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssmypics.scr
[2016/03/28 11:57:58 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssdpapi.dll
[2016/03/28 11:57:58 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssmarque.scr
[2016/03/28 11:57:58 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssmyst.scr
[2016/03/28 11:57:58 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdole2.tlb
[2016/03/28 11:57:58 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stimon.exe
[2016/03/28 11:57:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svchost.exe
[2016/03/28 11:57:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssstars.scr
[2016/03/28 11:57:57 | 000,858,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapi3.dll
[2016/03/28 11:57:57 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\userenv.dll
[2016/03/28 11:57:57 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2016/03/28 11:57:57 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll
[2016/03/28 11:57:57 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usp10.dll
[2016/03/28 11:57:57 | 000,385,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\themeui.dll
[2016/03/28 11:57:57 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termmgr.dll
[2016/03/28 11:57:57 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2016/03/28 11:57:57 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapisrv.dll
[2016/03/28 11:57:57 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\upnpui.dll
[2016/03/28 11:57:57 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unimdm.tsp
[2016/03/28 11:57:57 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\upnphost.dll
[2016/03/28 11:57:57 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapi32.dll
[2016/03/28 11:57:57 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskmgr.exe
[2016/03/28 11:57:57 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\upnp.dll
[2016/03/28 11:57:57 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umpnpmgr.dll
[2016/03/28 11:57:57 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\txflog.dll
[2016/03/28 11:57:57 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\timedate.cpl
[2016/03/28 11:57:57 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2016/03/28 11:57:57 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trkwks.dll
[2016/03/28 11:57:57 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\telnet.exe
[2016/03/28 11:57:57 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbui.dll
[2016/03/28 11:57:57 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unimdmat.dll
[2016/03/28 11:57:57 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdc.ocx
[2016/03/28 11:57:57 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\utilman.exe
[2016/03/28 11:57:57 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpmon.dll
[2016/03/28 11:57:57 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2016/03/28 11:57:57 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umandlg.dll
[2016/03/28 11:57:57 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\udhisapi.dll
[2016/03/28 11:57:57 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ups.exe
[2016/03/28 11:57:57 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbmon.dll
[2016/03/28 11:57:57 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\upnpcont.exe
[2016/03/28 11:57:57 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpmib.dll
[2016/03/28 11:57:57 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniplat.dll
[2016/03/28 11:57:57 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tracert.exe
[2016/03/28 11:57:57 | 000,012,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsddd.dll
[2016/03/28 11:57:56 | 000,463,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiadefui.dll
[2016/03/28 11:57:56 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiaacmgr.exe
[2016/03/28 11:57:56 | 000,430,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vssapi.dll
[2016/03/28 11:57:56 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbscript.dll
[2016/03/28 11:57:56 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiaservc.dll
[2016/03/28 11:57:56 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vssvc.exe
[2016/03/28 11:57:56 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webcheck.dll
[2016/03/28 11:57:56 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uxtheme.dll
[2016/03/28 11:57:56 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wavemsp.dll
[2016/03/28 11:57:56 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32time.dll
[2016/03/28 11:57:56 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webvw.dll
[2016/03/28 11:57:56 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiadss.dll
[2016/03/28 11:57:56 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiascr.dll
[2016/03/28 11:57:56 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webclnt.dll
[2016/03/28 11:57:56 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wextract.exe
[2016/03/28 11:57:56 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vdmredir.dll
[2016/03/28 11:57:56 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdigest.dll
[2016/03/28 11:57:56 | 000,030,749 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbajet32.dll
[2016/03/28 11:57:56 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbisurf.ax
[2016/03/28 11:57:56 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vdmdbg.dll
[2016/03/28 11:57:56 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.drv
[2016/03/28 11:57:56 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\version.dll
[2016/03/28 11:57:56 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\watchdog.sys
[2016/03/28 11:57:56 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\verifier.dll
[2016/03/28 11:57:55 | 000,764,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winntbbu.dll
[2016/03/28 11:57:55 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2016/03/28 11:57:55 | 000,589,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiashext.dll
[2016/03/28 11:57:55 | 000,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winlogon.exe
[2016/03/28 11:57:55 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsrv.dll
[2016/03/28 11:57:55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wintrust.dll
[2016/03/28 11:57:55 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmm.dll
[2016/03/28 11:57:55 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wldap32.dll
[2016/03/28 11:57:55 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiavideo.dll
[2016/03/28 11:57:55 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winscard.dll
[2016/03/28 11:57:55 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wlnotify.dll
[2016/03/28 11:57:55 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsta.dll
[2016/03/28 11:57:55 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winipsec.dll
[2016/03/28 11:57:55 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winrnr.dll
[2016/03/28 11:57:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi.dll
[2016/03/28 11:57:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winver.exe
[2016/03/28 11:57:54 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wow32.dll
[2016/03/28 11:57:54 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ws2_32.dll
[2016/03/28 11:57:54 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wpnpinst.exe
[2016/03/28 11:57:54 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wpabaln.exe
[2016/03/28 11:57:54 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ws2help.dll
[2016/03/28 11:57:53 | 000,611,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2016/03/28 11:57:53 | 000,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\autoconv.exe
[2016/03/28 11:57:53 | 000,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\autoconv.exe
[2016/03/28 11:57:53 | 000,588,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\autochk.exe
[2016/03/28 11:57:53 | 000,388,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmd.exe
[2016/03/28 11:57:53 | 000,388,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmd.exe
[2016/03/28 11:57:53 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wzcdlg.dll
[2016/03/28 11:57:53 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zipfldr.dll
[2016/03/28 11:57:53 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2016/03/28 11:57:53 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comdlg32.dll
[2016/03/28 11:57:53 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2016/03/28 11:57:53 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2016/03/28 11:57:53 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2016/03/28 11:57:53 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\desk.cpl
[2016/03/28 11:57:53 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\desk.cpl
[2016/03/28 11:57:53 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2016/03/28 11:57:53 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscript.exe
[2016/03/28 11:57:53 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshom.ocx
[2016/03/28 11:57:53 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xactsrv.dll
[2016/03/28 11:57:53 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshext.dll
[2016/03/28 11:57:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2016/03/28 11:57:53 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2016/03/28 11:57:53 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstdecod.dll
[2016/03/28 11:57:53 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wsnmp32.dll
[2016/03/28 11:57:53 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2016/03/28 11:57:53 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csrsrv.dll
[2016/03/28 11:57:53 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\csrsrv.dll
[2016/03/28 11:57:53 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xcopy.exe
[2016/03/28 11:57:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshcon.dll
[2016/03/28 11:57:53 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2016/03/28 11:57:53 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wsock32.dll
[2016/03/28 11:57:53 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2016/03/28 11:57:53 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshtcpip.dll
[2016/03/28 11:57:53 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wtsapi32.dll
[2016/03/28 11:57:53 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cacls.exe
[2016/03/28 11:57:53 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cacls.exe
[2016/03/28 11:57:53 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2016/03/28 11:57:53 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2016/03/28 11:57:53 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2016/03/28 11:57:53 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2016/03/28 11:57:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wship6.dll
[2016/03/28 11:57:53 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2016/03/28 11:57:53 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshrm.dll
[2016/03/28 11:57:52 | 000,983,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kernel32.dll
[2016/03/28 11:57:52 | 000,721,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2016/03/28 11:57:52 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\localspl.dll
[2016/03/28 11:57:52 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imagehlp.dll
[2016/03/28 11:57:52 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msv1_0.dll
[2016/03/28 11:57:52 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhcpcsvc.dll
[2016/03/28 11:57:52 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\locator.exe
[2016/03/28 11:57:52 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ftp.exe
[2016/03/28 11:57:52 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftp.exe
[2016/03/28 11:57:52 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgsvc.dll
[2016/03/28 11:57:52 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\format.com
[2016/03/28 11:57:52 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mgmtapi.dll
[2016/03/28 11:57:52 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mgmtapi.dll
[2016/03/28 11:57:52 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmhsvc.dll
[2016/03/28 11:57:51 | 000,657,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasdlg.dll
[2016/03/28 11:57:51 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printui.dll
[2016/03/28 11:57:51 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll
[2016/03/28 11:57:51 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntvdm.exe
[2016/03/28 11:57:51 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntvdm.exe
[2016/03/28 11:57:51 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\samsrv.dll
[2016/03/28 11:57:51 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasapi32.dll
[2016/03/28 11:57:51 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nwprovau.dll
[2016/03/28 11:57:51 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwprovau.dll
[2016/03/28 11:57:51 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntprint.dll
[2016/03/28 11:57:51 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntprint.dll
[2016/03/28 11:57:51 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasauto.dll
[2016/03/28 11:57:51 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nslookup.exe
[2016/03/28 11:57:51 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nslookup.exe
[2016/03/28 11:57:51 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\samlib.dll
[2016/03/28 11:57:51 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasman.dll
[2016/03/28 11:57:51 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rastapi.dll
[2016/03/28 11:57:51 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rshx32.dll
[2016/03/28 11:57:51 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfctrs.dll
[2016/03/28 11:57:51 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfctrs.dll
[2016/03/28 11:57:51 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olecnv32.dll
[2016/03/28 11:57:51 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olecnv32.dll
[2016/03/28 11:57:51 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\savedump.exe
[2016/03/28 11:57:51 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\savedump.exe
[2016/03/28 11:57:51 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntlsapi.dll
[2016/03/28 11:57:50 | 001,835,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2016/03/28 11:57:50 | 001,835,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2016/03/28 11:57:50 | 000,984,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\syssetup.dll
[2016/03/28 11:57:50 | 000,984,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\syssetup.dll
[2016/03/28 11:57:50 | 000,983,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setupapi.dll
[2016/03/28 11:57:50 | 000,799,744 | ---- | C] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dllcache\dmboot.sys
[2016/03/28 11:57:50 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\untfs.dll
[2016/03/28 11:57:50 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\untfs.dll
[2016/03/28 11:57:50 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysdm.cpl
[2016/03/28 11:57:50 | 000,278,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ulib.dll
[2016/03/28 11:57:50 | 000,278,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ulib.dll
[2016/03/28 11:57:50 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winspool.drv
[2016/03/28 11:57:50 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schannel.dll
[2016/03/28 11:57:50 | 000,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2016/03/28 11:57:50 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2016/03/28 11:57:50 | 000,138,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys
[2016/03/28 11:57:50 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wkssvc.dll
[2016/03/28 11:57:50 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32spl.dll
[2016/03/28 11:57:50 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srvsvc.dll
[2016/03/28 11:57:50 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scardsvr.exe
[2016/03/28 11:57:50 | 000,095,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atapi.sys
[2016/03/28 11:57:50 | 000,071,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bridge.sys
[2016/03/28 11:57:50 | 000,063,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdfs.sys
[2016/03/28 11:57:50 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atmarpc.sys
[2016/03/28 11:57:50 | 000,055,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmlane.sys
[2016/03/28 11:57:50 | 000,055,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atmlane.sys
[2016/03/28 11:57:50 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\1394bus.sys
[2016/03/28 11:57:50 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smss.exe
[2016/03/28 11:57:50 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\classpnp.sys
[2016/03/28 11:57:50 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\classpnp.sys
[2016/03/28 11:57:50 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpmonui.dll
[2016/03/28 11:57:50 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpmonui.dll
[2016/03/28 11:57:50 | 000,036,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\amdk6.sys
[2016/03/28 11:57:50 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\userinit.exe
[2016/03/28 11:57:50 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\userinit.exe
[2016/03/28 11:57:50 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asyncmac.sys
[2016/03/28 11:57:50 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\diskdump.sys
[2016/03/28 11:57:50 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diskdump.sys
[2016/03/28 11:57:50 | 000,014,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys
[2016/03/28 11:57:49 | 000,182,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndis.sys
[2016/03/28 11:57:49 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxdav.sys
[2016/03/28 11:57:49 | 000,171,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2016/03/28 11:57:49 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netbt.sys
[2016/03/28 11:57:49 | 000,153,344 | ---- | C] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dllcache\dmio.sys
[2016/03/28 11:57:49 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastfat.sys
[2016/03/28 11:57:49 | 000,140,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys
[2016/03/28 11:57:49 | 000,140,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ks.sys
[2016/03/28 11:57:49 | 000,134,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipnat.sys
[2016/03/28 11:57:49 | 000,107,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2016/03/28 11:57:49 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksecdd.sys
[2016/03/28 11:57:49 | 000,091,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndiswan.sys
[2016/03/28 11:57:49 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsec.sys
[2016/03/28 11:57:49 | 000,071,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxg.sys
[2016/03/28 11:57:49 | 000,063,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mf.sys
[2016/03/28 11:57:49 | 000,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2016/03/28 11:57:49 | 000,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2016/03/28 11:57:49 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2016/03/28 11:57:49 | 000,042,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mountmgr.sys
[2016/03/28 11:57:49 | 000,040,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nmnt.sys
[2016/03/28 11:57:49 | 000,040,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmnt.sys
[2016/03/28 11:57:49 | 000,038,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2016/03/28 11:57:49 | 000,036,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidclass.sys
[2016/03/28 11:57:49 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapnp.sys
[2016/03/28 11:57:49 | 000,035,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgpc.sys
[2016/03/28 11:57:49 | 000,034,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fips.sys
[2016/03/28 11:57:49 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netbios.sys
[2016/03/28 11:57:49 | 000,024,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidparse.sys
[2016/03/28 11:57:49 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipinip.sys
[2016/03/28 11:57:49 | 000,019,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfs.sys
[2016/03/28 11:57:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2016/03/28 11:57:49 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2016/03/28 11:57:49 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2016/03/28 11:57:49 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2016/03/28 11:57:49 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2016/03/28 11:57:49 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2016/03/28 11:57:48 | 000,574,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntfs.sys
[2016/03/28 11:57:48 | 000,359,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys
[2016/03/28 11:57:48 | 000,336,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2016/03/28 11:57:48 | 000,223,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys
[2016/03/28 11:57:48 | 000,223,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip6.sys
[2016/03/28 11:57:48 | 000,200,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys
[2016/03/28 11:57:48 | 000,200,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2016/03/28 11:57:48 | 000,176,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdbss.sys
[2016/03/28 11:57:48 | 000,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2016/03/28 11:57:48 | 000,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2016/03/28 11:57:48 | 000,139,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2016/03/28 11:57:48 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\scsiport.sys
[2016/03/28 11:57:48 | 000,088,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkipx.sys
[2016/03/28 11:57:48 | 000,088,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwlnkipx.sys
[2016/03/28 11:57:48 | 000,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2016/03/28 11:57:48 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psched.sys
[2016/03/28 11:57:48 | 000,068,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pci.sys
[2016/03/28 11:57:48 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2016/03/28 11:57:48 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2016/03/28 11:57:48 | 000,051,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasl2tp.sys
[2016/03/28 11:57:48 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys
[2016/03/28 11:57:48 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stream.sys
[2016/03/28 11:57:48 | 000,048,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raspptp.sys
[2016/03/28 11:57:48 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raspppoe.sys
[2016/03/28 11:57:48 | 000,030,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npfs.sys
[2016/03/28 11:57:48 | 000,030,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismp.sys
[2016/03/28 11:57:48 | 000,030,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rndismp.sys
[2016/03/28 11:57:48 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sonydcam.sys
[2016/03/28 11:57:48 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pciidex.sys
[2016/03/28 11:57:48 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pciidex.sys
[2016/03/28 11:57:48 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\partmgr.sys
[2016/03/28 11:57:48 | 000,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdi.sys
[2016/03/28 11:57:48 | 000,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdi.sys
[2016/03/28 11:57:48 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tape.sys
[2016/03/28 11:57:48 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tape.sys
[2016/03/28 11:57:48 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2016/03/28 11:57:47 | 002,180,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2016/03/28 11:57:47 | 002,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
[2016/03/28 11:57:47 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\update.sys
[2016/03/28 11:57:47 | 000,142,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbport.sys
[2016/03/28 11:57:47 | 000,142,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbport.sys
[2016/03/28 11:57:47 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2016/03/28 11:57:47 | 000,081,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hal.dll
[2016/03/28 11:57:47 | 000,079,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\videoprt.sys
[2016/03/28 11:57:47 | 000,079,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\videoprt.sys
[2016/03/28 11:57:47 | 000,066,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\udfs.sys
[2016/03/28 11:57:47 | 000,057,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbhub.sys
[2016/03/28 11:57:47 | 000,052,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\volsnap.sys
[2016/03/28 11:57:47 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wanarp.sys
[2016/03/28 11:57:47 | 000,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2016/03/28 11:57:47 | 000,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd2.sys
[2016/03/28 11:57:47 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd.sys
[2016/03/28 11:57:47 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2016/03/28 11:57:47 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga.sys
[2016/03/28 11:57:47 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbuhci.sys
[2016/03/28 11:57:47 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbintel.sys
[2016/03/28 11:57:47 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2016/03/28 11:57:47 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys
[2016/03/28 11:57:47 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys
[2016/03/28 11:57:47 | 000,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2016/03/28 11:57:37 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2016/03/28 10:56:38 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2016/03/28 10:56:38 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2016/03/28 10:56:38 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2016/03/28 10:56:38 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2016/03/28 10:56:31 | 000,000,000 | --SD | C] -- C:\ComboFix
[2016/03/28 10:56:26 | 000,000,000 | ---D | C] -- C:\Qoobox
[2016/03/28 10:56:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2016/03/28 10:56:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2016/03/28 10:56:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2016/03/28 10:53:30 | 005,658,151 | R--- | C] (Swearware) -- C:\Documents and Settings\sf\Desktop\ComboFix.exe
[2016/03/28 10:49:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2016/03/27 21:26:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sf\Local Settings\Application Data\Opera Software
[2016/03/27 21:26:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sf\Application Data\Opera Software
[2016/03/27 21:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2016/03/27 14:35:54 | 005,111,240 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\sf\Desktop\spsetup129.exe
[2016/03/27 14:31:19 | 002,694,816 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\sf\Desktop\procexp.exe
[2016/03/26 20:18:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2016/03/26 16:56:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sf\Local Settings\Application Data\panda
[2016/03/26 16:56:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering
[2016/03/26 16:55:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sf\Application Data\pandasecuritytb
[2016/03/26 15:46:09 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll
[2016/03/26 15:31:48 | 002,310,144 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\iglicd32.dll
[2016/03/26 15:31:47 | 000,524,288 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igldev32.dll
[2016/03/26 15:31:42 | 000,147,456 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnld.lrc
[2016/03/26 15:31:42 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrrus.lrc
[2016/03/26 15:31:42 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptg.lrc
[2016/03/26 15:31:42 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrplk.lrc
[2016/03/26 15:31:42 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrhun.lrc
[2016/03/26 15:31:42 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrsve.lrc
[2016/03/26 15:31:42 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnor.lrc
[2016/03/26 15:31:42 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfin.lrc
[2016/03/26 15:31:42 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtrk.lrc
[2016/03/26 15:31:42 | 000,118,784 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrheb.lrc
[2016/03/26 15:31:41 | 000,155,648 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrell.lrc
[2016/03/26 15:31:41 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdan.lrc
[2016/03/26 15:31:41 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcsy.lrc
[2016/03/26 15:31:41 | 000,122,880 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrara.lrc
[2016/03/26 15:31:33 | 000,077,824 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcpl.cpl
[2016/03/26 15:31:31 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuTRK.dll
[2016/03/26 15:31:29 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuTHA.dll
[2016/03/26 15:31:28 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuSVE.dll
[2016/03/26 15:31:27 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuRUS.dll
[2016/03/26 15:31:26 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuPTG.dll
[2016/03/26 15:31:25 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuPTB.dll
[2016/03/26 15:31:24 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuPLK.dll
[2016/03/26 15:31:23 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuNOR.dll
[2016/03/26 15:31:22 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuNLD.dll
[2016/03/26 15:31:21 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuKOR.dll
[2016/03/26 15:31:20 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuJPN.dll
[2016/03/26 15:31:18 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuITA.dll
[2016/03/26 15:31:17 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuHUN.dll
[2016/03/26 15:31:16 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuHEB.dll
[2016/03/26 15:31:15 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuFRC.dll
[2016/03/26 15:31:14 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuFRA.dll
[2016/03/26 15:31:13 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuFIN.dll
[2016/03/26 15:31:12 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuESP.dll
[2016/03/26 15:31:11 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuENG.dll
[2016/03/26 15:31:10 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuELL.dll
[2016/03/26 15:31:09 | 000,114,688 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmudlg.exe
[2016/03/26 15:31:07 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuDEU.dll
[2016/03/26 15:31:06 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuDAN.dll
[2016/03/26 15:31:05 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCSY.dll
[2016/03/26 15:31:04 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCHT.dll
[2016/03/26 15:31:03 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCHS.dll
[2016/03/26 15:31:02 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuARB.dll
[2016/03/26 15:31:01 | 000,040,960 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuARA.dll
[2016/03/26 15:30:53 | 000,061,440 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\iAlmCoIn_v4363.dll
[2016/03/26 11:51:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2016/03/26 11:50:46 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2016/03/26 11:50:23 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2016/03/26 11:49:39 | 006,112,864 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll
[2016/03/26 11:48:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2016/03/26 00:16:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
[2016/03/26 00:16:06 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2016/03/25 22:38:57 | 000,000,000 | ---D | C] -- C:\FRST
[2016/03/25 22:34:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sf\Application Data\FLV and Media Player
[2016/03/25 22:22:42 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2016/03/25 22:17:39 | 001,610,352 | ---- | C] (Malwarebytes) -- C:\Documents and Settings\sf\Desktop\JRT.exe
[2016/03/25 22:14:11 | 001,725,440 | ---- | C] (Farbar) -- C:\Documents and Settings\sf\Desktop\FRST.exe
[2016/03/24 22:24:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2016/03/24 21:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sf\Application Data\CrystalIdea Software
[2016/03/24 21:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sf\Start Menu\Programs\SpeedFan
[2016/03/24 21:14:27 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2016/03/24 16:37:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\sf\Start Menu\Programs\Administrative Tools
[2016/03/23 18:49:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2013/10/14 10:44:12 | 002,174,976 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Program Files\Common Files\atimpenc.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2016/04/01 20:44:35 | 000,000,382 | ---- | M] () -- C:\WINDOWS\tasks\Opera scheduled Autoupdate 1459085101.job
[2016/04/01 20:30:37 | 000,118,336 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2016/04/01 20:30:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2016/04/01 20:01:37 | 000,000,575 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2016/04/01 12:05:53 | 000,405,888 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2016/04/01 12:05:53 | 000,054,874 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2016/04/01 12:05:03 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2016/04/01 12:05:03 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\sf\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2016/04/01 12:04:53 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\sf\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2016/04/01 12:03:51 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\sf\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2016/04/01 12:03:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2016/04/01 11:50:06 | 000,250,032 | RHS- | M] () -- C:\ntldr
[2016/04/01 11:46:10 | 000,007,120 | ---- | M] () -- C:\SIPOBJ.DBG
[2016/04/01 10:35:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\sf\Desktop\OTL.exe
[2016/03/29 01:13:37 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2016/03/28 10:54:46 | 005,658,151 | R--- | M] (Swearware) -- C:\Documents and Settings\sf\Desktop\ComboFix.exe
[2016/03/27 21:25:32 | 000,000,675 | ---- | M] () -- C:\Documents and Settings\sf\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2016/03/27 21:25:32 | 000,000,675 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2016/03/27 14:37:34 | 005,111,240 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\sf\Desktop\spsetup129.exe
[2016/03/27 14:32:07 | 002,694,816 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\sf\Desktop\procexp.exe
[2016/03/26 20:20:58 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2016/03/26 15:31:13 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuFIN.dll
[2016/03/26 15:31:12 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuESP.dll
[2016/03/26 15:31:11 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuENG.dll
[2016/03/26 15:31:10 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuELL.dll
[2016/03/26 15:31:09 | 000,114,688 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmudlg.exe
[2016/03/26 15:31:07 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuDEU.dll
[2016/03/26 15:31:04 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCHT.dll
[2016/03/26 15:31:03 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuCHS.dll
[2016/03/26 15:31:02 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuARB.dll
[2016/03/26 15:31:01 | 000,040,960 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\System32\ialmuARA.dll
[2016/03/26 15:31:00 | 000,038,014 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\ialmrnt5.dll
[2016/03/26 15:30:59 | 000,049,152 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\ialmrem.dll
[2016/03/26 15:30:56 | 000,116,859 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\ialmdnt5.dll
[2016/03/26 15:30:54 | 000,899,706 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\ialmdd5.dll
[2016/03/26 15:30:53 | 000,061,440 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\iAlmCoIn_v4363.dll
[2016/03/26 15:30:51 | 000,073,728 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\hccutils.dll
[2016/03/26 14:58:48 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2016/03/25 23:32:09 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\sf\Desktop\VEW.exe
[2016/03/25 22:18:26 | 001,610,352 | ---- | M] (Malwarebytes) -- C:\Documents and Settings\sf\Desktop\JRT.exe
[2016/03/25 22:16:31 | 001,530,368 | ---- | M] () -- C:\Documents and Settings\sf\Desktop\adwcleaner_5.105.exe
[2016/03/25 22:14:52 | 001,725,440 | ---- | M] (Farbar) -- C:\Documents and Settings\sf\Desktop\FRST.exe
[2016/03/24 21:14:39 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\sf\Desktop\SpeedFan.lnk
[2016/03/24 21:14:26 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2016/03/24 17:07:15 | 000,105,984 | ---- | M] () -- C:\Documents and Settings\sf\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2016/03/07 10:44:42 | 000,001,473 | ---- | M] () -- C:\Documents and Settings\sf\Application Data\Microsoft\Internet Explorer\Quick Launch\WPS Writer.lnk
[2016/03/06 10:19:47 | 000,000,289 | ---- | M] () -- C:\Documents and Settings\sf\Application Data\FotoSketcher.ini
[2016/03/04 17:01:22 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\windrvrz.vxd
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2016/04/01 12:05:03 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\sf\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2016/04/01 12:04:52 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\sf\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2016/04/01 12:04:52 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\sf\Start Menu\Programs\Internet Explorer.lnk
[2016/04/01 12:03:51 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\sf\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2016/03/31 15:43:43 | 000,007,120 | ---- | C] () -- C:\SIPOBJ.DBG
[2016/03/28 11:58:56 | 000,239,616 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wstrendr.ax
[2016/03/28 11:58:56 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wstpager.ax
[2016/03/28 11:58:53 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2016/03/28 11:58:52 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2016/03/28 11:58:52 | 000,110,116 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2016/03/28 11:58:52 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vbicodec.ax
[2016/03/28 11:58:51 | 000,186,368 | ---- | C] () -- C:\WINDOWS\System32\dllcache\encdec.dll
[2016/03/28 11:58:51 | 000,118,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2data.ax
[2016/03/28 11:58:51 | 000,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2016/03/28 11:58:51 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2016/03/28 11:58:50 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sbe.dll
[2016/03/28 11:58:50 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2016/03/28 11:58:47 | 000,759,966 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apph_sp.sdb
[2016/03/28 11:58:44 | 000,502,724 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nt5inf.cat
[2016/03/28 11:58:40 | 000,216,862 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apphelp.sdb
[2016/03/28 11:58:40 | 000,079,996 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apps.chm
[2016/03/28 11:58:39 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2016/03/28 11:58:39 | 000,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fp4.cat
[2016/03/28 11:58:36 | 000,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ims.cat
[2016/03/28 11:58:35 | 000,376,320 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2016/03/28 11:58:35 | 000,198,736 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2016/03/28 11:58:35 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msmsgs.cat
[2016/03/28 11:58:35 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mstsweb.cat
[2016/03/28 11:58:34 | 002,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nt5.cat
[2016/03/28 11:58:33 | 000,034,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sniffpol.dll
[2016/03/28 11:58:33 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sstub.dll
[2016/03/28 11:58:32 | 000,279,040 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tshoot.dll
[2016/03/28 11:58:28 | 000,460,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\micross.ttf
[2016/03/28 11:58:28 | 000,383,140 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tahoma.ttf
[2016/03/28 11:58:28 | 000,355,436 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tahomabd.ttf
[2016/03/28 11:58:26 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2016/03/28 11:58:23 | 000,252,928 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compatui.dll
[2016/03/28 11:58:22 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\dllcache\devenum.dll
[2016/03/28 11:58:21 | 000,053,840 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dosx.exe
[2016/03/28 11:58:14 | 000,035,328 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2016/03/28 11:58:13 | 000,148,992 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax
[2016/03/28 11:58:13 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
[2016/03/28 11:58:07 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\dllcache\odbcconf.rsp
[2016/03/28 11:58:05 | 001,287,680 | ---- | C] () -- C:\WINDOWS\System32\dllcache\quartz.dll
[2016/03/28 11:58:05 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2016/03/28 11:58:05 | 000,562,176 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedit.dll
[2016/03/28 11:58:05 | 000,385,024 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdvd.dll
[2016/03/28 11:58:05 | 000,279,040 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdv.dll
[2016/03/28 11:58:05 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qcap.dll
[2016/03/28 11:58:05 | 000,003,338 | ---- | C] () -- C:\WINDOWS\System32\dllcache\redir.exe
[2016/03/28 11:57:53 | 000,009,424 | ---- | C] () -- C:\WINDOWS\System32\dllcache\drvmain.sdb
[2016/03/28 11:57:48 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2016/03/28 10:56:38 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2016/03/28 10:56:38 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2016/03/28 10:56:38 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2016/03/28 10:56:38 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2016/03/28 10:56:38 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2016/03/27 21:25:42 | 000,000,382 | ---- | C] () -- C:\WINDOWS\tasks\Opera scheduled Autoupdate 1459085101.job
[2016/03/27 21:25:32 | 000,000,675 | ---- | C] () -- C:\Documents and Settings\sf\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2016/03/27 21:25:32 | 000,000,675 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Opera.lnk
[2016/03/27 21:25:32 | 000,000,675 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2016/03/27 20:02:40 | 000,000,575 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2016/03/26 15:31:49 | 000,524,850 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa
[2016/03/26 15:31:49 | 000,058,675 | ---- | C] () -- C:\WINDOWS\System32\igxpxk32.vp
[2016/03/26 15:31:49 | 000,018,496 | ---- | C] () -- C:\WINDOWS\System32\igxpxs32.vp
[2016/03/26 15:31:49 | 000,000,900 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.vp
[2016/03/26 11:51:47 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2016/03/25 23:26:46 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\sf\Desktop\VEW.exe
[2016/03/25 22:15:54 | 001,530,368 | ---- | C] () -- C:\Documents and Settings\sf\Desktop\adwcleaner_5.105.exe
[2016/03/24 21:14:38 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\sf\Desktop\SpeedFan.lnk
[2016/03/24 21:14:16 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2016/03/07 10:44:42 | 000,001,473 | ---- | C] () -- C:\Documents and Settings\sf\Application Data\Microsoft\Internet Explorer\Quick Launch\WPS Writer.lnk
[2016/02/07 18:00:07 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2016/02/07 17:10:11 | 001,180,048 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2016/02/07 17:10:11 | 000,048,288 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2015/10/25 19:14:26 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\DriverCoInstaller.dll
[2015/09/19 21:53:36 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\Lagarith.dll
[2015/09/19 21:53:33 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2015/09/19 21:53:33 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2015/08/22 05:49:14 | 000,000,289 | ---- | C] () -- C:\Documents and Settings\sf\Application Data\FotoSketcher.ini
[2015/07/24 14:07:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2014/10/17 23:26:02 | 000,945,683 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1085031214-688789844-1343024091-1003-0.dat
[2014/10/17 23:25:57 | 000,113,618 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2014/10/02 03:58:55 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2014/10/02 03:56:14 | 000,118,336 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/10/01 21:27:46 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/10/01 20:46:05 | 000,105,984 | ---- | C] () -- C:\Documents and Settings\sf\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/10/01 20:18:38 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2014/10/01 20:09:48 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== ZeroAccess Check ==========

[2012/11/29 14:02:44 | 000,000,227 | ---- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2004/08/04 20:00:00 | 001,483,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2004/08/04 20:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2004/08/04 20:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:16EAB5F6

< End of report >

OTL Extras logfile created on: 4/1/2016 8:42:28 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\sf\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

494.42 Mb Total Physical Memory | 140.79 Mb Available Physical Memory | 28.48% Memory free
1.13 Gb Paging File | 0.79 Gb Available in Paging File | 70.06% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 11.57 Gb Free Space | 59.24% Space Free | Partition Type: NTFS
Drive D: | 29.29 Gb Total Space | 5.29 Gb Free Space | 18.04% Space Free | Partition Type: NTFS
Drive E: | 29.29 Gb Total Space | 2.95 Gb Free Space | 10.08% Space Free | Partition Type: NTFS
Drive F: | 33.66 Gb Total Space | 3.33 Gb Free Space | 9.90% Space Free | Partition Type: NTFS

Computer Name: SS | User Name: sf | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files\Opera\Launcher.exe (Opera Software)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = OperaStable] -- C:\Program Files\Opera\Launcher.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1" (Applian Technologies Inc)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1" (Applian Technologies Inc)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"F:\Microsoft Age of Empires - Rise of Rome\AOE\Empires.exe" = F:\Microsoft Age of Empires - Rise of Rome\AOE\Empires.exe:*:Disabled:Age of Empires -- (Microsoft Corporation)
"F:\Microsoft Age of Empires - Rise of Rome\AOE\EMPIRESX.EXE" = F:\Microsoft Age of Empires - Rise of Rome\AOE\EMPIRESX.EXE:*:Disabled:Age of Empires, the Rise of Rome -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"E:\Microsoft Age of Empires - Rise of Rome\Microsoft Age of Empires - Rise of Rome\AOE\EMPIRESX.EXE" = E:\Microsoft Age of Empires - Rise of Rome\Microsoft Age of Empires - Rise of Rome\AOE\EMPIRESX.EXE:*:Enabled:Age of Empires, the Rise of Rome -- (Microsoft Corporation)
"C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe" = C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe:*:Enabled:VSDC Free Video Editor -- (Flash-Integro LLC)
"C:\Program Files\FlashIntegro\VideoEditor\Updater.exe" = C:\Program Files\FlashIntegro\VideoEditor\Updater.exe:*:Enabled:VSDC Free Video Editor Updater -- (Flash-Integro LLC)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox) -- (Mozilla Corporation)
"C:\Program Files\pandasecuritytb\dtuser.exe" = C:\Program Files\pandasecuritytb\dtuser.exe:*:Enabled:Panda Security Toolbar DTX Broker
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\pandasecuritytb\cleanupie.exe" = C:\Program Files\pandasecuritytb\cleanupie.exe:*:Enabled:Panda Security Toolbar IE Cleaner -- (Visicom Media Inc)
"C:\Program Files\pandasecuritytb\ToolbarCleaner.exe" = C:\Program Files\pandasecuritytb\ToolbarCleaner.exe:*:Enabled:ToolbarCleaner -- (Visicom Media Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{0FD155A3-DF78-43ee-84B0-3CC86BA962F2}_is1" = Sothink Video Converter
"{10E4121C-8181-4217-8DA9-6CD38DDC34F9}_is1" = Microsoft .NET Framework 2.0 Client Profile Basic SP2 Version 1.0.1.22
"{18D47FA1-0440-48D3-A7E0-DA09537FF471}" = Apple Mobile Device Support
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}" = iTunes
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6F30B469-5ED7-4734-8252-B9BC962A2AB3}" = PCIxx20
"{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}" = mIWCA
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{949F1EA1-D3E2-472E-BC7C-CB72374C0E55}" = Panda Devices Agent
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support
"{B0C5249A-E603-450A-B19A-D9989D24C855}}_is1" = FreeSizer v.1.0.0
"{C69E2F05-BEBD-4E57-9808-9B0CA3A2590C}" = Panda Free Antivirus
"{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}" = mToolkit
"{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1" = FotoSketcher 3.10
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 15.14
"iMacsoft iPhone Photo to PC Transfer" = iMacsoft iPhone Photo to PC Transfer
"InstallShield_{6F30B469-5ED7-4734-8252-B9BC962A2AB3}" = Texas Instruments PCIxx20 drivers.
"lavfilters_is1" = LAV Filters 0.51.3
"Mozilla Firefox 45.0.1 (x86 en-US)" = Mozilla Firefox 45.0.1 (x86 en-US)
"NingPo MahJong Deluxe 1.04" = NingPo MahJong Deluxe 1.04
"Opera 34.0.2036.50" = Opera Stable 34.0.2036.50
"Panda Devices Agent" = Panda Devices Agent
"Panda Universal Agent Endpoint" = Panda Free Antivirus
"pandasecuritytb" = Panda Security Toolbar
"PhotoBulk_is1" = PhotoBulk 1.0.257
"PhotoToolkit_is1" = Photo! Editor 1.1
"ProInst" = Intel® PROSet/Wireless Software
"SpeedFan" = SpeedFan (remove only)
"VSDC Free Video Editor_is1" = VSDC Free Video Editor version 3.3.0.394
"WIC" = Windows Imaging Component
"Windows XP Service Pack" = Windows XP Service Pack 3

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"WPS Office" = WPS Office (9.1.0.4746)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3/25/2016 11:26:50 PM | Computer Name = SS | Source = MsiInstaller | ID = 10005
Description = Product: iTunes -- iTunes requires that your computer is running Windows
7 or newer.

Error - 3/25/2016 11:32:17 PM | Computer Name = SS | Source = MsiInstaller | ID = 10005
Description = Product: iTunes -- iTunes requires that your computer is running Windows
7 or newer.

Error - 3/26/2016 4:25:58 AM | Computer Name = SS | Source = MsiInstaller | ID = 10005
Description = Product: iTunes -- iTunes requires that your computer is running Windows
7 or newer.

Error - 3/28/2016 1:19:09 PM | Computer Name = SS | Source = LoadPerf | ID = 3001
Description = The performance counter name string value in the registry is incorrectly
formatted.
The bogus string is 2764, the bogus index value is the first DWORD in Data section
while the last valid index values are the second and third DWORD in Data section.

Error - 3/28/2016 1:19:09 PM | Computer Name = SS | Source = LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The Error code is the first DWORD in Data section.

Error - 3/28/2016 1:19:12 PM | Computer Name = SS | Source = LoadPerf | ID = 3001
Description = The performance counter name string value in the registry is incorrectly
formatted.
The bogus string is 2764, the bogus index value is the first DWORD in Data section
while the last valid index values are the second and third DWORD in Data section.

Error - 4/1/2016 8:11:06 AM | Computer Name = SS | Source = MsiInstaller | ID = 11722
Description = Product: Panda Devices Agent -- Error 1722. There is a problem with
this Windows Installer package. A program run as part of the setup did not finish
as expected. Contact your support personnel or package vendor. Action PSI_UPGHLP_Exec_Upgrade_PrepareUpgrade,
location: C:\WINDOWS\TEMP\{DDE3DECA-9139-4A39-9276-143ECA1DB75E}\, command: "C:\WINDOWS\TEMP\{DDE3DECA-9139-4A39-9276-143ECA1DB75E}\UpgHlp.exe"
/PrepareUpgrade

[ System Events ]
Error - 3/25/2016 11:44:39 AM | Computer Name = SS | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Apple Mobile Device service
to connect.

Error - 3/25/2016 11:44:39 AM | Computer Name = SS | Source = Service Control Manager | ID = 7000
Description = The Apple Mobile Device service failed to start due to the following
error: %%1053

Error - 3/26/2016 2:34:24 AM | Computer Name = SS | Source = Service Control Manager | ID = 7034
Description = The aunhelper service terminated unexpectedly. It has done this 1
time(s).

Error - 3/26/2016 3:18:29 AM | Computer Name = SS | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 3/26/2016 3:18:42 AM | Computer Name = SS | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 3/26/2016 3:18:51 AM | Computer Name = SS | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 3/26/2016 3:18:58 AM | Computer Name = SS | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

< End of report >

#41
RKinner

Posted 01 April 2016 - 07:54 AM

Malware Expert

Expert
24,625 posts

I vaguely remember that running the uninstall for SP3 was needed after a System Restore so go ahead and let it uninstall.

Your panda is complaining about some upgrade not installing. That may be slowing you down.

Error - 4/1/2016 8:11:06 AM | Computer Name = SS | Source = MsiInstaller | ID = 11722
Description = Product: Panda Devices Agent -- Error 1722. There is a problem with
this Windows Installer package. A program run as part of the setup did not finish
as expected. Contact your support personnel or package vendor. Action PSI_UPGHLP_Exec_Upgrade_PrepareUpgrade,
location: C:\WINDOWS\TEMP\{DDE3DECA-9139-4A39-9276-143ECA1DB75E}\, command: "C:\WINDOWS\TEMP\{DDE3DECA-9139-4A39-9276-143ECA1DB75E}\UpgHlp.exe"
/PrepareUpgrade

If it's still slow after running a disk check and uninstalling SP3 run a process explorer log and let's see what is happening:

Get Process Explorer

http://live.sysinter...com/procexp.exe

Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK

Options, Verify Image Signatures

Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a full minute then:

File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.

#42
evolutionpill

Posted 01 April 2016 - 09:41 PM

Member

Topic Starter
Member
127 posts

Hi

1. For a second time I uninstalled sp3, the add/remove was a full uninstall, upon reboot a number of Windows opened from hardware wizard installation, one for Ethernet controller, network controller, multimedia controller, mass storage controller.

I have no internet access on my pc, and my usb ports not working, Iam unable to send the procexp.exe log, nor download sp3

#43
evolutionpill

Posted 01 April 2016 - 09:45 PM

Member

Topic Starter
Member
127 posts

in your previous post you mentioned panda is complaint about installation not working , how do I resolve that.

#44
RKinner

Posted 02 April 2016 - 06:45 AM

Malware Expert

Expert
24,625 posts

Panda error is easy. Just download a new copy, uninstall the old and reboot. However the aftermath of the SP3 uninstall makes that difficult. I think a system restore back to a time before the SP3 install would be your best bet.