Analyzing...
|
File Name:   CW_Hack_v4.exe
SHA1:   fd77baf232ade882483e4971649c8e8dbfb90e53
MD5:   98e718b353a21ef563c7613beabe9bd0
First Seen Date:  2015-10-26 20:13:35.920000 ( )
Number of Clients Seen:   8
Last Analysis Date:  2016-04-09 16:15:50.263178 ( )
Human Expert Analysis Date:  2016-03-05 08:50:50.035851 ( )Human Expert Analysis Result:   PUA
Analysis Summary
Analysis Type | Date | Verdict | |
---|---|---|---|
Signature Based Detection | 2016-04-09 16:15:50.263178 | Malware | |
Static Analysis Overall Verdict | 2016-04-09 16:15:50.263178 | Highly Suspicious | |
Dynamic Analysis Overall Verdict | 2016-04-09 16:15:50.263178 | Highly Suspicious | |
Human Expert Analysis Overall Verdict | 2016-03-05 08:50:50.035851 | PUA |
Static Analysis
Static Analysis Overall Verdict | Result |
---|---|
Highly Suspicious |
Detector | Result | |
---|---|---|
Optional Header LoaderFlags field is valued illegal | Clean | |
Non-ascii or empty section names detected | Clean | |
Illegal size of optional Header | Clean | |
Optional Header NumberOfRvaAndSizes field is valued illegal | Clean | |
Based on the sections entropy check! file is possibly packed | Suspicious | |
Timestamp value suspicious | Clean | |
Header Checksum is zero! | Suspicious | |
Enrty point is outside the 1st(.code) section! Binary is possibly packed | Suspicious | |
Packer detection on signature database | Unknown | help |
Anti-vm present | Clean | |
The Size Of Raw data is valued illegal! Binary might crash your disassembler/debugger | Suspicious | |
TLS callback functions array detected | Suspicious |
Dynamic Analysis
Dynamic Analysis Overall Verdict | Result |
---|---|
Highly Suspicious |
Suspicious Behaviors | |
---|---|
Has no visible windows |
Behavioral Information
C:\Windows\system32\ole32.dll
C:\Windows\syswow64\MSCTF.dll
comctl32.dll
UxTheme.dll
OLEAUT32.DLL
ADVAPI32.dll
SHELL32.dll
wmp.dll
uxtheme.dll
shell32.dll
imageres.dll
imm32.dll
C:\sample
OLEACCRC.DLL
KERNEL32.DLL
COMCTL32.dll
COMDLG32.dll
GDI32.dll
gdiplus.dll
imagehlp.dll
IMM32.dll
lua5.1.dll
MSIMG32.dll
NETAPI32.dll
ole32.dll
OLEACC.dll
OLEAUT32.dll
oledlg.dll
SHLWAPI.dll
urlmon.dll
USER32.dll
VERSION.dll
WINMM.dll
WINSPOOL.DRV
C:\Windows\system32\dwmapi.dll
propsys.dll
ntmarta.dll
API-MS-Win-Core-LocalRegistry-L1-1-0.dll
API-MS-Win-Security-LSALookup-L1-1-0.dll
C:\Users\win7\AppData\Local\Temp\_ir_sf_temp_0\Unicode.lmd
kernel32
user32
C:\Users\win7\AppData\Local\Temp\_ir_sf_temp_0\UnicodeENU.dll
C:\Users\win7\AppData\Local\Temp\_ir_sf_temp_0\UnicodeLOC.dll
SspiCli.dll
WS2_32.DLL
API-MS-Win-Security-SDDL-L1-1-0.dll
WS2_32.dll
C:\Windows\System32\shdocvw.dll
PROPSYS.dll
Secur32.dll
API-MS-WIN-DOWNLEVEL-SHLWAPI-L1-1-0.DLL
api-ms-win-downlevel-advapi32-l2-1-0.dll
WININET.dll
wininet.dll
api-ms-win-downlevel-ole32-l1-1-0.dll
winhttp.dll
api-ms-win-downlevel-shlwapi-l2-1-0.dll
IPHLPAPI.DLL
CRYPTBASE.dll
dhcpcsvc.DLL
DNSAPI.dll
Comctl32.dll
C:\Windows\system32\ws2_32
COMCTL32.DLL
CRYPTSP.dll
kernel32.dll
RPCRT4.dll
SHFOLDER
C:\Windows\system32\odbcint.dll
MSVCRT.DLL
api-ms-win-core-synch-l1-2-0
api-ms-win-core-fibers-l1-1-1
advapi32
api-ms-win-core-localization-l1-2-1
api-ms-win-core-string-l1-1-0
api-ms-win-core-datetime-l1-1-1
api-ms-win-core-localization-obsolete-l1-2-0
api-ms-win-appmodel-runtime-l1-1-1
ext-ms-win-kernel32-package-current-l1-1-0
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
mscoree.dll
ntdll
advapi32.dll
C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
RichEd20.dll
mscorsec.dll
WINTRUST.DLL
C:\Windows\syswow64\CRYPT32.dll
ncrypt.dll
C:\Windows\SysWOW64\bcryptprimitives.dll
bcrypt.dll
USERENV.dll
cryptnet.dll
C:\Windows\system32\cryptnet.dll
SensApi.dll
WINHTTP.dll
ntdll.dll
NSI.dll
CFGMGR32.dll
API-MS-WIN-Service-Management-L1-1-0.dll
API-MS-WIN-Service-Management-L2-1-0.dll
API-MS-WIN-Service-winsvc-L1-1-0.dll
profapi.dll
Kernel32.dll
wtsapi32.dll
WINSTA.dll
C:\Users\win7\AppData\Local\Temp\nsjB14A.tmp\nsSessionSIDW.dll
C:\Users\win7\AppData\Local\Temp\nsjB14A.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsjB14A.tmp\nsProcess.dll
NTDLL.DLL
C:\Users\win7\AppData\Local\Temp\nsjB14A.tmp\LangDLL.dll
RichEd20
C:\Users\win7\AppData\Local\Temp\nsjB14A.tmp\nsEnvVariables.dll
C:\Users\win7\AppData\Local\Temp\nsjB14A.tmp\InstallOptions.dll
C:\Users\win7\AppData\Local\Temp\nsjB14A.tmp\linker.dll
C:\Windows\system32\urlmon.dll
C:\Windows\system32\riched20.dll
C:\Windows\system32\kernel32.dll
comdlg32.dll
gdi32.dll
msvcrt.dll
setupapi.dll
shlwapi.dll
C:\Windows\System32\msxml3r.dll
SXS.DLL
winmm.dll
msi.dll
C:\Windows\system32\browseui.dll
ADVAPI32.DLL
C:\Users\win7\AppData\Local\Temp\is-K3HOL.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-K3HOL.tmp\sample.EN
C:\Users\win7\AppData\Local\Temp\is-C4O3O.tmp\_isetup\_shfoldr.dll
shfolder.dll
Rstrtmgr.dll
C:\Windows\system32\imageres.dll
C:\Windows\system32\shell32.dll
C:\Windows\system32\shlwapi.dll
MSFTEDIT.DLL
COMCTL32
KERNEL32
oleaut32.dll
user32.dll
version.dll
wsock32.dll
olepro32.dll
msimg32.dll
URLMON.DLL
C:\Windows\Microsoft.NET\Framework\v2.0.50727\ole32.dll
AdvApi32.dll
C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\12dc10e5c0e8d176cf21a16a6fc5fc3b\Microsoft.VisualBasic.ni.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5a401fd2a7689ff13fb54182953f9c40\System.Drawing.ni.dll
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6949c4470a81970ec3de0a575d93babc\System.Windows.Forms.ni.dll
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0967cf5c31691f38d013263304d2dacb\System.Runtime.Remoting.ni.dll
C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\uxtheme.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\Gdiplus.dll
C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18834_none_72d38c5186679d48\gdiplus.dll
C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\oleaut32.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\culture.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\en-US\mscorrc.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\en\mscorrc.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
WindowsCodecs.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
riched32.dll
riched20.dll
MSHTML.dll
C:\Windows\system32\UXTHEME.dll
C:\Windows\system32\USERENV.dll
C:\Windows\system32\SETUPAPI.dll
C:\Windows\system32\SHFOLDER.dll
onig.dll
C:\libhunspell.dll
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\explorer.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\calc.exe
DWMAPI.DLL
C:\Users\win7\AppData\Local\Temp\downloader.exe
ntshrui.dll
srvcli.dll
cscapi.dll
slc.dll
avifil32.dll
MsVfW32.dll
quartz.dll
shlwapi
Shell32
DCIMAN32.DLL
credui.dll
CRYPT32.dll
dwmapi.dll
WINTRUST.dll
C:\Windows\system32\dsound.dll
dnssd.dll
KERNEL32.dll
POWRPROF.dll
dbghelp.dll
C:\Users\win7\AppData\Local\Temp\nst24A.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nst24A.tmp\nsExec.dll
C:\Users\win7\AppData\Local\Temp\nsr8722.tmp\nsExec.dll
C:\Users\win7\AppData\Local\Temp\nsc1657.tmp\System.dll
Msi.DLL
C:\Windows\SysWOW64\OLE32.DLL
C:\Users\win7\AppData\Local\Temp\{3943BD48-91F4-4AF7-93C1-CCA84463D9E9}\ISSetup.dll
Ntdll.dll
C:\Windows\SysWOW64\TSAPPCMP.DLL
C:\Windows\SysWOW64\SHLWAPI.DLL
C:\Windows\SysWOW64\KERNEL32.DLL
MsiMsg.dll
C:\Windows\SysWOW64\ADVAPI32.DLL
C:\Windows\system32\msi.dll
C:\Windows\SysWOW64\APPHELP.DLL
C:\Windows\SysWOW64\VERSION.DLL
C:\Windows\SysWOW64\sxs.DLL
C:\Users\win7\AppData\Local\Temp\is-R0V3M.tmp\_isetup\_shfoldr.dll
mshtml.dll
IEFRAME.dll
MLANG.dll
msls31.dll
d2d1.dll
DWrite.dll
dxgi.dll
C:\DXGIDebug.dll
C:\Windows\system32\DXGIDebug.dll
d3d11.dll
D3D10Warp.dll
C:\Windows\system32\D3D10Warp.dll
UIAutomationCore.dll
C:\Windows\system32\WINMM.dll
MMDevAPI.DLL
wdmaud.drv
MMDEVAPI.DLL
SETUPAPI.dll
AUDIOSES.DLL
msacm32.drv
midimap.dll
cfgmgr32.dll
C:\Windows\SysWOW64\ieframe.dll
security.dll
Advapi32.dll
iphlpapi.dll
C:\Windows\system32\wer.dll
werui.dll
DUI70.dll
DUser.dll
C:\Windows\system32\DUser.dll
C:\Windows\system32\RICHED20.DLL
C:\Windows\system32\xmllite.dll
secur32.dll
C:\Users\win7\AppData\Local\Temp\is-I1FC2.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-I1FC2.tmp\sample.EN
C:\Users\win7\AppData\Local\Temp\is-OG679.tmp\_isetup\_shfoldr.dll
C:\Users\win7\AppData\Local\Temp\is-OG679.tmp\idp.dll
C:\Users\win7\AppData\Local\Temp\is-OG679.tmp\innocallback.dll
C:\Users\win7\AppData\Local\Temp\is-OG679.tmp\innocallback.ENU
C:\Users\win7\AppData\Local\Temp\is-OG679.tmp\innocallback.EN
C:\Users\win7\AppData\Local\Temp\is-OG679.tmp\isslideshow.dll
C:\Users\win7\AppData\Local\Temp\is-OG679.tmp\isslideshow.ENU
C:\Users\win7\AppData\Local\Temp\is-OG679.tmp\isslideshow.EN
RICHED32.DLL
C:\Users\win7\AppData\Local\Temp\is-OG679.tmp\ISDone.dll
C:\Users\win7\AppData\Local\Temp\nsc41A0.tmp\System.dll
C:\cbEngine.dll
C:\Windows\system32\asycfilt.dll
Normaliz.dll
XmlLite.dll
POWRPROF.DLL
Cabinet.dll
DEVRTL.dll
C:\Windows\System32\msxml6r.dll
C:\Users\win7\AppData\Local\Temp\is-S13V6.tmp\_isetup\_shfoldr.dll
C:\Users\win7\AppData\Local\Temp\is-H30DO.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-H30DO.tmp\sample.EN
NTDLL.dll
C:\Windows\system32\DBGHELP.DLL
C:\\en\wlsres.dll
C:\\en\wlsres.thm
C:\\en\wlsres.mui
C:\\en\wlsres.dll.mui
C:\\en\wlsres.exe.mui
C:\\en\wlsres.exe
C:\\wlsres.dll
C:\\wlsres.thm
C:\\wlsres.mui
C:\\wlsres.dll.mui
C:\\wlsres.exe.mui
C:\\wlsres.exe
C:\Users\win7\AppData\Local\Temp\is-Q3425.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-Q3425.tmp\sample.EN
C:\Users\win7\AppData\Local\Temp\nsf614B.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\is-A82UH.tmp\_isetup\_shfoldr.dll
RICHED20.DLL
C:\Users\win7\AppData\Local\Temp\nso5E59.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nso5E59.tmp\CityHash.dll
wiatrace.dll
HPScanUI.dll
C:\Program Files\Internet Explorer\IEXPLORE.EXE
Shell32.dll
\realplay.exe
C:\Users\win7\AppData\Local\Temp\rninst~0\ui_data\inst_config\compat.dll
C:\Users\win7\AppData\Local\Temp\nszE04B.tmp\mIRC.dll
C:\Users\win7\AppData\Local\Temp\nszE04B.tmp\UAC.dll
ADVAPI32
ShlWAPI
SECUR32
C:\Users\win7\AppData\Local\Temp\nszE04B.tmp\AccessControl.dll
C:\Users\win7\AppData\Local\Temp\nszE04B.tmp\System.dll
C:\Windows\system32\RichEd20.dll
C:\Users\win7\AppData\Local\Temp\nszE04B.tmp\InstallOptions.dll
C:\Users\win7\AppData\Local\Temp\nsd19D4.tmp\System.dll
RASMONTR.DLL
NSHWFP.DLL
DHCPCMONITOR.DLL
Dhcpcsvc.dll
Dhcpqec.dll
WSHELPER.DLL
NSHHTTP.DLL
FWCFG.DLL
AUTHFWCFG.DLL
IFMON.DLL
NETIOHLP.DLL
WHHELPER.DLL
HNETMON.DLL
RPCNSH.DLL
DOT3CFG.DLL
NAPMONTR.DLL
NSHIPSEC.DLL
C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcm80.dll
C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\MSVCR80.dll
C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\ntdll.dll
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
C:\Windows\system32\Synsoacc.dll
C:\Windows\SYSTEM32\DRIVERS\SynUSB64.sys
SYNSOACC.DLL
RichEd20.DLL
C:\Windows\system32\RichEd20.DLL
C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\shell32.dll
C:\Windows\system32\ntdll.dll
C:\Users\win7\AppData\Local\Temp\is-C6BO7.tmp\_isetup\_shfoldr.dll
ieframe.dll
Winspool.drv
MPR.dll
Msimg32.dll
User32.dll
SetupAPI.dll
Netapi32.dll
C:\Windows\system32\version.dll
C:\Windows\system32\atl.dll
C:\Windows\system32\ntmarta.dll
C:\Windows\system32\winmm.dll
C:\Windows\system32\powrprof.dll
C:\Windows\system32\d3d9.dll
C:\Windows\system32\d3d8thk.dll
C:\Windows\system32\mscms.dll
C:\Windows\system32\userenv.dll
C:\Windows\system32\profapi.dll
C:\Windows\system32\ieframe.dll
C:\Windows\system32\oleacc.dll
C:\Windows\system32\oleaccrc.dll
C:\Windows\system32\dbghelp.dll
C:\Windows\system32\uxtheme.dll
C:\Windows\system32\Shell32.dll
C:\Users\win7\AppData\Local\Temp\{675C5CE2-6EE8-43AB-BABA-9F60D98A9FDD}\fpb.tmp
C:\Users\win7\AppData\Local\Temp\{C911BCC1-C4EF-475F-9CEE-F29F92103D86}\fpb.tmp
C:\Windows\system32\Advapi32.dll
C:\Windows\system32\Msimg32.dll
atl.dll
C:\Users\win7\AppData\Local\Temp\nst232.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nst232.tmp\ExecCmd.dll
C:\Users\win7\AppData\Local\Temp\nsm7228.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsm7228.tmp\UserInfo.dll
C:\Users\win7\AppData\Local\Temp\nsm7228.tmp\g\gtapi_signed
C:\Users\win7\AppData\Local\Temp\nsm7228.tmp\g\gcapi_dll
C:\Users\win7\AppData\Local\Temp\nsm7228.tmp\ButtonEvent.dll
C:\Users\win7\AppData\Local\Temp\nsm7228.tmp\nsDialogs.dll
C:\Users\win7\AppData\Local\Temp\nsm7228.tmp\g\pfWWW
C:\Users\win7\AppData\Local\Temp\is-BLOTU.tmp\_isetup\_shfoldr.dll
C:\Users\win7\AppData\Local\Temp\is-BLOTU.tmp\_isetup\_isdecmp.dll
Msftedit.dll
D3D9.dll
C:\Windows\system32\EhStorShell.dll
C:\Windows\system32\ntshrui.dll
c:\windows\system32\imageres.dll
dSound.dll
C:\Windows\system32\dSound.dll
C:\Windows\system32\sfc.dll
C:\Users\win7\AppData\Local\Temp\VideoPad-2636-1\ffmpeg19.exe
C:\sampleENU.dll
C:\sampleLOC.dll
C:\Users\win7\AppData\Local\Temp\nshE312.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nshE312.tmp\CityHash.dll
Riched20.dll
C:\Windows\SysWOW64\msls31.dll
C:\Users\win7\AppData\Local\Temp\nsj27BC.tmp\InstallOptions.dll
netutils.dll
Kernel32.DLL
C:\English\Strings.dll
C:\Windows\system32\DSOUND.dll
iertutil.dll
C:\Users\win7\AppData\Local\Temp\nsoD439.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsoD439.tmp\InetLoad_vms.dll
C:\Users\win7\AppData\Local\Temp\nsoD439.tmp\InstallOptions.dll
ywiseextU
C:\CFVS_I~1.EXE
C:\DLL_LO~1.EXE
C:\Procmon.exe
C:\PROGRA~2\COMMON~1\MICROS~1\ink\mip.exe
C:\PROGRA~2\COMMON~1\MICROS~1\MSInfo\msinfo32.exe
C:\PROGRA~2\INTERN~1\ieinstal.exe
C:\PROGRA~2\INTERN~1\ielowutil.exe
C:\PROGRA~2\INTERN~1\iexplore.exe
C:\PROGRA~2\WINDOW~1\wab.exe
C:\PROGRA~2\WINDOW~1\wabmig.exe
C:\PROGRA~2\WINDOW~1\WinMail.exe
C:\PROGRA~2\WINDOW~2\ACCESS~1\wordpad.exe
C:\PROGRA~2\WINDOW~4\ImagingDevices.exe
C:\PROGRA~2\WI4223~1\sidebar.exe
C:\PROGRA~3\PACKAG~1\{050D4~1\VCREDI~1.EXE
C:\PROGRA~3\PACKAG~1\{F65DB~1\VCREDI~1.EXE
C:\Python27\Lib\DISTUT~1\command\WININS~1.EXE
C:\Python27\Lib\DISTUT~1\command\WININS~2.EXE
C:\Python27\Lib\DISTUT~1\command\WININS~3.EXE
C:\Python27\Lib\DISTUT~1\command\WININS~4.EXE
C:\Python27\Lib\DISTUT~1\command\WI02EA~1.EXE
C:\Python27\Lib\SITE-P~1\pip\_vendor\distlib\t32.exe
C:\Python27\Lib\SITE-P~1\pip\_vendor\distlib\t64.exe
C:\Python27\Lib\SITE-P~1\pip\_vendor\distlib\w32.exe
C:\Python27\Lib\SITE-P~1\pip\_vendor\distlib\w64.exe
C:\Python27\Lib\SITE-P~1\SETUPT~1\cli-32.exe
C:\Python27\Lib\SITE-P~1\SETUPT~1\cli-64.exe
C:\Python27\Lib\SITE-P~1\SETUPT~1\CLI-AR~1.EXE
C:\Python27\Lib\SITE-P~1\SETUPT~1\cli.exe
C:\Python27\Lib\SITE-P~1\SETUPT~1\gui-32.exe
C:\Python27\Lib\SITE-P~1\SETUPT~1\gui-64.exe
C:\Python27\Lib\SITE-P~1\SETUPT~1\GUI-AR~1.EXE
C:\Python27\Lib\SITE-P~1\SETUPT~1\gui.exe
C:\Python27\Scripts\EASY_I~2.EXE
C:\Python27\Scripts\EASY_I~1.EXE
C:\Python27\Scripts\pip.exe
C:\Python27\Scripts\PIP27~1.EXE
C:\Python27\Scripts\pip2.exe
C:\Users\win7\AppData\Local\Temp\is-VOOG6.tmp\_isetup\_shfoldr.dll
PSAPI.DLL
C:\Users\win7\AppData\Local\Temp\{391B7029-655F-4AEF-97FF-88A8B896C1E9}\_Setup.dll
C:\Users\win7\AppData\Local\Temp\{391B7029-655F-4AEF-97FF-88A8B896C1E9}\Disk1\ISSetup.dll
C:\Users\win7\AppData\Local\Temp\{97937B9A-FE7E-404E-B872-F21F4B2A208E}\{53DE4FAD-F853-44F3-AC39-AD2940E5DD53}\ISRT.dll
C:\Users\win7\AppData\Local\Temp\{97937B9A-FE7E-404E-B872-F21F4B2A208E}\{53DE4FAD-F853-44F3-AC39-AD2940E5DD53}\_isres.dll
C:\Windows\system32\AppHelp.dll
C:\Users\win7\AppData\Local\Temp\{391B7029-655F-4AEF-97FF-88A8B896C1E9}\Disk1\data1.hdr
C:\Users\win7\AppData\Local\Temp\{97937B9A-FE7E-404E-B872-F21F4B2A208E}\{53DE4FAD-F853-44F3-AC39-AD2940E5DD53}\MFS2Instutil.dll
C:\Windows\system32\AdvApi32.dll
C:\Windows\system32\Msi.dll
feclient.dll
C:\Users\win7\AppData\Local\Temp\nss2452.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nss2452.tmp\UserInfo.dll
C:\Users\win7\AppData\Local\Temp\nss2452.tmp\AdvSplash.dll
C:\Users\win7\AppData\Local\Temp\nss2452.tmp\KillProcDLL.dll
C:\Users\win7\AppData\Local\Temp\nss2452.tmp\NSIS_HTTPRequest.dll
C:\Users\win7\AppData\Local\Temp\nss2452.tmp\nsDialogs.dll
atlthunk.dll
C:\Users\win7\AppData\Local\Temp\is-VS13Q.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-VS13Q.tmp\sample.EN
C:\Users\win7\AppData\Local\Temp\nsw7FCC.tmp\nsDialogs.dll
C:\Users\win7\AppData\Local\Temp\nsw7FCC.tmp\System.dll
USP10.dll
crypt32
MSISIP.DLL
C:\Windows\syswow64\crypt32.DLL
C:\Windows\SysWOW64\wshext.dll
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\pwrshsip.dll
C:\Users\win7\AppData\Local\Temp\nsw7FCC.tmp\SimpleFC.dll
C:\Users\win7\AppData\Local\Temp\nsw7FCC.tmp\SimpleFC.ENU
C:\Users\win7\AppData\Local\Temp\nsw7FCC.tmp\SimpleFC.EN
USER32.DLL
tib_mounter.dll
api-ms-win-core-sysinfo-l1-2-1
C:\Windows\SysWOW64\SHELL32.DLL
C:\Windows\SysWOW64\NETAPI32.DLL
crypt32.dll
C:\Windows\SysWOW64\cryptnet.dll
C:\Users\win7\AppData\Local\Temp\is-UGJKE.tmp\_isetup\_shfoldr.dll
C:\Users\win7\AppData\Local\Temp\nsu2769.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsu2769.tmp\UAC.dll
AdvAPI32
C:\Users\win7\AppData\Local\Temp\nsu2769.tmp\InstallOptions.dll
propsys
Comctl32
mscms.dll
icm32.dll
bamainlib.dll
C:\Users\win7\AppData\Local\Temp\is-4HJAN.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-4HJAN.tmp\sample.EN
C:\Users\win7\AppData\Local\Temp\is-HOS2H.tmp\_isetup\_shfoldr.dll
Crypt32.dll
C:\Users\win7\AppData\Local\Temp\{7C029707-4E9A-470A-AADA-703787A937A1}\Disk1\ISSetup.dll
C:\Users\win7\AppData\Local\Temp\{7C029707-4E9A-470A-AADA-703787A937A1}\_Setup.dll
C:\Users\win7\AppData\Local\Temp\{DBEA4094-3E7D-4157-A2D5-4A732706A9C8}\{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}\ISRT.dll
C:\Users\win7\AppData\Local\Temp\{DBEA4094-3E7D-4157-A2D5-4A732706A9C8}\{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}\_isres.dll
C:\Users\win7\AppData\Local\Temp\{7C029707-4E9A-470A-AADA-703787A937A1}\Disk1\data1.hdr
C:\Users\win7\AppData\Local\Temp\{DBEA4094-3E7D-4157-A2D5-4A732706A9C8}\{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}\_ISRes.dll
C:\vnclang.dll
d3d9
C:\Users\win7\AppData\Local\Temp\27E7832D\unpack.dll
C:\Windows\system32\CRTDLL.DLL
C:\Users\win7\AppData\Local\Temp\27E7832D\sample\plugins\0\StdUI.dll
C:\Users\win7\AppData\Local\Temp\27E7832D\sample\plugins\0\StdUI.ENU
C:\Users\win7\AppData\Local\Temp\27E7832D\sample\plugins\0\StdUI.EN
C:\Windows\system32\STDOLE2.TLB
C:\Windows\system32\MSVBVM60.DLL
C:\Windows\system32\mscomctl.ocx
C:\Windows\system32\MSWINSCK.OCX
winspool.drv
%SystemRoot%\System32\hhctrl.ocx
hhctrl.ocx
C:\Windows\system32\advapi32.dll
C:\Users\win7\AppData\Local\Temp\nsiD66B.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsiD66B.tmp\nsExec.dll
IMM32.DLL
tapi32.dll
psapi.dll
NETAPI32.DLL
C:\Users\win7\AppData\Local\Temp\7zS10A5.tmp\pstubxx.exe
C:\Users\win7\AppData\Local\Temp\nscAD33.tmp\System.dll
C:\Windows\system32\VBoxMRXNP.dll
C:\Windows\System32\drprov.dll
C:\Windows\System32\ntlanman.dll
C:\Windows\System32\davclnt.dll
c:\python27\dlls\py.ico
C:\CFVS_Injector.exe
C:\DLL_Loader.exe
MSACM32.dll
C:\Users\win7\AppData\Local\Temp\is-EQOGG.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-EQOGG.tmp\sample.EN
Ole32.dll
bd.dll
C:\Windows\SysWOW64\gameux.dll
MSVBVM60.DLL
Version.dll
C:\Users\win7\AppData\Local\Temp\SSESTART\Setup.exe
ole32
VERSION.DLL
C:\Users\win7\AppData\Local\Temp\nshD82B.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nshD82B.tmp\nsDialogs.dll
C:\Users\win7\AppData\Local\Temp\nshD82B.tmp\LockedList.dll
C:\Windows\System32\smss.exe
C:\Windows\System32\csrss.exe
C:\Windows\System32\wininit.exe
C:\Windows\System32\winlogon.exe
C:\Windows\System32\services.exe
C:\Windows\System32\lsass.exe
C:\Windows\System32\lsm.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\VBoxService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\sppsvc.exe
C:\Windows\System32\SearchIndexer.exe
C:\Windows\System32\dwm.exe
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Windows\System32\conhost.exe
C:\Python27\python.exe
C:\Windows\System32\taskhost.exe
C:\Windows\System32\dllhost.exe
C:\Windows\System32\cmd.exe
C:\Windows\Downloaded Program Files\JuniperSetupClient64.ocx
C:\Users\win7\AppData\Local\Temp\nsu8779.tmp\System.dll
C:\Windows\System32\Shell32.dll
MSVCR90.dll
C:\zlib.pyd
C:\Users\win7\AppData\Local\Temp\{391B75F5-6733-4AEF-BFD8-84A8B896C1E9}\ISSetup.dll
C:\Windows\SysWOW64\MSCOREE.DLL
C:\Windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
C:\Windows\SysWOW64\NTDLL.DLL
APPHELP.DLL
C:\Users\win7\AppData\Local\Temp\{391B75F5-6733-4AEF-BFD8-84A8B896C1E9}\reg4S.msi
C:\Users\win7\AppData\Local\Temp\{97937BFE-5F33-426A-9C72-F21F4A2A208E}\ISRT.dll
C:\Users\win7\AppData\Local\Temp\{97937BFE-5F33-426A-9C72-F21F4A2A208E}\_isres_0x0804.dll
C:\Users\win7\AppData\Local\Temp\nsjB919.tmp\LangDLL.dll
C:\Users\win7\AppData\Local\Temp\nsjB919.tmp\System.dll
netapi32
C:\Users\win7\AppData\Local\Temp\nsjB919.tmp\UAC.dll
C:\Users\win7\AppData\Local\Temp\nsjB919.tmp\GraphicalInstaller.dll
C:\Users\win7\AppData\Local\Temp\nsjB919.tmp\Math.dll
C:\Users\win7\AppData\Local\Temp\nsjB919.tmp\nsDialogs.dll
C:\Users\win7\AppData\Local\Temp\nsjB919.tmp\nsResize.dll
C:\Windows\system32\wbem\xml\wmi2xml.dll
C:\Users\win7\AppData\Local\Temp\nse762F.tmp\ButtonEvent.dll
C:\Users\win7\AppData\Local\Temp\nse762F.tmp\nsDialogs.dll
C:\Users\win7\AppData\Local\Temp\nse762F.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nse762F.tmp\nsExec.dll
C:\Users\win7\AppData\Local\Temp\is-0PR8U.tmp\_isetup\_shfoldr.dll
msdmo.dll
msvfw32.dll
msrle32.dll
msvidc32.dll
msyuv.dll
iyuv_32.dll
tsbyuv.dll
iccvid.dll
msacm32.dll
imaadp32.acm
msg711.acm
msgsm32.acm
msadp32.acm
t "C:\Users\win7\AppData\Local\Temp\McCSPInstall.dll"
C:\Users\win7\AppData\Local\Temp\nspDAFC.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\McCSPInstall.dll
cmdhtml.dll
d3d10_1.dll
shcore.dll
uiautomationcore.dll
dwrite.dll
UXTHEME.DLL
C:\Users\win7\AppData\Local\Temp\comodoccav_temp_setup\DXGIDebug.dll
xul.dll
C:\Windows\system32\VB6ES.DLL
C:\Users\win7\AppData\Local\Temp\{7C5A5A01-BA31-4712-8E81-703787A937A1}\_Setup.dll
C:\Temp\NVIDIA\3DVision\ISSetup.dll
C:\Users\win7\AppData\Local\Temp\{D7840700-AB5E-44D7-8E3F-E9C3DC215D62}\{13C5D420-CAE2-11D4-B34D-00105A1C23DD}\ISRT.dll
C:\Users\win7\AppData\Local\Temp\{D7840700-AB5E-44D7-8E3F-E9C3DC215D62}\{13C5D420-CAE2-11D4-B34D-00105A1C23DD}\_isres.dll
C:\Users\win7\AppData\Local\Temp\{D7840700-AB5E-44D7-8E3F-E9C3DC215D62}\{13C5D420-CAE2-11D4-B34D-00105A1C23DD}\_isuser.dll
C:\Temp\NVIDIA\3DVision\data1.hdr
C:\Users\win7\AppData\Local\Temp\{D7840700-AB5E-44D7-8E3F-E9C3DC215D62}\{13C5D420-CAE2-11D4-B34D-00105A1C23DD}\NVINSTNT.DLL
C:\Users\win7\AppData\Local\Temp\{D7840700-AB5E-44A1-8E3F-E9C3DC215D62}\{13C5D420-CAE2-11D4-B34D-00105A1C23DD}\ISRT.dll
C:\Users\win7\AppData\Local\Temp\{D7840700-AB5E-44A1-8E3F-E9C3DC215D62}\{13C5D420-CAE2-11D4-B34D-00105A1C23DD}\_isres.dll
C:\Users\win7\AppData\Local\Temp\{D7840700-AB5E-44A1-8E3F-E9C3DC215D62}\{13C5D420-CAE2-11D4-B34D-00105A1C23DD}\_isuser.dll
C:\Users\win7\AppData\Local\Temp\{D7840700-AB5E-44A1-8E3F-E9C3DC215D62}\{13C5D420-CAE2-11D4-B34D-00105A1C23DD}\NVINSTNT.DLL
C:\Users\win7\AppData\Local\Temp\{D7840700-AB5E-44A1-8E3F-E9C3DC215D62}\{13C5D420-CAE2-11D4-B34D-00105A1C23DD}\_ISRes.dll
iphlpapi
C:\Windows\system32\KERNEL32.DLL
C:\\spark.exe
ws2_32.dll
C:\Users\win7\AppData\Local\Temp\000a3826.a
C:\Users\win7\AppData\Local\Temp\000a3f98.a
jscript9.dll
C:\Users\win7\AppData\Local\Temp\nsf1E94.tmp\DXGIDebug.dll
api-ms-win-core-winrt-l1-1-0.dll
C:\Users\win7\AppData\Local\Temp\nsf1E94.tmp\nsArray.dll
C:\Users\win7\AppData\Local\Temp\nsf1E94.tmp\NSISdl.dll
C:\Users\win7\AppData\Local\Temp\nsyB98D.tmp\InstallOptions.dll
ddraw.dll
dsound.dll
PProcDLL.dll
Wship6.dll
URL.DLL
C:\Windows\system32\Msimtf.dll
rpcrt4.dll
C:\Users\win7\AppData\Local\Temp\nsj1FF9.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\mia4D20.tmp\RP255DriverInstaller.ENU
C:\Users\win7\AppData\Local\Temp\mia4D20.tmp\RP255DriverInstaller.EN
Shlwapi.dll
C:\Users\win7\AppData\Local\Temp\mia4D20.tmp\mia.lib
C:\Windows\Winhlp32.exe
PScript.dll
C:\Users\win7\AppData\Local\Temp\nsw31B4.tmp\System.dll
C:\Windows\SysWOW64\wscript.exe
newdev.dll
C:/Users/win7/AppData/Local/Temp/TCL9CAC.tmp
shell32
C:\Users\win7\AppData\Local\Temp\Opera_installer_2016462832778.dll
C:\Users\win7\AppData\Local\Temp\is-TDCLD.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-TDCLD.tmp\sample.EN
C:\Users\win7\AppData\Local\Temp\is-S3QTL.tmp\_isetup\_shfoldr.dll
MFC42.DLL
MSVCRT.dll
OLEPRO32.DLL
C:\Users\win7\AppData\Local\Temp\is-QIE5C.tmp\_isetup\_shfoldr.dll
C:\Windows\syswow64\KERNELBASE.dll
C:\Users\win7\AppData\Local\Temp\nstE4E2.tmp\nsProcess.dll
C:\Users\win7\AppData\Local\Temp\nstE4E2.tmp\ShellLink.dll
C:\Users\win7\AppData\Local\Temp\nslC593.tmp\LangDLL.dll
C:\Users\win7\AppData\Local\Temp\nslC593.tmp\Aero.dll
Dwmapi.dll
C:\Users\win7\AppData\Local\Temp\nslC593.tmp\nsDialogs.dll
C:\Users\win7\AppData\Local\Temp\nslC593.tmp\nsis7z.dll
C:\Users\win7\AppData\Local\Temp\nslC593.tmp\nsProcess.dll
InterfaceEpson.dll
C:\Users\win7\AppData\Local\Temp\nszB6C3.tmp\AdvSplash.dll
C:\Users\win7\AppData\Local\Temp\nszB6C3.tmp\Aero.dll
C:\Users\win7\AppData\Local\Temp\nszB6C3.tmp\nsDialogs.dll
C:\Users\win7\AppData\Local\Temp\nszB6C3.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nszB6C3.tmp\nsWeb.dll
C:\Users\win7\AppData\Local\Temp\nsc997B.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsc997B.tmp\CityHash.dll
C:\Users\win7\AppData\Local\Temp\.zylomisrtemp1459968880\gtb\GTAPI.DLL
shdocvw.dll
GFWLIVESetupStub.exe
C:\Windows\system32\MSI.DLL
C:\Windows\system32\mscoree.dll
C:\Windows\Microsoft.NET\Framework\\v4.0.30319\mscorlib.dll
C:\Windows\Microsoft.NET\Framework\\v2.0.50727\mscorlib.dll
wintrust.dll
C:\Windows\syswow64\crypt32.dll
C:\Users\win7\AppData\Local\Temp\is-8TPLN.tmp\_isetup\_shfoldr.dll
NETMSG
VBoxDisp.dll
mscat32.dll
C:\Windows\system32\Kernel32.dll
C:\Users\win7\AppData\Local\Temp\nsdC64.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsz417F.tmp\System.dll
C:\WBDHD44I.DLL
lsm.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\drivers\pacer.sys
fwpuclnt.dll
pnrpsvc.dll
C:\Windows\system32\pnrpsvc.dll
AzRoles.dll
fxsresm.dll
cscsvc.dll
C:\Windows\system32\cscsvc.dll
C:\Windows\system32\iphlpsvc.dll
C:\Windows\system32\umpo.dll
HTTPAPI.DLL
NetLogon.dll
drt.dll
C:\Windows\system32\drivers\ndis.sys
PeerDistSvc.dll
C:\Windows\system32\PeerDistSvc.dll
WsmRes.dll
tbssvc.dll
C:\Windows\system32\tbssvc.dll
SHELL32.DLL
C:\Users\win7\AppData\Local\Temp\nsbBADC.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\is-8THHP.tmp\_isetup\_shfoldr.dll
mswsock.dll
C:\Users\win7\AppData\Local\Temp\nsg2A72.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsg2A72.tmp\InstallOptions.dll
C:\Users\win7\AppData\Local\Temp\nsb62C6.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsb62C6.tmp\CityHash.dll
C:\Users\win7\AppData\Local\Temp\is-MUR9B.tmp\OCSetupHlp.dll
C:\Users\win7\AppData\Local\Temp\is-MUR9B.tmp\GCountry.dll
wship6.dll
C:\Users\win7\AppData\Local\Temp\nst480C.tmp\LangDLL.dll
C:\Users\win7\AppData\Local\Temp\nst480C.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nst480C.tmp\NSISdl.dll
C:\Program Files\CrossCert\CrossCertWeb v2.0\AxCrossCert.dll
C:\Users\win7\AppData\Local\Temp\nst480C.tmp\InstallOptions.dll
Iphlpapi.dll
C:\\chrome.dll
HydraEnu.dll
C:\Windows\system32\user32.dll
ExceptionDumpDll.dll
C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18834_none_72d38c5186679d48\GDIPLUS.DLL
C:\Users\win7\AppData\Local\Temp\is-ANUC4.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-ANUC4.tmp\sample.EN
C:\Users\win7\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Silverlight\sllauncher.exe
OLEACC.DLL
C:\Windows\system32\Oleacc.dll
C:\Windows\SysWOW64\DDRAW.dll
C:\Windows\SysWOW64\jscript9.dll
C:\Windows\system32\mfc42.dll
C:\Windows\system32\msvcrt.dll
C:\Windows\system32\wininet.dll
C:\Windows\system32\ws2_32.dll
DBGHELP.DLL
C:\Windows\system32\wintrust.dll
C:\Users\win7\AppData\Local\Temp\GUM2D7E.tmp\goopdate.dll
C:\Users\win7\AppData\Local\Temp\GUM2D7E.tmp\goopdateres_en.dll
C:\Users\win7\AppData\Local\Temp\is-VFDLN.tmp\_isetup\_shfoldr.dll
MsftEdit.dll
netid.dll
srrstr.dll
C:\Windows\system32\remotepg.dll
sysdm.cpl
C:\Users\win7\AppData\Roaming\PlotSoft LLC\PDFill PDF Editor with FREE Writer and FREE Tools\install\decoder.dll
C:\Users\win7\AppData\Local\Temp\nslC847.tmp\registry.dll
C:\Users\win7\AppData\Local\Temp\nslC847.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\\ADInsightDll.dll
Wintrust.dll
C:\Users\win7\AppData\Local\Temp\nsh67BC.tmp\ButtonEvent.dll
C:\Users\win7\AppData\Local\Temp\nsh67BC.tmp\nsDialogs.dll
C:\Users\win7\AppData\Local\Temp\nsh67BC.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\is-G9JNT.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-G9JNT.tmp\sample.EN
C:\Users\win7\AppData\Local\Temp\is-M8OMU.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-M8OMU.tmp\sample.EN
C:\Users\win7\AppData\Local\Temp\is-0CL8A.tmp\_isetup\_shfoldr.dll
WSOCK32.dll
gdi32
oleacc.dll
cryptui.dll
C:\Users\win7\AppData\Local\Temp\DefaultPackOffer.dll
C:\rarlng.dll
C:\Users\win7\AppData\Local\Temp\000a92e8.a
C:\Users\win7\AppData\Local\Temp\000a9922.a
C:\Windows\system32\ExplorerFrame.dll
OLEAUT32
C:\Windows\system32\cryptsp.dll
C:\Windows\system32\setupapi.dll
C:\Windows\system32\clbcatq.dll
C:\Windows\system32\wsock32.dll
C:\Windows\system32\winnsi.dll
C:\Windows\system32\psapi.dll
C:\Windows\system32\iphlpapi.dll
C:\Windows\system32\slc.dll
C:\Windows\system32\gpapi.dll
C:\Windows\system32\hnetcfg.dll
C:\Windows\system32\dnsapi.dll
C:\Windows\system32\rasman.dll
C:\Windows\system32\rasapi32.dll
C:\Windows\system32\sensapi.dll
C:\Windows\system32\rasadhlp.dll
C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
C:\Windows\system32\msasn1.dll
C:\Windows\system32\crypt32.dll
C:\Windows\system32\propsys.dll
C:\Windows\system32\secur32.dll
C:\Windows\system32\pcacli.dll
C:\Windows\system32\devrtl.dll
C:\Windows\system32\apphelp.dll
C:\Windows\system32\dinput8.dll
C:\Windows\system32\sxs.dll
C:\Windows\system32\rpcrtremote.dll
C:\Windows\system32\schannel.dll
C:\Users\win7\AppData\Local\Temp\{45A532C6-C520-425D-AC0A-E5BC4EFBFB10}\fpb.tmp
C:\Users\win7\AppData\Local\Temp\{7525BD1B-F47E-49A8-B05E-0D0463F62F92}\fpb.tmp
dinput8.dll
Kernel32
C:\Users\win7\AppData\Local\Temp\nsz9DAD.tmp\LangDLL.dll
C:\Users\win7\AppData\Local\Temp\nsz9DAD.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsz9DAD.tmp\pixality.dll
C:\Users\win7\AppData\Local\Temp\nsz9DAD.tmp\UserInfo.dll
C:\Users\win7\AppData\Local\Temp\nsz9DAD.tmp\nsDialogs.dll
C:\Users\win7\AppData\Local\Temp\nshD405.tmp\LangDLL.dll
C:\Users\win7\AppData\Local\Temp\nshD405.tmp\Aero.dll
C:\Users\win7\AppData\Local\Temp\nshD405.tmp\BrandingURL.dll
C:\Users\win7\AppData\Local\Temp\nshD405.tmp\nsDialogs.dll
C:\Users\win7\AppData\Local\Temp\nshD405.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nshD405.tmp\CustomLicense.dll
C:\Users\win7\AppData\Local\Temp\nshD405.tmp\ToolTips.dll
c:\program files\internet explorer\iexplore.exe
FastMM_FullDebugMode.dll
C:\Users\win7\AppData\Local\Temp\000be643.a
C:\Users\win7\AppData\Local\Temp\000bee61.a
C:\PYTHON27.DLL
C:\Users\win7\AppData\Local\Temp\nsh9734.tmp\AdvSplash.dll
C:\Users\win7\AppData\Local\Temp\nsh9734.tmp\InstallOptions.dll
C:\Users\win7\AppData\Local\Temp\nsh9734.tmp\FontName.dll
C:\Users\win7\AppData\Local\Temp\nsh9734.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\is-VTV4A.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-VTV4A.tmp\sample.EN
C:\facompress.dll
C:\facompress_mt.dll
C:\Users\win7\AppData\Local\Temp\{A145AABC-0B25-4940-A087-A59DCB79EE7E}\fpb.tmp
C:\Users\win7\AppData\Local\Temp\{D04AC0E4-8BC6-43FC-A3CF-DF9B461B3EC0}\fpb.tmp
sperr32.exe
Msi.dll
CABINET
comctl32
C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll
C:\Program Files\Alwil Software\Avast5\ashBase.dll
C:\Program Files\Alwil Software\Avast5\defs\FFFFFFFF\aswCmnBS.dll
uxtheme
C:\Users\win7\AppData\Local\Temp\7ZipSfx.000\Opera.dll
C:\Users\win7\AppData\Local\Temp\nst34CF.tmp\LangDLL.dll
C:\Users\win7\AppData\Local\Temp\nst34CF.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nst34CF.tmp\InstallOptions.dll
C:\Users\win7\AppData\Local\Temp\is-NO3AF.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-NO3AF.tmp\sample.EN
C:\Users\win7\AppData\Local\Temp\is-RHGRT.tmp\_isetup\_shfoldr.dll
C:\Users\win7\AppData\Local\Temp\is-RHGRT.tmp\Certificate.dll
C:\Users\win7\AppData\Local\Temp\is-54A3G.tmp\OCSetupHlp.dll
C:\Users\win7\AppData\Local\Temp\is-54A3G.tmp\GCountry.dll
C:\Users\win7\AppData\Local\Temp\is-VIF8R.tmp\_isetup\_shfoldr.dll
C:\Users\win7\AppData\Local\Temp\is-VIF8R.tmp\innocallback.dll
C:\Users\win7\AppData\Local\Temp\is-VIF8R.tmp\innocallback.ENU
C:\Users\win7\AppData\Local\Temp\is-VIF8R.tmp\innocallback.EN
C:\Users\win7\AppData\Local\Temp\is-VIF8R.tmp\isslideshow.dll
C:\Users\win7\AppData\Local\Temp\is-VIF8R.tmp\isslideshow.ENU
C:\Users\win7\AppData\Local\Temp\is-VIF8R.tmp\isslideshow.EN
C:\Users\win7\AppData\Local\Temp\is-VIF8R.tmp\ISDone.dll
C:\Users\win7\AppData\Local\Temp\is-VIF8R.tmp\wintb.dll
C:\Users\win7\AppData\Local\Temp\is-VIF8R.tmp\CallbackCtrl.dll
C:\Users\win7\AppData\Local\Temp\is-VIF8R.tmp\iswin7.dll
Ntdll
C:\Users\win7\AppData\Local\Temp\is-VIF8R.tmp\botva2.dll
GDIPlus
C:\Users\win7\AppData\Local\Temp\nsq9FEA.tmp\AlexaToolbar.dll
C:\Users\win7\AppData\Local\Temp\nsq9FEA.tmp\InstallOptions.dll
AdvApi32
C:\Users\win7\AppData\Local\Temp\nsf10F8.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsf10F8.tmp\ExecCmd.dll
Msctf.dll
C:\Users\win7\AppData\Local\Temp\nsrDBD0.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsrDBD0.tmp\UAC.dll
C:\Users\win7\AppData\Local\Temp\nsrDBD0.tmp\nsDialogs.dll
C:\Users\win7\AppData\Local\Temp\nsrDBD0.tmp\InetBgDL.dll
C:\Users\win7\AppData\Local\Temp\nsrDBD0.tmp\CertCheck.dll
C:\Users\win7\AppData\Local\Temp\is-2S15M.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-2S15M.tmp\sample.EN
C:\proj.dll
COMDLG32.DLL
C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\bcrypt.dll
C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\rasapi32.dll
rasapi32.dll
C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\ws2_32.dll
RASMAN.DLL
rtutils.dll
C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\winhttp.dll
C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\iphlpapi.dll
C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\shell32.dll
C:\Users\win7\AppData\Local\Temp\is-HHQ59.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-HHQ59.tmp\sample.EN
C:\Users\win7\AppData\Local\Temp\is-0PLIU.tmp\_isetup\_shfoldr.dll
C:\Users\win7\AppData\Local\Temp\is-0PLIU.tmp\ISDone.dll
C:\Users\win7\AppData\Local\Temp\is-0PLIU.tmp\isskin.dll
C:\Users\win7\AppData\Local\Temp\is-0PLIU.tmp\b2p.dll
C:\Users\win7\AppData\Local\Temp\is-0PLIU.tmp\botva2.dll
C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18834_none_72d38c5186679d48\GDIPlus.DLL
C:\Users\win7\AppData\Local\Temp\is-HHQ59.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-0PLIU.tmp\skin.tm
C:\Users\win7\AppData\Local\Temp\is-0PLIU.tmp\CallbackCtrl.dll
DbgHelp.dll
C:\strings.dll
SHFolder.dll
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\99cdfef98595ed91f14936cf52a49c54\System.Management.ni.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\\wminet_utils.dll
C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\oleaut32.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\OLEAUT32.dll
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\007fc007edc388d9806dff94ee04f129\System.Configuration.ni.dll
Wtsapi32.dll
C:\vnclang_server.dll
User32
C:\Users\win7\AppData\Local\Temp\nsq2139.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsq2139.tmp\UAC.dll
C:\Users\win7\AppData\Local\Temp\nsq2139.tmp\InstallOptions.dll
avicap32.dll
gui.dll
C:\Windows\system32\IconCodecService.dll
C:\GFXFileManager.dll
C:\Users\win7\AppData\Local\Temp\is-KUF6D.tmp\_isetup\_shfoldr.dll
MediaDico4UtDll.Dll
C:\Users\win7\AppData\Local\Temp\nsd1A01.tmp\LangDLL.dll
C:\Users\win7\AppData\Local\Temp\nsd1A01.tmp\nsDialogs.dll
C:\Users\win7\AppData\Local\Temp\nsd1A01.tmp\System.dll
Urlmon.dll
C:\Users\win7\AppData\Local\Temp\nsqC85C.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsqC85C.tmp\InstOpt.dll
C:\Windows\system32\CRTDLL.dll
svcs.dll
comsvcs.dll
commonlib.dll
fnsSkinx.dll
ImgUtil.dll
C:\Users\win7\AppData\Local\Temp\DXGIDebug.dll
C:\Windows\SysWOW64\urlmon.dll
NTDLL
SSPICLI
1025\HotFixInstallerUI.dll
1028\HotFixInstallerUI.dll
1029\HotFixInstallerUI.dll
1030\HotFixInstallerUI.dll
1031\HotFixInstallerUI.dll
1032\HotFixInstallerUI.dll
1033\HotFixInstallerUI.dll
1035\HotFixInstallerUI.dll
1036\HotFixInstallerUI.dll
1037\HotFixInstallerUI.dll
1038\HotFixInstallerUI.dll
1040\HotFixInstallerUI.dll
1041\HotFixInstallerUI.dll
1042\HotFixInstallerUI.dll
1043\HotFixInstallerUI.dll
1044\HotFixInstallerUI.dll
1045\HotFixInstallerUI.dll
1046\HotFixInstallerUI.dll
1049\HotFixInstallerUI.dll
1053\HotFixInstallerUI.dll
1055\HotFixInstallerUI.dll
2052\HotFixInstallerUI.dll
2070\HotFixInstallerUI.dll
3076\HotFixInstallerUI.dll
3082\HotFixInstallerUI.dll
<NULL>
C:\Users\win7\AppData\Local\Temp\is-TDM1M.tmp\_isetup\_shfoldr.dll
C:\mmkeybsupp.dll
sfc.dll
dnsapi.dll
C:\Windows\system32\usp10.dll
C:\Windows\system32\imm32.dll
C:\Windows\system32\winbrand.dll
C:\Windows\Branding\Basebrd\Basebrd.dll
C:\Windows\SysWOW64\dxdiagn.dll
C:\Windows\system32\ddraw.dll
D3DREF9.DLL
C:\Users\win7\AppData\Local\Temp\tf00294823.dll
IPHLPAPI.dll
URLMON.dll
OLE32.dll
Fwpuclnt.dll
C:\Users\win7\AppData\Local\Temp\nsqEF0D.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsqEF0D.tmp\nsDialogs.dll
C:\Users\win7\AppData\Local\Temp\nsqEF0D.tmp\registry.dll
C:\Users\win7\AppData\Local\Temp\nsqEF0D.tmp\Math.dll
C:\Users\win7\AppData\Local\Temp\nsqEF0D.tmp\blowfish.dll
C:\Users\win7\AppData\Local\Temp\nsqEF0D.tmp\UserInfo.dll
C:\Users\win7\AppData\Local\Temp\nsqEF0D.tmp\GetVersion.dll
C:\Windows\system32\mshtml.dll
C:\Users\win7\AppData\Local\Temp\nsqEF0D.tmp\manlib.dll
C:\Users\win7\AppData\Local\Temp\\oDZbpbzhYpdwsluFWctA.DLL
C:\Users\win7\AppData\Local\Temp\\iRnekTkSLeTEAZMXPaSt.DLL
C:\Users\win7\AppData\Local\Temp\\PykEoRvxxB.DLL
D3DIM700.DLL
bass.dll
WLDAP32.dll
T2EMBED.DLL
GDI32.DLL
C:\Users\win7\AppData\Local\Temp\dsNcAdmin_inst.dll
C:\Users\win7\AppData\Local\Temp\is-K6KH7.tmp\_isetup\_shfoldr.dll
libnspr4.dll
nss3.dll
nssutil3.dll
smime3.dll
C:\Users\win7\AppData\Local\Temp\nsyF632.tmp\kgptighzy.dll
C:\Users\win7\AppData\Local\Temp\nsyF632.tmp\cudnuhnhq.dll
C:\Users\win7\AppData\Local\Temp\nsyF632.tmp\tabal.dll
C:\Users\win7\AppData\Local\Temp\nsyF632.tmp\iuqligddt.dll
C:\Users\win7\AppData\Local\Temp\nsyF632.tmp\urxsia.dll
C:\Users\win7\AppData\Local\Temp\nsyF632.tmp\ckblhyra.dll
C:\Users\win7\AppData\Local\Temp\nsyF632.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsyF632.tmp\qqdnfm.dll
C:\Users\win7\AppData\Local\Temp\nsc72D3.tmp\InstallOptions.dll
C:\Users\win7\AppData\Local\Temp\is-K2999.tmp\_isetup\_shfoldr.dll
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\abecd46ce0b212dad31a9e8f9adf073f\System.EnterpriseServices.ni.dll
easyhook32.dll
C:\Users\win7\AppData\Local\Temp\{441F2C4A-C520-425D-AC0A-E5BC4FFBF010}\fpb.tmp
C:\Users\win7\AppData\Local\Temp\{749FA387-F47E-49A8-B05E-0D0463F62F92}\fpb.tmp
C:\Windows\system32\CRYPTNET.dll
Versions\1.0\Adobe AIR.dll
C:\Users\win7\AppData\Local\Temp\AIRDAF7.tmp\Install PyxelEdit.exe
C:\shell32.dll
C:\Users\win7\AppData\Local\Temp\System.Data.SQLite.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\VERSION.dll
C:\Users\win7\AppData\Local\Temp\is-JMVBD.tmp\_isetup\_shfoldr.dll
C:\Users\win7\AppData\Local\Temp\is-SGKRM.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-SGKRM.tmp\sample.EN
C:\Users\win7\AppData\Local\Temp\is-987E2.tmp\_isetup\_shfoldr.dll
C:\Users\win7\AppData\Local\Temp\is-987E2.tmp\InstallerExtensions.dll
pythondll
C:\Users\win7\AppData\Local\Temp\nsr4AAB.tmp\UAC.dll
C:\Users\win7\AppData\Local\Temp\nsr4AAB.tmp\LangDLL.dll
C:\Users\win7\AppData\Local\Temp\nsr4AAB.tmp\AdvSplash.dll
C:\Users\win7\AppData\Local\Temp\nsr4AAB.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsr4AAB.tmp\UserInfo.dll
C:\Users\win7\AppData\Local\Temp\nsr4AAB.tmp\InstallOptions.dll
C:\idmvs.dll
Connect.dll
RASAPI32
OPENGL32
C:\Users\win7\AppData\Local\Temp\is-3BSP7.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-3BSP7.tmp\sample.EN
C:\Users\win7\AppData\Local\Temp\is-AGITE.tmp\_isetup\_shfoldr.dll
C:\Users\win7\AppData\Local\Temp\is-AGITE.tmp\itdownload.dll
C:\Users\win7\AppData\Local\Temp\is-AGITE.tmp\itdownload.ENU
C:\Users\win7\AppData\Local\Temp\is-AGITE.tmp\itdownload.EN
C:\Users\win7\AppData\Local\Temp\is-AGITE.tmp\muid.dll
C:\Windows\system32\dbgHelp.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
C:\Windows\system32\WINSTA.dll
C:\Windows\system32\WTSAPI32.dll
C:\Windows\system32\wkscli.dll
C:\Windows\system32\srvcli.dll
C:\Windows\system32\netutils.dll
C:\Windows\system32\NETAPI32.dll
C:\Windows\system32\MSIMG32.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\COMCTL32.dll
C:\Windows\system32\DNSAPI.dll
C:\Windows\system32\version.DLL
C:\CFVS_HookDll.dll
C:\Windows\syswow64\CRYPTBASE.dll
C:\Windows\syswow64\SspiCli.dll
C:\Users\win7\AppData\Local\Temp\nsq39BE.tmp\Banner.dll
C:\Users\win7\AppData\Local\Temp\nsq39BE.tmp\KPTool.dll
C:\Users\win7\AppData\Local\Temp\nsq39BE.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsq39BE.tmp\NSISdl.dll
C:\Users\win7\AppData\Local\Temp\nsq39BE.tmp\inetc.dll
C:\Users\win7\AppData\Local\Temp\nsl5781.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsl5781.tmp\StdUtils.dll
C:\Users\win7\AppData\Local\Temp\nsl5781.tmp\UAC.dll
USER32
C:\Users\win7\AppData\Local\Temp\nsl5781.tmp\nsislog.dll
C:\Users\win7\AppData\Local\Temp\nsl5781.tmp\nsislog.ENU
C:\Users\win7\AppData\Local\Temp\nsl5781.tmp\nsislog.EN
netapi32.dll
pstorec.dll
userenv.dll
C:\Users\win7\AppData\Local\Temp\is-FFPN5.tmp\_isetup\_shfoldr.dll
C:\Users\win7\AppData\Local\Temp\is-B4F1N.tmp\_isetup\_shfoldr.dll
C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\psapi.dll
C:\Users\win7\AppData\Local\Temp\is-GH4O8.tmp\_isetup\_shfoldr.dll
C:\Users\win7\AppData\Local\Temp\is-GH4O8.tmp\CallbackCtrl.dll
C:\Users\win7\AppData\Local\Temp\is-GH4O8.tmp\isskin.dll
C:\Users\win7\AppData\Local\Temp\is-GH4O8.tmp\ISDone.dll
C:\Users\win7\AppData\Local\Temp\is-4M4D8.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-GH4O8.tmp\skin.cjstyles
C:\Users\win7\AppData\Local\Temp\is-GH4O8.tmp\b2p.dll
C:\Users\win7\AppData\Local\Temp\is-GH4O8.tmp\botva2.dll
psapi.DLL
C:\Windows\SysWOW64\psapi.dll
shlwapi.DLL
C:\Windows\System32\ntoskrnl.exe
C:\Windows\System32\imageres.dll
OpenGL32.DLL
inetmib1.dll
mpr.dll
Wininet.dll
C:\YSearchUtil.dll
C:\Users\win7\AppData\Local\Temp\RarSFX0\Binaries\ChromeInstaller.exe
C:\Windows\SysWOW64\USER32.DLL
AVICAP32.DLL
powrprof.dll
C:\Users\win7\AppData\Local\Temp\7W8YDR\utility.dll
C:\Windows\system32\Macromed\Common\SwSupport.dll
C:\Windows\system32\Macromed\Shockwave\SwSupport.dll
C:\Windows\system32\Macromed\Flash\~SS3DF7.tmp
C:\Users\win7\AppData\Local\Temp\{44EC31C6-C520-425D-AC0A-E5BC4FFBFF10}\fpb.tmp
C:\Users\win7\AppData\Local\Temp\{746CBE1B-F47E-49A8-B05E-0D0463F62F92}\fpb.tmp
mtxoci.dll
oci.dll
C:\Windows\system32\comsvcs.dll
DnsApi.dll
C:\Users\win7\AppData\Local\Temp\xns30E7.tmp
C:\Users\win7\AppData\Local\Temp\InstTemp0\userinstall.dll
C:\Users\win7\AppData\Local\Temp\nssD05.tmp\System.dll
2052\VLearner_Resource_Standard.dll
C:\Windows\system32\mspaint.exe
C:\Windows\System32\mspaint.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\System32\notepad.exe
c:\windows\system32\mspaint.exe
c:\windows\system32\notepad.exe
C:\Users\win7\AppData\Local\Temp\nsq357.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsq357.tmp\nsExec.dll
C:\Users\win7\AppData\Local\Temp\is-D86PD.tmp\_isetup\_shfoldr.dll
C:\Users\win7\AppData\Local\Temp\is-D86PD.tmp\ISTask.dll
C:\Users\win7\AppData\Local\Temp\is-D86PD.tmp\ISTask.ENU
C:\Users\win7\AppData\Local\Temp\is-D86PD.tmp\ISTask.EN
C:\Users\win7\AppData\Local\Temp\is-T8C5G.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-T8C5G.tmp\sample.EN
C:\Windows\system32\jscript.dll
C:\Users\win7\AppData\Local\Temp\is-KEDMG.tmp\_isetup\_shfoldr.dll
C:\Windows\system32\nvapi.dll
@|_
@|`
@|h|_
C:\Users\win7\AppData\Local\Temp\is-E3PEK.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-E3PEK.tmp\sample.EN
C:\Users\win7\AppData\Local\Temp\is-GBRKE.tmp\_isetup\_shfoldr.dll
C:\Users\win7\AppData\Local\Temp\is-JPO5F.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-JPO5F.tmp\sample.EN
C:\Users\win7\AppData\Local\Temp\is-SDREL.tmp\_isetup\_shfoldr.dll
C:\Users\win7\AppData\Local\Temp\nsw2501.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsw2501.tmp\inetc.dll
C:\Users\win7\AppData\Local\Temp\nsw2501.tmp\nsDialogs.dll
MPR.DLL
C:\Users\win7\AppData\Local\Temp\nscABB7.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nscABB7.tmp\inetpost.dll
C:\Users\win7\AppData\Local\Temp\nscABB7.tmp\LangDLL.dll
C:\Users\win7\AppData\Local\Temp\nscABB7.tmp\nsDialogs.dll
C:\Users\win7\AppData\Local\Temp\nscABB7.tmp\UserInfo.dll
C:\Users\win7\AppData\Local\Temp\nscABB7.tmp\nsProcess.dll
oleaut32
C:\Users\win7\AppData\Local\Temp\FsmSetup\Install.ENU
C:\Users\win7\AppData\Local\Temp\FsmSetup\Install.EN
C:\AsusHook.dll
C:\Users\win7\AppData\Local\Temp\Tsu5ED29E38.dll
sxs.dll
rstrtmgr.dll
C:\Users\win7\AppData\Local\Temp\{07C171EC-5167-4901-ABEA-1945DC22531A}\_Setup.dll
C:\Users\win7\AppData\Local\Temp\{07C171EC-5167-4901-ABEA-1945DC22531A}\Custom.dll
msftedit.dll
C:\Users\win7\AppData\Local\Temp\nsg15CF.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsg15CF.tmp\CityHash.dll
C:\Users\win7\AppData\Local\Temp\dfsB0CA.tmp
C:\Users\win7\AppData\Local\Temp\shell32.dll
C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\comctl32.dll
C:\Users\win7\AppData\Local\Coowon\Update\1.3.33.0\coopdate.dll
C:\Users\win7\AppData\Local\Coowon\Update\1.3.33.0\psuser.dll
advpack.dll
C:\Windows\system32\DirectX\WebSetup\dsetup.dll
C:\Windows\system32\dsetup.dll
C:\Users\win7\AppData\Local\Temp\is-HGVFG.tmp\_isetup\_shfoldr.dll
netprofm.dll
C:\Windows\system32\symsrv.dll
C:\Users\win7\AppData\Local\Temp\is-UM4R5.tmp\_isetup\_shfoldr.dll
MFC42u.DLL
MSVCIRT.dll
C:\Users\win7\AppData\Local\Temp\is-4OAQS.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-4OAQS.tmp\sample.EN
C:\Users\win7\AppData\Local\Temp\is-K14KD.tmp\_isetup\_shfoldr.dll
C:\Users\win7\AppData\Local\Temp\is-K14KD.tmp\botva2.dll
C:\Users\win7\AppData\Local\Temp\is-K14KD.tmp\innocallback.dll
C:\Users\win7\AppData\Local\Temp\is-K14KD.tmp\innocallback.ENU
C:\Users\win7\AppData\Local\Temp\is-K14KD.tmp\innocallback.EN
C:\Users\win7\AppData\Local\Temp\is-K14KD.tmp\winmsgctrl.dll
MSVCP60.dll
RS3=Hptv
8QQ=Hptv
C:\Windows\syswow64\WININET.dll
C:\Windows\uxtheme.dll
gdiplus
C:\Users\win7\AppData\Local\Temp\nsy4BC0.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\is-TTNJI.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-TTNJI.tmp\sample.EN
C:\Users\win7\AppData\Local\Temp\nsn42FE.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nso8108.tmp\System.dll
C:\Windows\SysWOW64\timeout.exe
C:\Users\win7\AppData\Local\Temp\nsp69D.tmp\InstallOptions.dll
C:\Users\win7\AppData\Local\Temp\nsp69D.tmp\ShellExecAsUser.dll
C:\Windows\SysWOW64\SAGE.DLL
C:\Windows\system32\netmsg.dll
User32.DLL
HSInst.dll
C:\Users\win7\AppData\Local\Temp\is-UH93A.tmp\_isetup\_shfoldr.dll
C:\Users\win7\AppData\Local\Temp\is-UH93A.tmp\TempkillProcess.dll
C:\Users\win7\AppData\Local\Temp\is-UH93A.tmp\TempkillProcess.ENU
C:\Users\win7\AppData\Local\Temp\is-UH93A.tmp\TempkillProcess.EN
C:\Users\win7\AppData\Local\Temp\is-UH93A.tmp\KPByName.dll
C:\Users\win7\AppData\Local\Temp\is-C3OF7.tmp\_isetup\_shfoldr.dll
C:\Users\win7\AppData\Local\Temp\nsxB2CB.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsxB2CB.tmp\bass.dll
C:\Windows\System32\dsound.dll
mozglue.dll
C:\Users\win7\AppData\Local\Temp\nsf458B.tmp\System.dll
C:\Windows\system32\pidgen.dll
C:\PROGRA~2\WI54FB~1\pidgen.dll
C:\Users\win7\AppData\Local\Temp\nsj4C57.tmp\nsJSON.dll
C:\Users\win7\AppData\Local\Temp\nsj4C57.tmp\inetc.dll
UXTHEME
VBoxHook.dll
C:\Users\win7\AppData\Local\Temp\is-55OMA.tmp\_isetup\_shfoldr.dll
avrt.dll
DSOUND.DLL
d3d9.dll
DINPUT.DLL
HID.DLL
SETUPAPI.DLL
C:\Users\win7\AppData\Local\Temp\nsvAE2D.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\nsvAE2D.tmp\LangDLL.dll
C:\Users\win7\AppData\Local\Temp\nsvAE2D.tmp\InstallOptions.dll
C:\Users\win7\AppData\Local\Temp\nsq8893.tmp\nsDialogs.dll
C:\Users\win7\AppData\Local\Temp\nsq8893.tmp\System.dll
C:\Users\win7\AppData\Local\Temp\is-RP7AN.tmp\sample.ENU
C:\Users\win7\AppData\Local\Temp\is-RP7AN.tmp\sample.EN
C:\Users\win7\AppData\Local\Temp\is-012GE.tmp\_isetup\_shfoldr.dll
C:\Windows\system32\d3d11.dll
C:\Windows\system32\dxgi.dll
C:\Windows\system32\msvfw32.dll
C:\Windows\system32\Gdi32.dll
C:\Windows\system32\Avicap32.dll
C:\Windows\system32\quartz.dll
C:\Windows\system32\Magnification.dll
ws2_32
urlmon
C:\Users\win7\AppData\Local\Temp\GLCB296.tmp
C:\Users\win7\AppData\Local\Temp\GLKB2D5.tmp
SFC.DLL
SRCLIENT.DLL
\Install\gcapi_dll.dll
SetupApi.dll
C:\Windows\system32\McxDriv.dll
C:\Windows\System32\setupapi.dll
C:\Windows\system32\mmsys.cpl
C:\Windows\system32\mdminst.dll
C:\Windows\system32\SensorsCpl.dll
C:\Windows\System32\SysClass.DLL
C:\Windows\system32\NetCfgx.dll
C:\Windows\system32\sti_ci.dll
C:\Windows\System32\\imageres.dll
C:\Windows\system32\batt.dll
C:\Windows\system32\sccls.dll
C:\Windows\system32\AuxiliaryDisplayClassInstaller.dll
C:\Windows\system32\bthci.dll
SPINF.dll
C:\sample
C:\Windows\syswow64\MSCTF.dll
C:\Windows\syswow64\USER32.dll
C:\Users\win7\AppData\Local\Tem
C:\Users\win7\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
C:\Users\win7\AppData\Local\Temp\_ir_sf_temp_0\Unicode.lmd
C:\Windows\system32\propsys.dll
C:\Windows\SYSTEM32\MSCOREE.DLL
C:\Users\win7\AppData\Local\Temp\~nsu.tmp\Au_.exe
C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\MSVCR80.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
C:\Windows\system32\RichEd20.dll
C:\Windows\syswow64\CRYPT32.dll
C:\Windows\system32\cryptnet.dll
C:\Windows\system32\RichEd20.DLL
C:\Windows\system32\riched20.dll
C:\Users\win7\AppData\Local\Temp\nsl1957.tmp\webapp-uninstaller.exe
C:\Windows\System32\msxml3.dll
C:\Windows\system32\MSVBVM60.DLL
C:\Users\win7\AppData\Local\Temp\is-K3HOL.tmp\sample.tmp
C:\Windows\system32\MSFTEDIT.DLL
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\RICHED20.dll
C:\Windows\SysWOW64\ieframe.dll
C:\Windows\SysWOW64\mshtml.dll
C:\Users\win7\AppData\Local\Temp\downloader.exe
C:\Windows\system32\quartz.dll
C:\Windows\system32\credui.dll
C:\Windows\system32\dsound.dll
C:\Users\win7\AppData\Local\Temp\{3943BD48-91F4-4AF7-93C1-CCA84463D9E9}\ISSetup.dll
C:\Windows\system32\msi.dll
C:\Users\win7\AppData\Local\Temp\is-V3QKL.tmp\sample.tmp
C:\Windows\system32\dxgi.dll
C:\Windows\system32\d3d11.dll
C:\Windows\system32\D3D10Warp.dll
C:\Windows\system32\WINMM.dll
C:\Windows\system32\PROPSYS.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe
C:\Windows\system32\RICHED20.DLL
C:\Windows\system32\werui.dll
C:\Windows\SysWOW64\schannel.dll
C:\Users\win7\AppData\Local\Temp\is-I1FC2.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-OG679.tmp\isslideshow.dll
C:\Windows\System32\msxml6.dll
C:\Users\win7\AppData\Local\Temp\is-03VG6.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-H30DO.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-Q3425.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-UD2JH.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\TeamViewer\Version5\TeamViewer_.exe
C:\Windows\SysWOW64\sti.dll
C:\Windows\system32\QUtil.dll
C:\Windows\system32\eappcfg.dll
C:\Windows\system32\eappprxy.dll
C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcm80.dll
C:\Users\win7\AppData\Local\Temp\is-G9797.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\IXP000.TMP\BBSetup.exe
C:\Windows\system32\ieframe.dll
C:\Windows\SysWOW64\cmd.exe
C:\Users\win7\AppData\Local\Temp\nsm7228.tmp\g\gtapi_signed.DLL
C:\Users\win7\AppData\Local\Temp\nsm7228.tmp\g\pfWWW.DLL
C:\Users\win7\AppData\Local\Temp\is-KRK85.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\VideoPad-2636-1\ffmpeg19.exe
C:\Windows\system32\EhStorShell.dll
C:\Windows\system32\dSound.dll
C:\Windows\system32\Msftedit.dll
C:\Windows\system32\Riched20.dll
C:\Windows\system32\DSOUND.dll
C:\Users\win7\AppData\Local\Temp\nsoD439.tmp\ywiseextU.DLL
C:\Users\win7\AppData\Local\Temp\is-C5JB6.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\{391B7029-655F-4AEF-97FF-88A8B896C1E9}\Disk1\ISSetup.dll
C:\Windows\system32\MSHTML.dll
C:\Users\win7\AppData\Local\Temp\is-VS13Q.tmp\sample.tmp
C:\Windows\syswow64\crypt32.DLL
C:\Windows\SysWOW64\MSIEXEC.EXE
C:\Windows\SysWOW64\cryptnet.dll
C:\Users\win7\AppData\Local\Temp\is-3JJDM.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-4HJAN.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\{7C029707-4E9A-470A-AADA-703787A937A1}\Disk1\ISSetup.dll
C:\Users\win7\AppData\Local\Temp\2412a1c9-fb55-11e5-9e88-08002763e612\Ninite.exe
C:\Users\win7\AppData\Local\Temp\27E7832D\sample\plugins\0\StdUI.dll
C:\Windows\system32\tapi32.dll
C:\Windows\SysWOW64\jscript9.dll
C:\Users\win7\AppData\Local\Temp\is-EQOGG.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\nsg99D3.tmp\ghst.exe
C:\Users\win7\AppData\Local\Temp\SSESTART\Setup.exe
C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\MSVCR90.dll
C:\Windows\SysWOW64\MSCOREE.DLL
C:\Users\win7\AppData\Local\Temp\{391B75F5-6733-4AEF-BFD8-84A8B896C1E9}\ISSetup.dll
C:\Users\win7\AppData\Local\Temp\DRHelper_installStart.exe
C:\Windows\SysWOW64\Wbem\WMIC.exe
C:\Users\win7\AppData\Local\Temp\is-KUQTU.tmp\sample.tmp
C:\Windows\SysWOW64\quartz.dll
C:\Windows\system32\msrle32.dll
C:\Windows\system32\msvidc32.dll
C:\Windows\system32\msyuv.dll
C:\Windows\system32\iyuv_32.dll
C:\Windows\system32\tsbyuv.dll
C:\Windows\system32\iccvid.dll
C:\Windows\system32\msacm32.dll
C:\Users\win7\AppData\Local\Temp\comodoccav_temp_setup\ccavstart.exe
C:\Users\win7\AppData\Local\Temp\comodoccav_temp_setup\cmdhtml.dll
C:\Windows\SysWOW64\msiexec.exe
C:\Windows\System32\msi.dll
C:\Temp\NVIDIA\3DVision\nvStInst.exe
C:\Temp\NVIDIA\3DVision\setup.exe
C:\Temp\NVIDIA\3DVision\setup.e
C:\Temp\NVIDIA\3DVision\ISSetup.dll
C:\Users\win7\AppData\Local\Temp\{D7840700-AB5E-44D7-8E3F-E9C3DC215D62}\{13C5D420-CAE2-11D4-B34D-00105A1C23DD}\NVINSTNT.DLL
C:\Users\win7\AppData\Local\Temp\{D7840700-AB5E-44A1-8E3F-E9C3DC215D62}\{13C5D420-CAE2-11D4-B34D-00105A1C23DD}\NVINSTNT.DLL
C:\Users\win7\AppData\Local\Temp\nsf1E94.tmp\cpSetup.exe
C:\Users\win7\AppData\Local\Temp\000a3f98.a
C:\Windows\system32\winmm.dll
C:\Users\win7\AppData\Local\Temp\mia4D20.tmp\RP255DriverInstaller.exe
C:\Windows\system32\explorerframe.dll
C:\Windows\Winhlp32.exe
C:\Windows\SysWOW64\wscript.exe
C:\Users\win7\AppData\Local\Temp\37eacdea-fbfb-11e5-9e88-08002763e612\Ninite.exe
C:\Windows\syswow64\KERNELBASE.dll
C:\Windows\syswow64\kernel32.dll
C:\Windows\SysWOW64\ntdll.dll
C:\Windows\syswow64\msvcrt.dll
C:\Windows\syswow64\shlwapi.DLL
C:\Users\win7\AppData\Local\Temp\is-TDCLD.tmp\sample.tmp
C:\Windows\SysWOW64\MRT.exe
C:\Users\win7\AppData\Local\Temp\is-DRHQ5.tmp\sample.tmp
?:\sample
C:\Users\win7\AppData\Local\Temp\nslC593.tmp\HiRu.exe
C:\Windows\system32\DINPUT8.dll
C:\Windows\system32\ntshrui.dll
C:\Windows\syswow64\crypt32.dll
C:\Users\win7\AppData\Local\Temp\is-T2PAO.tmp\sample.tmp
C:\Windows\SysWOW64\net1.exe
C:\Users\win7\AppData\Local\Temp\is-DPDUS.tmp\sample.tmp
C:\WBDHD44I.DLL
C:\Users\win7\AppData\Local\Temp\is-S6L6I.tmp\sample.tmp
C:\Windows\SysWOW64\RunDll32.ex
C:\Windows\SysWOW64\RunDll32.exe
C:\Windows\SysWOW64\RichEd20.dll
C:\Users\win7\AppData\Local\Temp\is-MUR9B.tmp\OCSetupHlp.dll
C:\Users\win7\AppData\Local\Temp\is-MUR9B.tmp\UnRAR.exe
C:\Users\win7\AppData\Local\Temp\is-L66P9.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-ANUC4.tmp\sample.tmp
?
?\sample
C:\Users\win7\AppData\Local\Temp\GUM2D7E.tmp\DropboxUpdate.exe
C:\Users\win7\AppData\Local\Temp\GUM2D7E.tmp\goopdate.dll
C:\Users\win7\AppData\Local\Temp\is-VFDLN.tmp\tools.exe
C:\Users\win7\AppData\Local\Temp\is-55OV3.tmp\sample.tmp
C:\Windows\system32\SYSDM.CPL
C:\Users\win7\AppData\Local\Temp\IXP000.TMP\cabinstaller.exe
C:\Users\win7\AppData\Local\Temp\is-G9JNT.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-M8OMU.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\~nsuA.tmp\Au_.exe
C:\Users\win7\AppData\Local\Temp\000a9922.a
C:\Windows\system32\dinput8.dll
C:\Windows\system32\schannel.dll
C:\Users\win7\AppData\Local\Temp\000bee61.a
C:\84a77ccea871e1cd00e4d4380f\secondaryinstaller.exe
C:\Users\win7\AppData\Local\Temp\is-VTV4A.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-NO3AF.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-E7IJC.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-54A3G.tmp\OCSetupHlp.dll
C:\Users\win7\AppData\Local\Temp\is-54A3G.tmp\UnRAR.exe
C:\Users\win7\AppData\Local\Temp\is-7NH9O.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-KJAU2.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-VIF8R.tmp\isslideshow.dll
C:\Users\win7\AppData\Local\Temp\26286690-fd6d-11e5-9e88-08002763e612\Ninite.exe
C:\Users\win7\AppData\Local\Temp\nsq9FEA.tmp\AlexaToolbar.dll
C:\Users\win7\AppData\Local\Temp\7zSD9CB.tmp\setup-stub.exe
C:\Users\win7\AppData\Local\Temp\is-2S15M.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\MblTT.exe
C:\Users\win7\AppData\Local\Temp\is-HHQ59.tmp\sample.tmp
C:\Windows\system32\mscoree.dll
C:\ProgramData\535531\sysmon.exe
C:\Users\win7\AppData\Local\Temp\7ZipSfx.000\APTAT.Bootstrapper.exe
C:\Windows\SysWOW64\soundscheme
C:\Windows\SysWOW64\soundschemes2.exe
C:\Users\win7\AppData\Local\Temp\is-BEIBV.tmp\sample.tmp
C:\Users\win7\AppData\Roaming\Ininbu\oxqyt.exe
C:\Users\win7\AppData\Local\Temp\is-UDIEF.tmp\sample.tmp
C:\Windows\SysWOW64\Wbem\wmic.exe
C:\Users\win7\AppData\Local\Temp\befbcfdhdg.exe
c:\31c37649a87341446d94\HotFixInstaller.exe
C:\Users\win7\AppData\Local\Temp\is-0KLIF.tmp\sample.tmp
C:
C:\Windows\SysWOW64\dxgi.dll
C:\Windows\SysWOW64\d3d11.dll
C:\Windows\system32\winbrand.dll
C:\Windows\SysWOW64\dxdiagn.dll
C:\Users\win7\AppData\Local\Temp\tf00294823.dll
C:\Windows\system32\aclui.dll
C:\Users\win7\AppData\Local\Temp\is-7K0E1.tmp\sample.tmp
C:\Users\win7\AppData\Local\Tempfolder\QutrydMakn\VosjuoZivdhn.exe
C:\Users\win7\AppData\Local\Temp\Setup_AdvancedWinServiceManager_101.exe
C:\Users\win7\AppData\Local\Temp\is-O9D2A.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\nsjD065.tmp\dead.exe
C:\Users\win7\AppData\Local\Temp\AIRDAF7.tmp\Install PyxelEdit.exe
C:\Windows\system32\CRYPTNET.dll
C:\Users\win7\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\win7\AppData\Local\Temp\is-M6B40.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-SGKRM.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\nsr4AAB.tmp\UAC.dll
C:\Windows\system32\Connect.dll
C:\Users\win7\AppData\Local\Temp\is-3BSP7.tmp\sample.tmp
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
C:\Windows\system32\WINSTA.dll
C:\Windows\system32\ntmarta.dll
C:\Windows\system32\WTSAPI32.dll
C:\Windows\system32\wkscli.dll
C:\Windows\system32\srvcli.dll
C:\Windows\system32\netutils.dll
C:\Windows\system32\NETAPI32.dll
C:\Windows\system32\MSIMG32.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\COMCTL32.dll
C:\Windows\system32\DNSAPI.dll
C:\Windows\system32\version.DLL
C:\CFVS_HookDll.dll
C:\Windows\syswow64\CRYPTBASE.dll
C:\Windows\syswow64\SspiCli.dll
C:\Users\win7\AppData\Local\Temp\is-3KPC5.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-3GIFO.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-4M4D8.tmp\sample.tmp
C:\Windows\SysWOW64\explorer.exe
C:\Users\win7\AppData\Local\Temp\_sablon proje.exe
C:\Users\win7\AppData\Local\Temp\xns30E7.tmp
C:\Windows\SysWOW64\rundll32.ex
C:\Windows\syswow64\SHELL32.dll
C:\Windows\SysWOW64\PROPSYS.dll
C:\Users\win7\AppData\Local\Temp\nsq357.tmp\nsExec.dll
C:\Users\win7\AppData\Local\Temp\explorer.exe
C:\Users\win7\AppData\Local\Temp\is-S4DD0.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-T8C5G.tmp\sample.tmp
C:\Windows\SysWOW64\regsvr32.exe
C:\Users\win7\AppData\Local\Temp\is-LKH93.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-E3PEK.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-JPO5F.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\FsmSetup\Install.exe
C:\Windows\system32\sxs.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
C:\Users\win7\AppData\Local\Temp\Tsu5ED29E38.dll
C:\Users\win7\AppData\Local\Temp\{07C171EC-5167-4901-ABEA-1945DC22531A}\_Setup.dll
C:\Users\win7\AppData\Local\Coowon\Update\CoowonUpdate.exe
C:\Users\win7\AppData\Local\Coowon\Update\1.3.33.0\coopdate.dll
C:\Users\win7\AppData\Local\Coowon\Update\1.3.33.0\psuser.dll
C:\Users\win7\AppData\Local\Temp\is-3U742.tmp\sample.tmp
C:\Users\win7\doouta.exe
C:\Users\win7\AppData\Local\Temp\is-KEK8H.tmp\is-59C93.tmp
C:\Users\win7\AppData\Local\Temp\is-4OAQS.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-K14KD.tmp\winmsgctrl.dll
C:\Users\win7\AppData\Local\Temp\is-TTNJI.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-VI5KK.tmp\sample.tmp
C:\Windows\SysWOW64\timeout.exe
C:\Windows\SysWOW64\msv1_0.DLL
C:\Users\win7\AppData\Local\Temp\is-10KRU.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-04FS6.tmp\sample.tmp
C:\Windows\System32\dsound.dll
C:\Users\win7\AppData\Local\Temp\is-JD8L7.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\is-SM044.tmp\sample.tmp
C:\Windows\system32\DINPUT.DLL
C:\Users\win7\AppData\Local\Temp\is-RP7AN.tmp\sample.tmp
C:\Users\win7\AppData\Local\Temp\GLKB2D5.tmp
C:\Users\win7\AppData\Local\Temp\GLCB296.tmp
C:\Windows\SysWOW64\svchost.exe
C:\Users\win7\AppData\Local\Temp\samB172.exe
C:\Windows\syswow64\SetupApi.dll
Precise Detectors Analysis Results
No Detector Result Received
Advance Heuristics
No Advanced Heuristic Analysis Result Received
Human Expert Analysis Results
Analysis Start Date:   2016-03-05 00:29:05.231335 ( )
Analysis End Date:  2016-03-05 08:50:50.035851 ( )
File Upload Date:  2016-03-04 22:41:44.525139 ( )
Update Date:  2016-03-05 08:50:50.035855 ( )
Human Expert Analyst Feedback:   PUA.VMProtect
Verdict:   PUA
Malware Family:   PUA.VMProtect
Malware Type:   Pua
Additional File Information
Property | Value |
---|
Name | Virtual Address | Virtual Size | Raw Size | Entropy | MD5 |
---|