output from mjrwtchr

MJ RegWatcher Log File Viewer RegWatcher Log File C:\Documents and Settings\Joe Nelson\My Documents\Downloads\RegWatcher\MJRegWatcher\MJRegWatchKeys.log ======================================================= ** Wednesday 4/16/2014 6:23:20 PM ** Injected C:\WINDOWS\system32\Apphelp.dll Size 139264 ======================================================= ** Wednesday 4/16/2014 6:23:38 PM ** Injected C:\WINDOWS\system32\IMAGEHLP.dll Size 163840 C:\WINDOWS\system32\midimap.dll Size 28672 C:\WINDOWS\system32\MSACM32.dll Size 86016 C:\WINDOWS\system32\msacm32.drv Size 32768 C:\WINDOWS\system32\wdmaud.drv Size 36864 C:\WINDOWS\system32\WINTRUST.dll Size 188416 ======================================================= ** Wednesday 4/16/2014 6:52:35 PM ** Low-level Drivers and Services Registry Key hkey_local_machine\system\ControlSet002\services Subkey Crypkey License has been added Subkey NetworkX has been added Subkey OpcEnum has been added ======================================================= ** Wednesday 4/16/2014 6:52:35 PM ** Change Service Accepted ======================================================= ** Wednesday 4/16/2014 6:52:37 PM ** Low-level Drivers and Services Registry Key hkey_local_machine\system\CurrentControlSet\services Subkey Crypkey License has been added Subkey NetworkX has been added Subkey OpcEnum has been added ======================================================= ** Wednesday 4/16/2014 6:52:37 PM ** Change Service Accepted ======================================================= ** Wednesday 4/16/2014 6:52:45 PM ** Launched Crypserv.exe[2984] « services.exe[868] « winlogon.exe[824] « smss.exe[596] « System[4] « [System Process][0] Important Executables and Driver Files Files Added :- c:\windows\system32\Ckldrv.sys - Size=20,742 Date=Sat Jun 13 07:07:44 2009 Attributes=---A- ======================================================= ** Wednesday 4/16/2014 6:52:45 PM ** Change Service Accepted ======================================================= ** Wednesday 4/16/2014 6:52:45 PM ** Important Executables and Driver Files Files Added :- c:\windows\Setup_ck.dll - Size=18,432 Date=Fri May 03 21:36:50 1996 Attributes=---A- ======================================================= ** Wednesday 4/16/2014 6:52:45 PM ** Change Service Accepted ======================================================= ** Wednesday 4/16/2014 6:52:45 PM ** Important Executables and Driver Files Files Added :- c:\windows\Ckconfig.exe - Size=165,888 Date=Sat Jun 19 03:49:32 1999 Attributes=---A- c:\windows\Ckrfresh.exe - Size=11,776 Date=Wed Jul 05 00:33:04 1995 Attributes=---A- c:\windows\Setup_ck.exe - Size=27,648 Date=Fri May 03 23:21:20 1996 Attributes=R--A- ======================================================= ** Wednesday 4/16/2014 6:52:45 PM ** Change Service Accepted ======================================================= ** Wednesday 4/16/2014 6:56:46 PM ** Injected C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL Size 2215936 C:\PROGRA~1\MICROS~2\Office12\GrooveNew.DLL Size 28672 C:\PROGRA~1\MICROS~2\Office12\GrooveUtil.DLL Size 987136 C:\WINDOWS\system32\CLBCATQ.DLL Size 520192 C:\WINDOWS\system32\COMRes.dll Size 806912 C:\WINDOWS\system32\MSImg32.dll Size 20480 C:\WINDOWS\system32\netapi32.dll Size 348160 C:\WINDOWS\system32\rsaenh.dll Size 221184 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL Size 110592 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll Size 634880

Upload: jns1606

Post on 22-Nov-2015

2 views

Category:

Documents

1 download

Report

Download

Embed Size (px):

DESCRIPTION

TRANSCRIPT

MJ RegWatcher Log File Viewer

RegWatcher Log File C:\Documents and Settings\Joe Nelson\My Documents\Downloads\RegWatcher\MJRegWatcher\MJRegWatchKeys.log

=======================================================** Wednesday 4/16/2014 6:23:20 PM **Injected C:\WINDOWS\system32\Apphelp.dll Size 139264=======================================================** Wednesday 4/16/2014 6:23:38 PM **Injected C:\WINDOWS\system32\IMAGEHLP.dll Size 163840C:\WINDOWS\system32\midimap.dll Size 28672C:\WINDOWS\system32\MSACM32.dll Size 86016C:\WINDOWS\system32\msacm32.drv Size 32768C:\WINDOWS\system32\wdmaud.drv Size 36864C:\WINDOWS\system32\WINTRUST.dll Size 188416=======================================================** Wednesday 4/16/2014 6:52:35 PM **Low-level Drivers and ServicesRegistry Key hkey_local_machine\system\ControlSet002\servicesSubkey Crypkey License has been addedSubkey NetworkX has been addedSubkey OpcEnum has been added=======================================================** Wednesday 4/16/2014 6:52:35 PM **Change Service Accepted=======================================================** Wednesday 4/16/2014 6:52:37 PM **Low-level Drivers and ServicesRegistry Key hkey_local_machine\system\CurrentControlSet\servicesSubkey Crypkey License has been addedSubkey NetworkX has been addedSubkey OpcEnum has been added=======================================================** Wednesday 4/16/2014 6:52:37 PM **Change Service Accepted=======================================================** Wednesday 4/16/2014 6:52:45 PM **Launched Crypserv.exe[2984] services.exe[868] winlogon.exe[824] smss.exe[596] System[4] [System Process][0]Important Executables and Driver FilesFiles Added :-c:\windows\system32\Ckldrv.sys - Size=20,742 Date=Sat Jun 13 07:07:44 2009 Attributes=---A-=======================================================** Wednesday 4/16/2014 6:52:45 PM **Change Service Accepted=======================================================** Wednesday 4/16/2014 6:52:45 PM **Important Executables and Driver FilesFiles Added :-c:\windows\Setup_ck.dll - Size=18,432 Date=Fri May 03 21:36:50 1996 Attributes=---A-=======================================================** Wednesday 4/16/2014 6:52:45 PM **Change Service Accepted=======================================================** Wednesday 4/16/2014 6:52:45 PM **Important Executables and Driver FilesFiles Added :-c:\windows\Ckconfig.exe - Size=165,888 Date=Sat Jun 19 03:49:32 1999 Attributes=---A-c:\windows\Ckrfresh.exe - Size=11,776 Date=Wed Jul 05 00:33:04 1995 Attributes=---A-c:\windows\Setup_ck.exe - Size=27,648 Date=Fri May 03 23:21:20 1996 Attributes=R--A-=======================================================** Wednesday 4/16/2014 6:52:45 PM **Change Service Accepted=======================================================** Wednesday 4/16/2014 6:56:46 PM **Injected C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL Size 2215936C:\PROGRA~1\MICROS~2\Office12\GrooveNew.DLL Size 28672C:\PROGRA~1\MICROS~2\Office12\GrooveUtil.DLL Size 987136C:\WINDOWS\system32\CLBCATQ.DLL Size 520192C:\WINDOWS\system32\COMRes.dll Size 806912C:\WINDOWS\system32\MSImg32.dll Size 20480C:\WINDOWS\system32\netapi32.dll Size 348160C:\WINDOWS\system32\rsaenh.dll Size 221184C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL Size 110592C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll Size 634880