Scan result of Farbar Recovery Scan Tool Version: 05-08-2012 03 Ran by SYSTEM at 06-08-2012 22:53:47 Running from F:\ Windows 7 Home Premium (X64) OS Language: English(US) The current controlset is ControlSet001 ========================== Registry (Whitelisted) ============= HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10144288 2010-04-05] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 [908320 2010-04-05] (Realtek Semiconductor) HKLM\...\Run: [TpShocks] C:\Windows\System32\TpShocks.exe [231264 2009-09-02] (Lenovo.) HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2104104 2010-03-18] (Synaptics Incorporated) HKLM\...\Run: [PSQLLauncher] "C:\Program Files\Lenovo\LenovoSecuritySolution FP\launcher.exe" /startup [84744 2010-03-29] (UPEK Inc.) HKLM\...\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4448704 2010-03-11] (Lenovo(beijing) Limited) HKLM\...\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [7056832 2010-03-11] (Lenovo (Beijing) Limited) HKLM\...\Run: [IgfxTray] C:\windows\system32\igfxtray.exe [166424 2010-03-26] (Intel Corporation) HKLM\...\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe [391192 2010-03-26] (Intel Corporation) HKLM\...\Run: [Persistence] C:\windows\system32\igfxpers.exe [410648 2010-03-26] (Intel Corporation) HKLM\...\Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe" [196648 2009-06-03] (ActivIdentity) HKLM\...\Run: [] [x] HKLM\...\Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe" [483880 2009-06-03] (ActivIdentity) HKLM\...\Run: [HPRAService] C:\Program Files\RA2HP\HPRAService.exe [126464 2010-04-01] (Hewlett-Packard Company) HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1271168 2012-03-26] (Microsoft Corporation) HKLM-x32\...\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE [536576 2010-01-15] (Vimicro) HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-23] (Intel Corporation) HKLM-x32\...\Run: [UCam_Menu] "C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0" [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [YouCam Mirror Tray icon] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s [167008 2009-11-11] (CyberLink Corp.) HKLM-x32\...\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [3122440 2010-09-08] (Lenovo) HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated) HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3508624 2012-02-03] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [ExpressFiles] "C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe" -tray [453240 2012-03-18] (http://www.express-files.com/) HKU\Rajagopal Kumar\...\Run: [Google Update] "C:\Users\Rajagopal Kumar\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-11-25] (Google Inc.) HKU\Rajagopal Kumar\...\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s [943504 2012-02-03] (Samsung) HKU\Rajagopal Kumar\...\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21416 2012-02-29] () HKU\Rajagopal Kumar\...\Run: [cdloader] "C:\Users\Rajagopal Kumar\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK [50592 2012-02-01] (magicJack L.P.) HKLM\...\RunOnce: [*Restore] C:\windows\system32\rstrui.exe /RUNONCE [296960 2009-07-13] (Microsoft Corporation) Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation) Winlogon\Notify\psfus: C:\Program Files\Lenovo\LenovoSecuritySolution FP\psqlpwd.dll (UPEK Inc.) Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\LenovoSecuritySolution FP\psqlpwd.dll Startup: C:\Users\All Users\Start Menu\Programs\Startup\ActivClient Agent.lnk ShortcutTarget: ActivClient Agent.lnk -> C:\Program Files\ActivIdentity\ActivClient\acsagent.exe (ActivIdentity) Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\Users\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.) ==================== Services (Whitelisted) ====== 2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [277032 2009-06-03] (ActivIdentity) 2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [873248 2010-02-17] (Broadcom Corporation.) 2 IGRS; "C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe" [38152 2009-07-14] (Lenovo Group Limited) 3 Lenovo ReadyComm AppSvc; "C:\Program Files\Lenovo\ReadyComm\AppSvc.exe" [414984 2009-07-28] (Lenovo Group Limited) 3 Lenovo ReadyComm ConnSvc; "C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe" [472328 2009-07-28] (Lenovo Group Limited) 3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.) 2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [12600 2012-03-26] (Microsoft Corporation) 2 N360; "C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\diMaster.dll" /prefetch:1 [262584 2011-03-31] (Symantec Corporation) 3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [291696 2012-03-26] (Microsoft Corporation) 2 NitroReaderDriverReadSpool2; "C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe" [204304 2012-04-11] (Nitro PDF Software) 3 PS_MDP; C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-16] (Lenovo Group Limited) 2 ReadyComm.DirectRouter; C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll [103688 2009-07-14] (Lenovo Group Limited) 2 TPHDEXLGSVC; C:\Windows\System32\TPHDEXLG64.exe [47632 2009-10-21] (Lenovo.) 2 UNS; "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" [2320920 2009-12-09] (Intel Corporation) 2 UpekSrvc; "C:\Program Files\Lenovo\LenovoSecuritySolution FP\upeksrvc.exe" [72456 2010-03-29] (UPEK Inc.) ========================== Drivers (Whitelisted) ============= 1 A2DDA; \??\C:\Users\Rajagopal Kumar\Desktop\EmsisoftEmergencyKit\Run\a2ddax64.sys [23208 2012-07-08] (Emsi Software GmbH) 1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111221.003\BHDrvx64.sys [1156216 2011-11-23] (Symantec Corporation) 3 Bridge0; C:\Windows\System32\drivers\WDBridge.sys [79376 2009-07-16] (Lenovo) 3 dgderdrv; C:\Windows\SysWow64\Drivers\dgderdrv.sys [20032 2011-08-22] (Devguru Co., Ltd) 1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [482936 2011-12-10] (Symantec Corporation) 3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138360 2011-12-10] (Symantec Corporation) 1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20111223.001\IDSvia64.sys [488568 2011-12-09] (Symantec Corporation) 3 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [102600 2009-06-18] (McAfee, Inc.) 1 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [307400 2009-06-18] (McAfee, Inc.) 3 mferkdk; C:\Windows\System32\Drivers\mferkdk.sys [40904 2009-06-18] (McAfee, Inc.) 3 mfesmfk; C:\Windows\System32\Drivers\mfesmfk.sys [49480 2009-06-18] (McAfee, Inc.) 3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111224.017\ENG64.SYS [117880 2011-12-10] (Symantec Corporation) 3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111224.017\EX64.SYS [2048632 2011-12-10] (Symantec Corporation) 0 Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [135184 2009-10-21] (Lenovo.) 3 SRTSP; C:\Windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS [744568 2011-03-30] (Symantec Corporation) 1 SRTSPX; C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS [40568 2011-03-30] (Symantec Corporation) 0 SymDS; C:\Windows\System32\drivers\N360x64\0502020.003\SYMDS64.SYS [450680 2011-01-26] (Symantec Corporation) 0 SymEFA; C:\Windows\System32\drivers\N360x64\0502020.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation) 3 SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-12-10] (Symantec Corporation) 1 SymIRON; C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS [171128 2010-11-15] (Symantec Corporation) 1 SymNetS; C:\Windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation) 3 tapoas; C:\Windows\System32\Drivers\tapoas.sys [30720 2011-08-19] (The OpenVPN Project) 0 TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [23568 2009-10-21] (Lenovo.) 3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [215040 2010-02-24] (Vimicro Corporation) 3 wdmirror; C:\Windows\System32\Drivers\wdmirror.sys [11280 2009-07-16] (Lenovo) 3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x] ========================== NetSvcs (Whitelisted) =========== ============ One Month Created Files and Folders ============== 2012-08-06 22:53 - 2012-08-06 22:53 - 00000000 ____D C:\FRST 2012-08-05 15:14 - 2012-08-05 15:14 - 00000000 ____D C:\New folder 2012-07-30 23:21 - 2012-07-30 23:32 - 00009462 ____A C:\Users\Rajagopal Kumar\Documents\suba_to_be_Deleted.txt 2012-07-30 21:17 - 2012-07-30 21:17 - 00016896 ____A C:\Users\Rajagopal Kumar\Documents\Suba_Matrimony_tracker.xls 2012-07-28 22:12 - 2012-07-29 00:18 - 104052997 ____A C:\Users\Rajagopal Kumar\Downloads\backup.constant.part5.rar 2012-07-28 21:13 - 2012-07-28 22:11 - 104857601 ____A C:\Users\Rajagopal Kumar\Downloads\backup.constant.part4.rar 2012-07-28 20:14 - 2012-07-28 21:13 - 104857601 ____A C:\Users\Rajagopal Kumar\Downloads\backup.constant.part3.rar 2012-07-28 19:16 - 2012-07-28 20:14 - 104857601 ____A C:\Users\Rajagopal Kumar\Downloads\backup.constant.part2.rar 2012-07-28 18:23 - 2012-07-28 18:23 - 00000000 ____D C:\Users\Rajagopal Kumar\AppData\Roaming\YourFileDownloader 2012-07-28 17:35 - 2012-07-28 19:54 - 641863159 ____A C:\Users\Rajagopal Kumar\Downloads\Constantine (2005) m720p.mkv 2012-07-28 17:24 - 2012-07-28 19:16 - 104857601 ____A C:\Users\Rajagopal Kumar\Downloads\backup.constant.part1.rar 2012-07-24 19:47 - 2012-08-04 21:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-07-24 19:47 - 2012-08-03 21:06 - 00000000 ____D C:\Users\Rajagopal Kumar\AppData\Roaming\Malwarebytes 2012-07-24 19:47 - 2012-07-24 19:47 - 00000000 ____D C:\Users\All Users\Malwarebytes 2012-07-22 14:48 - 2012-07-22 14:48 - 00000000 ____D C:\Users\Rajagopal Kumar\AppData\Local\Macromedia 2012-07-21 12:23 - 2012-07-21 12:23 - 08399774 ____A C:\Users\Rajagopal Kumar\Downloads\fsi.775.office girl.wmv 2012-07-17 21:46 - 2012-07-17 21:46 - 00039622 ____A C:\Users\Rajagopal Kumar\Downloads\iyngr-page-309.htm 2012-07-16 22:17 - 2012-07-16 22:18 - 00000357 ____A C:\subaList 2012-07-16 22:17 - 2012-07-16 22:17 - 00000357 ____A C:\subaList~ 2012-07-16 22:15 - 2012-07-19 00:44 - 00001168 ____A C:\Users\Rajagopal Kumar\_viminfo 2012-07-16 22:14 - 2012-07-16 22:14 - 00001871 ____A C:\Users\Public\Desktop\gVim Read only 7.3.lnk 2012-07-16 22:14 - 2012-07-16 22:14 - 00001871 ____A C:\Users\Public\Desktop\gVim Easy 7.3.lnk 2012-07-16 22:14 - 2012-07-16 22:14 - 00001865 ____A C:\Users\Public\Desktop\gVim 7.3.lnk 2012-07-16 22:14 - 2012-07-16 22:14 - 00000000 ____D C:\Program Files (x86)\Vim 2012-07-16 22:10 - 2012-07-16 22:10 - 09585439 ____A C:\Users\Rajagopal Kumar\Downloads\gvim73_46.exe 2012-07-15 17:58 - 2012-07-15 17:58 - 08052188 ____A C:\Users\Rajagopal Kumar\Downloads\bengali_hot_girl_nupur_with_love.3gp 2012-07-15 17:58 - 2012-07-15 17:58 - 02434510 ____A C:\Users\Rajagopal Kumar\Downloads\school_students_after_school.3gp 2012-07-13 21:56 - 2012-02-10 15:12 - 00001970 ____A C:\Users\Rajagopal Kumar\Downloads\I'll PAY YOU $20.txt 2012-07-13 21:56 - 2012-02-05 12:17 - 625506548 ____A C:\Users\Rajagopal Kumar\Downloads\Khelein-Hum-Jee-Jaan-Sey-2011-.mkv 2012-07-13 21:56 - 2012-01-27 06:52 - 00000394 ____A C:\Users\Rajagopal Kumar\Downloads\buy 1 premy & get MANY.txt 2012-07-13 21:42 - 2012-07-13 21:52 - 735358976 ____A C:\Users\Rajagopal Kumar\Downloads\ubuntu-12.04-desktop-i386.iso 2012-07-13 21:33 - 2012-07-13 21:37 - 00000000 ____D C:\Users\Rajagopal Kumar\VirtualBox VMs 2012-07-13 21:32 - 2012-07-25 00:22 - 00000000 ____D C:\Users\Rajagopal Kumar\.VirtualBox 2012-07-13 21:31 - 2012-07-13 21:31 - 00001083 ____A C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk 2012-07-13 21:31 - 2012-07-13 21:31 - 00000000 ____D C:\Program Files\Oracle 2012-07-13 21:31 - 2012-06-05 15:03 - 00224088 ____A (Oracle Corporation) C:\Windows\System32\Drivers\VBoxDrv.sys 2012-07-13 21:31 - 2012-06-05 15:03 - 00130904 ____A (Oracle Corporation) C:\Windows\System32\Drivers\VBoxUSBMon.sys 2012-07-13 21:22 - 2012-07-13 21:23 - 95228248 ____A (Oracle Corporation) C:\Users\Rajagopal Kumar\Downloads\VirtualBox-4.1.18-78361-Win.exe 2012-07-13 21:14 - 2012-07-13 21:28 - 732213248 ____A C:\Users\Rajagopal Kumar\Downloads\ubuntu-12.04-desktop-amd64.iso 2012-07-13 20:23 - 2012-07-13 21:56 - 625509130 ____A C:\Users\Rajagopal Kumar\Downloads\01747_downloadyo.com.rar 2012-07-13 19:55 - 2012-07-13 19:55 - 17545488 ____A C:\Users\Rajagopal Kumar\Downloads\fsi.757.hot girl.3gp 2012-07-13 19:55 - 2012-07-13 19:55 - 04111111 ____A C:\Users\Rajagopal Kumar\Downloads\fsi.755.seema khurana.3gp 2012-07-11 00:54 - 2012-06-11 19:02 - 03147264 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2012-07-11 00:50 - 2012-06-02 04:49 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-07-11 00:50 - 2012-06-02 04:17 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-07-11 00:50 - 2012-06-02 04:12 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-07-11 00:50 - 2012-06-02 04:05 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-07-11 00:50 - 2012-06-02 04:05 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-07-11 00:50 - 2012-06-02 04:04 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-07-11 00:50 - 2012-06-02 04:04 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-07-11 00:50 - 2012-06-02 04:03 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-07-11 00:50 - 2012-06-02 04:01 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-07-11 00:50 - 2012-06-02 04:00 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-07-11 00:50 - 2012-06-02 03:59 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-07-11 00:50 - 2012-06-02 03:57 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-07-11 00:50 - 2012-06-02 03:57 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-07-11 00:50 - 2012-06-02 03:54 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-07-11 00:50 - 2012-06-02 01:07 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2012-07-11 00:50 - 2012-06-02 00:43 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2012-07-11 00:50 - 2012-06-02 00:33 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2012-07-11 00:50 - 2012-06-02 00:26 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2012-07-11 00:50 - 2012-06-02 00:25 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2012-07-11 00:50 - 2012-06-02 00:25 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2012-07-11 00:50 - 2012-06-02 00:23 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2012-07-11 00:50 - 2012-06-02 00:21 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2012-07-11 00:50 - 2012-06-02 00:20 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2012-07-11 00:50 - 2012-06-02 00:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2012-07-11 00:50 - 2012-06-02 00:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2012-07-11 00:50 - 2012-06-02 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2012-07-11 00:50 - 2012-06-02 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2012-07-11 00:50 - 2012-06-02 00:14 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2012-07-10 22:04 - 2012-06-08 21:30 - 14165504 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll 2012-07-10 22:04 - 2012-06-08 20:46 - 12868608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2012-07-10 22:04 - 2012-06-05 21:50 - 02003968 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll 2012-07-10 22:04 - 2012-06-05 21:50 - 01880064 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll 2012-07-10 22:04 - 2012-06-05 21:09 - 01389568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2012-07-10 22:04 - 2012-06-05 21:09 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2012-07-10 22:04 - 2012-06-01 21:38 - 00152432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys 2012-07-10 22:04 - 2012-06-01 21:38 - 00095088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys 2012-07-10 22:04 - 2012-06-01 21:37 - 00459216 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys 2012-07-10 22:04 - 2012-06-01 21:27 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll 2012-07-10 22:04 - 2012-06-01 21:27 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll 2012-07-10 22:04 - 2012-06-01 20:48 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2012-07-10 22:04 - 2012-06-01 20:48 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2012-07-10 22:04 - 2012-06-01 20:47 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2012-07-10 22:04 - 2012-06-01 20:42 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2012-07-08 13:34 - 2012-07-08 13:34 - 00000000 ____D C:\Users\Rajagopal Kumar\Desktop\EmsisoftEmergencyKit 2012-07-08 13:26 - 2012-07-08 13:33 - 141514996 ____A C:\Users\Rajagopal Kumar\Desktop\EmsisoftEmergencyKit.zip 2012-07-08 12:51 - 2012-07-08 13:03 - 04503728 ___AT C:\Users\All Users\go_0molg.pad 2012-07-07 13:15 - 2012-07-07 15:36 - 526095158 ____A C:\Users\Rajagopal Kumar\Downloads\Vaagai_Sooda_Vaa_-_Suara.mkv ============ 3 Months Modified Files ======================== 2012-08-02 14:50 - 2011-11-21 08:28 - 07199154 ____A C:\FaceProv.log 2012-07-30 23:32 - 2012-07-30 23:21 - 00009462 ____A C:\Users\Rajagopal Kumar\Documents\suba_to_be_Deleted.txt 2012-07-30 21:17 - 2012-07-30 21:17 - 00016896 ____A C:\Users\Rajagopal Kumar\Documents\Suba_Matrimony_tracker.xls 2012-07-29 00:18 - 2012-07-28 22:12 - 104052997 ____A C:\Users\Rajagopal Kumar\Downloads\backup.constant.part5.rar 2012-07-28 22:11 - 2012-07-28 21:13 - 104857601 ____A C:\Users\Rajagopal Kumar\Downloads\backup.constant.part4.rar 2012-07-28 21:13 - 2012-07-28 20:14 - 104857601 ____A C:\Users\Rajagopal Kumar\Downloads\backup.constant.part3.rar 2012-07-28 20:14 - 2012-07-28 19:16 - 104857601 ____A C:\Users\Rajagopal Kumar\Downloads\backup.constant.part2.rar 2012-07-28 19:54 - 2012-07-28 17:35 - 641863159 ____A C:\Users\Rajagopal Kumar\Downloads\Constantine (2005) m720p.mkv 2012-07-28 19:16 - 2012-07-28 17:24 - 104857601 ____A C:\Users\Rajagopal Kumar\Downloads\backup.constant.part1.rar 2012-07-22 00:59 - 2011-11-21 08:25 - 01435155 ____A C:\Windows\WindowsUpdate.log 2012-07-22 00:54 - 2011-11-25 17:07 - 00000948 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2180650751-2005149398-3877183700-1000UA.job 2012-07-22 00:52 - 2010-09-08 07:55 - 00179712 ____A C:\Windows\System32\TPHDLOG0.LOG 2012-07-22 00:24 - 2010-09-08 07:55 - 00472832 ____A C:\Windows\System32\TPAPSLOG.LOG 2012-07-21 22:02 - 2011-11-25 17:07 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2180650751-2005149398-3877183700-1000Core.job 2012-07-21 12:23 - 2012-07-21 12:23 - 08399774 ____A C:\Users\Rajagopal Kumar\Downloads\fsi.775.office girl.wmv 2012-07-21 11:59 - 2009-07-13 20:45 - 00013872 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2012-07-21 11:59 - 2009-07-13 20:45 - 00013872 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2012-07-21 11:51 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2012-07-21 11:51 - 2009-07-13 20:51 - 00083120 ____A C:\Windows\setupact.log 2012-07-19 00:44 - 2012-07-16 22:15 - 00001168 ____A C:\Users\Rajagopal Kumar\_viminfo 2012-07-18 20:24 - 2009-07-13 21:13 - 00729752 ____A C:\Windows\System32\PerfStringBackup.INI 2012-07-18 00:28 - 2011-12-10 15:54 - 00002505 ____A C:\Users\Public\Desktop\Norton Security Suite.lnk 2012-07-17 21:46 - 2012-07-17 21:46 - 00039622 ____A C:\Users\Rajagopal Kumar\Downloads\iyngr-page-309.htm 2012-07-16 22:18 - 2012-07-16 22:17 - 00000357 ____A C:\subaList 2012-07-16 22:17 - 2012-07-16 22:17 - 00000357 ____A C:\subaList~ 2012-07-16 22:14 - 2012-07-16 22:14 - 00001871 ____A C:\Users\Public\Desktop\gVim Read only 7.3.lnk 2012-07-16 22:14 - 2012-07-16 22:14 - 00001871 ____A C:\Users\Public\Desktop\gVim Easy 7.3.lnk 2012-07-16 22:14 - 2012-07-16 22:14 - 00001865 ____A C:\Users\Public\Desktop\gVim 7.3.lnk 2012-07-16 22:10 - 2012-07-16 22:10 - 09585439 ____A C:\Users\Rajagopal Kumar\Downloads\gvim73_46.exe 2012-07-15 17:58 - 2012-07-15 17:58 - 08052188 ____A C:\Users\Rajagopal Kumar\Downloads\bengali_hot_girl_nupur_with_love.3gp 2012-07-15 17:58 - 2012-07-15 17:58 - 02434510 ____A C:\Users\Rajagopal Kumar\Downloads\school_students_after_school.3gp 2012-07-15 13:43 - 2012-05-30 06:24 - 00002064 ___AH C:\Users\Rajagopal Kumar\Documents\Default.rdp 2012-07-15 11:43 - 2011-12-06 00:24 - 00000600 ____A C:\Users\Rajagopal Kumar\AppData\Local\PUTTY.RND 2012-07-13 21:56 - 2012-07-13 20:23 - 625509130 ____A C:\Users\Rajagopal Kumar\Downloads\01747_downloadyo.com.rar 2012-07-13 21:52 - 2012-07-13 21:42 - 735358976 ____A C:\Users\Rajagopal Kumar\Downloads\ubuntu-12.04-desktop-i386.iso 2012-07-13 21:31 - 2012-07-13 21:31 - 00001083 ____A C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk 2012-07-13 21:28 - 2012-07-13 21:14 - 732213248 ____A C:\Users\Rajagopal Kumar\Downloads\ubuntu-12.04-desktop-amd64.iso 2012-07-13 21:23 - 2012-07-13 21:22 - 95228248 ____A (Oracle Corporation) C:\Users\Rajagopal Kumar\Downloads\VirtualBox-4.1.18-78361-Win.exe 2012-07-13 19:55 - 2012-07-13 19:55 - 17545488 ____A C:\Users\Rajagopal Kumar\Downloads\fsi.757.hot girl.3gp 2012-07-13 19:55 - 2012-07-13 19:55 - 04111111 ____A C:\Users\Rajagopal Kumar\Downloads\fsi.755.seema khurana.3gp 2012-07-13 19:50 - 2011-11-25 17:08 - 00002420 ____A C:\Users\Rajagopal Kumar\Desktop\Google Chrome.lnk 2012-07-13 19:36 - 2009-07-13 21:08 - 00032626 ____A C:\Windows\Tasks\SCHEDLGU.TXT 2012-07-11 22:40 - 2009-07-13 20:45 - 00428600 ____A C:\Windows\System32\FNTCACHE.DAT 2012-07-11 00:54 - 2009-07-13 18:34 - 00000510 ____A C:\Windows\win.ini 2012-07-08 13:33 - 2012-07-08 13:26 - 141514996 ____A C:\Users\Rajagopal Kumar\Desktop\EmsisoftEmergencyKit.zip 2012-07-08 13:03 - 2012-07-08 12:51 - 04503728 ___AT C:\Users\All Users\go_0molg.pad 2012-07-07 15:36 - 2012-07-07 13:15 - 526095158 ____A C:\Users\Rajagopal Kumar\Downloads\Vaagai_Sooda_Vaa_-_Suara.mkv 2012-07-06 20:33 - 2012-07-06 20:33 - 00062735 ____A C:\Users\Rajagopal Kumar\Downloads\the.aviator.(2004).eng.1cd.(4214913).zip 2012-07-05 01:44 - 2012-07-05 01:44 - 00697616 ____A C:\Windows\Minidump\070512-30186-01.dmp 2012-07-05 01:44 - 2011-11-28 22:54 - 485129917 ____A C:\Windows\MEMORY.DMP 2012-07-02 01:00 - 2012-07-02 00:59 - 06653231 ____A C:\Users\Rajagopal Kumar\Downloads\fsi.722.girl_on_rock.3gp 2012-07-02 00:58 - 2012-07-02 00:58 - 03079437 ____A C:\Users\Rajagopal Kumar\Downloads\fsi.730.desi_threesome.3gp 2012-07-01 19:19 - 2012-07-01 15:28 - 838172908 ____A C:\Users\Rajagopal Kumar\Downloads\440r00d.rar 2012-07-01 16:33 - 2012-07-01 15:20 - 576624785 ____A C:\Users\Rajagopal Kumar\Downloads\avengers-ichthyander.mkv 2012-07-01 15:30 - 2012-07-01 15:21 - 889646563 ____A C:\Users\Rajagopal Kumar\Downloads\backup.SHAGOS72.0ne.rar 2012-06-30 21:00 - 2012-07-01 19:20 - 00000170 ____A C:\Users\Rajagopal Kumar\Downloads\2raod_info.txt 2012-06-28 00:21 - 2012-06-28 00:18 - 19067658 ____A C:\Users\Rajagopal Kumar\Downloads\College_Lo.avi 2012-06-28 00:18 - 2012-06-28 00:18 - 01318555 ____A C:\Users\Rajagopal Kumar\Downloads\fsi.603.manipur_girl.3gp 2012-06-28 00:18 - 2012-06-28 00:12 - 33581690 ____A C:\Users\Rajagopal Kumar\Downloads\18 Year Teen _ed on Beach.avi 2012-06-28 00:03 - 2012-06-28 00:03 - 01682161 ____A C:\Users\Rajagopal Kumar\Downloads\fsi.717.college_girl.3gp 2012-06-28 00:01 - 2012-06-28 00:01 - 01996626 ____A C:\Users\Rajagopal Kumar\Downloads\fsi.719.mast_girl.3gp 2012-06-26 22:46 - 2012-06-26 22:41 - 29237901 ____A C:\Users\Rajagopal Kumar\Downloads\fsi.720.dimapur_girl.3gp 2012-06-25 23:26 - 2012-06-25 23:25 - 07815767 ____A C:\Users\Rajagopal Kumar\Downloads\fsi.714.2_girl.3gp 2012-06-25 21:54 - 2012-06-25 21:54 - 00262144 ____A C:\Windows\Minidump\062512-23992-01.dmp 2012-06-23 22:57 - 2012-06-23 22:57 - 00697616 ____A C:\Windows\Minidump\062312-27253-01.dmp 2012-06-23 05:04 - 2012-06-22 23:46 - 940314607 ____A C:\Users\Rajagopal Kumar\Downloads\Age004.rar 2012-06-19 21:56 - 2012-03-13 20:48 - 00002447 ____A C:\Users\Public\Desktop\VMware vSphere Client.lnk 2012-06-19 21:45 - 2012-06-19 21:37 - 367065912 ____A (Igor Pavlov) C:\Users\Rajagopal Kumar\Downloads\VMware-viclient.exe 2012-06-17 00:45 - 2012-06-17 00:45 - 00018495 ____A C:\Users\Rajagopal Kumar\Downloads\[ Music- Video ] Kalakalappu @ Masala Cafe - Lotus - Xvid - Devil@TMT.torrent 2012-06-15 00:04 - 2012-06-15 00:04 - 00001724 ____A C:\users\Rajagopal 2012-06-14 21:27 - 2012-07-01 19:20 - 00000224 ____A C:\Users\Rajagopal Kumar\Downloads\Redroseee Small Size Movies1.url 2012-06-14 21:19 - 2012-07-01 19:20 - 00000239 ____A C:\Users\Rajagopal Kumar\Downloads\Redrosee Small Size Movies2.url 2012-06-14 14:43 - 2012-06-14 14:40 - 00000413 ____A C:\Users\Rajagopal Kumar\Downloads\myentunnel.ini 2012-06-14 14:43 - 2012-06-14 14:40 - 00000002 ____A C:\Users\Rajagopal Kumar\Downloads\remoteports.txt 2012-06-14 14:43 - 2012-06-14 14:40 - 00000002 ____A C:\Users\Rajagopal Kumar\Downloads\localports.txt 2012-06-14 14:39 - 2012-06-14 14:39 - 00249856 ____A (Nemesis][) C:\Users\Rajagopal Kumar\Downloads\myentunnel.exe 2012-06-14 14:38 - 2012-06-14 14:38 - 00246433 ____A C:\Users\Rajagopal Kumar\Downloads\myentunnel-unicode.zip 2012-06-14 13:10 - 2012-06-14 13:09 - 00001486 ____A C:\Users\Rajagopal Kumar\Documents\id_rsa 2012-06-14 13:08 - 2012-06-14 13:08 - 00180224 ____A (Simon Tatham) C:\Users\Rajagopal Kumar\Downloads\puttygen.exe 2012-06-11 19:02 - 2012-07-11 00:54 - 03147264 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2012-06-09 23:21 - 2012-06-09 23:18 - 126609688 ____A (Lenovo Group ) C:\Users\Rajagopal Kumar\Downloads\IN3VDO43WW6.exe 2012-06-08 21:30 - 2012-07-10 22:04 - 14165504 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll 2012-06-08 20:46 - 2012-07-10 22:04 - 12868608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2012-06-05 21:50 - 2012-07-10 22:04 - 02003968 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll 2012-06-05 21:50 - 2012-07-10 22:04 - 01880064 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll 2012-06-05 21:09 - 2012-07-10 22:04 - 01389568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2012-06-05 21:09 - 2012-07-10 22:04 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2012-06-05 15:03 - 2012-07-13 21:31 - 00224088 ____A (Oracle Corporation) C:\Windows\System32\Drivers\VBoxDrv.sys 2012-06-05 15:03 - 2012-07-13 21:31 - 00130904 ____A (Oracle Corporation) C:\Windows\System32\Drivers\VBoxUSBMon.sys 2012-06-05 15:03 - 2012-06-05 15:03 - 00166232 ____A (Oracle Corporation) C:\Windows\System32\Drivers\VBoxNetFlt.sys 2012-06-05 15:03 - 2012-06-05 15:03 - 00147288 ____A (Oracle Corporation) C:\Windows\System32\Drivers\VBoxNetAdp.sys 2012-06-05 15:02 - 2012-06-05 15:02 - 00320856 ____A (Oracle Corporation) C:\Windows\System32\VBoxNetFltNobj.dll 2012-06-03 11:41 - 2012-06-03 11:41 - 00697728 ____A C:\Windows\Minidump\060312-30451-01.dmp 2012-06-02 14:19 - 2012-06-18 22:02 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll 2012-06-02 14:19 - 2012-06-18 22:02 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll 2012-06-02 14:19 - 2012-06-18 22:02 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll 2012-06-02 14:19 - 2012-06-18 22:02 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe 2012-06-02 14:19 - 2012-06-18 22:02 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll 2012-06-02 14:19 - 2012-06-18 22:02 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll 2012-06-02 14:15 - 2012-06-18 22:02 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll 2012-06-02 14:15 - 2012-06-18 22:02 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll 2012-06-02 14:15 - 2012-06-18 22:02 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe 2012-06-02 13:58 - 2012-06-24 15:12 - 682671301 ____A C:\Users\Rajagopal Kumar\Downloads\The.Aviator.2004.720p.mkv 2012-06-02 04:49 - 2012-07-11 00:50 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-06-02 04:17 - 2012-07-11 00:50 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-06-02 04:12 - 2012-07-11 00:50 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-06-02 04:05 - 2012-07-11 00:50 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-06-02 04:05 - 2012-07-11 00:50 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-06-02 04:04 - 2012-07-11 00:50 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-06-02 04:04 - 2012-07-11 00:50 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-06-02 04:03 - 2012-07-11 00:50 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-06-02 04:01 - 2012-07-11 00:50 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-06-02 04:00 - 2012-07-11 00:50 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-06-02 03:59 - 2012-07-11 00:50 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-06-02 03:57 - 2012-07-11 00:50 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-06-02 03:57 - 2012-07-11 00:50 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-06-02 03:54 - 2012-07-11 00:50 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-06-02 01:07 - 2012-07-11 00:50 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2012-06-02 00:43 - 2012-07-11 00:50 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2012-06-02 00:33 - 2012-07-11 00:50 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2012-06-02 00:26 - 2012-07-11 00:50 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2012-06-02 00:25 - 2012-07-11 00:50 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2012-06-02 00:25 - 2012-07-11 00:50 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2012-06-02 00:23 - 2012-07-11 00:50 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2012-06-02 00:21 - 2012-07-11 00:50 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2012-06-02 00:20 - 2012-07-11 00:50 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2012-06-02 00:19 - 2012-07-11 00:50 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2012-06-02 00:19 - 2012-07-11 00:50 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2012-06-02 00:17 - 2012-07-11 00:50 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2012-06-02 00:16 - 2012-07-11 00:50 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2012-06-02 00:14 - 2012-07-11 00:50 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2012-06-02 00:04 - 2012-06-01 22:56 - 836422613 ____A C:\Users\Rajagopal Kumar\Downloads\jodibreakers.mkv 2012-06-01 21:38 - 2012-07-10 22:04 - 00152432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys 2012-06-01 21:38 - 2012-07-10 22:04 - 00095088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys 2012-06-01 21:37 - 2012-07-10 22:04 - 00459216 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys 2012-06-01 21:27 - 2012-07-10 22:04 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll 2012-06-01 21:27 - 2012-07-10 22:04 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll 2012-06-01 20:48 - 2012-07-10 22:04 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2012-06-01 20:48 - 2012-07-10 22:04 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2012-06-01 20:47 - 2012-07-10 22:04 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2012-06-01 20:42 - 2012-07-10 22:04 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2012-05-30 19:42 - 2012-05-30 19:40 - 07562869 ____A C:\Users\Rajagopal Kumar\Downloads\fsi.615.desi girl in hotel.3gp 2012-05-30 16:09 - 2012-05-30 16:09 - 00000242 ____A C:\Users\Rajagopal Kumar\Downloads\local.properties 2012-05-30 12:38 - 2010-09-08 07:54 - 01252452 ____A C:\Windows\PFRO.log 2012-05-30 12:14 - 2012-05-30 12:14 - 00732160 ____A C:\Users\Rajagopal Kumar\Downloads\hpvrplugin.msi 2012-05-30 10:17 - 2012-05-30 10:17 - 00002042 ____A C:\Users\Public\Desktop\Nitro Reader.lnk 2012-05-30 10:16 - 2012-05-30 10:16 - 00001162 ____A C:\Users\Public\Desktop\PrimoPDF - Drop Files Here to Convert!.lnk 2012-05-30 10:16 - 2012-05-30 10:15 - 07549704 ____A C:\Users\Rajagopal Kumar\Downloads\InternationalPrimoPDF.exe 2012-05-30 10:16 - 2011-02-09 20:03 - 00000326 ____A C:\Windows\primopdf.ini 2012-05-30 09:31 - 2012-05-30 09:29 - 00001035 ____A C:\Users\Rajagopal Kumar\Desktop\magicJack.lnk 2012-05-30 06:40 - 2012-05-30 06:40 - 00015124 ____A C:\Users\Rajagopal Kumar\Desktop\viewBoardingPass.htm 2012-05-30 06:39 - 2012-05-30 06:39 - 00015084 ____A C:\Users\Rajagopal Kumar\Desktop\viewBoardingPass.action.htm 2012-05-27 20:02 - 2012-07-01 19:20 - 00032688 ____A C:\Users\Rajagopal Kumar\Downloads\2raod.srt 2012-05-27 08:26 - 2012-07-01 19:19 - 838003988 ____A C:\Users\Rajagopal Kumar\Downloads\2raod.mkv 2012-05-13 19:03 - 2012-05-13 00:14 - 734167772 ____A C:\Users\Rajagopal Kumar\Downloads\Lot1k2eq.crazy.avi 2012-05-12 22:17 - 2012-05-12 22:17 - 00697616 ____A C:\Windows\Minidump\051212-24710-01.dmp 2012-05-10 00:31 - 2012-05-10 00:31 - 06719302 ____A C:\Users\Rajagopal Kumar\Downloads\fsi.569.susma.3gp 2012-05-10 00:24 - 2012-05-10 00:24 - 03528123 ____A C:\Users\Rajagopal Kumar\Downloads\fsi.586.punjabi_couple.3gp 2012-05-10 00:15 - 2012-05-10 00:14 - 03653269 ____A C:\Users\Rajagopal Kumar\Downloads\fsi.582.college_girl.3gp 2012-05-10 00:15 - 2012-05-10 00:10 - 32765832 ____A C:\Users\Rajagopal Kumar\Downloads\mdp.2119.nri bitch.3gp ZeroAccess: C:\Users\Rajagopal Kumar\AppData\Local\{415fdb6d-355a-b025-9d22-69c8990fe1a7} C:\Users\Rajagopal Kumar\AppData\Local\{415fdb6d-355a-b025-9d22-69c8990fe1a7}\@ C:\Users\Rajagopal Kumar\AppData\Local\{415fdb6d-355a-b025-9d22-69c8990fe1a7}\L C:\Users\Rajagopal Kumar\AppData\Local\{415fdb6d-355a-b025-9d22-69c8990fe1a7}\n C:\Users\Rajagopal Kumar\AppData\Local\{415fdb6d-355a-b025-9d22-69c8990fe1a7}\U C:\Users\Rajagopal Kumar\AppData\Local\{415fdb6d-355a-b025-9d22-69c8990fe1a7}\L\00000004.@ C:\Users\Rajagopal Kumar\AppData\Local\{415fdb6d-355a-b025-9d22-69c8990fe1a7}\U\00000004.@ C:\Users\Rajagopal Kumar\AppData\Local\{415fdb6d-355a-b025-9d22-69c8990fe1a7}\U\00000008.@ C:\Users\Rajagopal Kumar\AppData\Local\{415fdb6d-355a-b025-9d22-69c8990fe1a7}\U\000000cb.@ C:\Users\Rajagopal Kumar\AppData\Local\{415fdb6d-355a-b025-9d22-69c8990fe1a7}\U\80000000.@ C:\Users\Rajagopal Kumar\AppData\Local\{415fdb6d-355a-b025-9d22-69c8990fe1a7}\U\80000032.@ C:\Users\Rajagopal Kumar\AppData\Local\{415fdb6d-355a-b025-9d22-69c8990fe1a7}\U\80000064.@ ========================= Known DLLs (Whitelisted) ============ ========================= Bamital & volsnap Check ============ C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ========================= Memory info ====================== Percentage of memory in use: 16% Total physical RAM: 3893.86 MB Available physical RAM: 3263.24 MB Total Pagefile: 3892.01 MB Available Pagefile: 3256.58 MB Total Virtual: 8192 MB Available Virtual: 8191.9 MB ======================= Partitions ========================= 1 Drive c: (Windows) (Fixed) (Total:420.66 GB) (Free:321.16 GB) NTFS 2 Drive e: () (Fixed) (Total:30 GB) (Free:29.91 GB) NTFS 3 Drive f: () (Removable) (Total:7.46 GB) (Free:7.24 GB) NTFS 4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS 5 Drive y: (System) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 465 GB 15 GB Disk 1 Online 7643 MB 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 100 MB 1024 KB Partition 2 Primary 420 GB 101 MB Partition 3 Primary 30 GB 420 GB ================================================================================== Disk: 0 Partition 1 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 0 Y System NTFS Partition 100 MB Healthy ================================================================================== Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 C Windows NTFS Partition 420 GB Healthy ================================================================================== Disk: 0 Partition 3 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 E NTFS Partition 30 GB Healthy ================================================================================== Partitions of Disk 1: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 7643 MB 31 KB ================================================================================== Disk: 1 Partition 1 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 F NTFS Removable 7643 MB Healthy ================================================================================== ========================================================== TDL4: custom:26000022 <===== ATTENTION! ========================================================== Last Boot: 2012-07-28 15:25 ======================= End Of Log ==========================