Hi,
I have a doubt about whether my PC has been infected. I tried a few free downloads and suspect that some malware may have crept in. Kaspersky Anti-virus says there are no problems but Spycatcher--which I have removed now--suggests that there may be some malware.
My OTL log is given below:--
OTL logfile created on: 7/15/2014 10:24:39 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\user-pc\Downloads
Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17028)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.96 Gb Total Physical Memory | 0.55 Gb Available Physical Memory | 28.01% Memory free
3.96 Gb Paging File | 1.86 Gb Available in Paging File | 47.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 99.66 Gb Total Space | 72.97 Gb Free Space | 73.22% Space Free | Partition Type: NTFS
Drive D: | 200.00 Gb Total Space | 175.38 Gb Free Space | 87.69% Space Free | Partition Type: NTFS
Drive E: | 165.76 Gb Total Space | 165.65 Gb Free Space | 99.93% Space Free | Partition Type: NTFS
Computer Name: SAMSUNG-PC | User Name: user-pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/07/15 10:12:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\user-pc\Downloads\OTL.exe
PRC - [2014/07/10 11:07:14 | 001,678,040 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\BtwRSupportService.exe
PRC - [2014/07/09 10:04:19 | 001,869,488 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
PRC - [2014/06/13 01:25:55 | 001,004,864 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
PRC - [2014/06/06 10:08:12 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014/05/08 19:18:38 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/03/26 19:47:02 | 000,350,496 | ---- | M] (ClientConnect Ltd.) -- C:\Program Files\Tbccint\ToolbarService\ToolbarService.exe
PRC - [2014/02/26 03:46:32 | 000,214,512 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
PRC - [2014/01/09 07:18:10 | 006,434,176 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
PRC - [2013/10/10 14:03:52 | 000,802,008 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2013/10/10 14:03:48 | 000,447,192 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2013/10/10 14:03:44 | 002,054,872 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2013/06/01 15:54:46 | 002,106,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2013/03/02 13:54:03 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhostex.exe
PRC - [2012/11/06 09:50:42 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/07/26 12:21:56 | 000,107,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe\LiveComm.exe
PRC - [2012/07/26 09:00:19 | 000,029,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RuntimeBroker.exe
PRC - [2011/11/01 04:07:04 | 000,512,000 | ---- | M] () -- C:\Program Files\Reliance Netconnect+\bin\MonServiceUDisk.exe
========== Modules (No Company Name) ==========
MOD - [2014/07/09 10:04:19 | 017,029,808 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_14_0_0_145.dll
MOD - [2014/06/06 10:08:46 | 003,852,912 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/10/10 14:03:56 | 000,044,760 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
MOD - [2013/06/18 01:05:10 | 000,478,400 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
MOD - [2012/07/26 12:21:57 | 000,143,216 | ---- | M] () -- C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
MOD - [2005/10/08 03:35:32 | 000,125,440 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Services (SafeList) ==========
SRV - [2014/07/10 11:07:14 | 001,678,040 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Windows\System32\BtwRSupportService.exe -- (BcmBtRSupport)
SRV - [2014/07/09 10:04:20 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/06/06 10:08:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/05/08 19:18:38 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/04/12 12:53:01 | 000,350,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsm.dll -- (LSM)
SRV - [2014/03/28 12:04:12 | 000,014,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2014/03/26 19:47:02 | 000,350,496 | ---- | M] (ClientConnect Ltd.) [Auto | Running] -- C:\Program Files\Tbccint\ToolbarService\ToolbarService.exe -- (TBSrv)
SRV - [2014/02/26 03:46:32 | 000,214,512 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe -- (AVP)
SRV - [2013/10/10 14:03:52 | 000,802,008 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2013/08/16 05:29:31 | 002,156,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WSService.dll -- (WSService)
SRV - [2013/06/25 04:39:53 | 000,226,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wcmsvc.dll -- (Wcmsvc)
SRV - [2013/06/01 14:53:42 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DeviceSetupManager.dll -- (DsmSvc)
SRV - [2013/05/04 10:27:04 | 000,371,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofmsvc.dll -- (netprofm)
SRV - [2013/05/04 10:26:05 | 000,143,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\bisrv.dll -- (BrokerInfrastructure)
SRV - [2013/04/09 03:21:05 | 000,136,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV - [2013/03/02 13:53:17 | 000,114,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\TimeBrokerServer.dll -- (TimeBroker)
SRV - [2013/03/02 13:53:15 | 000,117,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV - [2013/01/10 04:56:37 | 001,532,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlidsvc.dll -- (wlidsvc)
SRV - [2012/09/20 11:23:51 | 000,095,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fhsvc.dll -- (fhsvc)
SRV - [2012/07/26 09:33:42 | 002,205,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/26 08:50:19 | 000,051,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiarpc.dll -- (WiaRpc)
SRV - [2012/07/26 08:50:11 | 000,192,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\vaultsvc.dll -- (VaultSvc)
SRV - [2012/07/26 08:50:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2012/07/26 08:50:04 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\svsvc.dll -- (svsvc)
SRV - [2012/07/26 08:49:54 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2012/07/26 08:49:40 | 002,028,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2012/07/26 08:49:21 | 000,138,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcaSvc.dll -- (NcaSvc)
SRV - [2012/07/26 08:49:21 | 000,062,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2012/07/26 08:48:47 | 000,043,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\keyiso.dll -- (KeyIso)
SRV - [2012/07/26 08:48:24 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\efssvc.dll -- (EFS)
SRV - [2012/07/26 08:48:13 | 000,261,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\das.dll -- (DeviceAssociationService)
SRV - [2012/07/26 08:47:58 | 000,109,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV - [2012/07/26 05:57:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicvss)
SRV - [2012/07/26 05:57:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmictimesync)
SRV - [2012/07/26 05:57:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicshutdown)
SRV - [2012/07/26 05:57:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicrdv)
SRV - [2012/07/26 05:57:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmickvpexchange)
SRV - [2012/07/26 05:57:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicheartbeat)
SRV - [2011/11/01 04:07:04 | 000,512,000 | ---- | M] () [Auto | Running] -- C:\Program Files\Reliance Netconnect+\bin\MonServiceUDisk.exe -- (UDisk Monitor)
========== Driver Services (SafeList) ==========
DRV - File not found [File_System | Disabled | Stop_Pending] -- system32\DRIVERS\EsgScanner.sys -- (EsgScanner)
DRV - [2014/07/10 11:07:14 | 000,174,936 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\bcbtums.sys -- (bcbtums)
DRV - [2014/06/13 01:50:29 | 000,552,032 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\System32\Drivers\klif.sys -- (KLIF)
DRV - [2014/06/13 01:50:29 | 000,054,880 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\Drivers\klwfp.sys -- (klwfp)
DRV - [2014/06/13 01:50:28 | 000,094,304 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\klflt.sys -- (klflt)
DRV - [2014/03/28 12:05:17 | 000,030,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WdBoot.sys -- (WdBoot)
DRV - [2014/03/24 03:41:32 | 000,231,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WdFilter.sys -- (WdFilter)
DRV - [2014/02/26 03:46:30 | 000,144,992 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\Drivers\kneps.sys -- (kneps)
DRV - [2014/02/26 03:46:30 | 000,135,776 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\kl1.sys -- (kl1)
DRV - [2014/02/26 03:46:30 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\klmouflt.sys -- (klmouflt)
DRV - [2014/02/26 03:46:30 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\Drivers\klim6.sys -- (KLIM6)
DRV - [2014/02/26 03:46:30 | 000,025,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\klkbdflt.sys -- (klkbdflt)
DRV - [2014/02/26 03:46:30 | 000,024,672 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\klelam.sys -- (klelam)
DRV - [2014/01/07 03:48:02 | 000,015,384 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2013/10/10 15:37:31 | 000,038,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV - [2013/10/05 10:03:14 | 000,238,936 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\spaceport.sys -- (spaceport)
DRV - [2013/10/02 06:08:26 | 000,362,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV - [2013/08/16 04:51:21 | 000,051,544 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\dam.sys -- (dam)
DRV - [2013/08/10 10:54:21 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\tpm.sys -- (TPM)
DRV - [2013/07/09 09:46:17 | 000,097,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV - [2013/07/02 04:20:31 | 000,268,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV - [2013/07/02 04:20:28 | 000,180,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\UCX01000.SYS -- (UCX01000)
DRV - [2013/06/01 07:59:09 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV - [2013/04/13 04:04:48 | 000,014,432 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\Drivers\klpd.sys -- (klpd)
DRV - [2013/03/02 14:36:16 | 000,057,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\pdc.sys -- (pdc)
DRV - [2013/03/02 14:22:47 | 000,066,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\storahci.sys -- (storahci)
DRV - [2013/01/10 06:37:00 | 000,024,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV - [2012/11/27 09:23:14 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthhfHid.sys -- (bthhfhid)
DRV - [2012/11/20 10:26:58 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hidi2c.sys -- (hidi2c)
DRV - [2012/11/06 09:22:56 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\fxppm.sys -- (FxPPM)
DRV - [2012/10/12 12:42:33 | 000,023,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/10/11 10:58:23 | 000,046,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\sdstor.sys -- (sdstor)
DRV - [2012/09/20 12:39:32 | 000,031,464 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\cnghwassist.sys -- (cnghwassist)
DRV - [2012/07/26 09:47:18 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\condrv.sys -- (condrv)
DRV - [2012/07/26 09:18:44 | 000,058,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\acpiex.sys -- (acpiex)
DRV - [2012/07/26 09:12:33 | 000,068,848 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV - [2012/07/26 09:12:32 | 000,099,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV - [2012/07/26 09:12:32 | 000,070,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorClass.sys -- (EhStorClass)
DRV - [2012/07/26 09:12:31 | 000,085,232 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\3ware.sys -- (3ware)
DRV - [2012/07/26 09:12:19 | 000,285,424 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV - [2012/07/26 09:12:19 | 000,080,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VerifierExt.sys -- (VerifierExt)
DRV - [2012/07/26 09:12:18 | 000,076,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\uaspstor.sys -- (UASPStor)
DRV - [2012/07/26 09:12:15 | 000,059,120 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\mvumis.sys -- (mvumis)
DRV - [2012/07/26 09:10:10 | 000,256,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\clfs.sys -- (CLFS)
DRV - [2012/07/26 09:09:55 | 000,029,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\terminpt.sys -- (terminpt)
DRV - [2012/07/26 09:03:00 | 000,130,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmbus.sys -- (vmbus)
DRV - [2012/07/26 09:03:00 | 000,042,344 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmstorfl.sys -- (storflt)
DRV - [2012/07/26 09:03:00 | 000,032,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storvsc.sys -- (storvsc)
DRV - [2012/07/26 08:06:54 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV - [2012/07/26 08:06:49 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\mshidumdf.sys -- (mshidumdf)
DRV - [2012/07/26 08:06:36 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\HyperVideo.sys -- (HyperVideo)
DRV - [2012/07/26 08:06:35 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicRender.sys -- (BasicRender)
DRV - [2012/07/26 08:05:30 | 000,006,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vms3cap.sys -- (s3cap)
DRV - [2012/07/26 08:05:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\npsvctrig.sys -- (npsvctrig)
DRV - [2012/07/26 08:05:10 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\kdnic.sys -- (kdnic)
DRV - [2012/07/26 08:05:06 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpitime.sys -- (acpitime)
DRV - [2012/07/26 08:05:04 | 000,009,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vmgencounter.sys -- (gencounter)
DRV - [2012/07/26 08:04:43 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpipagr.sys -- (acpipagr)
DRV - [2012/07/26 08:04:42 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV - [2012/07/26 08:04:22 | 000,018,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2012/07/26 08:04:04 | 000,010,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hyperkbd.sys -- (hyperkbd)
DRV - [2012/07/26 08:03:53 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SerCx.sys -- (SerCx)
DRV - [2012/07/26 08:03:50 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SpbCx.sys -- (SpbCx)
DRV - [2012/07/26 08:03:50 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\vwifimp.sys -- (vwifimp)
DRV - [2012/07/26 08:03:29 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2012/07/26 08:03:16 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV - [2012/07/26 08:02:54 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012/07/26 08:02:53 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\dmvsc.sys -- (dmvsc)
DRV - [2012/07/26 08:02:02 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\wpcfltr.sys -- (wpcfltr)
DRV - [2012/07/26 08:01:11 | 000,110,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV - [2012/07/26 08:00:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\mslldp.sys -- (MsLldp)
DRV - [2012/07/26 08:00:39 | 000,084,480 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\Ndu.sys -- (Ndu)
DRV - [2012/07/26 04:19:39 | 000,238,080 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\yk63x86.sys -- (yukonw8)
DRV - [2012/06/02 20:01:30 | 002,273,280 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\athr.sys -- (athr)
DRV - [2011/10/28 00:09:32 | 000,105,472 | ---- | M] (ZTEMT Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\CT_ZTEMT_U_USBSER.sys -- (ztemtusbser)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://www.trovi.com...V=SP2151C_sp_ie
IE - HKCU\..\SearchScopes\{0DE0615C-7B63-4284-980F-78102A4B7D4A}: "URL" = http://www.google.co...1I7WZPA_enIN592
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7WZPA_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultEngine: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-yff27"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-yff27"
FF - prefs.js..browser.search.param.yahoo-type: "394500523"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://google.com/"
FF - prefs.js..extensions.enabledAddons: anti_banner%40kaspersky.com:14.0.0.4929
FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:3.2.3.20140316101110
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - prefs.js..keyword.URL: "http://in.search.yah...=ytff-yff27&p="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected] [2014/06/13 01:51:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected] [2014/06/13 01:51:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected] [2014/06/13 01:50:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected] [2014/06/13 01:50:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected] [2014/06/13 01:51:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/07/14 15:09:48 | 000,000,000 | ---D | M]
[2014/06/13 00:54:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user-pc\AppData\Roaming\mozilla\Extensions
[2014/07/15 08:22:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user-pc\AppData\Roaming\mozilla\Firefox\Profiles\1qmvxihn.default\extensions
[2014/07/15 08:22:09 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\user-pc\AppData\Roaming\mozilla\Firefox\Profiles\1qmvxihn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2014/06/13 00:56:14 | 000,000,000 | ---D | M] (Softonic English Toolbar) -- C:\Users\user-pc\AppData\Roaming\mozilla\Firefox\Profiles\1qmvxihn.default\extensions\{930f1200-f5f1-4870-bac6-e233ec8e7023}
[2014/07/15 08:21:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/07/15 08:21:58 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/07/15 08:21:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2014/07/15 08:21:57 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2014/06/13 01:50:58 | 000,000,000 | ---D | M] (Chặn quảng cáo) -- C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 14.0.0\FFEXT\[email protected]
O1 HOSTS File: ([2012/07/26 09:47:20 | 000,000,824 | ---- | M]) - C:\Windows\System32\Drivers\etc\hosts
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 1
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 113.193.12.14 113.193.1.14
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C639AD13-B9B7-4B12-834F-9400F07E7311}: DhcpNameServer = 113.193.12.14 113.193.1.14
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/07/26 12:22:25 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{eef21793-f27d-11e3-af9e-0c6076e4c1d1}\Shell - "" = AutoRun
O33 - MountPoints2\{eef21793-f27d-11e3-af9e-0c6076e4c1d1}\Shell\AutoRun\command - "" = "G:\Setup.exe" /Auto
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/07/15 10:26:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2014/07/15 10:26:21 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/07/15 08:53:25 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2014/07/15 08:50:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2014/07/14 15:09:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/07/14 15:09:56 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2014/07/10 11:31:48 | 000,000,000 | ---D | C] -- C:\Users\user-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth
[2014/07/10 11:16:29 | 000,000,000 | ---D | C] -- C:\Users\user-pc\Documents\Bluetooth Exchange Folder
[2014/07/10 11:16:28 | 000,000,000 | ---D | C] -- C:\Users\user-pc\AppData\Local\Broadcom
[2014/07/10 11:08:45 | 001,678,040 | ---- | C] (Broadcom Corporation.) -- C:\Windows\System32\BtwRSupportService.exe
[2014/07/10 11:08:42 | 000,174,936 | ---- | C] (Broadcom Corporation.) -- C:\Windows\System32\drivers\bcbtums.sys
[2014/07/10 11:07:59 | 000,000,000 | ---D | C] -- C:\Program Files\WIDCOMM
[2014/07/09 14:15:07 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014/07/09 14:14:42 | 002,863,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/07/09 14:14:38 | 001,440,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/07/09 14:14:38 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/07/09 14:14:38 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/07/09 14:14:38 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/07/09 14:14:38 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014/07/09 14:14:37 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/07/09 14:14:37 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/07/09 14:14:37 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/07/09 14:14:37 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UXInit.dll
[2014/07/09 14:14:37 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/07/09 14:14:37 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/07/09 14:14:37 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/07/09 14:14:30 | 005,582,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2014/07/09 14:14:26 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSShared.dll
[2014/07/09 14:14:26 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/07/09 14:14:26 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Robocopy.exe
[2014/07/09 14:14:24 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2014/07/09 14:14:18 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SHCore.dll
[2014/07/09 14:14:10 | 003,389,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014/07/09 14:14:10 | 001,440,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2014/07/02 09:33:28 | 000,000,000 | ---D | C] -- C:\Users\user-pc\AppData\Roaming\AVG
[2014/07/02 09:33:28 | 000,000,000 | ---D | C] -- C:\Users\user-pc\AppData\Local\AVG
[2014/07/02 09:32:27 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[2014/07/02 09:32:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2014/07/02 09:32:10 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2014/07/02 09:31:08 | 000,000,000 | ---D | C] -- C:\Users\user-pc\AppData\Roaming\Youtube Downloader HD
[2014/07/02 09:31:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Downloader HD
[2014/07/02 09:31:00 | 000,000,000 | ---D | C] -- C:\Program Files\Youtube Downloader HD
[2014/07/02 09:31:00 | 000,000,000 | ---D | C] -- C:\Users\user-pc\AppData\Roaming\OpenCandy
[2014/06/30 08:07:59 | 000,000,000 | ---D | C] -- C:\Users\user-pc\Documents\Unzipped
[2014/06/28 15:06:00 | 000,000,000 | ---D | C] -- C:\Users\user-pc\Desktop\Radiology Images
[2014/06/28 14:45:21 | 000,000,000 | ---D | C] -- C:\Users\user-pc\AppData\Roaming\ZteUpdateUI
[2014/06/27 16:23:31 | 000,000,000 | ---D | C] -- C:\Users\user-pc\New folder
[2014/06/27 16:08:33 | 000,000,000 | ---D | C] -- C:\Users\user-pc\AppData\Local\RadiantViewer
[2014/06/27 16:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RadiAnt DICOM Viewer
[2014/06/27 16:08:29 | 000,000,000 | ---D | C] -- C:\Program Files\RadiAntViewer32bit
[2014/06/27 16:08:29 | 000,000,000 | ---D | C] -- C:\ProgramData\RadiAntViewer
[2014/06/19 23:31:41 | 000,000,000 | ---D | C] -- C:\Users\user-pc\Desktop\POWERPOINT
[2014/06/19 03:20:39 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2014/06/19 01:32:52 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2014/06/19 01:30:25 | 000,778,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2014/06/19 01:30:25 | 000,035,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2014/06/19 01:24:41 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD Video Downloader
[2014/06/19 01:24:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
[2014/06/19 01:24:29 | 000,000,000 | ---D | C] -- C:\Program Files\GreenTree Applications
[2014/06/18 22:18:18 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2014/06/18 22:18:18 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2014/06/18 22:18:18 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndadmin.exe
[2014/06/18 22:18:17 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2014/06/18 22:17:37 | 008,552,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\glcndFilter.dll
[2014/06/18 22:17:29 | 000,788,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
[2014/06/18 22:17:28 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2014/06/18 22:17:28 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpclip.exe
[2014/06/18 22:17:28 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2014/06/18 22:17:27 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2014/06/18 22:17:27 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFCaptureEngine.dll
[2014/06/18 22:17:27 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dafWCN.dll
[2014/06/18 22:17:26 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2014/06/18 22:17:25 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnApi.dll
[2014/06/18 22:17:24 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2014/06/18 22:17:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfdprov.dll
[2014/06/18 22:17:24 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnEapPeerProxy.dll
[2014/06/18 22:17:24 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnEapAuthProxy.dll
[2014/06/18 22:17:23 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fxppm.sys
[2014/06/18 22:17:23 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2014/06/18 22:17:23 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2014/06/18 22:16:41 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dskquota.dll
[2014/06/18 22:16:37 | 002,273,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2014/06/18 22:16:34 | 000,385,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2014/06/18 22:16:34 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcmsvc.dll
[2014/06/18 22:16:34 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winmmbase.dll
[2014/06/18 22:16:33 | 000,330,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanconn.dll
[2014/06/18 22:16:33 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
[2014/06/18 22:16:33 | 000,105,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dumpsd.sys
[2014/06/18 22:16:33 | 000,097,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\msgpioclx.sys
[2014/06/18 22:16:32 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wwanadvui.dll
[2014/06/18 22:16:32 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LocationApi.dll
[2014/06/18 22:16:32 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\openfiles.exe
[2014/06/18 22:16:32 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcmcsp.dll
[2014/06/18 22:16:28 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Display.dll
[2014/06/18 22:16:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDKURD.DLL
[2014/06/18 22:16:02 | 001,186,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.UI.Immersive.dll
[2014/06/18 22:16:00 | 000,612,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2014/06/18 22:16:00 | 000,342,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2014/06/18 22:15:54 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore6.dll
[2014/06/18 22:15:53 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SpaceControl.dll
[2014/06/18 22:15:53 | 000,030,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys
[2014/06/18 22:15:52 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2014/06/18 22:15:52 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Storage.Compression.dll
[2014/06/18 22:15:52 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2014/06/18 22:15:52 | 000,046,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sdstor.sys
[2014/06/18 22:15:51 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\microsoft-windows-pdc.dll
[2014/06/18 22:15:50 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PCPKsp.dll
[2014/06/18 22:15:48 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AppxSip.dll
[2014/06/18 22:15:48 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BdeUISrv.exe
[2014/06/18 22:15:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbdhebl3.dll
[2014/06/18 22:15:34 | 000,929,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfnetsrc.dll
[2014/06/18 22:15:34 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfnetcore.dll
[2014/06/18 22:15:33 | 000,513,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmpeg2srcsnk.dll
[2014/06/18 22:15:23 | 000,319,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halmacpi.dll
[2014/06/18 22:15:23 | 000,319,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hal.dll
[2014/06/18 22:15:20 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2014/06/18 22:15:20 | 000,297,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2014/06/18 22:15:12 | 010,799,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.UI.Xaml.dll
[2014/06/18 22:15:09 | 000,914,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2014/06/18 22:15:08 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ubpm.dll
[2014/06/18 22:15:08 | 000,123,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tpm.sys
[2014/06/18 22:15:07 | 000,054,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2014/06/18 22:14:55 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2014/06/18 22:14:38 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2014/06/18 22:14:38 | 000,303,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2014/06/18 22:14:37 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2014/06/18 22:14:37 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveskybackup.dll
[2014/06/18 22:14:18 | 000,550,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
[2014/06/18 22:14:18 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll
[2014/06/18 22:14:18 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll
[2014/06/18 22:14:15 | 001,245,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2014/06/18 22:14:15 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2014/06/18 22:14:14 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2014/06/18 22:14:05 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appmgr.dll
[2014/06/18 22:14:04 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SettingSync.dll
[2014/06/18 22:14:04 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mbsmsapi.dll
[2014/06/18 22:13:53 | 001,842,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2014/06/18 22:13:52 | 002,106,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014/06/18 22:13:47 | 001,453,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfcore.dll
[2014/06/18 22:13:46 | 001,166,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.efi
[2014/06/18 22:13:46 | 001,063,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2014/06/18 22:13:46 | 001,035,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.efi
[2014/06/18 22:13:46 | 000,939,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2014/06/18 22:13:45 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2014/06/18 22:13:44 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfasfsrcsnk.dll
[2014/06/18 22:13:44 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2014/06/18 22:13:43 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceSetupManager.dll
[2014/06/18 22:13:43 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MbaeParserTask.exe
[2014/06/18 22:13:43 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\BthAvrcpTg.sys
[2014/06/18 22:13:33 | 000,509,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NotificationUI.exe
[2014/06/18 22:13:33 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.ApplicationModel.Store.dll
[2014/06/18 22:13:20 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WebcamUi.dll
[2014/06/18 22:13:17 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UserLanguagesCpl.dll
[2014/06/18 22:13:17 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpnapps.dll
[2014/06/18 22:13:16 | 001,217,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\storagewmi.dll
[2014/06/18 22:13:15 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vds_ps.dll
[2014/06/18 22:13:15 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsldr.exe
[2014/06/18 22:13:05 | 000,362,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBHUB3.SYS
[2014/06/18 22:13:04 | 001,556,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2014/06/18 22:13:04 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2014/06/18 22:13:04 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spaceport.sys
[2014/06/18 22:13:03 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUSettingsProvider.dll
[2014/06/18 22:13:03 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\storewuauth.dll
[2014/06/18 22:13:03 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2014/06/18 22:13:03 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2014/06/18 22:13:03 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2014/06/18 22:12:52 | 001,075,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2014/06/18 22:11:50 | 001,752,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpcMon.exe
[2014/06/18 22:11:48 | 003,502,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2014/06/18 22:11:46 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2014/06/18 22:11:45 | 000,995,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Media.Streaming.dll
[2014/06/18 22:11:45 | 000,307,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2014/06/18 22:11:43 | 000,709,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.dll
[2014/06/18 22:11:36 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2014/06/18 22:11:36 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2014/06/18 22:11:36 | 000,031,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\cnghwassist.sys
[2014/06/18 22:11:34 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2014/06/18 22:11:31 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WWAHost.exe
[2014/06/18 22:11:31 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpnprv.dll
[2014/06/18 22:11:31 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFPlay.dll
[2014/06/18 22:11:13 | 001,369,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2014/06/18 22:11:10 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapibase.dll
[2014/06/18 22:11:08 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TpmTasks.dll
[2014/06/18 22:11:06 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PackageStateRoaming.dll
[2014/06/18 22:11:05 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\provcore.dll
[2014/06/18 22:11:03 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2014/06/18 22:10:49 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\twinapi.dll
[2014/06/18 22:10:44 | 000,023,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
[2014/06/18 22:10:41 | 000,480,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2014/06/18 22:10:39 | 001,247,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\combase.dll
[2014/06/18 22:10:37 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\microsoft-windows-kernel-power-events.dll
[2014/06/18 22:10:36 | 000,062,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dumpfve.sys
[2014/06/18 22:10:23 | 000,449,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfsrcsnk.dll
[2014/06/18 22:10:22 | 000,016,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HalExtIntcLpioDMA.dll
[2014/06/18 22:10:20 | 000,014,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HalExtIntcUartDMA.dll
[2014/06/18 22:10:19 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinTypes.dll
[2014/06/18 22:10:16 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfsvr.dll
[2014/06/18 22:10:16 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlidcredprov.dll
[2014/06/18 22:10:11 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ProximityService.dll
[2014/06/18 22:10:09 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2014/06/18 22:10:09 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvproc.dll
[2014/06/18 22:10:09 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2014/06/18 22:10:08 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfh264enc.dll
[2014/06/18 22:10:08 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DAFWSD.dll
[2014/06/18 22:10:08 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SettingSyncHost.exe
[2014/06/18 22:10:08 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2014/06/18 22:10:07 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2014/06/18 22:10:07 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfnet.dll
[2014/06/18 22:10:05 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2014/06/18 22:10:05 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CscMig.dll
[2014/06/18 22:10:05 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevPropMgr.dll
[2014/06/18 22:10:04 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2014/06/18 22:10:02 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdbinst.exe
[2014/06/18 22:09:59 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfctrs.dll
[2014/06/18 22:09:59 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfproc.dll
[2014/06/18 22:09:58 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LangCleanupSysprepAction.dll
[2014/06/18 22:09:58 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eventcls.dll
[2014/06/18 22:09:58 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MUILanguageCleanup.dll
[2014/06/18 22:09:58 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetupproxyserv.dll
[2014/06/18 21:54:43 | 000,000,000 | ---D | C] -- C:\Users\user-pc\Pinky
[2014/06/18 21:41:20 | 000,703,968 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/06/18 21:41:20 | 000,105,440 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/06/17 02:56:22 | 000,000,000 | ---D | C] -- C:\Users\user-pc\AppData\Roaming\IrfanView
[2014/06/17 02:56:22 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2014/06/16 21:18:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/07/15 10:04:04 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/15 08:22:17 | 000,001,990 | ---- | M] () -- C:\Users\user-pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/07/15 08:22:03 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/07/15 08:17:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/12 16:34:04 | 000,719,418 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/07/12 16:34:04 | 000,132,748 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/07/10 11:22:25 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/07/10 11:22:25 | 1684,942,848 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/10 11:14:38 | 000,000,834 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2014/07/10 11:07:14 | 001,678,040 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\BtwRSupportService.exe
[2014/07/10 11:07:14 | 000,174,936 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\bcbtums.sys
[2014/07/08 08:50:03 | 000,153,698 | ---- | M] () -- C:\Users\user-pc\Desktop\RelianceJuly2014.pdf
[2014/07/01 08:48:16 | 000,339,327 | ---- | M] () -- C:\Users\user-pc\Tikona Bill.pdf
[2014/06/28 12:59:33 | 000,087,977 | ---- | M] () -- C:\Users\user-pc\IMG-0001-00001.jpg
[2014/06/27 16:08:30 | 000,001,100 | ---- | M] () -- C:\Users\user-pc\Application Data\Microsoft\Internet Explorer\Quick Launch\RadiAnt DICOM Viewer (32-bit).lnk
[2014/06/27 16:08:29 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\RadiAnt DICOM Viewer (32-bit).lnk
[2014/06/27 02:23:24 | 000,703,968 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/06/27 02:23:24 | 000,105,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/06/19 06:24:05 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/06/19 06:23:42 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UXInit.dll
[2014/06/19 06:23:03 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/06/19 06:23:01 | 000,493,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/06/19 06:22:46 | 002,863,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/06/19 06:22:46 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/06/19 06:22:42 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014/06/19 06:22:42 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014/06/19 06:22:42 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/06/19 06:22:42 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/06/19 06:22:34 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/06/19 06:22:34 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/06/19 06:22:19 | 001,440,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/06/19 06:00:35 | 002,706,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/06/19 01:24:31 | 000,001,247 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2014/06/18 04:57:37 | 001,440,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2014/06/17 03:04:40 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/06/17 02:56:34 | 000,000,968 | ---- | M] () -- C:\Users\Public\Desktop\IrfanView.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/07/14 15:09:50 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/07/10 11:08:14 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2014/07/08 08:50:03 | 000,153,698 | ---- | C] () -- C:\Users\user-pc\Desktop\RelianceJuly2014.pdf
[2014/07/01 08:48:01 | 000,339,327 | ---- | C] () -- C:\Users\user-pc\Tikona Bill.pdf
[2014/06/27 16:58:12 | 000,087,977 | ---- | C] () -- C:\Users\user-pc\IMG-0001-00001.jpg
[2014/06/27 16:08:30 | 000,001,100 | ---- | C] () -- C:\Users\user-pc\Application Data\Microsoft\Internet Explorer\Quick Launch\RadiAnt DICOM Viewer (32-bit).lnk
[2014/06/27 16:08:29 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\RadiAnt DICOM Viewer (32-bit).lnk
[2014/06/19 01:24:31 | 000,001,247 | ---- | C] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2014/06/18 22:15:20 | 000,387,268 | ---- | C] () -- C:\Windows\System32\ApnDatabase.xml
[2014/06/17 03:04:40 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014/06/17 03:04:40 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/06/17 02:56:34 | 000,000,968 | ---- | C] () -- C:\Users\Public\Desktop\IrfanView.lnk
[2014/06/14 22:30:23 | 000,083,968 | ---- | C] () -- C:\Windows\System32\OEMLicense.dll
[2014/06/13 01:14:30 | 000,002,503 | ---- | C] () -- C:\Users\user-pc\Skype.lnk
[2014/06/13 01:12:52 | 000,000,804 | ---- | C] () -- C:\Users\user-pc\NEC camera.lnk
[2014/06/13 01:06:27 | 000,405,881 | ---- | C] () -- C:\Windows\KJ.exe
[2014/06/13 00:56:46 | 000,001,943 | ---- | C] () -- C:\Users\user-pc\WinZip.lnk
[2014/06/13 00:56:09 | 000,001,024 | ---- | C] () -- C:\Users\user-pc\VLC media player.lnk
[2014/06/13 00:55:20 | 000,001,064 | ---- | C] () -- C:\Users\user-pc\Picasa 3.lnk
[2014/06/13 00:54:59 | 000,000,975 | ---- | C] () -- C:\Users\user-pc\WinRAR.lnk
[2014/06/13 00:54:22 | 000,001,170 | ---- | C] () -- C:\Users\user-pc\50 FREE MP3s +1 Free Audiobook!.lnk
[2014/06/13 00:54:22 | 000,000,947 | ---- | C] () -- C:\Users\user-pc\Winamp.lnk
[2012/07/26 12:25:27 | 000,719,418 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2012/07/26 12:25:27 | 000,296,742 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2012/07/26 12:25:27 | 000,132,748 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2012/07/26 12:25:27 | 000,033,362 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2012/07/26 12:23:47 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2012/07/26 12:23:46 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2012/07/26 11:33:55 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/26 06:50:38 | 000,071,680 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2012/07/26 06:47:42 | 000,043,520 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2012/07/26 02:11:36 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/26 01:55:49 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2012/07/26 01:55:49 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2012/07/26 01:55:49 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2012/07/26 01:54:47 | 000,526,068 | ---- | C] () -- C:\Windows\System32\staticurllist.bin
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/28 11:48:26 | 017,562,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 08:48:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2012/07/26 08:50:13 | 000,354,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Files - Unicode (All) ==========
[2014/07/15 10:28:08 | 002,375,680 | ---- | M] ()(C:\Windows\System32\????????????????????????????????) -- C:\Windows\System32\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯慤
[2014/07/15 08:47:23 | 002,375,680 | ---- | C] ()(C:\Windows\System32\????????????????????????????????) -- C:\Windows\System32\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯慤
< End of report >
I would be extremely grateful if I am guided in the proper way to clean up my system.
Thanks in advance.
Hari