Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93085 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Internet works in safe mode but not in normal mode

Started by Ashish Agarwal , Jan 11 2014 05:00 PM

  • Please log in to reply
5 replies to this topic

#1 Ashish Agarwal

Ashish Agarwal

    New Member

  • New Member
  • Pip
  • 3 posts

Posted 11 January 2014 - 05:00 PM

I am infected with malware. As I have removed some using malwarebyte. Some of the malware removed were "Bonanza","Sense" something,already my chrome opens only www.sweet-page.com. I had accidently downloaded wrong firefox setup file from a fraud website and run the installer. It installed moboginie and some more but I immediately declined and uninstalled the malware.

 

In normal mode though wifi is connected and also can access network but has become slow. Internet is so slow ,its next to not working. Also when I checked the status of wifi connection it shows continues high speed bytes receiving.

 

Definitely some virus is doing it. But Avast, malwarebyte and spybot cant remove it. Avast & spybot dont even detect. I updated malwarebyte in safe mode and did the scan and removed 15 of it and then after restart in normal mode internet was normal for 5 minutes then again the same problem started.

 

My network speed has dropped and also internet speed is almost 0.

 

logs r followed

 

OTL logfile created on: 12/01/2014 04:13:50 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Ashish\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
3.86 Gb Total Physical Memory | 2.95 Gb Available Physical Memory | 76.46% Memory free
7.71 Gb Paging File | 6.87 Gb Available in Paging File | 89.17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 230.01 Gb Total Space | 189.33 Gb Free Space | 82.32% Space Free | Partition Type: NTFS
Drive D: | 123.00 Gb Total Space | 107.81 Gb Free Space | 87.65% Space Free | Partition Type: NTFS
Drive E: | 97.66 Gb Total Space | 90.81 Gb Free Space | 92.99% Space Free | Partition Type: NTFS
 
Computer Name: ASHISHACER | User Name: Ashish | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Ashish\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (EPSON_EB_RPCV4_04) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (SEIKO EPSON CORPORATION)
SRV:64bit: - (EPSON_PM_RPCV4_04) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (SEIKO EPSON CORPORATION)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Atheros Commnucations)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswstm.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-pag...PBN403M7EAMUSEX
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-pag...q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-pag...q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-pag...PBN403M7EAMUSEX
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.sweet-pag...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.in
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.co.in
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co.in
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.in
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8E 1E DC 41 17 0E CF 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{B9F9522F-C436-433C-BFE9-271C5879141F}: "URL" = http://www.mysearchr...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2011.70
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/01/07 00:18:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Ashish\AppData\Roaming\IDM\idmmzcc5
 
[2014/01/07 15:01:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ashish\AppData\Roaming\Mozilla\Extensions
[2014/01/11 18:00:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ashish\AppData\Roaming\Mozilla\Firefox\Profiles\94hcrsdj.default\extensions
[2014/01/11 12:26:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/01/11 12:26:04 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/01/07 00:18:24 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: 
 
O1 HOSTS File: ([2014/01/11 23:33:18 | 000,450,770 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15469 more lines...
O2:64bit: - BHO: (no name) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - No CLSID value found.
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (no name) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - No CLSID value found.
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [Fences] C:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\Ashish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Ashish\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Ashish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk = C:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04A1C436-B079-4334-87B8-47C7DCA237A9}: DhcpNameServer = 10.0.0.1 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/01/12 04:06:04 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ashish\Desktop\OTL.exe
[2014/01/12 03:58:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2014/01/12 03:56:20 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/01/12 03:55:35 | 004,645,232 | ---- | C] (Piriform Ltd) -- C:\Users\Ashish\Desktop\ccsetup409.exe
[2014/01/12 03:52:41 | 002,347,384 | ---- | C] (ESET) -- C:\Users\Ashish\Desktop\esetsmartinstaller_enu.exe
[2014/01/12 03:41:23 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Ashish\Desktop\HijackThis.exe
[2014/01/12 03:28:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/01/12 00:41:15 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\Windows Live Writer
[2014/01/12 00:41:15 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Local\Windows Live Writer
[2014/01/12 00:35:41 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2014/01/12 00:34:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2014/01/12 00:32:15 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Local\Windows Live
[2014/01/12 00:31:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2014/01/11 23:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2014/01/11 23:21:42 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2014/01/11 20:42:13 | 000,000,000 | ---D | C] -- C:\Users\Ashish\Desktop\IMP old data
[2014/01/11 19:24:45 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\Malwarebytes
[2014/01/11 19:23:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/11 19:23:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/01/11 19:23:30 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/01/11 19:23:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/01/11 13:33:26 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\Macromedia
[2014/01/11 13:33:26 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Local\Macromedia
[2014/01/11 13:33:26 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\Adobe
[2014/01/11 13:26:35 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/01/11 13:26:35 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/01/11 13:26:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2014/01/11 13:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014/01/11 13:25:03 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Local\Adobe
[2014/01/11 13:02:07 | 000,000,000 | ---D | C] -- C:\Users\Ashish\Desktop\FY 13-14
[2014/01/11 12:26:13 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Local\Mozilla
[2014/01/11 12:26:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/01/11 12:25:24 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\UpdaterEX
[2014/01/11 12:25:02 | 000,000,000 | ---D | C] -- C:\ProgramData\WPM
[2014/01/10 21:29:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2014/01/10 19:15:37 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Local\SafeInCloud
[2014/01/10 17:18:15 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\ImageBadger
[2014/01/10 17:17:31 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImageBadger
[2014/01/10 17:17:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImageBadger
[2014/01/10 17:10:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON
[2014/01/10 17:09:58 | 000,010,752 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\E_GCINST.DLL
[2014/01/10 17:09:57 | 000,118,784 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_ILMGGI.DLL
[2014/01/10 17:09:56 | 000,088,064 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_IBCBGGI.DLL
[2014/01/10 17:09:32 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2014/01/10 17:08:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2014/01/10 17:08:18 | 000,464,384 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\esxw2ud.dll
[2014/01/10 17:08:18 | 000,132,560 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\esdevapp.exe
[2014/01/10 17:08:18 | 000,013,824 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\esxcdev.dll
[2014/01/10 17:08:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\epson
[2014/01/10 17:01:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photocopier Pro
[2014/01/10 17:01:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Photocopier Pro
[2014/01/10 15:58:34 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Local\CrashDumps
[2014/01/09 16:20:32 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/01/09 16:20:31 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/01/09 11:17:24 | 000,000,000 | ---D | C] -- C:\Users\Ashish\.android
[2014/01/09 11:17:21 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Local\cache
[2014/01/08 19:20:54 | 000,000,000 | ---D | C] -- C:\Users\Ashish\Desktop\UV Reference
[2014/01/08 15:20:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2014/01/08 12:42:40 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014/01/08 12:42:40 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/01/08 12:42:38 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2014/01/08 12:42:37 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2014/01/08 12:42:37 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2014/01/08 12:42:37 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2014/01/08 12:29:27 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014/01/08 12:29:27 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014/01/08 12:28:44 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2014/01/08 12:28:44 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2014/01/08 12:28:44 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2014/01/08 12:28:44 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2014/01/08 12:28:44 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2014/01/08 12:28:44 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2014/01/08 12:28:44 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2014/01/08 12:28:44 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2014/01/08 12:28:44 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2014/01/08 12:28:41 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2014/01/08 12:26:49 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2014/01/08 12:26:49 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2014/01/08 12:26:26 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/01/08 12:26:25 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/01/08 12:26:25 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2014/01/08 12:26:24 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2014/01/08 12:26:24 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014/01/08 12:26:24 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014/01/08 12:26:12 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2014/01/08 12:25:50 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2014/01/08 12:25:50 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2014/01/08 12:25:50 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2014/01/08 12:25:50 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2014/01/08 12:25:50 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2014/01/08 12:25:50 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2014/01/08 12:25:12 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2014/01/08 12:25:12 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2014/01/08 12:25:11 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014/01/08 12:25:11 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014/01/08 12:25:06 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/01/08 12:25:06 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/01/08 12:25:06 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014/01/08 12:24:28 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2014/01/08 12:24:28 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2014/01/08 12:24:08 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2014/01/08 12:24:07 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2014/01/08 12:23:54 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2014/01/08 12:23:54 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2014/01/08 12:22:36 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2014/01/08 12:22:36 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2014/01/08 12:21:30 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2014/01/08 12:21:30 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2014/01/08 12:21:30 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2014/01/08 12:21:30 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2014/01/08 12:21:29 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2014/01/08 12:21:29 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2014/01/08 12:21:29 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2014/01/08 12:21:29 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2014/01/08 12:21:21 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2014/01/08 12:21:21 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2014/01/08 12:21:21 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2014/01/08 12:21:21 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2014/01/08 12:21:12 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/01/08 12:21:12 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014/01/08 12:21:12 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014/01/08 12:21:12 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014/01/08 12:21:12 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014/01/08 12:20:33 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/01/08 12:20:32 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014/01/08 12:20:32 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014/01/08 12:20:31 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014/01/08 12:20:31 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/01/08 12:20:31 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/01/08 12:20:31 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/01/08 12:20:31 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2014/01/08 12:20:30 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2014/01/08 12:20:30 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/01/08 12:20:30 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2014/01/08 12:20:30 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2014/01/08 12:20:30 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/01/08 12:20:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/01/08 12:20:30 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/01/08 12:20:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/01/08 12:20:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/01/08 12:20:29 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/01/08 12:20:29 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/01/08 12:20:29 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2014/01/08 12:20:29 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2014/01/08 12:20:29 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2014/01/08 12:20:29 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/01/08 12:20:29 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2014/01/08 12:20:29 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2014/01/08 12:20:29 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2014/01/08 12:20:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/01/08 12:20:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/01/08 12:20:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2014/01/08 12:20:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2014/01/08 12:20:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2014/01/08 12:20:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2014/01/08 12:20:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2014/01/08 12:20:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/01/08 12:20:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/01/08 12:20:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/01/08 12:20:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/01/08 12:20:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/01/08 12:20:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2014/01/08 12:20:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2014/01/08 12:20:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2014/01/08 12:20:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/01/08 12:20:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2014/01/08 12:20:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2014/01/08 12:20:28 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2014/01/08 12:20:28 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2014/01/08 12:20:28 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2014/01/08 12:20:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2014/01/08 12:20:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2014/01/08 12:20:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2014/01/08 12:20:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2014/01/08 12:20:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2014/01/08 12:20:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2014/01/08 12:20:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014/01/08 12:19:02 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2014/01/08 12:19:02 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2014/01/08 12:18:43 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2014/01/08 12:18:41 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2014/01/08 12:18:41 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2014/01/08 12:18:41 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2014/01/08 12:18:32 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2014/01/08 12:18:32 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2014/01/08 12:18:12 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014/01/08 12:18:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/01/08 12:18:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/01/08 12:17:52 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2014/01/08 12:17:52 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2014/01/08 12:17:49 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2014/01/08 12:17:49 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2014/01/08 12:17:49 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2014/01/08 12:17:11 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2014/01/08 12:17:11 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2014/01/08 12:16:49 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/01/08 12:16:49 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/01/08 12:11:17 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014/01/08 12:11:14 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2014/01/08 12:11:14 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2014/01/08 12:11:14 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2014/01/08 12:11:13 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2014/01/08 11:59:25 | 000,911,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/01/08 11:59:25 | 000,609,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/01/08 11:59:24 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/01/08 11:59:06 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2014/01/08 11:59:06 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2014/01/08 11:59:05 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2014/01/08 11:59:05 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2014/01/08 11:59:05 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2014/01/08 11:59:05 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2014/01/08 11:59:05 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2014/01/08 11:59:05 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2014/01/08 11:59:05 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2014/01/08 11:58:58 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2014/01/08 11:58:34 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2014/01/08 11:58:34 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2014/01/08 11:58:25 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2014/01/08 11:58:24 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/01/08 11:58:20 | 000,735,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/01/08 11:58:17 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/01/08 11:58:17 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/01/08 11:58:17 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/01/08 11:58:17 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/01/08 11:58:17 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/01/08 11:58:17 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/01/08 11:56:40 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2014/01/08 11:56:40 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2014/01/08 11:55:54 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014/01/08 11:55:54 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014/01/08 11:55:22 | 000,000,000 | ---D | C] -- C:\Users\Ashish\Desktop\New Project
[2014/01/08 11:55:20 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2014/01/08 11:55:20 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2014/01/08 11:55:19 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2014/01/08 11:55:16 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2014/01/08 11:55:06 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2014/01/08 11:55:02 | 001,545,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/01/08 11:54:07 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2014/01/08 11:54:07 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2014/01/08 11:54:07 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2014/01/08 11:54:07 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2014/01/08 11:54:06 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2014/01/08 11:54:06 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2014/01/08 11:54:05 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2014/01/08 11:54:03 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2014/01/08 11:54:03 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2014/01/08 11:54:02 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2014/01/08 11:54:02 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2014/01/08 11:54:00 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2014/01/08 11:53:59 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2014/01/08 11:50:08 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2014/01/08 11:50:06 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2014/01/08 11:49:48 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2014/01/08 11:49:48 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2014/01/08 11:49:48 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2014/01/08 11:49:48 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2014/01/07 20:58:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Launch Manager
[2014/01/07 20:58:52 | 000,281,680 | ---- | C] (Dritek System Inc.) -- C:\Windows\UNINSTLMv4.EXE
[2014/01/07 17:51:12 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\ASCOMP Software
[2014/01/07 17:51:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASCOMP Software
[2014/01/07 17:51:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASCOMP Software
[2014/01/07 17:51:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Mailbird
[2014/01/07 16:00:53 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\Opera Mail
[2014/01/07 15:30:53 | 000,000,000 | ---D | C] -- C:\Users\Ashish\Desktop\Ashish
[2014/01/07 15:26:01 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Local\Stardock_Corporation
[2014/01/07 15:25:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Stardock
[2014/01/07 15:25:39 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\Stardock
[2014/01/07 15:25:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
[2014/01/07 15:25:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stardock
[2014/01/07 15:19:19 | 000,000,000 | ---D | C] -- C:\Users\Ashish\Desktop\Unused
[2014/01/07 15:18:22 | 000,000,000 | ---D | C] -- C:\Users\Ashish\Desktop\UNITED
[2014/01/07 15:01:14 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\Thunderbird
[2014/01/07 15:01:14 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\Mozilla
[2014/01/07 14:56:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/01/07 14:56:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/01/07 13:33:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Printer Uninstaller
[2014/01/07 13:28:21 | 000,202,752 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNAB4EMD.DLL
[2014/01/07 13:28:21 | 000,124,928 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNAB4SMD.DLL
[2014/01/07 13:28:21 | 000,064,000 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNAB4PTD.DLL
[2014/01/07 13:28:21 | 000,063,936 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNAB4RPD.EXE
[2014/01/07 13:28:21 | 000,058,880 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNAB4LMD.DLL
[2014/01/07 13:28:10 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2014/01/07 13:27:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2014/01/07 13:22:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2014/01/07 12:44:36 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2014/01/07 12:44:36 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2014/01/07 12:43:22 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\eM Client
[2014/01/07 12:32:21 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/01/07 12:32:21 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/01/07 12:32:21 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/01/07 12:32:16 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/01/07 12:32:16 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/01/07 12:32:16 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/01/07 12:32:06 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/01/07 12:32:06 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/01/07 12:20:04 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\Foxit Software
[2014/01/07 12:19:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2014/01/07 12:05:52 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/01/07 12:03:28 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/01/07 12:02:00 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014/01/07 12:00:25 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2014/01/07 11:50:42 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\Dropbox
[2014/01/07 02:46:49 | 000,000,000 | ---D | C] -- C:\Users\Ashish\Desktop\DTH
[2014/01/07 01:31:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV
[2014/01/07 01:31:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV
[2014/01/07 01:28:48 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014/01/07 01:28:37 | 010,428,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2014/01/07 01:28:37 | 005,160,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2014/01/07 01:28:37 | 003,074,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2014/01/07 01:28:37 | 001,350,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2014/01/07 01:28:37 | 000,837,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll
[2014/01/07 01:28:37 | 000,540,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhotkey.dll
[2014/01/07 01:28:37 | 000,222,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2014/01/07 01:28:37 | 000,137,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2014/01/07 01:28:37 | 000,055,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2014/01/07 01:28:29 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014/01/07 01:28:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2014/01/07 01:27:46 | 024,796,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014/01/07 01:27:46 | 024,748,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014/01/07 01:27:46 | 018,876,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014/01/07 01:27:46 | 017,248,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014/01/07 01:27:46 | 015,696,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014/01/07 01:27:46 | 013,208,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014/01/07 01:27:46 | 008,798,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014/01/07 01:27:46 | 007,598,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014/01/07 01:27:46 | 007,049,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014/01/07 01:27:46 | 005,589,824 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014/01/07 01:27:46 | 002,824,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014/01/07 01:27:46 | 002,544,960 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014/01/07 01:27:46 | 002,472,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014/01/07 01:27:46 | 002,403,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014/01/07 01:27:46 | 002,233,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014/01/07 01:27:46 | 002,100,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014/01/07 01:27:46 | 001,543,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2014/01/07 01:27:46 | 001,454,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2014/01/07 01:27:46 | 000,862,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2014/01/07 01:27:46 | 000,718,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014/01/07 01:27:46 | 000,371,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoptimusmft.dll
[2014/01/07 01:27:46 | 000,364,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll
[2014/01/07 01:27:46 | 000,330,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoptimusmft.dll
[2014/01/07 01:27:46 | 000,301,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll
[2014/01/07 01:27:46 | 000,241,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014/01/07 01:27:46 | 000,203,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014/01/07 01:27:46 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014/01/07 01:27:46 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014/01/07 01:27:46 | 000,028,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvpciflt.sys
[2014/01/07 01:25:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2014/01/07 01:22:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2014/01/07 01:22:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2014/01/07 01:21:23 | 000,317,440 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys
[2014/01/07 01:21:23 | 000,014,848 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\IntcDAuC.dll
[2014/01/07 01:21:18 | 000,090,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v2342.dll
[2014/01/07 01:21:17 | 000,509,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2014/01/07 01:21:17 | 000,380,928 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2014/01/07 01:21:17 | 000,368,640 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll
[2014/01/07 01:21:17 | 000,364,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll
[2014/01/07 01:21:17 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2014/01/07 01:21:17 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2014/01/07 01:21:17 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2014/01/07 01:21:17 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2014/01/07 01:21:17 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2014/01/07 01:21:17 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2014/01/07 01:21:17 | 000,167,960 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2014/01/07 01:21:17 | 000,095,744 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll
[2014/01/07 01:21:17 | 000,086,528 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll
[2014/01/07 01:21:17 | 000,062,464 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
[2014/01/07 01:21:16 | 000,287,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2014/01/07 01:21:16 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrom.lrc
[2014/01/07 01:21:16 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2014/01/07 01:21:16 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2014/01/07 01:21:16 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2014/01/07 01:21:16 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2014/01/07 01:21:16 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhrv.lrc
[2014/01/07 01:21:16 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2014/01/07 01:21:16 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2014/01/07 01:21:16 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2014/01/07 01:21:16 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2014/01/07 01:21:16 | 000,285,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2014/01/07 01:21:16 | 000,283,648 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2014/01/07 01:21:16 | 000,283,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2014/01/07 01:21:15 | 009,014,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
[2014/01/07 01:21:15 | 000,335,872 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2014/01/07 01:21:15 | 000,287,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2014/01/07 01:21:15 | 000,287,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2014/01/07 01:21:15 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2014/01/07 01:21:15 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2014/01/07 01:21:15 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2014/01/07 01:21:15 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2014/01/07 01:21:15 | 000,285,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2014/01/07 01:21:15 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2014/01/07 01:21:15 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2014/01/07 01:21:14 | 000,575,488 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumdx32.dll
[2014/01/07 01:21:14 | 000,418,840 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2014/01/07 01:21:14 | 000,385,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2014/01/07 01:21:14 | 000,288,768 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2014/01/07 01:21:14 | 000,239,128 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2014/01/07 01:21:14 | 000,142,848 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll
[2014/01/07 01:21:14 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2014/01/07 01:21:14 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2014/01/07 01:21:14 | 000,122,368 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll
[2014/01/07 01:21:14 | 000,028,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2014/01/07 01:21:14 | 000,024,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2014/01/07 01:21:13 | 007,473,664 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2014/01/07 01:21:12 | 012,262,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2014/01/07 01:21:12 | 005,692,416 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll
[2014/01/07 01:21:11 | 007,386,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll
[2014/01/07 01:21:11 | 006,068,736 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2014/01/07 01:21:10 | 019,592,704 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig4icd64.dll
[2014/01/07 01:21:09 | 014,294,016 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig4icd32.dll
[2014/01/07 01:21:09 | 004,370,456 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2014/01/07 01:21:09 | 000,391,704 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2014/01/07 01:21:09 | 000,144,896 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2014/01/07 01:21:09 | 000,109,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
[2014/01/07 01:18:27 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\DMCache
[2014/01/07 01:18:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Download Manager
[2014/01/07 01:08:21 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014/01/07 01:06:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014/01/07 01:05:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014/01/07 01:03:57 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Local\BMExplorer
[2014/01/07 00:59:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
[2014/01/07 00:58:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Renesas Electronics
[2014/01/07 00:57:15 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2014/01/07 00:56:49 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2014/01/07 00:56:29 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll
[2014/01/07 00:56:28 | 000,215,336 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPAPI.dll
[2014/01/07 00:56:28 | 000,147,752 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPCo4.dll
[2014/01/07 00:56:28 | 000,107,816 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynTPCOM.dll
[2014/01/07 00:56:27 | 001,383,472 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys
[2014/01/07 00:56:27 | 000,271,144 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCtrl.dll
[2014/01/07 00:56:27 | 000,214,312 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCtrl.dll
[2014/01/07 00:56:27 | 000,165,160 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynGlwPadShlExt.dll
[2014/01/07 00:56:26 | 000,400,168 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCOM.dll
[2014/01/07 00:56:26 | 000,173,352 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCOM.dll
[2014/01/07 00:53:20 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2014/01/07 00:49:32 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\Atheros
[2014/01/07 00:49:29 | 000,000,000 | ---D | C] -- C:\Users\Ashish\Documents\Bluetooth Folder
[2014/01/07 00:49:07 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
[2014/01/07 00:49:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Atheros
[2014/01/07 00:48:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bluetooth Suite
[2014/01/07 00:47:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2014/01/07 00:47:03 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2014/01/07 00:47:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2014/01/07 00:45:50 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\Intel Corporation
[2014/01/07 00:41:22 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2014/01/07 00:40:42 | 000,557,848 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2014/01/07 00:40:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2014/01/07 00:40:34 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\InstallShield
[2014/01/07 00:31:18 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/01/07 00:19:10 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\AVAST Software
[2014/01/07 00:19:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/01/07 00:18:31 | 000,079,672 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014/01/07 00:18:29 | 001,034,464 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/01/07 00:18:29 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/01/07 00:18:28 | 000,078,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/01/07 00:18:27 | 000,092,544 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/01/07 00:18:25 | 000,334,136 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/01/07 00:18:22 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/07 00:17:59 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/01/07 00:16:54 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/01/07 00:15:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2014/01/07 00:13:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2014/01/07 00:13:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2014/01/07 00:13:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/01/07 00:12:56 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014/01/07 00:12:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2014/01/07 00:11:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tally.ERP 9
[2014/01/07 00:10:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014/01/07 00:10:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005
[2014/01/07 00:10:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2014/01/07 00:10:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2014/01/07 00:09:57 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Local\Microsoft Help
[2014/01/07 00:09:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2014/01/07 00:09:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/01/06 23:59:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\log
[2014/01/06 23:59:14 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\iSafe
[2014/01/06 23:57:38 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\uTorrent
[2014/01/06 23:52:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/01/06 23:49:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/01/06 23:49:31 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Local\Google
[2014/01/06 23:49:17 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Local\Apps
[2014/01/06 23:49:16 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Local\Deployment
[2014/01/06 23:44:03 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Local\Diagnostics
[2014/01/06 23:42:00 | 002,755,584 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2014/01/06 23:41:59 | 000,443,040 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvs.dll
[2014/01/06 23:41:59 | 000,063,648 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvui.dll
[2014/01/06 23:41:59 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/01/06 23:41:59 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nn-NO
[2014/01/06 23:41:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atheros
[2014/01/06 23:41:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2014/01/06 23:31:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2014/01/06 23:31:40 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014/01/06 23:04:38 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\WinRAR
[2014/01/06 22:57:34 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/01/06 22:57:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LSoft Technologies
[2014/01/06 22:57:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ File Recovery
[2014/01/06 22:57:01 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Local\Programs
[2014/01/06 22:54:50 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/01/06 22:54:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/01/06 22:54:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2014/01/06 22:45:22 | 000,000,000 | R--D | C] -- C:\Users\Ashish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/01/06 22:45:22 | 000,000,000 | R--D | C] -- C:\Users\Ashish\Searches
[2014/01/06 22:45:22 | 000,000,000 | R--D | C] -- C:\Users\Ashish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/01/06 22:45:22 | 000,000,000 | -H-D | C] -- C:\Users\Ashish\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/01/06 22:45:10 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\Identities
[2014/01/06 22:45:04 | 000,000,000 | R--D | C] -- C:\Users\Ashish\Contacts
[2014/01/06 22:45:01 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Local\VirtualStore
[2014/01/06 22:44:41 | 000,000,000 | -HSD | C] -- C:\Users\Ashish\AppData\Local\Temporary Internet Files
[2014/01/06 22:44:41 | 000,000,000 | -HSD | C] -- C:\Users\Ashish\Templates
[2014/01/06 22:44:41 | 000,000,000 | -HSD | C] -- C:\Users\Ashish\Start Menu
[2014/01/06 22:44:41 | 000,000,000 | -HSD | C] -- C:\Users\Ashish\SendTo
[2014/01/06 22:44:41 | 000,000,000 | -HSD | C] -- C:\Users\Ashish\Recent
[2014/01/06 22:44:41 | 000,000,000 | -HSD | C] -- C:\Users\Ashish\PrintHood
[2014/01/06 22:44:41 | 000,000,000 | -HSD | C] -- C:\Users\Ashish\NetHood
[2014/01/06 22:44:41 | 000,000,000 | -HSD | C] -- C:\Users\Ashish\Documents\My Videos
[2014/01/06 22:44:41 | 000,000,000 | -HSD | C] -- C:\Users\Ashish\Documents\My Pictures
[2014/01/06 22:44:41 | 000,000,000 | -HSD | C] -- C:\Users\Ashish\Documents\My Music
[2014/01/06 22:44:41 | 000,000,000 | -HSD | C] -- C:\Users\Ashish\My Documents
[2014/01/06 22:44:41 | 000,000,000 | -HSD | C] -- C:\Users\Ashish\Local Settings
[2014/01/06 22:44:41 | 000,000,000 | -HSD | C] -- C:\Users\Ashish\AppData\Local\History
[2014/01/06 22:44:41 | 000,000,000 | -HSD | C] -- C:\Users\Ashish\Cookies
[2014/01/06 22:44:41 | 000,000,000 | -HSD | C] -- C:\Users\Ashish\Application Data
[2014/01/06 22:44:41 | 000,000,000 | -HSD | C] -- C:\Users\Ashish\AppData\Local\Application Data
[2014/01/06 22:44:37 | 000,000,000 | --SD | C] -- C:\Users\Ashish\AppData\Roaming\Microsoft
[2014/01/06 22:44:37 | 000,000,000 | R--D | C] -- C:\Users\Ashish\Videos
[2014/01/06 22:44:37 | 000,000,000 | R--D | C] -- C:\Users\Ashish\Saved Games
[2014/01/06 22:44:37 | 000,000,000 | R--D | C] -- C:\Users\Ashish\Pictures
[2014/01/06 22:44:37 | 000,000,000 | R--D | C] -- C:\Users\Ashish\Music
[2014/01/06 22:44:37 | 000,000,000 | R--D | C] -- C:\Users\Ashish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/01/06 22:44:37 | 000,000,000 | R--D | C] -- C:\Users\Ashish\Links
[2014/01/06 22:44:37 | 000,000,000 | R--D | C] -- C:\Users\Ashish\Favorites
[2014/01/06 22:44:37 | 000,000,000 | R--D | C] -- C:\Users\Ashish\Downloads
[2014/01/06 22:44:37 | 000,000,000 | R--D | C] -- C:\Users\Ashish\Documents
[2014/01/06 22:44:37 | 000,000,000 | R--D | C] -- C:\Users\Ashish\Desktop
[2014/01/06 22:44:37 | 000,000,000 | R--D | C] -- C:\Users\Ashish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/01/06 22:44:37 | 000,000,000 | -H-D | C] -- C:\Users\Ashish\AppData
[2014/01/06 22:44:37 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Local\Temp
[2014/01/06 22:44:37 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Local\Microsoft
[2014/01/06 22:44:37 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\Media Center Programs
[2014/01/06 22:43:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2014/01/06 22:43:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2014/01/06 19:33:24 | 000,000,000 | ---D | C] -- C:\f64c79cea6faa4ebfeb29bc7782a2c
 
========== Files - Modified Within 30 Days ==========
 
[2014/01/12 04:06:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ashish\Desktop\OTL.exe
[2014/01/12 03:57:46 | 000,049,498 | ---- | M] () -- C:\Users\Ashish\Documents\cc_20140112_035718.reg
[2014/01/12 03:56:22 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/01/12 03:56:00 | 004,645,232 | ---- | M] (Piriform Ltd) -- C:\Users\Ashish\Desktop\ccsetup409.exe
[2014/01/12 03:52:51 | 002,347,384 | ---- | M] (ESET) -- C:\Users\Ashish\Desktop\esetsmartinstaller_enu.exe
[2014/01/12 03:41:27 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Ashish\Desktop\HijackThis.exe
[2014/01/12 03:29:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/12 03:29:53 | 3104,722,944 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/12 03:25:17 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\UpdaterEX.job
[2014/01/12 03:25:04 | 000,000,070 | ---- | M] () -- C:\Users\Ashish\AppData\Roaming\WB.CFG
[2014/01/12 03:17:00 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\SaveSense.job
[2014/01/12 03:11:10 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/12 00:59:16 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/12 00:46:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/11 23:33:18 | 000,450,770 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/01/11 23:21:52 | 000,000,656 | ---- | M] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2014/01/11 23:21:52 | 000,000,628 | ---- | M] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2014/01/11 23:21:52 | 000,000,458 | ---- | M] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2014/01/11 20:01:31 | 000,000,061 | ---- | M] () -- C:\Users\Ashish\Documents\TallyODBC_9000.dsn
[2014/01/11 19:01:15 | 000,779,266 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/11 19:01:15 | 000,660,530 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/11 19:01:15 | 000,121,426 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/11 13:26:35 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/01/11 13:26:35 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/01/11 12:50:51 | 000,450,660 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20140111-233318.backup
[2014/01/11 12:24:45 | 000,002,503 | ---- | M] () -- C:\Users\Ashish\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/01/11 12:24:45 | 000,001,661 | ---- | M] () -- C:\Users\Ashish\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/11 12:08:03 | 000,002,277 | ---- | M] () -- C:\Users\Ashish\Desktop\MASTER STK DATA - Shortcut.lnk
[2014/01/11 12:08:03 | 000,002,219 | ---- | M] () -- C:\Users\Ashish\Desktop\DTH Master Stock - Shortcut.lnk
[2014/01/11 12:08:03 | 000,002,217 | ---- | M] () -- C:\Users\Ashish\Desktop\Cheques - Shortcut.lnk
[2014/01/11 09:36:02 | 000,413,368 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/10 21:52:58 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014/01/10 19:15:45 | 000,001,230 | ---- | M] () -- C:\Users\Ashish\Desktop\SafeInCloud - Shortcut.lnk
[2014/01/10 17:02:43 | 000,000,314 | ---- | M] () -- C:\Users\Ashish\Documents\CPRegXP_log.mdm
[2014/01/10 17:01:41 | 000,001,052 | ---- | M] () -- C:\Users\Public\Desktop\Photocopier Pro.lnk
[2014/01/10 16:00:45 | 000,000,085 | ---- | M] () -- C:\Windows\wininit.ini
[2014/01/10 15:56:30 | 000,001,108 | RHS- | M] () -- C:\Users\Ashish\ntuser.pol
[2014/01/09 10:45:13 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/09 10:45:13 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/08 20:43:18 | 000,001,843 | ---- | M] () -- C:\Users\Ashish\Desktop\prem desktop (UV) - Shortcut.lnk
[2014/01/08 20:18:31 | 000,001,897 | ---- | M] () -- C:\Users\Ashish\Desktop\HCL Desktop (HCLUNBAR) - Shortcut.lnk
[2014/01/08 16:08:18 | 000,773,114 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/01/07 20:59:00 | 000,000,184 | ---- | M] () -- C:\Windows\LMv4.UNI
[2014/01/07 15:25:42 | 000,002,060 | ---- | M] () -- C:\Users\Ashish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk
[2014/01/07 13:33:09 | 000,001,143 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk
[2014/01/07 12:30:03 | 000,001,141 | ---- | M] () -- C:\Users\Ashish\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2014/01/07 12:06:02 | 000,116,385 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/01/07 12:06:02 | 000,116,385 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2014/01/07 12:00:36 | 000,001,056 | ---- | M] () -- C:\Users\Ashish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/01/07 01:25:50 | 000,000,355 | ---- | M] () -- C:\Users\Ashish\Desktop\Computer - Shortcut.lnk
[2014/01/07 01:25:05 | 000,015,336 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2014/01/07 01:03:58 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
[2014/01/07 00:57:22 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2014/01/07 00:49:34 | 000,246,804 | ---- | M] () -- C:\Windows\SysNative\drivers\AtherosBt.bin
[2014/01/07 00:49:34 | 000,001,242 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40_0x01.dfu
[2014/01/07 00:49:34 | 000,001,204 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40_0x02.dfu
[2014/01/07 00:49:34 | 000,001,204 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40.dfu
[2014/01/07 00:49:34 | 000,001,198 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_26.dfu
[2014/01/07 00:18:59 | 000,079,672 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014/01/07 00:18:24 | 001,034,464 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/01/07 00:18:24 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/01/07 00:18:24 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/01/07 00:18:24 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/01/07 00:18:23 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/01/07 00:18:23 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/01/07 00:18:23 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/01/07 00:18:22 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/07 00:14:36 | 000,000,028 | ---- | M] () -- C:\Windows\ODBC.INI
[2014/01/07 00:14:36 | 000,000,023 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2014/01/07 00:14:33 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\02A.dat
[2014/01/07 00:11:04 | 000,001,467 | ---- | M] () -- C:\Users\Ashish\Application Data\Microsoft\Internet Explorer\Quick Launch\Tally.ERP 9.lnk
[2014/01/06 22:47:49 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/01/06 22:43:26 | 000,419,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
[2014/01/06 22:43:26 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2014/01/06 22:43:26 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2014/01/06 22:43:25 | 001,008,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2013/12/16 02:41:34 | 008,186,032 | ---- | M] () -- C:\setup.dll
 
========== Files Created - No Company Name ==========
 
[2014/01/12 03:57:44 | 000,049,498 | ---- | C] () -- C:\Users\Ashish\Documents\cc_20140112_035718.reg
[2014/01/12 03:56:22 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/01/12 00:36:12 | 000,001,462 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2014/01/11 23:21:52 | 000,000,656 | ---- | C] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2014/01/11 23:21:52 | 000,000,628 | ---- | C] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2014/01/11 23:21:52 | 000,000,458 | ---- | C] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2014/01/11 23:21:48 | 000,001,399 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2014/01/11 13:26:36 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/11 12:26:09 | 000,001,167 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/01/11 12:25:25 | 000,000,296 | ---- | C] () -- C:\Windows\tasks\UpdaterEX.job
[2014/01/10 21:52:58 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014/01/10 19:15:45 | 000,001,230 | ---- | C] () -- C:\Users\Ashish\Desktop\SafeInCloud - Shortcut.lnk
[2014/01/10 17:02:43 | 000,000,314 | ---- | C] () -- C:\Users\Ashish\Documents\CPRegXP_log.mdm
[2014/01/10 17:01:41 | 000,001,052 | ---- | C] () -- C:\Users\Public\Desktop\Photocopier Pro.lnk
[2014/01/10 16:00:40 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2014/01/09 12:17:03 | 000,000,070 | ---- | C] () -- C:\Users\Ashish\AppData\Roaming\WB.CFG
[2014/01/09 11:17:50 | 000,000,296 | ---- | C] () -- C:\Windows\tasks\SaveSense.job
[2014/01/09 11:17:24 | 000,001,108 | RHS- | C] () -- C:\Users\Ashish\ntuser.pol
[2014/01/08 20:43:18 | 000,001,843 | ---- | C] () -- C:\Users\Ashish\Desktop\prem desktop (UV) - Shortcut.lnk
[2014/01/08 20:18:31 | 000,001,897 | ---- | C] () -- C:\Users\Ashish\Desktop\HCL Desktop (HCLUNBAR) - Shortcut.lnk
[2014/01/08 12:18:32 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/01/07 20:59:00 | 000,000,184 | ---- | C] () -- C:\Windows\LMv4.UNI
[2014/01/07 17:10:17 | 000,773,114 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/01/07 15:25:42 | 000,002,060 | ---- | C] () -- C:\Users\Ashish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk
[2014/01/07 13:33:08 | 000,001,143 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk
[2014/01/07 12:30:03 | 000,001,141 | ---- | C] () -- C:\Users\Ashish\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2014/01/07 12:05:52 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014/01/07 12:05:37 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014/01/07 12:00:36 | 000,001,056 | ---- | C] () -- C:\Users\Ashish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/01/07 11:59:51 | 000,002,217 | ---- | C] () -- C:\Users\Ashish\Desktop\Cheques - Shortcut.lnk
[2014/01/07 11:59:47 | 000,002,219 | ---- | C] () -- C:\Users\Ashish\Desktop\DTH Master Stock - Shortcut.lnk
[2014/01/07 11:59:44 | 000,002,277 | ---- | C] () -- C:\Users\Ashish\Desktop\MASTER STK DATA - Shortcut.lnk
[2014/01/07 01:28:37 | 002,417,322 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2014/01/07 01:27:46 | 000,007,384 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2014/01/07 01:25:50 | 000,000,355 | ---- | C] () -- C:\Users\Ashish\Desktop\Computer - Shortcut.lnk
[2014/01/07 01:25:05 | 000,015,336 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2014/01/07 01:21:18 | 000,060,254 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2014/01/07 01:21:18 | 000,060,226 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2014/01/07 01:21:18 | 000,060,015 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2014/01/07 01:21:18 | 000,013,488 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2014/01/07 01:21:18 | 000,001,090 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp
[2014/01/07 01:21:17 | 001,991,936 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2014/01/07 01:21:17 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2014/01/07 01:21:17 | 000,963,116 | ---- | C] () -- C:\Windows\SysNative\igkrng600.bin
[2014/01/07 01:21:14 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2014/01/07 01:21:14 | 000,216,876 | ---- | C] () -- C:\Windows\SysNative\igfcg600m.bin
[2014/01/07 01:21:14 | 000,004,096 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2014/01/07 01:21:11 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2014/01/07 01:21:11 | 000,145,804 | ---- | C] () -- C:\Windows\SysNative\igcompkrng600.bin
[2014/01/07 01:21:09 | 000,208,335 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2014/01/07 01:21:09 | 000,133,868 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2014/01/07 01:21:09 | 000,116,413 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2014/01/07 01:21:09 | 000,115,195 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2014/01/07 01:21:09 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2014/01/07 01:21:09 | 000,000,151 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config
[2014/01/07 01:21:08 | 000,180,246 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2014/01/07 01:21:08 | 000,135,119 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2014/01/07 01:21:08 | 000,133,321 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2014/01/07 01:21:08 | 000,132,422 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2014/01/07 01:21:08 | 000,132,299 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2014/01/07 01:21:08 | 000,131,711 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2014/01/07 01:21:08 | 000,131,290 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2014/01/07 01:21:08 | 000,127,599 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2014/01/07 01:21:07 | 000,195,681 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2014/01/07 01:21:07 | 000,179,736 | ---- | C] () -- C:\Windows\SysNative\difx64.exe
[2014/01/07 01:21:07 | 000,154,366 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2014/01/07 01:21:07 | 000,151,350 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2014/01/07 01:21:07 | 000,147,392 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2014/01/07 01:21:07 | 000,138,635 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2014/01/07 01:21:07 | 000,137,000 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2014/01/07 01:21:07 | 000,136,226 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2014/01/07 01:21:07 | 000,136,172 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2014/01/07 01:21:07 | 000,134,081 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2014/01/07 01:21:07 | 000,132,876 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2014/01/07 01:21:07 | 000,132,861 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2014/01/07 01:21:07 | 000,131,897 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2014/01/07 01:21:07 | 000,131,456 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2014/01/07 01:21:07 | 000,130,414 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2014/01/07 01:21:07 | 000,127,367 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2014/01/07 01:21:07 | 000,127,109 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2014/01/07 01:21:07 | 000,122,646 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2014/01/07 01:03:58 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
[2014/01/07 00:57:22 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2014/01/07 00:47:25 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2014/01/07 00:18:31 | 000,207,904 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/01/07 00:18:30 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/01/07 00:14:33 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\02A.dat
[2014/01/07 00:14:26 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2014/01/07 00:14:26 | 000,000,023 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2014/01/07 00:13:46 | 000,000,061 | ---- | C] () -- C:\Users\Ashish\Documents\TallyODBC_9000.dsn
[2014/01/07 00:11:04 | 000,001,467 | ---- | C] () -- C:\Users\Ashish\Application Data\Microsoft\Internet Explorer\Quick Launch\Tally.ERP 9.lnk
[2014/01/06 23:52:37 | 000,002,503 | ---- | C] () -- C:\Users\Ashish\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/01/06 23:49:36 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/06 23:49:35 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/06 23:48:08 | 000,001,661 | ---- | C] () -- C:\Users\Ashish\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/06 22:47:49 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/01/06 22:45:32 | 000,001,645 | ---- | C] () -- C:\Users\Ashish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2014/01/06 22:45:26 | 000,001,667 | ---- | C] () -- C:\Users\Ashish\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/01/06 22:44:38 | 000,000,290 | ---- | C] () -- C:\Users\Ashish\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/01/06 22:44:38 | 000,000,272 | ---- | C] () -- C:\Users\Ashish\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/12/16 02:41:34 | 008,186,032 | ---- | C] () -- C:\setup.dll
 
========== ZeroAccess Check ==========
 
[2009/07/14 10:25:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 07:54:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 07:25:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 07:10:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 08:54:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 07:11:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/01/07 17:51:12 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\ASCOMP Software
[2014/01/07 00:19:10 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\AVAST Software
[2014/01/11 10:41:04 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\DMCache
[2014/01/12 03:19:57 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\Dropbox
[2014/01/12 00:39:18 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\eM Client
[2014/01/07 13:46:09 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\Foxit Software
[2014/01/11 20:06:47 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\ImageBadger
[2014/01/07 00:00:25 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\iSafe
[2014/01/07 16:00:53 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\Opera Mail
[2014/01/07 15:25:39 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\Stardock
[2014/01/07 15:01:14 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\Thunderbird
[2014/01/11 12:25:24 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\UpdaterEX
[2014/01/12 03:56:58 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\uTorrent
[2014/01/12 00:41:15 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %USERPROFILE%\..|smtmp;true;true;true /FP >
 
< %temp%\smtmp\*.* /s > >
 
< MD5 for: EXPLORER.ADML  >
[2010/11/21 12:36:30 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\PolicyDefinitions\en-US\Explorer.adml
[2010/11/21 12:36:30 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\winsxs\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_en-us_7ef5713984067904\Explorer.adml
 
< MD5 for: EXPLORER.ADMX  >
[2009/06/11 02:23:55 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\PolicyDefinitions\Explorer.admx
[2009/06/11 02:23:55 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\winsxs\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.1.7600.16385_none_71af9b5b0a86e6b7\Explorer.admx
 
< MD5 for: EXPLORER.EXE  >
[2010/11/21 08:54:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010/11/21 08:54:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/11/21 08:54:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010/11/21 08:54:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2013/09/20 10:51:08 | 003,885,120 | ---- | M] (Safer-Networking Ltd.) MD5=CDEB46FE688F062D3033209B29755203 -- C:\Program Files (x86)\Spybot - Search & Destroy 2\explorer.exe
 
< MD5 for: EXPLORER.EXE.MUI  >
[2010/11/21 12:36:17 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=4B87EEFDC8E253F846A7DFB49A8E6C70 -- C:\Windows\en-US\explorer.exe.mui
[2010/11/21 12:36:17 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=4B87EEFDC8E253F846A7DFB49A8E6C70 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_61e778c48d52d19b\explorer.exe.mui
[2010/11/21 12:36:19 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\SysWOW64\en-US\explorer.exe.mui
[2010/11/21 12:36:19 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_6c3c2316c1b39396\explorer.exe.mui
 
< MD5 for: EXPLORER.EXE-54012F5E.PF  >
[2014/01/06 23:04:36 | 000,027,032 | ---- | M] () MD5=55E3EEDC96F674469154D670E47BE0D5 -- C:\Windows\Prefetch\EXPLORER.EXE-54012F5E.pf
 
< MD5 for: EXPLORER.EXE-D5E97654.PF  >
[2014/01/12 03:14:55 | 000,132,420 | ---- | M] () MD5=C4A4DA0741F8BB857BD476EF00B387CB -- C:\Windows\Prefetch\EXPLORER.EXE-D5E97654.pf
 
< MD5 for: EXPLORER.ZIP  >
[2006/03/06 22:48:08 | 000,020,394 | ---- | M] () MD5=B469409C2B2A33C542190B720E11BD79 -- C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip
 
< MD5 for: IEXPLORE.EXE  >
[2010/11/21 08:54:43 | 000,695,056 | ---- | M] (Microsoft Corporation) MD5=86257731DDB311FBC283534CC0091634 -- C:\Program Files\Internet Explorer\iexplore.exe
[2010/11/21 08:54:43 | 000,695,056 | ---- | M] (Microsoft Corporation) MD5=86257731DDB311FBC283534CC0091634 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1196a9003b674a92\iexplore.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\iexplore.exe
[2010/11/21 08:55:08 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2010/11/21 08:55:08 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1beb53526fc80c8d\iexplore.exe
 
< MD5 for: IEXPLORE.EXE.MUI  >
[2009/07/14 07:59:20 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=C29BCFB504E33FEADDFA2D0183CEF62F -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2009/07/14 07:59:20 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=C29BCFB504E33FEADDFA2D0183CEF62F -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_en-us_0b433e7773148b79\iexplore.exe.mui
[2009/07/14 07:35:06 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FBA4CD95930248053A2C3F43CA70B986 -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2009/07/14 07:35:06 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FBA4CD95930248053A2C3F43CA70B986 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_en-us_1597e8c9a7754d74\iexplore.exe.mui
 
< MD5 for: IEXPLORE.EXE-A033F7A0.PF  >
[2014/01/11 20:21:16 | 000,172,230 | ---- | M] () MD5=9B457B74530E60B470078CDD8D724AED -- C:\Windows\Prefetch\IEXPLORE.EXE-A033F7A0.pf
 
< MD5 for: SERVICES  >
[2009/06/11 02:30:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services
 
< MD5 for: SERVICES.EXE  >
[2009/07/14 07:09:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 07:09:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
 
< MD5 for: SERVICES.EXE.MUI  >
[2010/11/21 12:36:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2010/11/21 12:36:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui
 
< MD5 for: SERVICES.LNK  >
[2009/07/14 10:24:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 10:24:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
 
< MD5 for: SERVICES.MOF  >
[2009/06/11 02:14:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/11 02:14:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof
 
< MD5 for: SERVICES.MSC  >
[2010/11/21 12:36:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/11 02:08:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2010/11/21 12:36:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/11 02:51:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2010/11/21 12:36:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/11 02:08:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2010/11/21 12:36:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/11 02:51:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
 
< MD5 for: SERVICES.PTXML  >
[2009/07/14 01:46:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/14 01:46:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml
 
< MD5 for: SERVICES.SBS  >
[2011/03/01 00:00:00 | 000,034,818 | ---- | M] () MD5=62AFD4B2025CE6D4706B36F4C4808F9B -- C:\Program Files (x86)\Spybot - Search & Destroy 2\Includes\Services.sbs
[2011/03/01 13:28:46 | 000,034,818 | ---- | M] () MD5=62AFD4B2025CE6D4706B36F4C4808F9B -- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\Services.sbs
 
< MD5 for: SERVICES.SBS-20110301.CAB  >
[2014/01/11 23:25:16 | 000,041,248 | ---- | M] () MD5=149FF3413EED31253183D6E65E383138 -- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\Services.sbs-20110301.cab
 
< MD5 for: WINLOGON.ADML  >
[2010/11/21 12:36:30 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\PolicyDefinitions\en-US\WinLogon.adml
[2010/11/21 12:36:30 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_f0f9032ef6930070\WinLogon.adml
 
< MD5 for: WINLOGON.ADMX  >
[2009/06/11 02:34:41 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\PolicyDefinitions\WinLogon.admx
[2009/06/11 02:34:41 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.1.7600.16385_none_d7024e6992f3424d\WinLogon.admx
 
< MD5 for: WINLOGON.EXE  >
[2010/11/21 08:54:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 08:54:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
 
< MD5 for: WINLOGON.EXE.MUI  >
[2010/11/21 12:36:14 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=34C7D2E30868EDAFB191341D963ABA5F -- C:\Windows\SysNative\en-US\winlogon.exe.mui
[2010/11/21 12:36:14 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=34C7D2E30868EDAFB191341D963ABA5F -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_en-us_291e96fa1ab5fc7b\winlogon.exe.mui
 
< MD5 for: WINLOGON.MFL  >
[2010/11/21 12:36:15 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\SysNative\wbem\en-US\winlogon.mfl
[2010/11/21 12:36:15 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_en-us_84afd4fd38ffd276\winlogon.mfl
 
< MD5 for: WINLOGON.MOF  >
[2009/07/14 02:00:01 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\SysNative\wbem\winlogon.mof
[2009/07/14 02:00:01 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.1.7600.16385_none_dc2dbb778f98e40f\winlogon.mof
 
< %SYSTEMDRIVE%\*.* >
[2011/07/03 15:00:57 | 000,000,000 | ---- | M] () -- C:\AILog.txt
[2011/01/27 09:17:23 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2014/01/10 17:01:43 | 000,000,309 | ---- | M] () -- C:\cpregxp.log
[2014/01/12 03:29:53 | 3104,722,944 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/12 03:29:53 | 4139,630,592 | -HS- | M] () -- C:\pagefile.sys
[2013/12/16 02:41:34 | 008,186,032 | ---- | M] () -- C:\setup.dll
 
< %systemroot%\Fonts\*.com >
[2009/07/14 11:02:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 11:02:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 11:02:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 11:02:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
 
< %systemroot%\Fonts\*.dll >
 
< %systemroot%\Fonts\*.ini >
[2009/06/11 02:19:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
 
< %systemroot%\Fonts\*.ini2 >
 
< %systemroot%\Fonts\*.exe >
 
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
 
< %systemroot%\REPAIR\*.bak1 >
 
< %systemroot%\REPAIR\*.ini >
 
< %systemroot%\system32\*.jpg >
 
< %systemroot%\*.jpg >
 
< %systemroot%\*.png >
 
< %systemroot%\*.scr >
[2014/01/07 00:18:22 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
 
< %systemroot%\*._sy >
 
< %APPDATA%\Adobe\Update\*.* >
 
< %ALLUSERSPROFILE%\Favorites\*.* >
 
< %APPDATA%\Microsoft\*.* >
 
< %PROGRAMFILES%\*.* >
[2009/07/14 10:24:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
 
< %APPDATA%\Update\*.* >
 
< %systemroot%\*. /mp /s >
 
< dir "%systemdrive%\*" /S /A:L /C >
 Volume in drive C is Acer
 Volume Serial Number is 885D-C828
 Directory of C:\
14/07/2009  10:38    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes
 Directory of C:\ProgramData
14/07/2009  10:38    <JUNCTION>     Application Data [C:\ProgramData]
14/07/2009  10:38    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
14/07/2009  10:38    <JUNCTION>     Documents [C:\Users\Public\Documents]
14/07/2009  10:38    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
14/07/2009  10:38    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009  10:38    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users
14/07/2009  10:38    <SYMLINKD>     All Users [C:\ProgramData]
14/07/2009  10:38    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes
 Directory of C:\Users\All Users
14/07/2009  10:38    <JUNCTION>     Application Data [C:\ProgramData]
14/07/2009  10:38    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
14/07/2009  10:38    <JUNCTION>     Documents [C:\Users\Public\Documents]
14/07/2009  10:38    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
14/07/2009  10:38    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009  10:38    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Ashish
06/01/2014  22:44    <JUNCTION>     Application Data [C:\Users\Ashish\AppData\Roaming]
06/01/2014  22:44    <JUNCTION>     Cookies [C:\Users\Ashish\AppData\Roaming\Microsoft\Windows\Cookies]
06/01/2014  22:44    <JUNCTION>     Local Settings [C:\Users\Ashish\AppData\Local]
06/01/2014  22:44    <JUNCTION>     My Documents [C:\Users\Ashish\Documents]
06/01/2014  22:44    <JUNCTION>     NetHood [C:\Users\Ashish\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
06/01/2014  22:44    <JUNCTION>     PrintHood [C:\Users\Ashish\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
06/01/2014  22:44    <JUNCTION>     Recent [C:\Users\Ashish\AppData\Roaming\Microsoft\Windows\Recent]
06/01/2014  22:44    <JUNCTION>     SendTo [C:\Users\Ashish\AppData\Roaming\Microsoft\Windows\SendTo]
06/01/2014  22:44    <JUNCTION>     Start Menu [C:\Users\Ashish\AppData\Roaming\Microsoft\Windows\Start Menu]
06/01/2014  22:44    <JUNCTION>     Templates [C:\Users\Ashish\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Ashish\AppData\Local
06/01/2014  22:44    <JUNCTION>     Application Data [C:\Users\Ashish\AppData\Local]
06/01/2014  22:44    <JUNCTION>     History [C:\Users\Ashish\AppData\Local\Microsoft\Windows\History]
06/01/2014  22:44    <JUNCTION>     Temporary Internet Files [C:\Users\Ashish\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Ashish\Documents
06/01/2014  22:44    <JUNCTION>     My Music [C:\Users\Ashish\Music]
06/01/2014  22:44    <JUNCTION>     My Pictures [C:\Users\Ashish\Pictures]
06/01/2014  22:44    <JUNCTION>     My Videos [C:\Users\Ashish\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Default
14/07/2009  10:38    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
14/07/2009  10:38    <JUNCTION>     Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
14/07/2009  10:38    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
14/07/2009  10:38    <JUNCTION>     My Documents [C:\Users\Default\Documents]
14/07/2009  10:38    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
14/07/2009  10:38    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
14/07/2009  10:38    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
14/07/2009  10:38    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
14/07/2009  10:38    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
14/07/2009  10:38    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\AppData\Local
14/07/2009  10:38    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
14/07/2009  10:38    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
14/07/2009  10:38    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\Documents
14/07/2009  10:38    <JUNCTION>     My Music [C:\Users\Default\Music]
14/07/2009  10:38    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
14/07/2009  10:38    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Public\Documents
14/07/2009  10:38    <JUNCTION>     My Music [C:\Users\Public\Music]
14/07/2009  10:38    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
14/07/2009  10:38    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\UpdatusUser
07/01/2014  01:28    <JUNCTION>     Application Data [C:\Users\UpdatusUser\AppData\Roaming]
07/01/2014  01:28    <JUNCTION>     Cookies [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Cookies]
07/01/2014  01:28    <JUNCTION>     Local Settings [C:\Users\UpdatusUser\AppData\Local]
07/01/2014  01:28    <JUNCTION>     My Documents [C:\Users\UpdatusUser\Documents]
07/01/2014  01:28    <JUNCTION>     NetHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/01/2014  01:28    <JUNCTION>     PrintHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/01/2014  01:28    <JUNCTION>     Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent]
07/01/2014  01:28    <JUNCTION>     SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo]
07/01/2014  01:28    <JUNCTION>     Start Menu [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu]
07/01/2014  01:28    <JUNCTION>     Templates [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\UpdatusUser\AppData\Local
07/01/2014  01:28    <JUNCTION>     Application Data [C:\Users\UpdatusUser\AppData\Local]
07/01/2014  01:28    <JUNCTION>     History [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History]
07/01/2014  01:28    <JUNCTION>     Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\UpdatusUser\Documents
07/01/2014  01:28    <JUNCTION>     My Music [C:\Users\UpdatusUser\Music]
07/01/2014  01:28    <JUNCTION>     My Pictures [C:\Users\UpdatusUser\Pictures]
07/01/2014  01:28    <JUNCTION>     My Videos [C:\Users\UpdatusUser\Videos]
               0 File(s)              0 bytes
     Total Files Listed:
               0 File(s)              0 bytes
              66 Dir(s)  203,286,519,808 bytes free
 
< %systemroot%\System32\config\*.sav >
 
< %PROGRAMFILES%\bak. /s >
 
< %systemroot%\system32\bak. /s >
 
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
 
< %systemroot%\system32\config\systemprofile\*.dat /x >
 
< %systemroot%\*.config >
 
< %systemroot%\system32\*.db >
 
< %PROGRAMFILES%\Internet Explorer\*.dat >
 
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2014/01/06 23:48:08 | 000,000,221 | -HS- | M] () -- C:\Users\Ashish\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
 
< %USERPROFILE%\Desktop\*.exe >
[2014/01/12 03:56:00 | 004,645,232 | ---- | M] (Piriform Ltd) -- C:\Users\Ashish\Desktop\ccsetup409.exe
[2014/01/12 03:52:51 | 002,347,384 | ---- | M] (ESET) -- C:\Users\Ashish\Desktop\esetsmartinstaller_enu.exe
[2014/01/12 03:41:27 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Ashish\Desktop\HijackThis.exe
[2014/01/12 04:06:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ashish\Desktop\OTL.exe
 
< %PROGRAMFILES%\Common Files\*.* >
 
< %systemroot%\*.src >
 
< %systemroot%\install\*.* >
 
< %systemroot%\system32\DLL\*.* >
 
< %systemroot%\system32\HelpFiles\*.* >
 
< %systemroot%\system32\rundll\*.* >
 
< %systemroot%\winn32\*.* >
 
< %systemroot%\Java\*.* >
 
< %systemroot%\system32\test\*.* >
 
< %systemroot%\system32\Rundll32\*.* >
 
< %systemroot%\AppPatch\Custom\*.* >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:029666E0
@Alternate Data Stream - 193 bytes -> C:\ProgramData\TEMP:9E00596C
 
< End of report >
 

 

Please help , followed are the logs as required.


    Advertisements

Register to Remove

#2 oldman960

oldman960

    Forum God

  • Retired Classroom Teacher
  • 14,770 posts

Posted 12 January 2014 - 12:13 PM

Hi Ashish Agarwal, welcome to the forum.

To make cleaning this machine easier
  • Please do not uninstall/install any programs unless asked to
    It is more difficult when files/programs are appearing in/disappearing from the logs.
  • Please do not run any scans other than those requested
  • Please follow all instructions in the order posted
  • All logs/reports, etc.. must be posted in Notepad. Please ensure that word wrap is unchecked. In notepad click format, uncheck word wrap if it is checked.
  • Do not attach any logs/reports, etc.. unless specifically requested to do so.
  • If you have problems with or do not understand the instructions, Please ask before continuing.
  • Please stay with this thread until given the All Clear. A absence of symptoms does not mean a clean machine.
There should be a file on your desktop named Extra.txt. Please post it in your next reply.

Please run this fix from normal windows if possible.

Next, Right click on OTL.exe and chose Run as Administrator to run it
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
  • please note the fix starts with the :
:Services

:OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-pag...PBN403M7EAMUSEX
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-pag...q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-pag...q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-pag...PBN403M7EAMUSEX
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.sweet-pag...q={searchTerms}

:Commands
[purity]
[emptytemp]
[createrestorepoint]
Then click the Run Fix button at the top
  • Let the program run unhindered
  • Please save the resulting log to be posted in your next reply.
Please post the OTL log.

Please post back with
  • OTL fix log
  • Extra.txt
Any better?

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation 5Iv60h9.jpg
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#3 Ashish Agarwal

Ashish Agarwal

    New Member

  • New Member
  • Pip
  • 3 posts

Posted 13 January 2014 - 12:57 AM

Thanx for the reply.

 

As soon as I clicked on Run Fix a bluescreen window came up for few seconds. It was saying something like writing physical memory dump... & then restarted. After restart a message same up " windows has recovered from an exceptional ???".

 

So I couldnt get the fixrun log.

 

Still chrome & IE starting with sweet-page.com.

 

Also the PC has become slow.

 

Do u suggest a fresh install of windows?

 

Attached Extras.txt

Attached Files


#4 oldman960

oldman960

    Forum God

  • Retired Classroom Teacher
  • 14,770 posts

Posted 13 January 2014 - 11:12 AM

Hi Ashish Agarwal ,

Try running the fix in safe mode. When OTL reboots your computer boot back into safe mode and let it complete. Save the log and boot to normal windows. Post the log.

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation 5Iv60h9.jpg
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#5 Ashish Agarwal

Ashish Agarwal

    New Member

  • New Member
  • Pip
  • 3 posts

Posted 14 January 2014 - 12:05 AM

Hi oldman960

 

Sorry to say but i have formatted and installed fresh windows.

 

Actually I had to do it as some urgent travel had come up so needed my laptop in working condition.

 

I appreciate ur efforts and time given.

 

Thanx


#6 oldman960

oldman960

    Forum God

  • Retired Classroom Teacher
  • 14,770 posts

Posted 14 January 2014 - 02:23 AM

Hi Ashish Agarwal,

No problem. Thanks for letting me know.

Take care, keep safe.

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation 5Iv60h9.jpg
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·