Otl

OTL logfile created on: 4/13/2014 11:39:28 PM - Run 1
OTL by OldTimer - Version 3.2.69.0

Folder = C:\Users\Huan\Downloads\Programs
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyy
y
1.93 Gb Total Physical Memory | 0.61 Gb Available Physical Memory | 31.71% Memor
y free
3.85 Gb Paging File | 1.94 Gb Available in Paging File | 50.46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Fil
es
Drive C: | 78.13 Gb Total Space | 27.40 Gb Free Space | 35.07% Space Free | Part
ition Type: NTFS
Drive D: | 154.85 Gb Total Space | 16.02 Gb Free Space | 10.35% Space Free | Par
tition Type: NTFS
Drive E: | 164.42 Gb Total Space | 56.62 Gb Free Space | 34.44% Space Free | Par
tition Type: NTFS
Computer Name: HUAN-PC | User Name: Huan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelis
t: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2014/04/13 23:38:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\User
s\Huan\Downloads\Programs\OTL.exe
PRC - [2014/04/02 08:58:05 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program
Files\Google\Chrome\Application\chrome.exe
PRC - [2014/03/22 11:40:58 | 003,829,328 | ---- | M] (Tonec Inc.) -- C:\Program
Files\Internet Download Manager\IDMan.exe
PRC - [2013/11/07 18:17:30 | 000,269,848 | ---- | M] (Tonec Inc.) -- C:\Program
Files\Internet Download Manager\IEMonitor.exe
PRC - [2013/04/30 06:53:00 | 000,453,632 | ---- | M] (AMD) -- C:\Windows\System3
2\atieclxx.exe
PRC - [2013/04/30 06:52:26 | 000,217,088 | ---- | M] (AMD) -- C:\Windows\System3
2\atiesrxx.exe
PRC - [2012/11/30 09:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -C:\Windows\System32\conhost.exe
PRC - [2012/11/12 12:59:15 | 000,657,504 | ---- | M] () -- C:\ProgramData\fast c
onnect\OnlineUpdate\ouc.exe
PRC - [2012/09/05 22:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Progra
m Files\McAfee Security Scan\3.0.285\SSScheduler.exe
PRC - [2012/08/01 04:48:54 | 002,345,592 | ---- | M] (AVG Technologies CZ, s.r.o
.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2012/07/19 20:07:51 | 000,821,840 | ---- | M] (ABBYY) -- C:\Program Files
\ABBYY FineReader 11\NetworkLicenseServer.exe
.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe

.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/03/14 22:27:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\Dataca
rdService\HWDeviceService.exe
PRC - [2011/03/14 22:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., L
td.) -- C:\ProgramData\DatacardService\DCSHelper.exe
.) -- C:\Program Files\AVG\AVG10\avgfws.exe
PRC - [2011/02/25 12:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -C:\Windows\explorer.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\
AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
.) -- C:\Program Files\AVG\AVG10\avgam.exe
PRC - [2010/11/20 19:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -C:\Windows\System32\taskhost.exe
PRC - [2010/07/01 12:10:26 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\P
rogram Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/07/01 12:10:22 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\P
rogram Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2014/04/02 08:58:03 | 000,390,472 | ---- | M] () -- C:\Program
le\Chrome\Application\34.0.1847.116\ppgooglenaclpluginchrome.dll
MOD - [2014/04/02 08:58:02 | 013,691,720 | ---- | M] () -- C:\Program
le\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll
MOD - [2014/04/02 08:57:59 | 004,081,480 | ---- | M] () -- C:\Program
le\Chrome\Application\34.0.1847.116\pdf.dll
MOD - [2014/04/02 08:57:54 | 000,674,632 | ---- | M] () -- C:\Program
le\Chrome\Application\34.0.1847.116\libglesv2.dll
MOD - [2014/04/02 08:57:53 | 000,093,000 | ---- | M] () -- C:\Program
le\Chrome\Application\34.0.1847.116\libegl.dll
MOD - [2014/04/02 08:57:52 | 001,647,432 | ---- | M] () -- C:\Program
le\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
MOD - [2014/04/02 08:57:49 | 000,065,352 | ---- | M] () -- C:\Program
le\Chrome\Application\34.0.1847.116\chrome_elf.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program
on Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program
AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2010/03/24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program
osoft Office\Office14\1033\GrooveIntlResource.dll
Files\Goog
Files\Goog
Files\Goog
Files\Goog
Files\Goog
Files\Goog
Files\Goog
Files\Comm
Files\AVG\
Files\Micr
[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secur
e Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe -- (vToolbarUpdater18.0.5)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Laflurla\updateLaflurl
a.exe -- (Update Laflurla)
SRV - [2014/04/13 23:13:51 | 000,257,712 | ---- | M] (Adobe Systems Incorporated
) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateS
ervice.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/04/12 10:09:51 | 000,385,024 | ---- | M] () [Auto | Stopped] -- C:\P
rogram Files\Shield\ShieldClnt.exe -- (ShieldClientService)
SRV - [2014/04/12 10:09:51 | 000,172,600 | ---- | M] (Horizon DataSys Inc) [Auto
| Stopped] -- C:\Program Files\Shield\ShdServ.exe -- (ShdServ)

SRV - [2014/03/15 15:40:31 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_De
mand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservi
ce.exe -- (MozillaMaintenance)
SRV - [2013/10/18 05:40:18 | 001,343,400 | ---- | M] (Microsoft Corporation) [On
_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013/04/30 06:52:26 | 000,217,088 | ---- | M] (AMD) [Auto | Running] -- C
:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012/11/12 12:59:15 | 000,657,504 | ---- | M] () [Auto | Stopped] -- C:\P
rogram Files\fast connect\UpdateDog\ouc.exe -- (fast connect. RunOuc)
SRV - [2012/09/05 22:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand |
Stopped] -- C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McCom
ponentHostService)
SRV - [2012/07/19 20:07:51 | 000,821,840 | ---- | M] (ABBYY) [Auto | Running] -C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe -- (ABBYY.Licensi
ng.FineReader.Professional.11.0)
SRV - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o
.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\
AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/11/10 20:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar S
ervice)
SRV - [2011/03/14 22:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\P
rogramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgfws.exe -- (avgfws)
.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/07/01 12:10:26 | 002,533,400 | ---- | M] (Intel Corporation) [Auto |
Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UN
S.exe -- (UNS)
SRV - [2010/07/01 12:10:22 | 000,325,656 | ---- | M] (Intel Corporation) [Auto |
Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LM
S.exe -- (LMS)
_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (
Microsoft SharePoint Workspace Audit Service)
_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel
pter.sys -- (VMnetAdapter)
RS\vmci.sys -- (vmci)
sys -- (VGPU)
.sys -- (tsusbhub)
sc.sys -- (Synth3dVsc)
sys -- (PSKYMDM)
| On_Demand | Stopped] -- system32\DRIVERS\vmnetada

| On_Demand | Stopped] -- C:\Windows\system32\DRIVE
| On_Demand | Stopped] -- System32\drivers\rdvgkmd.
| On_Demand | Stopped] -- system32\drivers\tsusbhub
| On_Demand | Stopped] -- System32\drivers\synth3dv
| On_Demand | Stopped] -- system32\DRIVERS\PSKYMDM.
| On_Demand | Stopped] -- system32\DRIVERS\PSKTOBEX
.sys -- (PSKTOBEX)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PSKTBUS.
sys -- (PSKTBUS)
DRV - [2014/04/12 10:09:52 | 000,062,008 | ---- | M] (Horizon DataSys Inc) [Kern
el | Boot | Running] -- C:\Windows\System32\drivers\shield.sys -- (Shield)
DRV - [2014/04/12 10:09:52 | 000,024,632 | ---- | M] (Horizon DataSys Inc) [File
_System | Boot | Running] -- C:\Windows\System32\drivers\shieldf.sys -- (Shieldf
)
el | Boot | Running] -- C:\Windows\System32\drivers\shieldm.sys -- (Shieldm)
el | Boot | Running] -- C:\Windows\System32\drivers\shdbus.sys -- (Shdbus)
DRV - [2014/03/22 07:32:46 | 000,042,272 | ---- | M] (AVG Technologies) [Kernel
| System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2014/02/24 20:41:18 | 000,025,328 | ---- | M] (Synaptics Incorporated) [K
ernel | On_Demand | Running] -- C:\Windows\System32\drivers\Smb_driver_Intel.sys
-- (SmbDrvI)
DRV - [2013/12/19 19:44:40 | 000,077,824 | ---- | M] (Advanced Micro Devices) [K
ernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (Ati
HDAudioService)
DRV - [2013/12/09 02:49:06 | 010,375,680 | ---- | M] (Intel Corporation) [Kernel
| On_Demand | Running] -- C:\Windows\System32\drivers\NETwsn00.sys -- (NETwNs32
)
DRV - [2013/11/30 13:40:58 | 000,021,432 | ---- | M] (Christian Gulden) [Kernel
| On_Demand | Stopped] -- C:\Windows\System32\drivers\pimou.sys -- (pimou)
DRV - [2013/11/28 07:24:18 | 000,108,000 | ---- | M] (Tonec Inc.) [Kernel | Auto
| Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)
DRV - [2013/10/01 14:39:14 | 000,021,432 | ---- | M] (Christian Gulden) [Kernel
| On_Demand | Stopped] -- C:\Windows\System32\drivers\pikbd.sys -- (pikbd)
DRV - [2013/08/27 20:13:22 | 000,209,112 | ---- | M] (Realtek Semiconductor Corp
.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsUStor.sys -(RSUSBSTOR)
DRV - [2013/07/18 07:54:30 | 000,110,280 | ---- | M] (Qualcomm Atheros Co., Ltd.
) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -(L1C)
DRV - [2013/04/30 07:14:44 | 010,070,016 | ---- | M] (Advanced Micro Devices, In
c.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys - (atikmdag)
c.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys - (amdkmdag)
c.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys - (amdkmdap)
DRV - [2013/03/21 13:08:56 | 000,068,480 | ---- | M] (MediaTek Inc.) [Kernel | O
n_Demand | Stopped] -- C:\Windows\System32\drivers\usb2ser.sys -- (wdf_usb)
c.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\amdkmafd.sys -- (am
dkmafd)
DRV - [2013/01/25 08:16:34 | 000,095,232 | ---- | M] (Huawei Technologies Co., L
td.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.s
ys -- (ew_hwusbdev)
td.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbwwan.sys
-- (ewusbmbb)
td.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys
-- (hwdatacard)
td.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jubusenum.
sys -- (huawei_enumerator)
DRV - [2012/12/13 08:49:54 | 000,172,544 | ---- | M] (MediaTek Inc.) [Kernel | O
n_Demand | Stopped] -- C:\Windows\System32\drivers\mtkmbim7.sys -- (mtkmbim)
DRV - [2012/11/12 04:47:48 | 000,255,968 | ---- | M] (AVG Technologies CZ, s.r.o
.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (A
vgldx86)
DRV - [2012/06/18 13:58:52 | 000,016,000 | ---- | M] (SysNucleus) [Kernel | On_D
emand | Stopped] -- C:\Windows\System32\drivers\udsstub.sys -- (udsstub)
. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.s
ys -- (AVGIDSDriver)
.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Av
gtdix)
DRV - [2011/03/25 10:58:06 | 000,075,776 | ---- | M] (Microsoft Corporation) [Ke
rnel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ksudbus.sys -- (dg_ks
udbus)
.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -(Avgrkx86)
.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys
-- (Avgmfx86)
. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AV
GIDSEH)
. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys
-- (AVGIDSShim)
. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.s
ys -- (AVGIDSFilter)
rnel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
rnel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
rnel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storv
sc)
rnel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUs
bFlt)
rnel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys
-- (RdpVideoMiniport)
rnel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb
)
rnel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBu
sHID)
rnel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap
)
DRV - [2010/11/04 15:18:04 | 000,102,728 | ---- | M] (Matrox Graphics Inc.) [Ker
nel | Boot | Running] -- C:\Windows\System32\drivers\MxEFUF32.sys -- (MxEFUF)
.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (A
vgfwfd)
DRV - [2010/01/29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_S
ystem | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (

ISODrive)
DRV - [2009/09/17 17:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel
| On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2007/07/07 08:11:58 | 000,026,120 | ---- | M] (Rainbow Technologies Inc.)
[Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SNTNLUSB.SYS -- (
Sntnlusb)
DRV - [2007/07/07 08:11:38 | 000,076,288 | ---- | M] (Rainbow Technologies, Inc.
) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SENTINEL.SYS -- (Sent
inel)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ww
w.yahoo.com/?ilc=8
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yaho
o.com/?ilc=8
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http:/
/www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.goog
le.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache Ac
ceptLangs = en-us
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http:/
/www.bing.com/search?FORM=VE3D01&q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{11C7F47B-2F8C-4EF7-9ED3-DBE991EF18BA}: "URL" = http:/
/search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT250409
1&CUI=UN77121078141042375&UM=1
IE - HKCU\..\SearchScopes\{C4925EB0-BE5D-4EAD-AB0B-3E244065604F}: "URL" = http:/
/search.findwide.com/serp?guid={E09F01A6-3E7D-471A-A105-C0545FD5D094}&action=def
ault_search&serpv=22&k={searchTerms}
IE - HKCU\..\SearchScopes\{C71918FA-8DBB-4B22-997C-223B152F3535}: "URL" = http:/
/search.creativetoolbars.com/results?src=tb&id=smartbar&g=&q={searchTerms}
IE - HKCU\..\SearchScopes\{D86148B2-F270-49A7-9378-C8498CF1E18F}: "URL" = http:/
/search.avg.com/route/?d=4b3d2cf0&i=23&tp=chrome&q={searchTerms}&lng={language}&
ychte=us&nt=1
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http:/
/search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10809
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEna
ble" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOve
rride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxySer
ver" = 202.197.68.201:808
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.startup.homepage: "www.google.com.vn"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd
%7D:28.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Ma
cromed\Flash\NPSWF32_13_0_0_182.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,ver
sion=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit PhantomPDF\plugi
ns\npFoxitPhantomPDFPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,ver
sion=1.0,application/vnd.fdf: C:\Program Files\Foxit Software\Foxit PhantomPDF\p
lugins\npFoxitPhantomPDFPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version
=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFox
itReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version
=1.0,application/vnd.fdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\n
pFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program
Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Progr
am Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin
;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foun
d
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PR
OGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PRO
GRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\
Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\
Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wolfram.com/Mathematica: C:\Program Files\Com
mon Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll (Wolfram Resea
rch, Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Hu
an\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Huan\AppD
ata\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\
Users\Huan\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.
)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\
Users\Huan\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.
)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be
-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2013/10/18 12:25:12 |
000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Compon
ents: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugin
s: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetd
ownloadmanager.com: C:\Users\Huan\AppData\Roaming\IDM\idmmzcc5 [2014/03/22 11:39
:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@interne
tdownloadmanager.com: C:\Users\Huan\AppData\Roaming\IDM\idmmzcc5 [2014/03/22 11:
39:43 | 000,000,000 | ---D | M]
[2014/04/12 21:37:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Huan\

AppData\Roaming\Mozilla\Extensions
[2014/04/12 21:45:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Huan\
AppData\Roaming\Mozilla\Firefox\Profiles\oxqrcds5.default\extensions
[2014/03/26 22:40:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Fil
es\Mozilla Firefox\extensions
[2014/04/12 21:36:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Fil
es\Mozilla Firefox\browser\extensions
[2014/04/12 21:36:43 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Moz
illa Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[color=#E56717]========== Chrome ==========[/color]
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerm
s}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{go
ogle:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{g
oogle:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMargi
nParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{goog
le:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggest
Rid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{googl
e:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: https://www.google.com.vn/
CHR - plugin: Error reading preferences file
CHR - Extension: Splendid = C:\Users\Huan\AppData\Local\Google\Chrome\User Data\
Default\Extensions\bdfkbdkkfmmckaadapdipihjfaacnkgd\3_0\
CHR - Extension: Tom's Planner -- Project Planner = C:\Users\Huan\AppData\Local\
Google\Chrome\User Data\Default\Extensions\bipbkjijodkkdkilghhekodmoagkcdnc\2_0\
CHR - Extension: Discover the Web with Friends = C:\Users\Huan\AppData\Local\Goo
gle\Chrome\User Data\Default\Extensions\delljcncghcpfoenicicifkolnkhmkdc\7.314_0
\
CHR - Extension: Daum Equation Editor = C:\Users\Huan\AppData\Local\Google\Chrom
e\User Data\Default\Extensions\dinfmiceliiomokeofbocegmacmagjhe\2.0.1_0\
CHR - Extension: Listango Bookmark Manager = C:\Users\Huan\AppData\Local\Google\
Chrome\User Data\Default\Extensions\dmbdkkenkdllkpiognpnmlaglmojagnh\1.0.1_0\
CHR - Extension: TeX equation editor = C:\Users\Huan\AppData\Local\Google\Chrome
\User Data\Default\Extensions\eggdddnmjoomglnkjhcpcnjbieiojini\1.0.0.4_0\
CHR - Extension: Lingoes Text Capture Plug-in = C:\Users\Huan\AppData\Local\Goog
le\Chrome\User Data\Default\Extensions\ehmbdiembdehhgnnoicidccmbhnhdejd\2.1_1\
CHR - Extension: Google Calendar = C:\Users\Huan\AppData\Local\Google\Chrome\Use
r Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: TabLink = C:\Users\Huan\AppData\Local\Google\Chrome\User Data\D
efault\Extensions\fiomkbglnahplbafedejbebpfnmmpgdj\0.4_0\
CHR - Extension: TabLink = C:\Users\Huan\AppData\Local\Google\Chrome\User Data\D
efault\Extensions\fiomkbglnahplbafedejbebpfnmmpgdj\0.4_0\~
CHR - Extension: Stylish = C:\Users\Huan\AppData\Local\Google\Chrome\User Data\D
efault\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.2.2_0\
CHR - Extension: Memo Calendar = C:\Users\Huan\AppData\Local\Google\Chrome\User
Data\Default\Extensions\fpmolbenmlmgaljalobagjldokeoocco\1.0_0\
CHR - Extension: TimeMaps: World History Atlas = C:\Users\Huan\AppData\Local\Goo
gle\Chrome\User Data\Default\Extensions\gcknipbpempcbnncdekkeimmpjggfaem\1.0.5_0
\
CHR - Extension: ShareLaTeX = C:\Users\Huan\AppData\Local\Google\Chrome\User Dat
a\Default\Extensions\gibjhmenngmjnbmhfemjkolgkofimfjc\0.0.0.2_0\
CHR - Extension: AdBlock = C:\Users\Huan\AppData\Local\Google\Chrome\User Data\D
efault\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.25_0\
CHR - Extension: GmailTeX = C:\Users\Huan\AppData\Local\Google\Chrome\User Data\
Default\Extensions\gjnmclkoadjdljnfmbnnhaahilafoeji\5.15.6_0\
CHR - Extension: Yesware Email Tracking = C:\Users\Huan\AppData\Local\Google\Chr
ome\User Data\Default\Extensions\gkjnkapjmjfpipfcccnjbjcbgdnahpjp\2.0.149_0\
CHR - Extension: CircuitLab = C:\Users\Huan\AppData\Local\Google\Chrome\User Dat
a\Default\Extensions\haghanbgfkfpmepoohpigmglbfejljoj\0.0.0.8_0\
CHR - Extension: SuperSorter = C:\Users\Huan\AppData\Local\Google\Chrome\User Da
ta\Default\Extensions\hjebfgojnlefhdgmomncgjglmdckngij\0.4.4_0\
CHR - Extension: Don't Break the Chain = C:\Users\Huan\AppData\Local\Google\Chro
me\User Data\Default\Extensions\hlkkjgfbfgdcdjnddamlmgbipgbhgppk\1.2_0\
CHR - Extension: New Tab Redirect Plus! = C:\Users\Huan\AppData\Local\Google\Chr
ome\User Data\Default\Extensions\hnpoebddognhfcnfbfjdbgmgadkmmdkj\1.1.6_0\
CHR - Extension: Display LaTeX on arXiv.org = C:\Users\Huan\AppData\Local\Google
\Chrome\User Data\Default\Extensions\iamlipddanpcamngfnekhlejlijhjedg\1.8.2_0\
CHR - Extension: Dropbox = C:\Users\Huan\AppData\Local\Google\Chrome\User Data\D
efault\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl\3.0.8_0\
CHR - Extension: IDM Integration Module = C:\Users\Huan\AppData\Local\Google\Chr
ome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.19.3_0\
CHR - Extension: Clipular! Research, save & share screenshot = C:\Users\Huan\App
Data\Local\Google\Chrome\User Data\Default\Extensions\jmjbgcjbgmcfgbgikmbdioggjl
hjegpp\10.8.29.2046_0\
CHR - Extension: Bananatag for Gmail = C:\Users\Huan\AppData\Local\Google\Chrome
\User Data\Default\Extensions\jpbnpbfpgjkblmejlgkfkekajajhjcid\2.2.13_0\
CHR - Extension: Roomy Bookmarks Toolbar = C:\Users\Huan\AppData\Local\Google\Ch
rome\User Data\Default\Extensions\kmfbpoigddhdibjcilijiejaidggonfc\0.0.4_0\
CHR - Extension: Personal Trainer = C:\Users\Huan\AppData\Local\Google\Chrome\Us
er Data\Default\Extensions\kmgohkgndpahjklgpdihieeedjeneoke\1.7_0\
CHR - Extension: Math Science Engineering Calculators = C:\Users\Huan\AppData\Lo
cal\Google\Chrome\User Data\Default\Extensions\mnaaclhkigagfmmmejenjpgjmemgkipa\
1.4_0\
CHR - Extension: My Time Organizer = C:\Users\Huan\AppData\Local\Google\Chrome\U
ser Data\Default\Extensions\nbgjpoemniodpkigbjkleiaoifclhfdm\1.0.3_0\
CHR - Extension: To Do List = C:\Users\Huan\AppData\Local\Google\Chrome\User Dat
a\Default\Extensions\ncecfaonfegfhpgknfcepbfjlnojigde\2.2_0\
CHR - Extension: Google Wallet = C:\Users\Huan\AppData\Local\Google\Chrome\User
Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Neat Bookmarks = C:\Users\Huan\AppData\Local\Google\Chrome\User
Data\Default\Extensions\nnancliccjabjjmipbpjkfbijifaainp\0.9.17_0\
CHR - Extension: Docs PDF/PowerPoint Viewer (by Google) = C:\Users\Huan\AppData\
Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocb
n\3.10_0\
CHR - Extension: Scientific Calculator = C:\Users\Huan\AppData\Local\Google\Chro
me\User Data\Default\Extensions\npoipmeppdioagbkigdlnpmjphnolaog\1.0.2_0\
CHR - Extension: TINACloud = C:\Users\Huan\AppData\Local\Google\Chrome\User Data
\Default\Extensions\okbklkndcjiiekdnjjmbkpkpjnnbbboc\1.0.0.24_0\
CHR - Extension: Advanced Scientific Calci = C:\Users\Huan\AppData\Local\Google\
Chrome\User Data\Default\Extensions\okoiphachmdeohichmbglbllbhhphhcp\1.7_0\
O1 HOSTS File: ([2014/03/30 08:54:10 | 000,002,628 | ---- | M]) - C:\Windows\Sys
tem32\drivers\etc\hosts
O1 - Hosts: 173.252.100.26 facebook.com
O1 - Hosts: 173.252.100.26 www.facebook.com
O1 - Hosts: 173.252.100.26 www.login.facebook.com
O1 - Hosts: 173.252.100.26 login.facebook.com
O1 - Hosts: 173.252.100.26 apps.facebook.com
O1 - Hosts: 173.252.100.26 graph.facebook.com
O1 - Hosts: 173.252.100.26 register.facebook.com
O1 - Hosts: 173.252.100.26 vi-vn.connect.facebook.com
O1 - Hosts: 173.252.100.26 vi-vn.facebook.com
O1 - Hosts: 173.252.100.26 static.ak.connect.facebook.com
O1 - Hosts: 173.252.100.26 developers.facebook.com
O1 - Hosts: 173.252.100.26 error.facebook.com
O1 - Hosts: 173.252.100.26 channel.facebook.com

O1 - Hosts: 173.252.100.26 bigzipfiles.facebook.com
O1 - Hosts: 173.252.100.26 pixel.facebook.com
O1 - Hosts: 173.252.100.26 upload.facebook.com
O1 - Hosts: 173.252.100.26 bigzipfiles.facebook.com
O1 - Hosts: 173.252.100.26 pixel.facebook.com
O1 - Hosts: 173.252.100.26 logins.facebook.com
O1 - Hosts: 173.252.100.26 graph.facebook.com
O1 - Hosts: 173.252.100.26 developers.facebook.com
O1 - Hosts: 173.252.100.26 error.facebook.com
O1 - Hosts: 25 more lines...
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B4
58C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Dow
nload Manager, Tonec Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
- C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02F
F} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporat
ion)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A
9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {50FC6457-F99A-471B-987A-4E8268A9C1
44} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technolo
gies CZ, s.r.o.)
O4 - HKLM..\Run: [Fences] C:\Program Files\Stardock\Fences\Fences.exe (Stardock
Corporation)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_F1F1587D176A754DDDA7675FFF6B98DC] C:\Pr
ogram Files\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (T
onec Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentProm
ptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentProm
ptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSec
ureDesktop = 0
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Int
ernet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Down
load Manager\IEExt.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:
\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE
0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Cor
poration)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA
} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsof
t Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-E
DE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dl
l (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{072BB2EA-6FB1-4836-9
F24-C608D7D4703E}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1E17CADC-FFA9-4708-B
F75-1264AD318AE1}: NameServer = 203.113.131.6 203.113.131.2
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\P
rogram Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft
Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\
System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\S
ystem32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value
found.
O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellE
xt - C:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Progra
m Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 04:42:20 | 000,000,024 | ---- | M] () - C:\auto
exec.bat -- [ NTFS ]
O33 - MountPoints2\{1c826f07-36ea-11e3-b0d9-99f54067680a}\Shell - "" = AutoRun
O33 - MountPoints2\{1c826f07-36ea-11e3-b0d9-99f54067680a}\Shell\AutoRun\command
- "" = H:\.\StartModem.exe
O33 - MountPoints2\{b822aa7c-7f33-11e3-85e1-fabdef3d69d7}\Shell - "" = AutoRun
O33 - MountPoints2\{b822aa7c-7f33-11e3-85e1-fabdef3d69d7}\Shell\AutoRun\command
- "" = H:\AutoRun.exe
O33 - MountPoints2\{b822aa93-7f33-11e3-85e1-fabdef3d69d7}\Shell - "" = AutoRun
O33 - MountPoints2\{b822aa93-7f33-11e3-85e1-fabdef3d69d7}\Shell\AutoRun\command
- "" = J:\AutoRun.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/col
or]
[2014/04/13 22:43:19 | 000,000,000 | ---D |
Scan
[2014/04/13 22:43:14 | 000,000,000 | ---D |
[2014/04/13 22:43:12 | 000,000,000 | ---D |
ws\Start Menu\Programs\McAfee Security Scan
[2014/04/13 22:43:11 | 000,000,000 | ---D |
ty Scan
[2014/04/13 17:22:24 | 000,000,000 | ---D |
[2014/04/13 17:20:55 | 000,000,000 | ---D |
ders
[2014/04/13 16:36:37 | 000,000,000 | ---D |
[2014/04/13 13:46:24 | 000,000,000 | ---D |
postureAgent
[2014/04/13 13:46:20 | 000,000,000 | ---D |
[2014/04/13 13:46:15 | 000,000,000 | ---D |
[2014/04/13 13:21:39 | 000,000,000 | ---D |
C] -- C:\ProgramData\McAfee Security
C] -- C:\ProgramData\McAfee
C] -- C:\ProgramData\Microsoft\Windo
Plus
C] -- C:\Program Files\McAfee Securi
C] -- C:\Windows\System32\SPReview
C] -- C:\Windows\System32\EventProvi
C] -- C:\Windows\System32\MRT
C] -- C:\Program Files\Common Files\
C] -- C:\Program Files\Intel
C] -- C:\Intel
C] -- C:\Users\Huan\AppData\Roaming\
Logitech
[2014/04/13 13:19:47 | 000,000,000 | ---D |
ws\Start Menu\Programs\SetPoint
[2014/04/13 13:19:36 | 000,000,000 | ---D |
[2014/04/13 13:19:26 | 000,000,000 | ---D |
Logishrd
[2014/04/13 13:19:22 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:29 | 000,000,000 | ---D |
ws\Start Menu\Programs\Renesas Electronics
[2014/04/13 13:14:27 | 000,000,000 | ---D |
ronics
[2014/04/13 13:13:25 | 000,000,000 | ---D |
[2014/04/13 10:34:16 | 000,000,000 | ---D |
evatedDiagnostics
[2014/04/13 10:33:52 | 000,000,000 | -HSD |
4F99-B5F4-BED72B2A038C}
[2014/04/13 10:33:28 | 000,000,000 | ---D |
OpenCandy
[2014/04/13 10:33:09 | 000,000,000 | ---D |
rmi
[2014/04/13 07:00:12 | 000,000,000 | ---D |
ws\Start Menu\Programs\Speccy
[2014/04/13 07:00:08 | 000,000,000 | ---D |
[2014/04/12 21:37:07 | 000,000,000 | ---D |
zilla
[2014/04/12 21:36:54 | 000,000,000 | ---D |
[2014/04/12 21:36:53 | 000,000,000 | ---D |
enance Service
[2014/04/12 20:18:44 | 000,000,000 | ---D |
[2014/04/12 10:09:51 | 000,062,008 | ---- |
ws\System32\drivers\shield.sys
C] -- C:\ProgramData\Logitech
C] -- C:\Program Files\Common Files\
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
--------------------------------
C:\Program Files\SetPoint
C:\Windows\System32\2C0A
C:\Windows\System32\0C0A
C:\Windows\System32\0C04
C:\Windows\System32\0816
C:\Windows\System32\041F
C:\Windows\System32\041E
C:\Windows\System32\041D
C:\Windows\System32\041B
C:\Windows\System32\040E
C:\Windows\System32\040D
C:\Windows\System32\040C
C:\Windows\System32\040B
C:\Windows\System32\040A
C:\ProgramData\Microsoft\Windo
C] -- C:\Program Files\Renesas Elect

C] -- C:\DRIVERS
C] -- C:\Users\Huan\AppData\Local\El
C] -- C:\ProgramData\{FE8D473A-6F06C] -- C:\Users\Huan\AppData\Roaming\
C] -- C:\Users\Huan\AppData\Roaming\
C] -- C:\Program Files\Speccy
C] -- C:\Users\Huan\AppData\Local\Mo
C] -- C:\ProgramData\Mozilla
C] -- C:\Program Files\Mozilla Maint
C] -- C:\AdwCleaner
C] (Horizon DataSys Inc) -- C:\Windo
[2014/04/12 10:09:51 | 000,024,632 | ---- | C] (Horizon DataSys Inc) -- C:\Windo

ws\System32\drivers\shieldf.sys
ws\System32\shdsync.exe
ws\System32\drivers\shieldm.sys
ws\System32\drivers\shdbus.sys
[2014/04/12 10:09:51 | 000,000,000 | ---D | C] -- C:\Program Files\Shield
[2014/04/02 20:10:33 | 000,025,328 | ---- | C] (Synaptics Incorporated) -- C:\Wi
ndows\System32\drivers\Smb_driver_Intel.sys
[2014/04/01 20:22:10 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Asha
mpoo
[2014/04/01 10:43:58 | 000,000,000 | ---D | C] -- C:\Users\Huan\Desktop\Images f
or report
[2014/03/31 07:30:23 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014/03/28 12:03:27 | 000,000,000 | ---D | C] -- C:\Users\Huan\Desktop\Anh
[2014/03/28 10:25:05 | 000,000,000 | ---D | C] -- C:\Users\Huan\Desktop\Huan
[2014/03/26 23:11:56 | 000,000,000 | ---D | C] -- C:\Users\Huan\AppData\Roaming\
Design Science
[2014/03/26 23:06:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo
ws\Start Menu\Programs\MathType 6
[2014/03/26 22:40:05 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firef
ox
[2014/03/26 22:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\Aurora
[2014/03/26 21:27:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Ashampoo
[2014/03/26 21:27:13 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo
Microsoft\Windows\Start Menu\Programs\Co Rom+
IDM
Microsoft\Windows\Start Menu\Programs\Internet Download Manager
ws\Start Menu\Programs\Internet Download Manager
[2014/03/22 07:33:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\cache
[2014/03/20 19:20:54 | 000,108,000 | ---- | C] (Tonec Inc.) -- C:\Windows\System
32\drivers\idmwfp.sys
ws\Start Menu\Programs\SharePoint
ws\Start Menu\Programs\Microsoft Office
[2014/03/20 12:25:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Syn
chronization Services
[2014/03/20 12:25:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\
DESIGNER
[2014/03/20 12:24:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL
Server Compact Edition
[2014/03/20 12:22:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Vis
ual Studio 8
[2014/03/20 12:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Ana
lysis Services
[2014/03/20 12:16:22 | 000,000,000 | ---D | C] -- C:\Users\Huan\AppData\Local\St
ardock_Corporation
[2014/03/20 12:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Stardock
[2014/03/20 12:14:40 | 000,000,000 | ---D | C] -- C:\Users\Huan\Documents\Stardo
ck
[2014/03/20 12:14:40 | 000,000,000 | ---D | C] -- C:\Users\Huan\AppData\Local\St
ardock
ws\Start Menu\Programs\Stardock
[2014/03/20 12:13:24 | 000,000,000 | ---D | C] -- C:\Program Files\Stardock
Mozilla
[2014/03/19 21:21:00 | 000,000,000 | ---D | C] -- C:\Users\Huan\Desktop\DienDanB
acLieu.Net_hosts
[2014/03/19 21:20:42 | 000,000,000 | ---D | C] -- C:\Downloads
[2014/03/19 20:17:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Free Download M
anager
[2014/03/19 15:26:10 | 000,000,000 | ---D | C] -- C:\Users\Huan\Desktop\VLSI
[2014/03/18 22:33:17 | 000,000,000 | ---D | C] -- C:\MentorGraphics
VideoDrivers
[2014/03/18 22:08:27 | 000,000,000 | ---D | C] -- C:\Users\Huan\Desktop\Modelsim
6.5
ws\Start Menu\Programs\Yahoo! Messenger
[2014/03/17 06:58:02 | 000,000,000 | ---D | C] -- C:\Users\Huan\Desktop\Design o
f a RF CMOS Low Noise Amplifier Nirav Desai - Academia.edu_files
[2014/03/16 19:49:43 | 000,000,000 | R--D | C] -- C:\Users\Huan\Documents\Notes
[2013/11/15 10:48:32 | 001,832,744 | ---- | C] (VNG Corporation) -- C:\Users\Hua
n\AppData\Roaming\Laban.exe
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2014/04/13 23:44:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flas
h Player Updater.job
[2014/04/13 23:41:39 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB
0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/13 23:41:39 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB
0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/13 23:39:13 | 000,660,318 | ---- | M] () -- C:\Windows\System32\perfh00
9.dat
[2014/04/13 23:39:13 | 000,121,214 | ---- | M] () -- C:\Windows\System32\perfc00
9.dat
[2014/04/13 23:34:20 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpda
teTaskMachineCore.job
[2014/04/13 23:34:18 | 000,000,450 | -H-- | M] () -- C:\Windows\tasks\Sk-Enhance
r-S-5902107913.job
[2014/04/13 23:34:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/13 23:33:58 | 1551,253,504 | -HS- | M] () -- C:\hiberfil.sys
teTaskUserS-1-5-21-155064764-3199124672-448702342-1000UA.job
teTaskMachineUA.job
[2014/04/13 23:25:58 | 159,420,632 | ---- | M] () -- C:\Windows\System32\drivers
\AVG\incavi.avm
[2014/04/13 23:15:01 | 000,000,992 | ---- | M] () -- C:\Windows\tasks\CocCocUpda
[2014/04/13 22:43:13 | 000,002,072 | ---- | M] () -- C:\ProgramData\Microsoft\Wi
ndows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/04/13 18:07:54 | 000,001,367 | ---- | M] () -- C:\Users\Huan\Application D
ata\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.ln
k
[2014/04/13 18:07:12 | 001,972,496 | ---- | M] () -- C:\Windows\System32\FNTCACH
E.DAT
teTaskUserS-1-5-21-155064764-3199124672-448702342-1000Core.job
[2014/04/13 17:15:03 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\CocCocUpda
[2014/04/13 17:07:28 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit

.inf
\AVG\iavichjg.avm
[2014/04/13 12:55:06 | 000,000,854 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/04/12 15:31:42 | 000,002,004 | ---- | M] () -- C:\Users\Public\Desktop\Goo
gle Chrome.lnk
[2014/04/12 10:09:52 | 000,062,008 | ---- | M] (Horizon DataSys Inc) -- C:\Windo
ws\System32\drivers\shield.sys
ws\System32\drivers\shieldf.sys
ws\System32\drivers\shieldm.sys
ws\System32\drivers\shdbus.sys
ws\System32\shdsync.exe
[2014/04/08 20:53:10 | 000,044,184 | ---- | M] () -- C:\Users\Huan\Desktop\Error
Amplifier proposed.PNG
[2014/04/08 16:36:05 | 000,048,047 | ---- | M] () -- C:\Users\Huan\Desktop\Schem
atic.PNG
[2014/04/07 14:13:21 | 000,000,132 | ---- | M] () -- C:\Users\Huan\AppData\Roami
ng\Adobe PNG Format CS6 Prefs
[2014/04/06 22:21:14 | 021,767,910 | ---- | M] () -- C:\Users\Huan\Desktop\[Davi
d_Johns_Ken_Martin]_Analog_Integrated_Circuit(BookFi.org).pdf
[2014/04/04 02:01:31 | 000,789,768 | ---- | M] () -- C:\Users\Huan\Desktop\For a
nd Against (L.G.Alexander).pdf
[2014/04/02 20:09:02 | 000,001,192 | ---- | M] () -- C:\Users\Huan\Desktop\Drive
rMax.lnk
ng\TexPoint.ini
ng\TexPoint.lic
[2014/03/31 07:30:21 | 197,572,382 | ---- | M] () -- C:\Windows\MEMORY.DMP
\etc\hosts
\etc\hosts.old
[2014/03/26 21:27:28 | 000,000,213 | ---- | M] () -- C:\Users\Public\Desktop\You
r Software Deals.url
[2014/03/26 15:51:34 | 000,000,109 | ---- | M] () -- C:\Users\Huan\Documents\txp
_fig.tex
[2014/03/25 06:19:25 | 000,158,274 | ---- | M] () -- C:\Users\Huan\Desktop\Vietn
am_Economic_Times2009.pdf
ng\LTspiceIV.ini
[2014/03/22 17:10:45 | 000,002,374 | ---- | M] () -- C:\Users\Huan\Desktop\Co Ro
m+.lnk
[2014/03/22 11:38:10 | 000,000,979 | ---- | M] () -- C:\Users\Huan\Desktop\Inter
net Download Manager.lnk
[2014/03/22 07:32:46 | 000,042,272 | ---- | M] (AVG Technologies) -- C:\Windows\
System32\drivers\avgtpx86.sys
[2014/03/20 12:41:22 | 000,446,258 | ---- | M] () -- C:\Windows\AutoKMS.exe
[2014/03/17 23:41:38 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Yah
oo! Messenger.lnk
[2014/03/17 23:41:37 | 000,001,129 | ---- | M] () -- C:\Users\Huan\Application D
ata\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2014/03/16 22:04:20 | 000,149,133 | ---- | M] () -- C:\Users\Huan\Desktop\collo
quial and standard diction.PNG
[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014/04/13 22:43:13 | 000,002,072 | ---- | C] () -- C:\ProgramData\Microsoft\Wi
ndows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/04/13 17:07:28 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit
.inf
[2014/04/13 11:53:22 | 000,000,854 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/04/12 21:36:58 | 000,001,077 | ---- | C] () -- C:\ProgramData\Microsoft\Wi
ndows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/04/08 20:53:09 | 000,044,184 | ---- | C] () -- C:\Users\Huan\Desktop\Error
Amplifier proposed.PNG
[2014/04/08 16:36:05 | 000,048,047 | ---- | C] () -- C:\Users\Huan\Desktop\Schem
atic.PNG
[2014/04/06 21:47:43 | 021,767,910 | ---- | C] () -- C:\Users\Huan\Desktop\[Davi
d_Johns_Ken_Martin]_Analog_Integrated_Circuit(BookFi.org).pdf
[2014/04/04 02:01:33 | 000,789,768 | ---- | C] () -- C:\Users\Huan\Desktop\For a
nd Against (L.G.Alexander).pdf
[2014/03/31 07:30:21 | 197,572,382 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/03/26 22:32:31 | 000,000,094 | ---- | C] () -- C:\Users\Huan\AppData\Roami
ng\TexPoint.ini
ng\TexPoint.lic
[2014/03/26 21:27:28 | 000,000,213 | ---- | C] () -- C:\Users\Public\Desktop\You
r Software Deals.url
[2014/03/26 15:51:01 | 000,000,109 | ---- | C] () -- C:\Users\Huan\Documents\txp
_fig.tex
[2014/03/25 06:19:19 | 000,158,274 | ---- | C] () -- C:\Users\Huan\Desktop\Vietn
am_Economic_Times2009.pdf
[2014/03/22 17:10:45 | 000,002,374 | ---- | C] () -- C:\Users\Huan\Desktop\Co Ro
m+.lnk
[2014/03/22 17:10:07 | 000,000,992 | ---- | C] () -- C:\Windows\tasks\CocCocUpda
[2014/03/22 17:10:06 | 000,000,940 | ---- | C] () -- C:\Windows\tasks\CocCocUpda
[2014/03/22 11:38:10 | 000,000,979 | ---- | C] () -- C:\Users\Huan\Desktop\Inter
net Download Manager.lnk
[2014/03/20 12:38:08 | 000,446,258 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2014/03/17 23:41:38 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Yah
oo! Messenger.lnk
[2014/03/17 23:41:37 | 000,001,129 | ---- | C] () -- C:\Users\Huan\Application D
ata\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2014/03/16 22:04:20 | 000,149,133 | ---- | C] () -- C:\Users\Huan\Desktop\collo
quial and standard diction.PNG
ng\Adobe PNG Format CS6 Prefs
[2013/12/15 18:50:15 | 000,000,016 | -H-- | C] () -- C:\Users\Huan\1HmOlao4361
[2013/12/15 18:49:38 | 000,000,429 | ---- | C] () -- C:\Users\Huan\quartus2.ini
[2013/11/19 15:06:45 | 000,216,064 | ---- | C] () -- C:\Windows\System32\gcapi_d
ll.dll
ng\Solve Elec 2.5 Prefs
[2013/10/28 23:08:08 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsv
l.dat
[2013/10/28 23:08:08 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsv
a.dat
[2013/10/28 23:08:04 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipbla
g.dat
[2013/10/28 23:07:56 | 000,618,823 | ---- | C] () -- C:\Windows\System32\atiicdx
x.dat
[2013/10/20 13:01:03 | 000,274,061 | ---- | C] () -- C:\Windows\System32\drivers
\RTAIODAT.DAT
[2013/10/19 20:26:42
ng\LTspiceIV.ini
[2013/10/18 21:50:14
per.exe
[2013/10/18 21:48:22
mUi.exe
[2013/10/18 01:48:47
[2013/08/05 22:00:26
g
| 000,004,482 | ---- | C] () -- C:\Users\Huan\AppData\Roami

| 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHel
| 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBr
| 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
| 000,024,036 | ---- | C] () -- C:\Users\Huan\SDActivate.ln
[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 11:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop
.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}
\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}
\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1
}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 11:41:00 | 012,873,728 | --- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F
}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:19:02 | 000,606,2
08 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1
}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 08:16:17 | 000,342,52
8 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[color=#E56717]========== LOP Check ==========[/color]
[2013/10/17 12:07:08
AVG10
[2013/11/21 16:40:46
Azureus
[2014/02/09 16:45:58
CocCoc
[2014/03/26 23:11:56
Design Science
[2014/04/13 23:32:50
DMCache
[2014/03/08 21:22:13
Foxit Software
[2014/03/24 12:44:00
IDM
[2013/10/23 20:45:30
National Instruments
[2014/04/13 10:33:28
OpenCandy
| 000,000,000 | ---D | M] -- C:\Users\Huan\AppData\Roaming\

[2014/04/13 10:33:29
rmi
[2014/02/05 21:18:11
Software Informer
[2014/03/20 12:14:42
Stardock
[2013/11/09 10:44:05
TeraCopy
[2014/03/18 22:10:56
VideoDrivers
[2014/01/06 23:46:14
xm1

[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Files - Unicode (All) ==========[/color]

[2014/03/28 10:16:47 | 002,187,328 | ---- | M] ()(C:\Users\Huan\Desktop\SVTN-Bo co
th?c t?p t?t nghi?p-Huan.docx) -- C:\Users\Huan\Desktop\SVTN-Bo co thc tp tt nghip-Hu
an.docx
[2014/03/27 08:38:02 | 002,187,328 | ---- | C] ()(C:\Users\Huan\Desktop\SVTN-Bo co
th?c t?p t?t nghi?p-Huan.docx) -- C:\Users\Huan\Desktop\SVTN-Bo co thc tp tt nghip-Hu
an.docx
[2014/03/27 07:20:45 | 000,585,036 | ---- | M] ()(C:\Users\Huan\Desktop\L?I NI ?U
(Repaired).docx) -- C:\Users\Huan\Desktop\LI NI U (Repaired).docx
[2014/03/27 04:30:55 | 000,585,036 | ---- | C] ()(C:\Users\Huan\Desktop\L?I NI ?U
(Repaired).docx) -- C:\Users\Huan\Desktop\LI NI U (Repaired).docx
[2014/03/27 01:01:23 | 000,510,973 | ---- | M] ()(C:\Users\Huan\Desktop\L?I NI ?U.
docx) -- C:\Users\Huan\Desktop\LI NI U.docx
[2014/03/23 16:10:46 | 000,510,973 | ---- | C] ()(C:\Users\Huan\Desktop\L?I NI ?U.
docx) -- C:\Users\Huan\Desktop\LI NI U.docx
[2014/03/23 13:38:25 | 002,325,926 | ---- | C] ()(C:\Users\Huan\Desktop\SVTN-Bo co
th?c .docx) -- C:\Users\Huan\Desktop\SVTN-Bo co thc .docx
[2014/03/23 13:31:42 | 002,325,926 | ---- | M] ()(C:\Users\Huan\Desktop\SVTN-Bo co
th?c .docx) -- C:\Users\Huan\Desktop\SVTN-Bo co thc .docx
[2014/02/02 13:11:10 | 000,145,902 | ---- | M] ()(C:\Users\Huan\Documents\Mau do
n xin c?p HB VietHope.pdf) -- C:\Users\Huan\Documents\Mau don xin cp HB VietHope.
pdf
[2014/02/02 13:11:08 | 000,145,902 | ---- | C] ()(C:\Users\Huan\Documents\Mau do
n xin c?p HB VietHope.pdf) -- C:\Users\Huan\Documents\Mau don xin cp HB VietHope.
pdf
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:07F6D9E4
< End of report >

Otl

Uploaded by

Copyright:

Available Formats

You might also like

Otl

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Otl

Uploaded by

Copyright:

Available Formats

OTL logfile created on: 4/13/2014 11:39:28 PM - Run 1

OTL by OldTimer - Version 3.2.69.0

PRC - [2011/03/16 16:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o

[color=#E56717]========== Services (SafeList) ==========[/color]

| Stopped] -- C:\Program Files\Shield\ShdServ.exe -- (ShdServ)

| On_Demand | Stopped] -- system32\DRIVERS\vmnetada

ystem | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (

FF - user.js - File not found

[2014/04/12 21:37:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Huan\

O1 - Hosts: 173.252.100.26 register.facebook.com

C] -- C:\Program Files\Renesas Elect

[2014/04/12 10:09:51 | 000,024,632 | ---- | C] (Horizon DataSys Inc) -- C:\Windo

[2014/04/13 17:07:28 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit

[color=#E56717]========== Files Created - No Company Name ==========[/color]

| 000,004,482 | ---- | C] () -- C:\Users\Huan\AppData\Roami

[color=#E56717]========== ZeroAccess Check ==========[/color]

| 000,000,000 | ---D | M] -- C:\Users\Huan\AppData\Roaming\

| 000,000,000 | ---D | M] -- C:\Users\Huan\AppData\Roaming\

[color=#E56717]========== Purity Check ==========[/color]

[color=#E56717]========== Files - Unicode (All) ==========[/color]

You might also like