0% found this document useful (0 votes)

161 views18 pages

Otl

This document provides information about processes, modules, services, and drivers running on a Windows computer. It lists 50 processes, 17 modules, 28 services, and 1 driver service, along with details like file paths, sizes, dates, and states. The computer is identified as a Windows 7 NTWorkstation with 1.93GB of RAM located in the United States.

Uploaded by

anhnhamoi

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

161 views18 pages

Otl

Uploaded by

anhnhamoi

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

You are on page 1/ 18

OTL logfile created on: 4/13/2014 11:39:28 PM - Run 1

OTL by OldTimer - Version 3.2.69.0

Folder = C:\Users\Huan\Downloads\Programs
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyy
y
1.93 Gb Total Physical Memory | 0.61 Gb Available Physical Memory | 31.71% Memor
y free
3.85 Gb Paging File | 1.94 Gb Available in Paging File | 50.46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Fil
es
Drive C: | 78.13 Gb Total Space | 27.40 Gb Free Space | 35.07% Space Free | Part
ition Type: NTFS
Drive D: | 154.85 Gb Total Space | 16.02 Gb Free Space | 10.35% Space Free | Par
tition Type: NTFS
Drive E: | 164.42 Gb Total Space | 56.62 Gb Free Space | 34.44% Space Free | Par
tition Type: NTFS
Computer Name: HUAN-PC | User Name: Huan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelis
t: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2014/04/13 23:38:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\User
s\Huan\Downloads\Programs\OTL.exe
PRC - [2014/04/02 08:58:05 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program
Files\Google\Chrome\Application\chrome.exe
PRC - [2014/03/22 11:40:58 | 003,829,328 | ---- | M] (Tonec Inc.) -- C:\Program
Files\Internet Download Manager\IDMan.exe
PRC - [2013/11/07 18:17:30 | 000,269,848 | ---- | M] (Tonec Inc.) -- C:\Program
Files\Internet Download Manager\IEMonitor.exe
PRC - [2013/04/30 06:53:00 | 000,453,632 | ---- | M] (AMD) -- C:\Windows\System3
2\atieclxx.exe
PRC - [2013/04/30 06:52:26 | 000,217,088 | ---- | M] (AMD) -- C:\Windows\System3
2\atiesrxx.exe
PRC - [2012/11/30 09:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -C:\Windows\System32\conhost.exe
PRC - [2012/11/12 12:59:15 | 000,657,504 | ---- | M] () -- C:\ProgramData\fast c
onnect\OnlineUpdate\ouc.exe
PRC - [2012/09/05 22:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Progra
m Files\McAfee Security Scan\3.0.285\SSScheduler.exe
PRC - [2012/08/01 04:48:54 | 002,345,592 | ---- | M] (AVG Technologies CZ, s.r.o
.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2012/07/19 20:07:51 | 000,821,840 | ---- | M] (ABBYY) -- C:\Program Files
\ABBYY FineReader 11\NetworkLicenseServer.exe
PRC - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o
.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/09/09 03:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o
.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/08/18 01:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o
.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/05/23 14:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o
.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o
.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe

PRC - [2011/03/16 16:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o

.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/03/14 22:27:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\Dataca
rdService\HWDeviceService.exe
PRC - [2011/03/14 22:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., L
td.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2011/03/09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o
.) -- C:\Program Files\AVG\AVG10\avgfws.exe
PRC - [2011/02/25 12:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -C:\Windows\explorer.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\
AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o
.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:32:42 | 000,750,432 | ---- | M] (AVG Technologies CZ, s.r.o
.) -- C:\Program Files\AVG\AVG10\avgam.exe
PRC - [2010/11/20 19:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -C:\Windows\System32\taskhost.exe
PRC - [2010/07/01 12:10:26 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\P
rogram Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/07/01 12:10:22 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\P
rogram Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2014/04/02 08:58:03 | 000,390,472 | ---- | M] () -- C:\Program
le\Chrome\Application\34.0.1847.116\ppgooglenaclpluginchrome.dll
MOD - [2014/04/02 08:58:02 | 013,691,720 | ---- | M] () -- C:\Program
le\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll
MOD - [2014/04/02 08:57:59 | 004,081,480 | ---- | M] () -- C:\Program
le\Chrome\Application\34.0.1847.116\pdf.dll
MOD - [2014/04/02 08:57:54 | 000,674,632 | ---- | M] () -- C:\Program
le\Chrome\Application\34.0.1847.116\libglesv2.dll
MOD - [2014/04/02 08:57:53 | 000,093,000 | ---- | M] () -- C:\Program
le\Chrome\Application\34.0.1847.116\libegl.dll
MOD - [2014/04/02 08:57:52 | 001,647,432 | ---- | M] () -- C:\Program
le\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
MOD - [2014/04/02 08:57:49 | 000,065,352 | ---- | M] () -- C:\Program
le\Chrome\Application\34.0.1847.116\chrome_elf.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program
on Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program
AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2010/03/24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program
osoft Office\Office14\1033\GrooveIntlResource.dll

Files\Goog
Files\Goog
Files\Goog
Files\Goog
Files\Goog
Files\Goog
Files\Goog
Files\Comm
Files\AVG\
Files\Micr

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secur
e Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe -- (vToolbarUpdater18.0.5)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Laflurla\updateLaflurl
a.exe -- (Update Laflurla)
SRV - [2014/04/13 23:13:51 | 000,257,712 | ---- | M] (Adobe Systems Incorporated
) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateS
ervice.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/04/12 10:09:51 | 000,385,024 | ---- | M] () [Auto | Stopped] -- C:\P
rogram Files\Shield\ShieldClnt.exe -- (ShieldClientService)
SRV - [2014/04/12 10:09:51 | 000,172,600 | ---- | M] (Horizon DataSys Inc) [Auto

| Stopped] -- C:\Program Files\Shield\ShdServ.exe -- (ShdServ)

SRV - [2014/03/15 15:40:31 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_De
mand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservi
ce.exe -- (MozillaMaintenance)
SRV - [2013/10/18 05:40:18 | 001,343,400 | ---- | M] (Microsoft Corporation) [On
_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013/04/30 06:52:26 | 000,217,088 | ---- | M] (AMD) [Auto | Running] -- C
:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012/11/12 12:59:15 | 000,657,504 | ---- | M] () [Auto | Stopped] -- C:\P
rogram Files\fast connect\UpdateDog\ouc.exe -- (fast connect. RunOuc)
SRV - [2012/09/05 22:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand |
Stopped] -- C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McCom
ponentHostService)
SRV - [2012/07/19 20:07:51 | 000,821,840 | ---- | M] (ABBYY) [Auto | Running] -C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe -- (ABBYY.Licensi
ng.FineReader.Professional.11.0)
SRV - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o
.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\
AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/11/10 20:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar S
ervice)
SRV - [2011/03/14 22:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\P
rogramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2011/03/09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o
.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgfws.exe -- (avgfws)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o
.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/07/01 12:10:26 | 002,533,400 | ---- | M] (Intel Corporation) [Auto |
Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UN
S.exe -- (UNS)
SRV - [2010/07/01 12:10:22 | 000,325,656 | ---- | M] (Intel Corporation) [Auto |
Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LM
S.exe -- (LMS)
SRV - [2010/03/25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On
_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (
Microsoft SharePoint Workspace Audit Service)
SRV - [2009/07/14 08:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On
_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 08:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On
_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 08:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On
_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel
pter.sys -- (VMnetAdapter)
DRV - File not found [Kernel
RS\vmci.sys -- (vmci)
DRV - File not found [Kernel
sys -- (VGPU)
DRV - File not found [Kernel
.sys -- (tsusbhub)
DRV - File not found [Kernel
sc.sys -- (Synth3dVsc)
DRV - File not found [Kernel
sys -- (PSKYMDM)
DRV - File not found [Kernel

| On_Demand | Stopped] -- system32\DRIVERS\vmnetada

.sys -- (PSKTOBEX)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PSKTBUS.
sys -- (PSKTBUS)
DRV - [2014/04/12 10:09:52 | 000,062,008 | ---- | M] (Horizon DataSys Inc) [Kern
el | Boot | Running] -- C:\Windows\System32\drivers\shield.sys -- (Shield)
DRV - [2014/04/12 10:09:52 | 000,024,632 | ---- | M] (Horizon DataSys Inc) [File
_System | Boot | Running] -- C:\Windows\System32\drivers\shieldf.sys -- (Shieldf
)
DRV - [2014/04/12 10:09:52 | 000,023,096 | ---- | M] (Horizon DataSys Inc) [Kern
el | Boot | Running] -- C:\Windows\System32\drivers\shieldm.sys -- (Shieldm)
DRV - [2014/04/12 10:09:52 | 000,021,560 | ---- | M] (Horizon DataSys Inc) [Kern
el | Boot | Running] -- C:\Windows\System32\drivers\shdbus.sys -- (Shdbus)
DRV - [2014/03/22 07:32:46 | 000,042,272 | ---- | M] (AVG Technologies) [Kernel
| System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2014/02/24 20:41:18 | 000,025,328 | ---- | M] (Synaptics Incorporated) [K
ernel | On_Demand | Running] -- C:\Windows\System32\drivers\Smb_driver_Intel.sys
-- (SmbDrvI)
DRV - [2013/12/19 19:44:40 | 000,077,824 | ---- | M] (Advanced Micro Devices) [K
ernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (Ati
HDAudioService)
DRV - [2013/12/09 02:49:06 | 010,375,680 | ---- | M] (Intel Corporation) [Kernel
| On_Demand | Running] -- C:\Windows\System32\drivers\NETwsn00.sys -- (NETwNs32
)
DRV - [2013/11/30 13:40:58 | 000,021,432 | ---- | M] (Christian Gulden) [Kernel
| On_Demand | Stopped] -- C:\Windows\System32\drivers\pimou.sys -- (pimou)
DRV - [2013/11/28 07:24:18 | 000,108,000 | ---- | M] (Tonec Inc.) [Kernel | Auto
| Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)
DRV - [2013/10/01 14:39:14 | 000,021,432 | ---- | M] (Christian Gulden) [Kernel
| On_Demand | Stopped] -- C:\Windows\System32\drivers\pikbd.sys -- (pikbd)
DRV - [2013/08/27 20:13:22 | 000,209,112 | ---- | M] (Realtek Semiconductor Corp
.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsUStor.sys -(RSUSBSTOR)
DRV - [2013/07/18 07:54:30 | 000,110,280 | ---- | M] (Qualcomm Atheros Co., Ltd.
) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -(L1C)
DRV - [2013/04/30 07:14:44 | 010,070,016 | ---- | M] (Advanced Micro Devices, In
c.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys - (atikmdag)
DRV - [2013/04/30 07:14:44 | 010,070,016 | ---- | M] (Advanced Micro Devices, In
c.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys - (amdkmdag)
DRV - [2013/04/30 05:47:52 | 000,290,304 | ---- | M] (Advanced Micro Devices, In
c.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys - (amdkmdap)
DRV - [2013/03/21 13:08:56 | 000,068,480 | ---- | M] (MediaTek Inc.) [Kernel | O
n_Demand | Stopped] -- C:\Windows\System32\drivers\usb2ser.sys -- (wdf_usb)
DRV - [2013/03/14 22:17:44 | 000,015,968 | ---- | M] (Advanced Micro Devices, In
c.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\amdkmafd.sys -- (am
dkmafd)
DRV - [2013/01/25 08:16:34 | 000,095,232 | ---- | M] (Huawei Technologies Co., L
td.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.s
ys -- (ew_hwusbdev)
DRV - [2013/01/23 14:01:00 | 000,379,904 | ---- | M] (Huawei Technologies Co., L
td.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbwwan.sys
-- (ewusbmbb)
DRV - [2013/01/23 13:56:28 | 000,199,296 | ---- | M] (Huawei Technologies Co., L
td.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys
-- (hwdatacard)
DRV - [2013/01/23 10:31:04 | 000,077,696 | ---- | M] (Huawei Technologies Co., L
td.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jubusenum.

sys -- (huawei_enumerator)
DRV - [2012/12/13 08:49:54 | 000,172,544 | ---- | M] (MediaTek Inc.) [Kernel | O
n_Demand | Stopped] -- C:\Windows\System32\drivers\mtkmbim7.sys -- (mtkmbim)
DRV - [2012/11/12 04:47:48 | 000,255,968 | ---- | M] (AVG Technologies CZ, s.r.o
.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (A
vgldx86)
DRV - [2012/06/18 13:58:52 | 000,016,000 | ---- | M] (SysNucleus) [Kernel | On_D
emand | Stopped] -- C:\Windows\System32\drivers\udsstub.sys -- (udsstub)
DRV - [2011/05/27 19:05:32 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o
. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.s
ys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o
.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Av
gtdix)
DRV - [2011/03/25 10:58:06 | 000,075,776 | ---- | M] (Microsoft Corporation) [Ke
rnel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ksudbus.sys -- (dg_ks
udbus)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o
.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -(Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o
.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys
-- (Avgmfx86)
DRV - [2011/02/22 08:12:50 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o
. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AV
GIDSEH)
DRV - [2011/02/10 07:53:42 | 000,021,968 | ---- | M] (AVG Technologies CZ, s.r.o
. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys
-- (AVGIDSShim)
DRV - [2011/02/10 07:53:40 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o
. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.s
ys -- (AVGIDSFilter)
DRV - [2010/11/20 19:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Ke
rnel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 19:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Ke
rnel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 19:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Ke
rnel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storv
sc)
DRV - [2010/11/20 17:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Ke
rnel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUs
bFlt)
DRV - [2010/11/20 17:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Ke
rnel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys
-- (RdpVideoMiniport)
DRV - [2010/11/20 16:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Ke
rnel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb
)
DRV - [2010/11/20 16:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Ke
rnel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBu
sHID)
DRV - [2010/11/20 16:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Ke
rnel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap
)
DRV - [2010/11/04 15:18:04 | 000,102,728 | ---- | M] (Matrox Graphics Inc.) [Ker
nel | Boot | Running] -- C:\Windows\System32\drivers\MxEFUF32.sys -- (MxEFUF)
DRV - [2010/07/12 04:34:02 | 000,054,112 | ---- | M] (AVG Technologies CZ, s.r.o
.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (A
vgfwfd)
DRV - [2010/01/29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_S

ystem | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (

ISODrive)
DRV - [2009/09/17 17:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel
| On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2007/07/07 08:11:58 | 000,026,120 | ---- | M] (Rainbow Technologies Inc.)
[Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SNTNLUSB.SYS -- (
Sntnlusb)
DRV - [2007/07/07 08:11:38 | 000,076,288 | ---- | M] (Rainbow Technologies, Inc.
) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SENTINEL.SYS -- (Sent
inel)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ww
w.yahoo.com/?ilc=8
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yaho
o.com/?ilc=8
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http:/
/www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.goog
le.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache Ac
ceptLangs = en-us
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http:/
/www.bing.com/search?FORM=VE3D01&q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{11C7F47B-2F8C-4EF7-9ED3-DBE991EF18BA}: "URL" = http:/
/search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT250409
1&CUI=UN77121078141042375&UM=1
IE - HKCU\..\SearchScopes\{C4925EB0-BE5D-4EAD-AB0B-3E244065604F}: "URL" = http:/
/search.findwide.com/serp?guid={E09F01A6-3E7D-471A-A105-C0545FD5D094}&action=def
ault_search&serpv=22&k={searchTerms}
IE - HKCU\..\SearchScopes\{C71918FA-8DBB-4B22-997C-223B152F3535}: "URL" = http:/
/search.creativetoolbars.com/results?src=tb&id=smartbar&g=&q={searchTerms}
IE - HKCU\..\SearchScopes\{D86148B2-F270-49A7-9378-C8498CF1E18F}: "URL" = http:/
/search.avg.com/route/?d=4b3d2cf0&i=23&tp=chrome&q={searchTerms}&lng={language}&
ychte=us&nt=1
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http:/
/search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10809
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEna
ble" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOve
rride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxySer
ver" = 202.197.68.201:808
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.startup.homepage: "www.google.com.vn"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd
%7D:28.0

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Ma
cromed\Flash\NPSWF32_13_0_0_182.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,ver
sion=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit PhantomPDF\plugi
ns\npFoxitPhantomPDFPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,ver
sion=1.0,application/vnd.fdf: C:\Program Files\Foxit Software\Foxit PhantomPDF\p
lugins\npFoxitPhantomPDFPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version
=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFox
itReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version
=1.0,application/vnd.fdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\n
pFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program
Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Progr
am Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin
;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foun
d
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PR
OGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PRO
GRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\
Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\
Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wolfram.com/Mathematica: C:\Program Files\Com
mon Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll (Wolfram Resea
rch, Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Hu
an\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Huan\AppD
ata\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\
Users\Huan\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.
)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\
Users\Huan\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.
)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be
-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2013/10/18 12:25:12 |
000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Compon
ents: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugin
s: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetd
ownloadmanager.com: C:\Users\Huan\AppData\Roaming\IDM\idmmzcc5 [2014/03/22 11:39
:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@interne
tdownloadmanager.com: C:\Users\Huan\AppData\Roaming\IDM\idmmzcc5 [2014/03/22 11:
39:43 | 000,000,000 | ---D | M]

[2014/04/12 21:37:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Huan\

AppData\Roaming\Mozilla\Extensions
[2014/04/12 21:45:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Huan\
AppData\Roaming\Mozilla\Firefox\Profiles\oxqrcds5.default\extensions
[2014/03/26 22:40:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Fil
es\Mozilla Firefox\extensions
[2014/04/12 21:36:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Fil
es\Mozilla Firefox\browser\extensions
[2014/04/12 21:36:43 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Moz
illa Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[color=#E56717]========== Chrome ==========[/color]
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerm
s}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{go
ogle:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{g
oogle:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMargi
nParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{goog
le:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggest
Rid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{googl
e:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: https://www.google.com.vn/
CHR - plugin: Error reading preferences file
CHR - Extension: Splendid = C:\Users\Huan\AppData\Local\Google\Chrome\User Data\
Default\Extensions\bdfkbdkkfmmckaadapdipihjfaacnkgd\3_0\
CHR - Extension: Tom's Planner -- Project Planner = C:\Users\Huan\AppData\Local\
Google\Chrome\User Data\Default\Extensions\bipbkjijodkkdkilghhekodmoagkcdnc\2_0\
CHR - Extension: Discover the Web with Friends = C:\Users\Huan\AppData\Local\Goo
gle\Chrome\User Data\Default\Extensions\delljcncghcpfoenicicifkolnkhmkdc\7.314_0
\
CHR - Extension: Daum Equation Editor = C:\Users\Huan\AppData\Local\Google\Chrom
e\User Data\Default\Extensions\dinfmiceliiomokeofbocegmacmagjhe\2.0.1_0\
CHR - Extension: Listango Bookmark Manager = C:\Users\Huan\AppData\Local\Google\
Chrome\User Data\Default\Extensions\dmbdkkenkdllkpiognpnmlaglmojagnh\1.0.1_0\
CHR - Extension: TeX equation editor = C:\Users\Huan\AppData\Local\Google\Chrome
\User Data\Default\Extensions\eggdddnmjoomglnkjhcpcnjbieiojini\1.0.0.4_0\
CHR - Extension: Lingoes Text Capture Plug-in = C:\Users\Huan\AppData\Local\Goog
le\Chrome\User Data\Default\Extensions\ehmbdiembdehhgnnoicidccmbhnhdejd\2.1_1\
CHR - Extension: Google Calendar = C:\Users\Huan\AppData\Local\Google\Chrome\Use
r Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: TabLink = C:\Users\Huan\AppData\Local\Google\Chrome\User Data\D
efault\Extensions\fiomkbglnahplbafedejbebpfnmmpgdj\0.4_0\
CHR - Extension: TabLink = C:\Users\Huan\AppData\Local\Google\Chrome\User Data\D
efault\Extensions\fiomkbglnahplbafedejbebpfnmmpgdj\0.4_0\~
CHR - Extension: Stylish = C:\Users\Huan\AppData\Local\Google\Chrome\User Data\D
efault\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.2.2_0\
CHR - Extension: Memo Calendar = C:\Users\Huan\AppData\Local\Google\Chrome\User
Data\Default\Extensions\fpmolbenmlmgaljalobagjldokeoocco\1.0_0\
CHR - Extension: TimeMaps: World History Atlas = C:\Users\Huan\AppData\Local\Goo
gle\Chrome\User Data\Default\Extensions\gcknipbpempcbnncdekkeimmpjggfaem\1.0.5_0
\
CHR - Extension: ShareLaTeX = C:\Users\Huan\AppData\Local\Google\Chrome\User Dat
a\Default\Extensions\gibjhmenngmjnbmhfemjkolgkofimfjc\0.0.0.2_0\
CHR - Extension: AdBlock = C:\Users\Huan\AppData\Local\Google\Chrome\User Data\D
efault\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.25_0\
CHR - Extension: GmailTeX = C:\Users\Huan\AppData\Local\Google\Chrome\User Data\
Default\Extensions\gjnmclkoadjdljnfmbnnhaahilafoeji\5.15.6_0\
CHR - Extension: Yesware Email Tracking = C:\Users\Huan\AppData\Local\Google\Chr

ome\User Data\Default\Extensions\gkjnkapjmjfpipfcccnjbjcbgdnahpjp\2.0.149_0\
CHR - Extension: CircuitLab = C:\Users\Huan\AppData\Local\Google\Chrome\User Dat
a\Default\Extensions\haghanbgfkfpmepoohpigmglbfejljoj\0.0.0.8_0\
CHR - Extension: SuperSorter = C:\Users\Huan\AppData\Local\Google\Chrome\User Da
ta\Default\Extensions\hjebfgojnlefhdgmomncgjglmdckngij\0.4.4_0\
CHR - Extension: Don't Break the Chain = C:\Users\Huan\AppData\Local\Google\Chro
me\User Data\Default\Extensions\hlkkjgfbfgdcdjnddamlmgbipgbhgppk\1.2_0\
CHR - Extension: New Tab Redirect Plus! = C:\Users\Huan\AppData\Local\Google\Chr
ome\User Data\Default\Extensions\hnpoebddognhfcnfbfjdbgmgadkmmdkj\1.1.6_0\
CHR - Extension: Display LaTeX on arXiv.org = C:\Users\Huan\AppData\Local\Google
\Chrome\User Data\Default\Extensions\iamlipddanpcamngfnekhlejlijhjedg\1.8.2_0\
CHR - Extension: Dropbox = C:\Users\Huan\AppData\Local\Google\Chrome\User Data\D
efault\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl\3.0.8_0\
CHR - Extension: IDM Integration Module = C:\Users\Huan\AppData\Local\Google\Chr
ome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.19.3_0\
CHR - Extension: Clipular! Research, save & share screenshot = C:\Users\Huan\App
Data\Local\Google\Chrome\User Data\Default\Extensions\jmjbgcjbgmcfgbgikmbdioggjl
hjegpp\10.8.29.2046_0\
CHR - Extension: Bananatag for Gmail = C:\Users\Huan\AppData\Local\Google\Chrome
\User Data\Default\Extensions\jpbnpbfpgjkblmejlgkfkekajajhjcid\2.2.13_0\
CHR - Extension: Roomy Bookmarks Toolbar = C:\Users\Huan\AppData\Local\Google\Ch
rome\User Data\Default\Extensions\kmfbpoigddhdibjcilijiejaidggonfc\0.0.4_0\
CHR - Extension: Personal Trainer = C:\Users\Huan\AppData\Local\Google\Chrome\Us
er Data\Default\Extensions\kmgohkgndpahjklgpdihieeedjeneoke\1.7_0\
CHR - Extension: Math Science Engineering Calculators = C:\Users\Huan\AppData\Lo
cal\Google\Chrome\User Data\Default\Extensions\mnaaclhkigagfmmmejenjpgjmemgkipa\
1.4_0\
CHR - Extension: My Time Organizer = C:\Users\Huan\AppData\Local\Google\Chrome\U
ser Data\Default\Extensions\nbgjpoemniodpkigbjkleiaoifclhfdm\1.0.3_0\
CHR - Extension: To Do List = C:\Users\Huan\AppData\Local\Google\Chrome\User Dat
a\Default\Extensions\ncecfaonfegfhpgknfcepbfjlnojigde\2.2_0\
CHR - Extension: Google Wallet = C:\Users\Huan\AppData\Local\Google\Chrome\User
Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Neat Bookmarks = C:\Users\Huan\AppData\Local\Google\Chrome\User
Data\Default\Extensions\nnancliccjabjjmipbpjkfbijifaainp\0.9.17_0\
CHR - Extension: Docs PDF/PowerPoint Viewer (by Google) = C:\Users\Huan\AppData\
Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocb
n\3.10_0\
CHR - Extension: Scientific Calculator = C:\Users\Huan\AppData\Local\Google\Chro
me\User Data\Default\Extensions\npoipmeppdioagbkigdlnpmjphnolaog\1.0.2_0\
CHR - Extension: TINACloud = C:\Users\Huan\AppData\Local\Google\Chrome\User Data
\Default\Extensions\okbklkndcjiiekdnjjmbkpkpjnnbbboc\1.0.0.24_0\
CHR - Extension: Advanced Scientific Calci = C:\Users\Huan\AppData\Local\Google\
Chrome\User Data\Default\Extensions\okoiphachmdeohichmbglbllbhhphhcp\1.7_0\
O1 HOSTS File: ([2014/03/30 08:54:10 | 000,002,628 | ---- | M]) - C:\Windows\Sys
tem32\drivers\etc\hosts
O1 - Hosts: 173.252.100.26 facebook.com
O1 - Hosts: 173.252.100.26 www.facebook.com
O1 - Hosts: 173.252.100.26 www.login.facebook.com
O1 - Hosts: 173.252.100.26 login.facebook.com
O1 - Hosts: 173.252.100.26 apps.facebook.com
O1 - Hosts: 173.252.100.26 graph.facebook.com
O1 - Hosts: 173.252.100.26 register.facebook.com
O1 - Hosts: 173.252.100.26 vi-vn.connect.facebook.com
O1 - Hosts: 173.252.100.26 vi-vn.facebook.com
O1 - Hosts: 173.252.100.26 static.ak.connect.facebook.com
O1 - Hosts: 173.252.100.26 developers.facebook.com
O1 - Hosts: 173.252.100.26 error.facebook.com
O1 - Hosts: 173.252.100.26 channel.facebook.com

O1 - Hosts: 173.252.100.26 register.facebook.com

O1 - Hosts: 173.252.100.26 bigzipfiles.facebook.com
O1 - Hosts: 173.252.100.26 pixel.facebook.com
O1 - Hosts: 173.252.100.26 upload.facebook.com
O1 - Hosts: 173.252.100.26 register.facebook.com
O1 - Hosts: 173.252.100.26 bigzipfiles.facebook.com
O1 - Hosts: 173.252.100.26 pixel.facebook.com
O1 - Hosts: 173.252.100.26 logins.facebook.com
O1 - Hosts: 173.252.100.26 graph.facebook.com
O1 - Hosts: 173.252.100.26 developers.facebook.com
O1 - Hosts: 173.252.100.26 error.facebook.com
O1 - Hosts: 173.252.100.26 register.facebook.com
O1 - Hosts: 25 more lines...
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B4
58C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Dow
nload Manager, Tonec Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
- C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02F
F} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporat
ion)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A
9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {50FC6457-F99A-471B-987A-4E8268A9C1
44} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technolo
gies CZ, s.r.o.)
O4 - HKLM..\Run: [Fences] C:\Program Files\Stardock\Fences\Fences.exe (Stardock
Corporation)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_F1F1587D176A754DDDA7675FFF6B98DC] C:\Pr
ogram Files\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (T
onec Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentProm
ptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentProm
ptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSec
ureDesktop = 0
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Int
ernet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Down
load Manager\IEExt.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:
\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE
0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Cor
poration)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA
} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsof
t Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-E
DE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dl
l (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{072BB2EA-6FB1-4836-9
F24-C608D7D4703E}: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1E17CADC-FFA9-4708-B
F75-1264AD318AE1}: NameServer = 203.113.131.6 203.113.131.2
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\P
rogram Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft
Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\
System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\S
ystem32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value
found.
O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellE
xt - C:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Progra
m Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 04:42:20 | 000,000,024 | ---- | M] () - C:\auto
exec.bat -- [ NTFS ]
O33 - MountPoints2\{1c826f07-36ea-11e3-b0d9-99f54067680a}\Shell - "" = AutoRun
O33 - MountPoints2\{1c826f07-36ea-11e3-b0d9-99f54067680a}\Shell\AutoRun\command
- "" = H:\.\StartModem.exe
O33 - MountPoints2\{b822aa7c-7f33-11e3-85e1-fabdef3d69d7}\Shell - "" = AutoRun
O33 - MountPoints2\{b822aa7c-7f33-11e3-85e1-fabdef3d69d7}\Shell\AutoRun\command
- "" = H:\AutoRun.exe
O33 - MountPoints2\{b822aa93-7f33-11e3-85e1-fabdef3d69d7}\Shell - "" = AutoRun
O33 - MountPoints2\{b822aa93-7f33-11e3-85e1-fabdef3d69d7}\Shell\AutoRun\command
- "" = J:\AutoRun.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/col
or]
[2014/04/13 22:43:19 | 000,000,000 | ---D |
Scan
[2014/04/13 22:43:14 | 000,000,000 | ---D |
[2014/04/13 22:43:12 | 000,000,000 | ---D |
ws\Start Menu\Programs\McAfee Security Scan
[2014/04/13 22:43:11 | 000,000,000 | ---D |
ty Scan
[2014/04/13 17:22:24 | 000,000,000 | ---D |
[2014/04/13 17:20:55 | 000,000,000 | ---D |
ders
[2014/04/13 16:36:37 | 000,000,000 | ---D |
[2014/04/13 13:46:24 | 000,000,000 | ---D |
postureAgent
[2014/04/13 13:46:20 | 000,000,000 | ---D |
[2014/04/13 13:46:15 | 000,000,000 | ---D |
[2014/04/13 13:21:39 | 000,000,000 | ---D |

C] -- C:\ProgramData\McAfee Security
C] -- C:\ProgramData\McAfee
C] -- C:\ProgramData\Microsoft\Windo
Plus
C] -- C:\Program Files\McAfee Securi
C] -- C:\Windows\System32\SPReview
C] -- C:\Windows\System32\EventProvi
C] -- C:\Windows\System32\MRT
C] -- C:\Program Files\Common Files\
C] -- C:\Program Files\Intel
C] -- C:\Intel
C] -- C:\Users\Huan\AppData\Roaming\

Logitech
[2014/04/13 13:19:47 | 000,000,000 | ---D |
ws\Start Menu\Programs\SetPoint
[2014/04/13 13:19:36 | 000,000,000 | ---D |
[2014/04/13 13:19:26 | 000,000,000 | ---D |
Logishrd
[2014/04/13 13:19:22 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:34 | 000,000,000 | ---D |
[2014/04/13 13:14:29 | 000,000,000 | ---D |
ws\Start Menu\Programs\Renesas Electronics
[2014/04/13 13:14:27 | 000,000,000 | ---D |
ronics
[2014/04/13 13:13:25 | 000,000,000 | ---D |
[2014/04/13 10:34:16 | 000,000,000 | ---D |
evatedDiagnostics
[2014/04/13 10:33:52 | 000,000,000 | -HSD |
4F99-B5F4-BED72B2A038C}
[2014/04/13 10:33:28 | 000,000,000 | ---D |
OpenCandy
[2014/04/13 10:33:09 | 000,000,000 | ---D |
rmi
[2014/04/13 07:00:12 | 000,000,000 | ---D |
ws\Start Menu\Programs\Speccy
[2014/04/13 07:00:08 | 000,000,000 | ---D |
[2014/04/12 21:37:07 | 000,000,000 | ---D |
zilla
[2014/04/12 21:36:54 | 000,000,000 | ---D |
[2014/04/12 21:36:53 | 000,000,000 | ---D |
enance Service
[2014/04/12 20:18:44 | 000,000,000 | ---D |
[2014/04/12 10:09:51 | 000,062,008 | ---- |
ws\System32\drivers\shield.sys

C] -- C:\ProgramData\Microsoft\Windo
C] -- C:\ProgramData\Logitech
C] -- C:\Program Files\Common Files\
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]
C]

--------------------------------

C:\Program Files\SetPoint
C:\Windows\System32\2C0A
C:\Windows\System32\0C0A
C:\Windows\System32\0C04
C:\Windows\System32\0816
C:\Windows\System32\0804
C:\Windows\System32\0424
C:\Windows\System32\041F
C:\Windows\System32\041E
C:\Windows\System32\041D
C:\Windows\System32\041B
C:\Windows\System32\0419
C:\Windows\System32\0416
C:\Windows\System32\0415
C:\Windows\System32\0414
C:\Windows\System32\0413
C:\Windows\System32\0412
C:\Windows\System32\0411
C:\Windows\System32\0410
C:\Windows\System32\040E
C:\Windows\System32\040D
C:\Windows\System32\040C
C:\Windows\System32\040B
C:\Windows\System32\040A
C:\Windows\System32\0408
C:\Windows\System32\0407
C:\Windows\System32\0406
C:\Windows\System32\0405
C:\Windows\System32\0404
C:\Windows\System32\0401
C:\ProgramData\Microsoft\Windo

C] -- C:\Program Files\Renesas Elect

C] -- C:\DRIVERS
C] -- C:\Users\Huan\AppData\Local\El
C] -- C:\ProgramData\{FE8D473A-6F06C] -- C:\Users\Huan\AppData\Roaming\
C] -- C:\Users\Huan\AppData\Roaming\
C] -- C:\ProgramData\Microsoft\Windo
C] -- C:\Program Files\Speccy
C] -- C:\Users\Huan\AppData\Local\Mo
C] -- C:\ProgramData\Mozilla
C] -- C:\Program Files\Mozilla Maint
C] -- C:\AdwCleaner
C] (Horizon DataSys Inc) -- C:\Windo

[2014/04/12 10:09:51 | 000,024,632 | ---- | C] (Horizon DataSys Inc) -- C:\Windo

ws\System32\drivers\shieldf.sys
[2014/04/12 10:09:51 | 000,023,608 | ---- | C] (Horizon DataSys Inc) -- C:\Windo
ws\System32\shdsync.exe
[2014/04/12 10:09:51 | 000,023,096 | ---- | C] (Horizon DataSys Inc) -- C:\Windo
ws\System32\drivers\shieldm.sys
[2014/04/12 10:09:51 | 000,021,560 | ---- | C] (Horizon DataSys Inc) -- C:\Windo
ws\System32\drivers\shdbus.sys
[2014/04/12 10:09:51 | 000,000,000 | ---D | C] -- C:\Program Files\Shield
[2014/04/02 20:10:33 | 000,025,328 | ---- | C] (Synaptics Incorporated) -- C:\Wi
ndows\System32\drivers\Smb_driver_Intel.sys
[2014/04/01 20:22:10 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Asha
mpoo
[2014/04/01 10:43:58 | 000,000,000 | ---D | C] -- C:\Users\Huan\Desktop\Images f
or report
[2014/03/31 07:30:23 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014/03/28 12:03:27 | 000,000,000 | ---D | C] -- C:\Users\Huan\Desktop\Anh
[2014/03/28 10:25:05 | 000,000,000 | ---D | C] -- C:\Users\Huan\Desktop\Huan
[2014/03/26 23:11:56 | 000,000,000 | ---D | C] -- C:\Users\Huan\AppData\Roaming\
Design Science
[2014/03/26 23:06:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo
ws\Start Menu\Programs\MathType 6
[2014/03/26 22:40:05 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firef
ox
[2014/03/26 22:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\Aurora
[2014/03/26 21:27:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Ashampoo
[2014/03/26 21:27:13 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2014/03/22 17:10:45 | 000,000,000 | ---D | C] -- C:\Users\Huan\AppData\Roaming\
Microsoft\Windows\Start Menu\Programs\Co Rom+
[2014/03/22 11:39:39 | 000,000,000 | ---D | C] -- C:\Users\Huan\AppData\Roaming\
IDM
[2014/03/22 11:38:10 | 000,000,000 | ---D | C] -- C:\Users\Huan\AppData\Roaming\
Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2014/03/22 11:38:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo
ws\Start Menu\Programs\Internet Download Manager
[2014/03/22 07:33:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\cache
[2014/03/20 19:20:54 | 000,108,000 | ---- | C] (Tonec Inc.) -- C:\Windows\System
32\drivers\idmwfp.sys
[2014/03/20 12:28:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo
ws\Start Menu\Programs\SharePoint
[2014/03/20 12:27:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo
ws\Start Menu\Programs\Microsoft Office
[2014/03/20 12:25:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Syn
chronization Services
[2014/03/20 12:25:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\
DESIGNER
[2014/03/20 12:24:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL
Server Compact Edition
[2014/03/20 12:22:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Vis
ual Studio 8
[2014/03/20 12:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Ana
lysis Services
[2014/03/20 12:16:22 | 000,000,000 | ---D | C] -- C:\Users\Huan\AppData\Local\St
ardock_Corporation
[2014/03/20 12:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Stardock
[2014/03/20 12:14:40 | 000,000,000 | ---D | C] -- C:\Users\Huan\Documents\Stardo
ck
[2014/03/20 12:14:40 | 000,000,000 | ---D | C] -- C:\Users\Huan\AppData\Local\St
ardock
[2014/03/20 12:13:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo

ws\Start Menu\Programs\Stardock
[2014/03/20 12:13:24 | 000,000,000 | ---D | C] -- C:\Program Files\Stardock
[2014/03/20 08:26:35 | 000,000,000 | ---D | C] -- C:\Users\Huan\AppData\Roaming\
Mozilla
[2014/03/19 21:21:00 | 000,000,000 | ---D | C] -- C:\Users\Huan\Desktop\DienDanB
acLieu.Net_hosts
[2014/03/19 21:20:42 | 000,000,000 | ---D | C] -- C:\Downloads
[2014/03/19 20:17:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Free Download M
anager
[2014/03/19 15:26:10 | 000,000,000 | ---D | C] -- C:\Users\Huan\Desktop\VLSI
[2014/03/18 22:33:17 | 000,000,000 | ---D | C] -- C:\MentorGraphics
[2014/03/18 22:10:56 | 000,000,000 | ---D | C] -- C:\Users\Huan\AppData\Roaming\
VideoDrivers
[2014/03/18 22:08:27 | 000,000,000 | ---D | C] -- C:\Users\Huan\Desktop\Modelsim
6.5
[2014/03/17 23:41:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo
ws\Start Menu\Programs\Yahoo! Messenger
[2014/03/17 06:58:02 | 000,000,000 | ---D | C] -- C:\Users\Huan\Desktop\Design o
f a RF CMOS Low Noise Amplifier Nirav Desai - Academia.edu_files
[2014/03/16 19:49:43 | 000,000,000 | R--D | C] -- C:\Users\Huan\Documents\Notes
[2013/11/15 10:48:32 | 001,832,744 | ---- | C] (VNG Corporation) -- C:\Users\Hua
n\AppData\Roaming\Laban.exe
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2014/04/13 23:44:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flas
h Player Updater.job
[2014/04/13 23:41:39 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB
0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/13 23:41:39 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB
0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/13 23:39:13 | 000,660,318 | ---- | M] () -- C:\Windows\System32\perfh00
9.dat
[2014/04/13 23:39:13 | 000,121,214 | ---- | M] () -- C:\Windows\System32\perfc00
9.dat
[2014/04/13 23:34:20 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpda
teTaskMachineCore.job
[2014/04/13 23:34:18 | 000,000,450 | -H-- | M] () -- C:\Windows\tasks\Sk-Enhance
r-S-5902107913.job
[2014/04/13 23:34:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/13 23:33:58 | 1551,253,504 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/13 23:31:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpda
teTaskUserS-1-5-21-155064764-3199124672-448702342-1000UA.job
[2014/04/13 23:27:06 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpda
teTaskMachineUA.job
[2014/04/13 23:25:58 | 159,420,632 | ---- | M] () -- C:\Windows\System32\drivers
\AVG\incavi.avm
[2014/04/13 23:15:01 | 000,000,992 | ---- | M] () -- C:\Windows\tasks\CocCocUpda
teTaskUserS-1-5-21-155064764-3199124672-448702342-1000UA.job
[2014/04/13 22:43:13 | 000,002,072 | ---- | M] () -- C:\ProgramData\Microsoft\Wi
ndows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/04/13 18:07:54 | 000,001,367 | ---- | M] () -- C:\Users\Huan\Application D
ata\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.ln
k
[2014/04/13 18:07:12 | 001,972,496 | ---- | M] () -- C:\Windows\System32\FNTCACH
E.DAT
[2014/04/13 17:31:02 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpda
teTaskUserS-1-5-21-155064764-3199124672-448702342-1000Core.job
[2014/04/13 17:15:03 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\CocCocUpda
teTaskUserS-1-5-21-155064764-3199124672-448702342-1000Core.job

[2014/04/13 17:07:28 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit

.inf
[2014/04/13 15:21:49 | 000,243,516 | ---- | M] () -- C:\Windows\System32\drivers
\AVG\iavichjg.avm
[2014/04/13 12:55:06 | 000,000,854 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/04/12 15:31:42 | 000,002,004 | ---- | M] () -- C:\Users\Public\Desktop\Goo
gle Chrome.lnk
[2014/04/12 10:09:52 | 000,062,008 | ---- | M] (Horizon DataSys Inc) -- C:\Windo
ws\System32\drivers\shield.sys
[2014/04/12 10:09:52 | 000,024,632 | ---- | M] (Horizon DataSys Inc) -- C:\Windo
ws\System32\drivers\shieldf.sys
[2014/04/12 10:09:52 | 000,023,096 | ---- | M] (Horizon DataSys Inc) -- C:\Windo
ws\System32\drivers\shieldm.sys
[2014/04/12 10:09:52 | 000,021,560 | ---- | M] (Horizon DataSys Inc) -- C:\Windo
ws\System32\drivers\shdbus.sys
[2014/04/12 10:09:51 | 000,023,608 | ---- | M] (Horizon DataSys Inc) -- C:\Windo
ws\System32\shdsync.exe
[2014/04/08 20:53:10 | 000,044,184 | ---- | M] () -- C:\Users\Huan\Desktop\Error
Amplifier proposed.PNG
[2014/04/08 16:36:05 | 000,048,047 | ---- | M] () -- C:\Users\Huan\Desktop\Schem
atic.PNG
[2014/04/07 14:13:21 | 000,000,132 | ---- | M] () -- C:\Users\Huan\AppData\Roami
ng\Adobe PNG Format CS6 Prefs
[2014/04/06 22:21:14 | 021,767,910 | ---- | M] () -- C:\Users\Huan\Desktop\[Davi
d_Johns_Ken_Martin]_Analog_Integrated_Circuit(BookFi.org).pdf
[2014/04/04 02:01:31 | 000,789,768 | ---- | M] () -- C:\Users\Huan\Desktop\For a
nd Against (L.G.Alexander).pdf
[2014/04/02 20:09:02 | 000,001,192 | ---- | M] () -- C:\Users\Huan\Desktop\Drive
rMax.lnk
[2014/04/01 12:16:01 | 000,000,094 | ---- | M] () -- C:\Users\Huan\AppData\Roami
ng\TexPoint.ini
[2014/04/01 12:16:01 | 000,000,033 | ---- | M] () -- C:\Users\Huan\AppData\Roami
ng\TexPoint.lic
[2014/03/31 07:30:21 | 197,572,382 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/03/30 08:54:10 | 000,002,628 | ---- | M] () -- C:\Windows\System32\drivers
\etc\hosts
[2014/03/29 20:19:35 | 000,003,492 | ---- | M] () -- C:\Windows\System32\drivers
\etc\hosts.old
[2014/03/26 21:27:28 | 000,000,213 | ---- | M] () -- C:\Users\Public\Desktop\You
r Software Deals.url
[2014/03/26 15:51:34 | 000,000,109 | ---- | M] () -- C:\Users\Huan\Documents\txp
_fig.tex
[2014/03/25 06:19:25 | 000,158,274 | ---- | M] () -- C:\Users\Huan\Desktop\Vietn
am_Economic_Times2009.pdf
[2014/03/24 13:25:26 | 000,004,482 | ---- | M] () -- C:\Users\Huan\AppData\Roami
ng\LTspiceIV.ini
[2014/03/22 17:10:45 | 000,002,374 | ---- | M] () -- C:\Users\Huan\Desktop\Co Ro
m+.lnk
[2014/03/22 11:38:10 | 000,000,979 | ---- | M] () -- C:\Users\Huan\Desktop\Inter
net Download Manager.lnk
[2014/03/22 07:32:46 | 000,042,272 | ---- | M] (AVG Technologies) -- C:\Windows\
System32\drivers\avgtpx86.sys
[2014/03/20 12:41:22 | 000,446,258 | ---- | M] () -- C:\Windows\AutoKMS.exe
[2014/03/17 23:41:38 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Yah
oo! Messenger.lnk
[2014/03/17 23:41:37 | 000,001,129 | ---- | M] () -- C:\Users\Huan\Application D
ata\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2014/03/16 22:04:20 | 000,149,133 | ---- | M] () -- C:\Users\Huan\Desktop\collo
quial and standard diction.PNG

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014/04/13 22:43:13 | 000,002,072 | ---- | C] () -- C:\ProgramData\Microsoft\Wi
ndows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/04/13 17:07:28 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit
.inf
[2014/04/13 11:53:22 | 000,000,854 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/04/12 21:36:58 | 000,001,077 | ---- | C] () -- C:\ProgramData\Microsoft\Wi
ndows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/04/08 20:53:09 | 000,044,184 | ---- | C] () -- C:\Users\Huan\Desktop\Error
Amplifier proposed.PNG
[2014/04/08 16:36:05 | 000,048,047 | ---- | C] () -- C:\Users\Huan\Desktop\Schem
atic.PNG
[2014/04/06 21:47:43 | 021,767,910 | ---- | C] () -- C:\Users\Huan\Desktop\[Davi
d_Johns_Ken_Martin]_Analog_Integrated_Circuit(BookFi.org).pdf
[2014/04/04 02:01:33 | 000,789,768 | ---- | C] () -- C:\Users\Huan\Desktop\For a
nd Against (L.G.Alexander).pdf
[2014/03/31 07:30:21 | 197,572,382 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/03/26 22:32:31 | 000,000,094 | ---- | C] () -- C:\Users\Huan\AppData\Roami
ng\TexPoint.ini
[2014/03/26 22:32:31 | 000,000,033 | ---- | C] () -- C:\Users\Huan\AppData\Roami
ng\TexPoint.lic
[2014/03/26 21:27:28 | 000,000,213 | ---- | C] () -- C:\Users\Public\Desktop\You
r Software Deals.url
[2014/03/26 15:51:01 | 000,000,109 | ---- | C] () -- C:\Users\Huan\Documents\txp
_fig.tex
[2014/03/25 06:19:19 | 000,158,274 | ---- | C] () -- C:\Users\Huan\Desktop\Vietn
am_Economic_Times2009.pdf
[2014/03/22 17:10:45 | 000,002,374 | ---- | C] () -- C:\Users\Huan\Desktop\Co Ro
m+.lnk
[2014/03/22 17:10:07 | 000,000,992 | ---- | C] () -- C:\Windows\tasks\CocCocUpda
teTaskUserS-1-5-21-155064764-3199124672-448702342-1000UA.job
[2014/03/22 17:10:06 | 000,000,940 | ---- | C] () -- C:\Windows\tasks\CocCocUpda
teTaskUserS-1-5-21-155064764-3199124672-448702342-1000Core.job
[2014/03/22 11:38:10 | 000,000,979 | ---- | C] () -- C:\Users\Huan\Desktop\Inter
net Download Manager.lnk
[2014/03/20 12:38:08 | 000,446,258 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2014/03/17 23:41:38 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Yah
oo! Messenger.lnk
[2014/03/17 23:41:37 | 000,001,129 | ---- | C] () -- C:\Users\Huan\Application D
ata\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2014/03/16 22:04:20 | 000,149,133 | ---- | C] () -- C:\Users\Huan\Desktop\collo
quial and standard diction.PNG
[2014/02/06 14:29:53 | 000,000,132 | ---- | C] () -- C:\Users\Huan\AppData\Roami
ng\Adobe PNG Format CS6 Prefs
[2013/12/15 18:50:15 | 000,000,016 | -H-- | C] () -- C:\Users\Huan\1HmOlao4361
[2013/12/15 18:49:38 | 000,000,429 | ---- | C] () -- C:\Users\Huan\quartus2.ini
[2013/11/19 15:06:45 | 000,216,064 | ---- | C] () -- C:\Windows\System32\gcapi_d
ll.dll
[2013/10/31 22:34:48 | 000,000,363 | ---- | C] () -- C:\Users\Huan\AppData\Roami
ng\Solve Elec 2.5 Prefs
[2013/10/28 23:08:08 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsv
l.dat
[2013/10/28 23:08:08 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsv
a.dat
[2013/10/28 23:08:04 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipbla
g.dat
[2013/10/28 23:07:56 | 000,618,823 | ---- | C] () -- C:\Windows\System32\atiicdx
x.dat
[2013/10/20 13:01:03 | 000,274,061 | ---- | C] () -- C:\Windows\System32\drivers

\RTAIODAT.DAT
[2013/10/19 20:26:42
ng\LTspiceIV.ini
[2013/10/18 21:50:14
per.exe
[2013/10/18 21:48:22
mUi.exe
[2013/10/18 01:48:47
[2013/08/05 22:00:26
g

| 000,004,482 | ---- | C] () -- C:\Users\Huan\AppData\Roami

| 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHel
| 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBr
| 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
| 000,024,036 | ---- | C] () -- C:\Users\Huan\SDActivate.ln

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 11:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop
.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}
\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}
\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1
}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 11:41:00 | 012,873,728 | --- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F
}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:19:02 | 000,606,2
08 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1
}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 08:16:17 | 000,342,52
8 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[color=#E56717]========== LOP Check ==========[/color]
[2013/10/17 12:07:08
AVG10
[2013/11/21 16:40:46
Azureus
[2014/02/09 16:45:58
CocCoc
[2014/03/26 23:11:56
Design Science
[2014/04/13 23:32:50
DMCache
[2014/03/08 21:22:13
Foxit Software
[2014/03/24 12:44:00
IDM
[2013/10/23 20:45:30
National Instruments
[2014/04/13 10:33:28
OpenCandy

| 000,000,000 | ---D | M] -- C:\Users\Huan\AppData\Roaming\

| 000,000,000 | ---D | M] -- C:\Users\Huan\AppData\Roaming\
| 000,000,000 | ---D | M] -- C:\Users\Huan\AppData\Roaming\
| 000,000,000 | ---D | M] -- C:\Users\Huan\AppData\Roaming\
| 000,000,000 | ---D | M] -- C:\Users\Huan\AppData\Roaming\
| 000,000,000 | ---D | M] -- C:\Users\Huan\AppData\Roaming\
| 000,000,000 | ---D | M] -- C:\Users\Huan\AppData\Roaming\
| 000,000,000 | ---D | M] -- C:\Users\Huan\AppData\Roaming\
| 000,000,000 | ---D | M] -- C:\Users\Huan\AppData\Roaming\

[2014/04/13 10:33:29
rmi
[2014/02/05 21:18:11
Software Informer
[2014/03/20 12:14:42
Stardock
[2013/11/09 10:44:05
TeraCopy
[2014/03/18 22:10:56
VideoDrivers
[2014/01/06 23:46:14
xm1

| 000,000,000 | ---D | M] -- C:\Users\Huan\AppData\Roaming\

[color=#E56717]========== Purity Check ==========[/color]

[color=#E56717]========== Files - Unicode (All) ==========[/color]

[2014/03/28 10:16:47 | 002,187,328 | ---- | M] ()(C:\Users\Huan\Desktop\SVTN-Bo co
th?c t?p t?t nghi?p-Huan.docx) -- C:\Users\Huan\Desktop\SVTN-Bo co thc tp tt nghip-Hu
an.docx
[2014/03/27 08:38:02 | 002,187,328 | ---- | C] ()(C:\Users\Huan\Desktop\SVTN-Bo co
th?c t?p t?t nghi?p-Huan.docx) -- C:\Users\Huan\Desktop\SVTN-Bo co thc tp tt nghip-Hu
an.docx
[2014/03/27 07:20:45 | 000,585,036 | ---- | M] ()(C:\Users\Huan\Desktop\L?I NI ?U
(Repaired).docx) -- C:\Users\Huan\Desktop\LI NI U (Repaired).docx
[2014/03/27 04:30:55 | 000,585,036 | ---- | C] ()(C:\Users\Huan\Desktop\L?I NI ?U
(Repaired).docx) -- C:\Users\Huan\Desktop\LI NI U (Repaired).docx
[2014/03/27 01:01:23 | 000,510,973 | ---- | M] ()(C:\Users\Huan\Desktop\L?I NI ?U.
docx) -- C:\Users\Huan\Desktop\LI NI U.docx
[2014/03/23 16:10:46 | 000,510,973 | ---- | C] ()(C:\Users\Huan\Desktop\L?I NI ?U.
docx) -- C:\Users\Huan\Desktop\LI NI U.docx
[2014/03/23 13:38:25 | 002,325,926 | ---- | C] ()(C:\Users\Huan\Desktop\SVTN-Bo co
th?c .docx) -- C:\Users\Huan\Desktop\SVTN-Bo co thc .docx
[2014/03/23 13:31:42 | 002,325,926 | ---- | M] ()(C:\Users\Huan\Desktop\SVTN-Bo co
th?c .docx) -- C:\Users\Huan\Desktop\SVTN-Bo co thc .docx
[2014/02/02 13:11:10 | 000,145,902 | ---- | M] ()(C:\Users\Huan\Documents\Mau do
n xin c?p HB VietHope.pdf) -- C:\Users\Huan\Documents\Mau don xin cp HB VietHope.
pdf
[2014/02/02 13:11:08 | 000,145,902 | ---- | C] ()(C:\Users\Huan\Documents\Mau do
n xin c?p HB VietHope.pdf) -- C:\Users\Huan\Documents\Mau don xin cp HB VietHope.
pdf
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:07F6D9E4
< End of report >

C# for Beginners: Learn in 24 Hours
From Everand
C# for Beginners: Learn in 24 Hours
Alex Nordeen
No ratings yet
Otl
No ratings yet
Otl
49 pages
OTL
No ratings yet
OTL
27 pages
OTL
No ratings yet
OTL
44 pages
Otl
No ratings yet
Otl
16 pages
Otl
No ratings yet
Otl
22 pages
OTL
No ratings yet
OTL
19 pages
Otl
No ratings yet
Otl
18 pages
At Destroyer
No ratings yet
At Destroyer
6 pages
At Destroyer
No ratings yet
At Destroyer
5 pages
Extras
No ratings yet
Extras
8 pages
2 Dynamika
No ratings yet
2 Dynamika
785 pages
Fraglist
No ratings yet
Fraglist
194 pages
UsbFix Report
No ratings yet
UsbFix Report
194 pages
Bug Report
No ratings yet
Bug Report
31 pages
UsbFix Report
No ratings yet
UsbFix Report
9 pages
Bug Report
No ratings yet
Bug Report
8 pages
UsbFix Report
No ratings yet
UsbFix Report
3 pages
Combo Fix
No ratings yet
Combo Fix
4 pages
Exe
No ratings yet
Exe
11 pages
Information
No ratings yet
Information
7 pages
Bug Report 21
No ratings yet
Bug Report 21
5 pages
Bug Report
No ratings yet
Bug Report
9 pages
Tmlog
No ratings yet
Tmlog
12 pages
Combo Fix
No ratings yet
Combo Fix
32 pages
UsbFix Report
No ratings yet
UsbFix Report
6 pages
Extras
No ratings yet
Extras
9 pages
Tmlog
No ratings yet
Tmlog
13 pages
Files
No ratings yet
Files
17 pages
Zadia
No ratings yet
Zadia
55 pages
Winxpsp2 Support Tools
No ratings yet
Winxpsp2 Support Tools
3 pages
Imagen
No ratings yet
Imagen
506 pages
SpybotSD Results
No ratings yet
SpybotSD Results
103 pages
Start Up List
No ratings yet
Start Up List
3 pages
Mtputty - Copie
No ratings yet
Mtputty - Copie
66 pages
Combo Fix
No ratings yet
Combo Fix
4 pages
UsbFix Report
No ratings yet
UsbFix Report
8 pages
Bug Report
No ratings yet
Bug Report
7 pages
UsbFix Report
No ratings yet
UsbFix Report
3 pages
Lista Pastas Windows
No ratings yet
Lista Pastas Windows
3 pages
UsbFix Report
No ratings yet
UsbFix Report
6 pages
Handle
No ratings yet
Handle
24 pages
FreeDVDDecrypter Setup
No ratings yet
FreeDVDDecrypter Setup
6 pages
Information
No ratings yet
Information
5 pages
SDFGG DFG FGFG
No ratings yet
SDFGG DFG FGFG
47 pages
Combo Fix
No ratings yet
Combo Fix
7 pages
ZHP Diag
No ratings yet
ZHP Diag
41 pages
Bug Report
No ratings yet
Bug Report
7 pages
Dog Wif Tools
No ratings yet
Dog Wif Tools
202 pages
UsbFix Report
No ratings yet
UsbFix Report
4 pages
UsbFix Report 04
No ratings yet
UsbFix Report 04
4 pages
AdwCleaner (S1)
No ratings yet
AdwCleaner (S1)
4 pages
UsbFix Report 05
No ratings yet
UsbFix Report 05
4 pages
AdwCleaner (S03)
No ratings yet
AdwCleaner (S03)
3 pages
DLL
No ratings yet
DLL
35 pages
UsbFix Report
No ratings yet
UsbFix Report
8 pages
LinError 110628 2011 06 29 12 44
No ratings yet
LinError 110628 2011 06 29 12 44
4 pages
PC Essentials | Learn Basic Computing
From Everand
PC Essentials | Learn Basic Computing
Nolo Nob
No ratings yet
Exam MD-102: Endpoint Administrator Exam Preparation
From Everand
Exam MD-102: Endpoint Administrator Exam Preparation
Georgio Daccache
No ratings yet
Evaluation of Some Android Emulators and Installation of Android OS on Virtualbox and VMware
From Everand
Evaluation of Some Android Emulators and Installation of Android OS on Virtualbox and VMware
Dr. Hidaia Mahmood Alassouli
No ratings yet
May Bodo Ridley
No ratings yet
May Bodo Ridley
4 pages
Footprint
No ratings yet
Footprint
2 pages
Trans Analysis1
No ratings yet
Trans Analysis1
39 pages
Thieu Nang
No ratings yet
Thieu Nang
18 pages
Ele804 Lab Manual Lna
100% (1)
Ele804 Lab Manual Lna
58 pages
Vietnam Economic Times
No ratings yet
Vietnam Economic Times
1 page
Analysis and Design of The Microstrip Matching For Doherty Amplifier
No ratings yet
Analysis and Design of The Microstrip Matching For Doherty Amplifier
3 pages
MIT6 441S10 Lec07a
No ratings yet
MIT6 441S10 Lec07a
7 pages
Part Chapter5 Low Noise Amplifiers
No ratings yet
Part Chapter5 Low Noise Amplifiers
44 pages

Otl

Uploaded by

Otl

Uploaded by

OTL logfile created on: 4/13/2014 11:39:28 PM - Run 1

OTL by OldTimer - Version 3.2.69.0

PRC - [2011/03/16 16:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o

[color=#E56717]========== Services (SafeList) ==========[/color]

| Stopped] -- C:\Program Files\Shield\ShdServ.exe -- (ShdServ)

| On_Demand | Stopped] -- system32\DRIVERS\vmnetada

ystem | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (

FF - user.js - File not found

[2014/04/12 21:37:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Huan\

O1 - Hosts: 173.252.100.26 register.facebook.com

C] -- C:\Program Files\Renesas Elect

[2014/04/12 10:09:51 | 000,024,632 | ---- | C] (Horizon DataSys Inc) -- C:\Windo

[2014/04/13 17:07:28 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit

[color=#E56717]========== Files Created - No Company Name ==========[/color]

| 000,004,482 | ---- | C] () -- C:\Users\Huan\AppData\Roami

[color=#E56717]========== ZeroAccess Check ==========[/color]

| 000,000,000 | ---D | M] -- C:\Users\Huan\AppData\Roaming\

| 000,000,000 | ---D | M] -- C:\Users\Huan\AppData\Roaming\

[color=#E56717]========== Purity Check ==========[/color]

[color=#E56717]========== Files - Unicode (All) ==========[/color]

You might also like