Below are some file operations that were done during the monitoring process.
Review them carefully and check for suspicious files.
C:\Users\Iuli\ntuser.dat.LOG1
was modified.
C:\Users\Iuli\ntuser.dat
was modified.
C:\Users\Iuli\ntuser.dat
was modified.
C:\Users\Iuli\ntuser.dat
was modified.
C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf
was modified.
C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf
was modified.
C:\ProgramData\Kaspersky Lab\AVP12\SysWHist\amlogs\620
was removed.
C:\Users\Iuli\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1
was modified.
C:\Users\Iuli\AppData\Local\Microsoft\Windows\UsrClass.dat
was modified.
C:\Users\Iuli\AppData\Local\Microsoft\Windows\UsrClass.dat
was modified.
C:\Users\Iuli\AppData\Local\Microsoft\Windows\UsrClass.dat
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
E:\pnp\mirc.ini
was modified.
C:\Users\Iuli\ntuser.dat.LOG1
was modified.
C:\Users\Iuli\ntuser.dat
was modified.
C:\Users\Iuli\ntuser.dat
was modified.
C:\Users\Iuli\ntuser.dat
was modified.
E:\pnp\CONFIG\default\CONFIG.INI
was modified.
E:\pnp\CONFIG\default\srv.rct
was modified.
E:\pnp\CONFIG\default\srv.rct
was modified.
E:\pnp\mirc.ini
was modified.
E:\pnp\mirc.ini
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\topic.lis
was modified.
E:\pnp\CONFIG\default\topic.lis
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\topic.lis
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\topic.lis
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\topic.lis
was modified.
E:\pnp\CONFIG\default\topic.lis
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\topic.lis
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\topic.lis
was modified.
E:\pnp\CONFIG\default\topic.lis
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\topic.lis
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\topic.lis
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\topic.lis
was modified.
E:\pnp\CONFIG\default\chan.rct
was modified.
E:\pnp\CONFIG\default\topic.lis
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Users\Iuli\ntuser.dat.LOG1
was modified.
C:\Users\Iuli\ntuser.dat
was modified.
C:\Users\Iuli\ntuser.dat
was modified.
C:\Users\Iuli\ntuser.dat
was modified.
C:\Windows\Temp\PR17B5.tmp
was created.
C:\Windows\Temp\PR17B5.tmp
was modified.
C:\Users\Iuli\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1
was modified.
C:\Users\Iuli\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1
was modified.
C:\Users\Iuli\AppData\Local\Microsoft\Windows\UsrClass.dat
was modified.
C:\Users\Iuli\AppData\Local\Microsoft\Windows\UsrClass.dat
was modified.
C:\Users\Iuli\AppData\Local\Microsoft\Windows\UsrClass.dat
was modified.
C:\Users\Iuli\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Users\Iuli\AppData\Local\AOL\UserProfiles\1319467748\iuli\metrics\cmls_ms.tlv.tmp
was created.
C:\Users\Iuli\AppData\Local\AOL\UserProfiles\1319467748\iuli\metrics
was modified.
C:\Users\Iuli\ntuser.dat.LOG1
was modified.
C:\Users\Iuli\ntuser.dat
was modified.
C:\Users\Iuli\ntuser.dat
was modified.
C:\Users\Iuli\ntuser.dat
was modified.
C:\Windows\Temp\PRF69A.tmp
was removed.
C:\Windows\Temp
was modified.
C:\Windows\Temp
was modified.
C:\Windows\Temp\PR622D.tmp
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Users\Iuli\AppData\Local\Mozilla\Firefox\Profiles\7e1f4kuy.default\urlclassifier3.sqlite-journal
was created.
C:\Users\Iuli\AppData\Local\Mozilla\Firefox\Profiles\7e1f4kuy.default
was modified.
C:\Users\Iuli\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\XS4ZVC2GJQAE3WKE7G5A.temp
was created.
C:\Users\Iuli\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations
was modified.
C:\Users\Iuli\AppData\Local\Mozilla\Firefox\Profiles\7e1f4kuy.default\urlclassifier3.sqlite-journal
was removed.
C:\Users\Iuli\AppData\Local\Mozilla\Firefox\Profiles\7e1f4kuy.default\urlclassifier.pset
was modified.
C:\Users\Iuli\AppData\Local\Mozilla\Firefox\Profiles\7e1f4kuy.default
was modified.
C:\Users\Iuli\AppData\Local\Mozilla\Firefox\Profiles\7e1f4kuy.default\urlclassifier3.sqlite
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\Temp\PRBC5E.tmp
was created.
C:\Windows\Temp\PRBC5E.tmp
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\Temp\PRBC5E.tmp
was removed.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\Temp
was modified.
C:\Windows\Temp\PR9C4.tmp
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\Temp\PR9C4.tmp
was removed.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\Temp
was modified.
C:\Windows\Temp\PR59E7.tmp
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\Temp\PR59E7.tmp
was removed.
C:\Windows\Temp\PR17B5.tmp
was removed.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Users\Iuli\ntuser.dat.LOG1
was modified.
C:\Users\Iuli\ntuser.dat
was modified.
C:\Users\Iuli\ntuser.dat
was modified.
C:\Users\Iuli\ntuser.dat
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Users\Iuli\AppData\Local\AOL\UserProfiles\1319467748\iuli\metrics\cmls_ms.tlv.tmp
was created.
C:\Users\Iuli\AppData\Local\AOL\UserProfiles\1319467748\iuli\metrics
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Users\Iuli\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\WX2F9QWX5YPG31SQ67AV.temp
was created.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\Temp
was modified.
C:\ProgramData\Kaspersky Lab\AVP12\SysWHist\amlogs\622
was created.
C:\ProgramData\Kaspersky Lab\AVP12\SysWHist\amlogs
was modified.
C:\Windows\rescache\rc0004\ResCache.hit
was modified.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
was modified.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
was modified.
C:\ProgramData\Kaspersky Lab\AVP12\SysWHist\amlogs\623
was created.
C:\ProgramData\Kaspersky Lab\AVP12\SysWHist\amlogs
was modified.
C:\Windows\Prefetch\GOOGLEUPDATE.EXE-B95715F5.pf
was modified.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
was modified.
C:\ProgramData\Kaspersky Lab\AVP12\SysWHist\amlogs\623
was removed.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SOFTWARE.LOG1
was modified.
C:\Windows\System32\config\software
was modified.
C:\Windows\System32\config\software
was modified.
C:\Windows\System32\config\software
was modified.
C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf
was modified.
C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\Temp\PR8809.tmp
was created.
C:\Windows\Temp\PR8809.tmp
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Users\Iuli\AppData\Local\AOL\UserProfiles\1319467748\iuli\metrics\cmls_ms.tlv.tmp
was created.
C:\Users\Iuli\AppData\Local\AOL\UserProfiles\1319467748\iuli\metrics
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Users\Iuli\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\Q632YG2HMH0GY6NUPWG5.temp
was created.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\ProgramData\Kaspersky Lab\AVP12\Data\profiles.xml.tmp
was created.
C:\ProgramData\Kaspersky Lab\AVP12\Data
was modified.
C:\ProgramData\Kaspersky Lab\AVP12\Data\profiles.xml.tmp
was modified.
C:\ProgramData\Kaspersky Lab\AVP12\Data\profiles.xml.tmp
was removed.
C:\ProgramData\Kaspersky Lab\AVP12\Data
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Users\Iuli\AppData\Local\AOL\UserProfiles\1319467748\iuli\metrics\cmls_ms.tlv.tmp
was created.
C:\Users\Iuli\AppData\Local\AOL\UserProfiles\1319467748\iuli\metrics
was modified.
C:\Users\Iuli\AppData\Local\AOL\UserProfiles\1319467748\iuli\metrics
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\ProgramData\Kaspersky Lab\AVP12\Report\g_objdt.dat
was modified.
C:\ProgramData\Kaspersky Lab\AVP12\Report\05\00000003_objid.dat
was modified.
C:\ProgramData\Kaspersky Lab\AVP12\Report\05\00000003_objdt.dat
was modified.
C:\ProgramData\Kaspersky Lab\AVP12\Report\02\0000000F_objbt.dat
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\ProgramData\Kaspersky Lab\AVP12\Report\0C\00000001_objid.dat
was modified.
C:\Windows\System32\config\system
was modified.
C:\ProgramData\Kaspersky Lab\AVP12\SysWHist\bsslogs
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\Temp\PRE066.tmp
was created.
C:\Windows\Temp\PRE066.tmp
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Users\Iuli\AppData\Local\AOL\UserProfiles\1319467748\iuli\metrics\cmls_ms.tlv.tmp
was created.
C:\Users\Iuli\AppData\Local\AOL\UserProfiles\1319467748\iuli\metrics
was modified.
C:\Windows\System32\config\SYSTEM.LOG1
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.
C:\Windows\System32\config\system
was modified.