Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Below are some file operations that were done during the monitoring process.
- Review them carefully and check for suspicious files.
- C:\Users\Iuli\ntuser.dat.LOG1
- was modified.
- C:\Users\Iuli\ntuser.dat
- was modified.
- C:\Users\Iuli\ntuser.dat
- was modified.
- C:\Users\Iuli\ntuser.dat
- was modified.
- C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf
- was modified.
- C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf
- was modified.
- C:\ProgramData\Kaspersky Lab\AVP12\SysWHist\amlogs\620
- was removed.
- C:\Users\Iuli\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1
- was modified.
- C:\Users\Iuli\AppData\Local\Microsoft\Windows\UsrClass.dat
- was modified.
- C:\Users\Iuli\AppData\Local\Microsoft\Windows\UsrClass.dat
- was modified.
- C:\Users\Iuli\AppData\Local\Microsoft\Windows\UsrClass.dat
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- E:\pnp\mirc.ini
- was modified.
- C:\Users\Iuli\ntuser.dat.LOG1
- was modified.
- C:\Users\Iuli\ntuser.dat
- was modified.
- C:\Users\Iuli\ntuser.dat
- was modified.
- C:\Users\Iuli\ntuser.dat
- was modified.
- E:\pnp\CONFIG\default\CONFIG.INI
- was modified.
- E:\pnp\CONFIG\default\srv.rct
- was modified.
- E:\pnp\CONFIG\default\srv.rct
- was modified.
- E:\pnp\mirc.ini
- was modified.
- E:\pnp\mirc.ini
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\topic.lis
- was modified.
- E:\pnp\CONFIG\default\topic.lis
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\topic.lis
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\topic.lis
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\topic.lis
- was modified.
- E:\pnp\CONFIG\default\topic.lis
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\topic.lis
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\topic.lis
- was modified.
- E:\pnp\CONFIG\default\topic.lis
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\topic.lis
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\topic.lis
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\topic.lis
- was modified.
- E:\pnp\CONFIG\default\chan.rct
- was modified.
- E:\pnp\CONFIG\default\topic.lis
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Users\Iuli\ntuser.dat.LOG1
- was modified.
- C:\Users\Iuli\ntuser.dat
- was modified.
- C:\Users\Iuli\ntuser.dat
- was modified.
- C:\Users\Iuli\ntuser.dat
- was modified.
- C:\Windows\Temp\PR17B5.tmp
- was created.
- C:\Windows\Temp\PR17B5.tmp
- was modified.
- C:\Users\Iuli\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1
- was modified.
- C:\Users\Iuli\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1
- was modified.
- C:\Users\Iuli\AppData\Local\Microsoft\Windows\UsrClass.dat
- was modified.
- C:\Users\Iuli\AppData\Local\Microsoft\Windows\UsrClass.dat
- was modified.
- C:\Users\Iuli\AppData\Local\Microsoft\Windows\UsrClass.dat
- was modified.
- C:\Users\Iuli\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Users\Iuli\AppData\Local\AOL\UserProfiles\1319467748\iuli\metrics\cmls_ms.tlv.tmp
- was created.
- C:\Users\Iuli\AppData\Local\AOL\UserProfiles\1319467748\iuli\metrics
- was modified.
- C:\Users\Iuli\ntuser.dat.LOG1
- was modified.
- C:\Users\Iuli\ntuser.dat
- was modified.
- C:\Users\Iuli\ntuser.dat
- was modified.
- C:\Users\Iuli\ntuser.dat
- was modified.
- C:\Windows\Temp\PRF69A.tmp
- was removed.
- C:\Windows\Temp
- was modified.
- C:\Windows\Temp
- was modified.
- C:\Windows\Temp\PR622D.tmp
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Users\Iuli\AppData\Local\Mozilla\Firefox\Profiles\7e1f4kuy.default\urlclassifier3.sqlite-journal
- was created.
- C:\Users\Iuli\AppData\Local\Mozilla\Firefox\Profiles\7e1f4kuy.default
- was modified.
- C:\Users\Iuli\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\XS4ZVC2GJQAE3WKE7G5A.temp
- was created.
- C:\Users\Iuli\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations
- was modified.
- C:\Users\Iuli\AppData\Local\Mozilla\Firefox\Profiles\7e1f4kuy.default\urlclassifier3.sqlite-journal
- was removed.
- C:\Users\Iuli\AppData\Local\Mozilla\Firefox\Profiles\7e1f4kuy.default\urlclassifier.pset
- was modified.
- C:\Users\Iuli\AppData\Local\Mozilla\Firefox\Profiles\7e1f4kuy.default
- was modified.
- C:\Users\Iuli\AppData\Local\Mozilla\Firefox\Profiles\7e1f4kuy.default\urlclassifier3.sqlite
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\Temp\PRBC5E.tmp
- was created.
- C:\Windows\Temp\PRBC5E.tmp
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\Temp\PRBC5E.tmp
- was removed.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\Temp
- was modified.
- C:\Windows\Temp\PR9C4.tmp
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\Temp\PR9C4.tmp
- was removed.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\Temp
- was modified.
- C:\Windows\Temp\PR59E7.tmp
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\Temp\PR59E7.tmp
- was removed.
- C:\Windows\Temp\PR17B5.tmp
- was removed.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Users\Iuli\ntuser.dat.LOG1
- was modified.
- C:\Users\Iuli\ntuser.dat
- was modified.
- C:\Users\Iuli\ntuser.dat
- was modified.
- C:\Users\Iuli\ntuser.dat
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Users\Iuli\AppData\Local\AOL\UserProfiles\1319467748\iuli\metrics\cmls_ms.tlv.tmp
- was created.
- C:\Users\Iuli\AppData\Local\AOL\UserProfiles\1319467748\iuli\metrics
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Users\Iuli\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\WX2F9QWX5YPG31SQ67AV.temp
- was created.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\Temp
- was modified.
- C:\ProgramData\Kaspersky Lab\AVP12\SysWHist\amlogs\622
- was created.
- C:\ProgramData\Kaspersky Lab\AVP12\SysWHist\amlogs
- was modified.
- C:\Windows\rescache\rc0004\ResCache.hit
- was modified.
- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- was modified.
- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- was modified.
- C:\ProgramData\Kaspersky Lab\AVP12\SysWHist\amlogs\623
- was created.
- C:\ProgramData\Kaspersky Lab\AVP12\SysWHist\amlogs
- was modified.
- C:\Windows\Prefetch\GOOGLEUPDATE.EXE-B95715F5.pf
- was modified.
- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- was modified.
- C:\ProgramData\Kaspersky Lab\AVP12\SysWHist\amlogs\623
- was removed.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SOFTWARE.LOG1
- was modified.
- C:\Windows\System32\config\software
- was modified.
- C:\Windows\System32\config\software
- was modified.
- C:\Windows\System32\config\software
- was modified.
- C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf
- was modified.
- C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\Temp\PR8809.tmp
- was created.
- C:\Windows\Temp\PR8809.tmp
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Users\Iuli\AppData\Local\AOL\UserProfiles\1319467748\iuli\metrics\cmls_ms.tlv.tmp
- was created.
- C:\Users\Iuli\AppData\Local\AOL\UserProfiles\1319467748\iuli\metrics
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Users\Iuli\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\Q632YG2HMH0GY6NUPWG5.temp
- was created.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\ProgramData\Kaspersky Lab\AVP12\Data\profiles.xml.tmp
- was created.
- C:\ProgramData\Kaspersky Lab\AVP12\Data
- was modified.
- C:\ProgramData\Kaspersky Lab\AVP12\Data\profiles.xml.tmp
- was modified.
- C:\ProgramData\Kaspersky Lab\AVP12\Data\profiles.xml.tmp
- was removed.
- C:\ProgramData\Kaspersky Lab\AVP12\Data
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Users\Iuli\AppData\Local\AOL\UserProfiles\1319467748\iuli\metrics\cmls_ms.tlv.tmp
- was created.
- C:\Users\Iuli\AppData\Local\AOL\UserProfiles\1319467748\iuli\metrics
- was modified.
- C:\Users\Iuli\AppData\Local\AOL\UserProfiles\1319467748\iuli\metrics
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\ProgramData\Kaspersky Lab\AVP12\Report\g_objdt.dat
- was modified.
- C:\ProgramData\Kaspersky Lab\AVP12\Report\05\00000003_objid.dat
- was modified.
- C:\ProgramData\Kaspersky Lab\AVP12\Report\05\00000003_objdt.dat
- was modified.
- C:\ProgramData\Kaspersky Lab\AVP12\Report\02\0000000F_objbt.dat
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\ProgramData\Kaspersky Lab\AVP12\Report\0C\00000001_objid.dat
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\ProgramData\Kaspersky Lab\AVP12\SysWHist\bsslogs
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\Temp\PRE066.tmp
- was created.
- C:\Windows\Temp\PRE066.tmp
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Users\Iuli\AppData\Local\AOL\UserProfiles\1319467748\iuli\metrics\cmls_ms.tlv.tmp
- was created.
- C:\Users\Iuli\AppData\Local\AOL\UserProfiles\1319467748\iuli\metrics
- was modified.
- C:\Windows\System32\config\SYSTEM.LOG1
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
- C:\Windows\System32\config\system
- was modified.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement