OTL logfile created on: 9/20/2012 8:57:51 AM - Run 1
OTL by OldTimer - Version 3.2.59.0     Folder = C:\Users\vinod\Downloads
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.00 Gb Total Physical Memory | 1.77 Gb Available Physical Memory | 59.01% Memory free
6.00 Gb Paging File | 4.63 Gb Available in Paging File | 77.13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97.66 Gb Total Space | 53.04 Gb Free Space | 54.31% Space Free | Partition Type: NTFS
Drive D: | 41.47 Gb Total Space | 38.40 Gb Free Space | 92.60% Space Free | Partition Type: NTFS
Drive E: | 44.92 Gb Total Space | 39.67 Gb Free Space | 88.32% Space Free | Partition Type: NTFS
Drive F: | 48.73 Gb Total Space | 32.49 Gb Free Space | 66.67% Space Free | Partition Type: NTFS
 
Computer Name: VINOD-PC | User Name: vinod | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\vinod\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe ()
PRC - C:\Program Files\AVG Secure Search\vprot.exe ()
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
PRC - C:\Program Files\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
PRC - C:\Users\vinod\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe (Google)
PRC - C:\Program Files\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\KeyScrambler\KeyScrambler.exe (QFX Software Corporation)
PRC - C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.)
PRC - C:\Program Files\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
PRC - C:\Windows\System32\vmnat.exe (VMware, Inc.)
PRC - C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe ()
PRC - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
PRC - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
PRC - C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\SiteSafety.dll ()
MOD - C:\Program Files\AVG Secure Search\vprot.exe ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
MOD - C:\Program Files\Notepad++\NppShell_05.dll ()
MOD - C:\Program Files\DriveHQ\DriveHQ FileManager\ShellMenu.dll ()
MOD - C:\Program Files\Ace Utilities\wipext.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll ()
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe File not found
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (vToolbarUpdater12.2.0) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SbieSvc) -- C:\Program Files\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Autodesk Licensing Service) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (TeamViewer7) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (avgfws) -- C:\Program Files\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)
SRV - (CGVPNCliSrvc) -- C:\Program Files\CyberGhost VPN\CGVPNCliService.exe (mobile concepts GmbH)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (VMnetDHCP) -- C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMware NAT Service) -- C:\Windows\System32\vmnat.exe (VMware, Inc.)
SRV - (VMwareHostd) -- C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe ()
SRV - (VMAuthdService) -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
SRV - (VMUSBArbService) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
SRV - (AffinegyService) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
SRV - (rpcapd) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (aswMBR) -- C:\Users\vinod\AppData\Local\Temp\aswMBR.sys File not found
DRV - (avgtp) -- C:\Windows\System32\drivers\avgtpx86.sys (AVG Technologies)
DRV - (SbieDrv) -- C:\Program Files\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (HssDRV6) -- C:\Windows\System32\drivers\hssdrv6.sys (AnchorFree Inc.)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o. )
DRV - (mcaudrv_simple) -- C:\Windows\System32\drivers\mcaudrv.sys (ManyCam LLC)
DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (ManyCam) -- C:\Windows\System32\drivers\mcvidrv.sys (ManyCam LLC)
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSFilter) -- C:\Windows\System32\drivers\avgidsfilterx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o. )
DRV - (KeyScramblerDrv) -- C:\Windows\System32\drivers\keyscrambler.sys (QFX Software Corporation)
DRV - (vmx86) -- C:\Windows\System32\drivers\vmx86.sys (VMware, Inc.)
DRV - (VMparport) -- C:\Windows\System32\drivers\vmparport.sys (VMware, Inc.)
DRV - (VMnetuserif) -- C:\Windows\System32\drivers\vmnetuserif.sys (VMware, Inc.)
DRV - (VMnetBridge) -- C:\Windows\System32\drivers\vmnetbridge.sys (VMware, Inc.)
DRV - (VMnetAdapter) -- C:\Windows\System32\drivers\vmnetadapter.sys (VMware, Inc.)
DRV - (hcmon) -- C:\Windows\System32\drivers\hcmon.sys (VMware, Inc.)
DRV - (vmci) -- C:\Windows\System32\drivers\vmci.sys (VMware, Inc.)
DRV - (vstor2-mntapi10-shared) -- C:\Windows\System32\drivers\vstor2-mntapi10-shared.sys (VMware, Inc.)
DRV - (tap0901) -- C:\Windows\System32\drivers\tap0901.sys (The OpenVPN Project)
DRV - (Avgfwfd) -- C:\Windows\System32\drivers\avgfwd6x.sys (AVG Technologies CZ, s.r.o.)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation)
DRV - (ssadbus) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation)
DRV - (ssadserd) -- C:\Windows\System32\drivers\ssadserd.sys (MCCI Corporation)
DRV - (ssadmdfl) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation)
DRV - (androidusb) -- C:\Windows\System32\drivers\ssadadb.sys (Google Inc)
DRV - (tapoas) -- C:\Windows\System32\drivers\tapoas.sys (The OpenVPN Project)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
 
 
[color=#E56717]========== Standard Registry (All) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://in.yahoo.com/?fr=fp-spt_gen
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://in.yahoo.com/?fr=fp-spt_gen
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/?publisher=VertiTechnology&dpid=VertiTechnology&co=US&userid=998afab5-793f-4196-8769-3ebef5004f7d&searchtype=ds&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?publisher=VertiTechnology&dpid=VertiTechnology&co=US&userid=998afab5-793f-4196-8769-3ebef5004f7d&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=VertiTechnology&dpid=VertiTechnology&co=US&userid=998afab5-793f-4196-8769-3ebef5004f7d&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=VertiTechnology&dpid=VertiTechnology&co=US&userid=998afab5-793f-4196-8769-3ebef5004f7d&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=VertiTechnology&dpid=VertiTechnology&co=US&userid=998afab5-793f-4196-8769-3ebef5004f7d&searchtype=ds&q={searchTerms}
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/?publisher=VertiTechnology&dpid=VertiTechnology&co=US&userid=998afab5-793f-4196-8769-3ebef5004f7d&searchtype=ds&q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110189&tt=3012_5&babsrc=SP_ss&mntrId=b42b2a0100000000000000ffb103b37e
IE - HKCU\..\SearchScopes\{7A1EF55B-00AA-44B9-89A5-B199FE9EA731}: "URL" = http://in.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811_yserp2tst&p={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={A2ED9565-CC11-4307-8714-699846B10558}&mid=01c9bfaf27ab47d0b21ad15cc5f14ae3-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=AVG&pr=pr&d=2012-08-29 11:33:28&v=12.2.0.5&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811_yserp2tst"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: helperbar@helperbar.com:1.0
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:12.0.0.374
FF - prefs.js..extensions.enabledItems: virtualKeyboard@kaspersky.ru:12.0.0.374
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13
FF - prefs.js..keyword.URL: "https://isearch.avg.com/search?cid=%7B001a27f6-c605-45a0-8d34-6e65d9f8b1f6%7D&mid=01c9bfaf27ab47d0b21ad15cc5f14ae3-06ce4fc639803a2e3563922518183d8e94088cb9&ds=AVG&v=12.2.0.5&lang=en&pr=pr&d=2012-08-29%2011%3A33%3A28&sap=ku&q="
FF - prefs.js..network.proxy.autoconfig_url: "http://adfoc.us/631247969005"
FF - prefs.js..network.proxy.backup.ftp: ""
FF - prefs.js..network.proxy.backup.ftp_port: 0
FF - prefs.js..network.proxy.backup.socks: ""
FF - prefs.js..network.proxy.backup.socks_port: 0
FF - prefs.js..network.proxy.backup.ssl: ""
FF - prefs.js..network.proxy.backup.ssl_port: 0
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.no_proxies_on: " 174.120.130.173 proxy.jrimsoftware.com"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 1
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\vinod\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\vinod\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\vinod\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\vinod\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/08/29 11:28:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\12.2.0.5\ [2012/08/29 11:33:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/08 08:29:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/08/25 19:23:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/08 08:29:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/08/25 19:23:36 | 000,000,000 | ---D | M]
 
[2012/08/31 01:47:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vinod\AppData\Roaming\Mozilla\Extensions
[2012/07/17 21:44:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vinod\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2012/08/31 01:47:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vinod\AppData\Roaming\Mozilla\Extensions\net.openvpn.client
[2012/09/14 10:51:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vinod\AppData\Roaming\Mozilla\Firefox\Profiles\lpiip0w4.default\extensions
[2012/08/24 10:40:17 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\vinod\AppData\Roaming\Mozilla\Firefox\Profiles\lpiip0w4.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2012/08/28 18:41:33 | 000,000,000 | ---D | M] (BitTorrentBar) -- C:\Users\vinod\AppData\Roaming\Mozilla\Firefox\Profiles\lpiip0w4.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2012/08/29 12:35:47 | 000,000,000 | ---D | M] (AF-HSS) -- C:\Users\vinod\AppData\Roaming\Mozilla\Firefox\Profiles\lpiip0w4.default\extensions\{f0381dbd-e018-4e07-ae40-d96ab15083f0}
[2012/08/07 02:57:19 | 000,002,399 | ---- | M] () -- C:\Users\vinod\AppData\Roaming\Mozilla\Firefox\Profiles\lpiip0w4.default\searchplugins\Web Search.xml
[2012/08/10 11:05:41 | 000,001,492 | ---- | M] () -- C:\Users\vinod\AppData\Roaming\Mozilla\Firefox\Profiles\lpiip0w4.default\searchplugins\web-search-powered-by-google.xml
[2012/08/29 12:35:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/09/08 08:29:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/07/28 09:29:00 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2012/07/19 12:09:38 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2
[2012/08/29 11:33:36 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\12.2.0.5
[2012/09/10 01:22:51 | 000,030,312 | ---- | M] () (No name found) -- C:\USERS\VINOD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LPIIP0W4.DEFAULT\EXTENSIONS\{888D99E7-E8B5-46A3-851E-1EC45DA1E644}.XPI
[2012/09/14 10:51:44 | 000,054,742 | ---- | M] () (No name found) -- C:\USERS\VINOD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LPIIP0W4.DEFAULT\EXTENSIONS\HITLEAP.ADDON@HITLEAP.COM.XPI
[2012/08/22 11:33:33 | 000,084,395 | ---- | M] () (No name found) -- C:\USERS\VINOD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LPIIP0W4.DEFAULT\EXTENSIONS\TOOLBAR@ALEXA.COM.XPI
[2012/09/08 08:29:16 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/07/28 02:21:30 | 000,184,248 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2012/09/02 10:47:59 | 000,001,607 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2010/12/03 23:06:32 | 000,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2012/08/29 11:33:23 | 000,003,749 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/07/26 13:36:45 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/09/02 10:47:59 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/12/03 23:06:32 | 000,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2012/09/02 10:47:59 | 000,001,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2012/09/02 10:47:59 | 000,003,581 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2012/09/02 10:47:59 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/09/02 10:47:59 | 000,001,391 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2012/09/02 10:47:59 | 000,001,309 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: http://feed.snap.do/?publisher=VertiTechnology&dpid=VertiTechnology&co=US&userid=998afab5-793f-4196-8769-3ebef5004f7d&searchtype=hp
CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = https://isearch.avg.com/search?cid={A2ED9565-CC11-4307-8714-699846B10558}&mid=&lang=&ds=&pr=&d=&v=&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}
CHR - homepage: http://feed.snap.do/?publisher=VertiTechnology&dpid=VertiTechnology&co=US&userid=998afab5-793f-4196-8769-3ebef5004f7d&searchtype=hp
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\vinod\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\vinod\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\vinod\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\2.3.15.10_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Google Update (Enabled) = C:\Users\vinod\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - Extension: Easy Auto Refresh = C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc\1.9_0\
CHR - Extension: AVG Secure Search = C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdgpjclefcppbhifgmbncakhhphkggdb\12.2.0.5_0\
CHR - Extension: YouTube = C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: TopLine = C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkoifoocjggkggkbdlpcpbbibjlddjem\3.8_0\
CHR - Extension: AVG Do Not Track = C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Gmail = C:\Users\vinod\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012/09/17 19:02:53 | 000,000,909 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KeyScrambler] C:\Program Files\KeyScrambler\keyscrambler.exe (QFX Software Corporation)
O4 - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send by Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm ()
O8 - Extra context menu item: Send via &Message... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000048 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000049 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000051 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000052 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000053 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000054 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000055 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000056 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000057 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000058 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000059 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000060 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000061 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E4F1330-D52F-44D2-89DE-197699B9DA54}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E4F1330-D52F-44D2-89DE-197699B9DA54}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{91544A7E-B181-4E44-AB29-F9D6C360F7EA}: DhcpNameServer = 172.20.23.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB26CABE-BA08-4225-A3FB-6D3FD35A31D3}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.0\ViProtocol.dll ()
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 03:12:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012/09/20 08:30:12 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\vinod\Desktop\aswMBR.exe
[2012/09/20 01:36:34 | 000,000,000 | ---D | C] -- C:\Users\vinod\AppData\Roaming\UBot Studio
[2012/09/19 22:26:19 | 000,000,000 | ---D | C] -- C:\Users\vinod\AppData\Roaming\VMware
[2012/09/19 22:22:05 | 000,354,416 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe
[2012/09/19 22:21:59 | 000,432,752 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe
[2012/09/19 22:21:57 | 000,025,712 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\drivers\vmnetuserif.sys
[2012/09/19 22:21:45 | 000,783,472 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vnetlib.dll
[2012/09/19 22:21:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
[2012/09/19 22:20:28 | 000,000,000 | ---D | C] -- C:\Program Files\VMware
[2012/09/19 22:20:28 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Shared Virtual Machines
[2012/09/19 22:20:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware
[2012/09/19 18:32:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\No Hands SEO
[2012/09/19 18:32:07 | 000,000,000 | ---D | C] -- C:\Users\vinod\Documents\No Hands SEO
[2012/09/19 18:32:07 | 000,000,000 | ---D | C] -- C:\Program Files\No Hands SEO
[2012/09/19 18:14:48 | 000,000,000 | ---D | C] -- C:\ProgramData\XDMessaging
[2012/09/19 10:26:14 | 000,000,000 | ---D | C] -- C:\Users\vinod\AppData\Roaming\Tube Groove
[2012/09/19 10:26:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tube Fool
[2012/09/19 10:26:07 | 000,000,000 | ---D | C] -- C:\Program Files\Tube Fool
[2012/09/18 18:54:08 | 000,000,000 | ---D | C] -- C:\Users\vinod\AppData\Roaming\Softland
[2012/09/18 18:54:07 | 000,023,432 | ---- | C] (Softland) -- C:\Windows\System32\dopdfmn7.dll
[2012/09/18 18:54:07 | 000,020,872 | ---- | C] (Softland) -- C:\Windows\System32\dopdfmi7.dll
[2012/09/18 18:54:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 7
[2012/09/18 18:54:05 | 000,000,000 | ---D | C] -- C:\Program Files\Softland
[2012/09/17 13:55:09 | 000,000,000 | ---D | C] -- C:\Users\vinod\AppData\Local\Jrim_Software
[2012/09/17 13:54:30 | 000,000,000 | ---D | C] -- C:\Users\vinod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Proxy Multiply
[2012/09/17 13:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Proxy Multiply
[2012/09/16 20:17:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TheBestSpinner3
[2012/09/16 20:17:28 | 000,000,000 | ---D | C] -- C:\Program Files\TheBestSpinner3
[2012/09/14 20:35:26 | 000,000,000 | ---D | C] -- C:\Users\vinod\AppData\Local\SENukeX
[2012/09/14 20:35:21 | 000,000,000 | ---D | C] -- C:\Users\vinod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SENukeX
[2012/09/12 12:12:19 | 000,000,000 | ---D | C] -- C:\Program Files\Power Article Rewriter
[2012/09/12 10:11:04 | 000,000,000 | ---D | C] -- C:\Users\vinod\AppData\Local\MadCompany
[2012/09/11 23:56:13 | 000,000,000 | ---D | C] -- C:\Users\vinod\AppData\Roaming\AVG
[2012/09/11 23:55:48 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[2012/09/11 23:55:45 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2012/09/11 09:28:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/09/10 01:19:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
[2012/09/10 01:19:25 | 000,000,000 | ---D | C] -- C:\Program Files\KeyScrambler
[2012/09/10 01:19:20 | 000,173,880 | ---- | C] (QFX Software Corporation) -- C:\Windows\System32\drivers\keyscrambler.sys
[2012/09/09 22:56:38 | 000,000,000 | -H-D | C] -- C:\Users\vinod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-
[2012/09/09 22:33:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/09/09 22:33:50 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012/09/09 22:33:30 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/09/09 22:33:30 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/09/09 22:33:30 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012/09/08 00:21:37 | 000,000,000 | ---D | C] -- C:\Users\vinod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Utilities
[2012/09/08 00:21:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ace Utilities
[2012/09/08 00:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\Ace Utilities
[2012/09/07 23:39:39 | 000,000,000 | ---D | C] -- C:\Users\vinod\AppData\Local\PackageAware
[2012/09/07 20:28:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
[2012/09/07 20:28:36 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie
[2012/09/07 20:22:30 | 000,000,000 | ---D | C] -- C:\ProgramData\SuperHideIP
[2012/09/06 14:56:21 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2012/09/05 22:46:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belkin
[2012/09/05 22:45:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Affinegy
[2012/09/05 21:19:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Belkin
[2012/09/05 20:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\Belkin
[2012/08/31 14:50:11 | 000,000,000 | ---D | C] -- C:\Users\vinod\AppData\Local\VirtualStore
[2012/08/31 01:47:19 | 000,000,000 | ---D | C] -- C:\Users\vinod\AppData\Roaming\OpenVPN Technologies
[2012/08/31 01:47:19 | 000,000,000 | ---D | C] -- C:\Users\vinod\AppData\Local\OpenVPN Technologies
[2012/08/31 01:42:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN Client
[2012/08/31 01:42:15 | 000,000,000 | ---D | C] -- C:\Program Files\OpenVPN Technologies
[2012/08/30 13:37:08 | 000,000,000 | ---D | C] -- C:\Users\vinod\Documents\Ace Utilities Backups
[2012/08/29 14:46:30 | 000,000,000 | ---D | C] -- C:\Program Files\ImTOO
[2012/08/29 14:22:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2012/08/29 14:22:00 | 000,000,000 | ---D | C] -- C:\Users\vinod\AppData\Local\Sony
[2012/08/29 14:22:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2012/08/29 14:21:59 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2012/08/29 14:21:22 | 000,000,000 | ---D | C] -- C:\Users\vinod\AppData\Roaming\Sony
[2012/08/29 11:34:01 | 000,000,000 | ---D | C] -- C:\Users\vinod\AppData\Roaming\AVG2012
[2012/08/29 11:33:42 | 000,000,000 | ---D | C] -- C:\Users\vinod\AppData\Local\AVG Secure Search
[2012/08/29 11:33:36 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/08/29 11:33:27 | 000,027,496 | ---- | C] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2012/08/29 11:33:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012/08/29 11:33:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/08/29 11:28:32 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/08/29 11:28:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2012/08/29 11:27:56 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2012/08/29 10:47:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/08/29 10:47:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg2012
[2012/08/29 10:44:27 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/08/29 00:55:12 | 000,000,000 | ---D | C] -- C:\Users\vinod\AppData\Roaming\XBMC
[2012/08/29 00:53:44 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2012/08/29 00:53:44 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2012/08/29 00:52:40 | 000,000,000 | ---D | C] -- C:\Users\vinod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
[2012/08/29 00:52:28 | 000,000,000 | ---D | C] -- C:\Program Files\XBMC
[2012/08/25 00:16:30 | 000,000,000 | ---D | C] -- C:\Users\vinod\Documents\webkit
[2012/08/25 00:12:27 | 000,000,000 | ---D | C] -- C:\Users\vinod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YouWave_Android
[2012/08/25 00:12:14 | 000,000,000 | ---D | C] -- C:\Users\vinod\.Virtualbox.sav
[2012/08/24 17:35:27 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup
[2012/08/24 15:43:18 | 000,301,920 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2012/08/24 10:40:22 | 000,000,000 | ---D | C] -- C:\Users\vinod\Documents\iMacros
[2012/08/23 10:00:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Isolated Storage
[2012/08/21 20:05:26 | 000,000,000 | ---D | C] -- C:\Windows\MailBoy
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012/09/20 09:00:01 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2229603534-3502027819-2366847897-1000UA.job
[2012/09/20 08:46:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/20 08:31:48 | 000,662,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/09/20 08:31:48 | 000,121,718 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/09/20 08:30:28 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\vinod\Desktop\aswMBR.exe
[2012/09/20 08:28:12 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/20 08:28:12 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/20 08:22:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/20 08:22:57 | 2415,566,848 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/20 08:09:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2229603534-3502027819-2366847897-1001UA.job
[2012/09/20 07:36:46 | 095,309,490 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/09/20 00:00:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2229603534-3502027819-2366847897-1000Core.job
[2012/09/19 22:51:49 | 000,002,426 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2012/09/19 22:23:05 | 000,000,998 | ---- | M] () -- C:\Users\vinod\Application Data\Microsoft\Internet Explorer\Quick Launch\VMware Workstation.lnk
[2012/09/19 22:21:19 | 000,001,024 | ---- | M] () -- C:\.rnd
[2012/09/19 22:21:07 | 000,002,093 | ---- | M] () -- C:\Users\Public\Desktop\VMware Workstation.lnk
[2012/09/19 18:32:16 | 000,005,115 | ---- | M] () -- C:\ProgramData\zjyopzph.wxh
[2012/09/19 18:32:09 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\No Hands SEO.lnk
[2012/09/19 18:32:08 | 000,001,949 | ---- | M] () -- C:\Users\Public\Desktop\No Hands SEO Manual.lnk
[2012/09/19 15:41:17 | 001,271,603 | ---- | M] () -- C:\Users\vinod\Desktop\fblp.pdf
[2012/09/19 09:09:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2229603534-3502027819-2366847897-1001Core.job
[2012/09/18 18:54:53 | 000,051,471 | ---- | M] () -- C:\Users\vinod\Desktop\GET VERIFIED PAYPAL.pdf
[2012/09/17 21:56:58 | 000,000,260 | ---- | M] () -- C:\Users\vinod\SecurityKISSTunnel.config
[2012/09/17 19:02:53 | 000,000,909 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/09/17 13:54:30 | 000,003,021 | ---- | M] () -- C:\Users\vinod\Desktop\Proxy Multiply.lnk
[2012/09/17 08:55:53 | 000,121,605 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/09/14 23:42:13 | 000,039,437 | ---- | M] () -- C:\Users\vinod\Desktop\12hoursautopiloting.png
[2012/09/14 20:39:51 | 000,002,025 | ---- | M] () -- C:\Users\vinod\Desktop\SENukeX.lnk
[2012/09/12 17:54:16 | 000,025,042 | ---- | M] () -- C:\Users\vinod\Desktop\212121212.png
[2012/09/12 12:44:13 | 000,000,287 | ---- | M] () -- C:\Users\vinod\Documents\hb2-setings.json
[2012/09/12 09:10:58 | 000,157,060 | ---- | M] () -- C:\Users\vinod\Desktop\lf.png
[2012/09/11 12:00:11 | 000,050,189 | ---- | M] () -- C:\Users\vinod\Desktop\12.png
[2012/09/11 09:28:05 | 000,000,935 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/09/10 00:51:32 | 000,031,859 | ---- | M] () -- C:\Users\vinod\Desktop\Untitled.png
[2012/09/09 22:33:25 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012/09/09 22:33:25 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2012/09/09 22:33:25 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012/09/09 22:33:25 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/09/09 22:33:25 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/09/09 22:33:25 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012/09/09 21:57:22 | 000,034,645 | ---- | M] () -- C:\Users\vinod\Desktop\21212.png
[2012/09/08 20:24:24 | 000,005,966 | ---- | M] () -- C:\Users\vinod\Desktop\123.jpg
[2012/09/08 08:29:19 | 000,001,994 | ---- | M] () -- C:\Users\vinod\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/09/08 00:21:37 | 000,001,082 | ---- | M] () -- C:\Users\vinod\Desktop\Ace Utilities.lnk
[2012/09/07 20:28:37 | 000,001,053 | ---- | M] () -- C:\Users\vinod\Desktop\Sandboxed Web Browser.lnk
[2012/09/07 20:28:37 | 000,001,053 | ---- | M] () -- C:\Users\vinod\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2012/09/07 01:39:53 | 003,880,032 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/09/06 10:34:02 | 000,035,942 | ---- | M] () -- C:\Users\vinod\Documents\cc_20120906_103400.reg
[2012/09/05 22:46:05 | 000,000,051 | ---- | M] () -- C:\Windows\System32\drivers\etc\lmhosts
[2012/09/04 17:57:22 | 000,002,487 | ---- | M] () -- C:\Users\vinod\Desktop\Google Chrome.lnk
[2012/09/03 10:20:14 | 000,004,925 | ---- | M] () -- C:\Users\vinod\Desktop\11.png
[2012/09/02 09:03:29 | 000,001,931 | ---- | M] () -- C:\Users\vinod\Application Data\Microsoft\Internet Explorer\Quick Launch\Wireshark.lnk
[2012/09/01 19:10:10 | 000,024,221 | ---- | M] () -- C:\Users\vinod\Desktop\EVS.jpg
[2012/08/31 21:35:48 | 000,627,150 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavifw.avm
[2012/08/31 11:31:39 | 000,022,987 | ---- | M] () -- C:\Users\vinod\Desktop\NewPicture001.jpg
[2012/08/31 08:50:20 | 000,196,608 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012/08/30 13:49:30 | 000,030,948 | ---- | M] () -- C:\Users\vinod\Desktop\eqonixmoneymaking.pdf
[2012/08/29 15:24:20 | 000,000,078 | ---- | M] () -- C:\Users\vinod\Desktop\Full VIdeo.rar
[2012/08/29 14:46:54 | 000,002,121 | ---- | M] () -- C:\Users\vinod\Application Data\Microsoft\Internet Explorer\Quick Launch\ImTOO Video Converter Ultimate.lnk
[2012/08/29 14:46:54 | 000,002,097 | ---- | M] () -- C:\Users\vinod\Desktop\ImTOO Video Converter Ultimate.lnk
[2012/08/29 11:33:27 | 000,027,496 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2012/08/29 09:17:32 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/08/29 09:17:32 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/08/29 00:52:50 | 001,018,032 | ---- | M] () -- C:\Users\vinod\Desktop\Navi-X_v37_6.zip
[2012/08/29 00:52:40 | 000,001,823 | ---- | M] () -- C:\Users\vinod\Desktop\XBMC.lnk
[2012/08/28 13:31:58 | 000,030,298 | ---- | M] () -- C:\Users\vinod\Desktop\21.png
[2012/08/26 17:30:15 | 000,197,219 | ---- | M] () -- C:\Users\vinod\Desktop\twitter.pdf
[2012/08/26 16:27:56 | 000,072,370 | ---- | M] () -- C:\Users\vinod\Desktop\How to get Approved by adsense.pdf
[2012/08/26 03:23:21 | 000,101,165 | ---- | M] () -- C:\Users\vinod\Desktop\123.png
[2012/08/24 15:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012/09/20 07:36:46 | 095,309,490 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/09/19 22:23:05 | 000,000,998 | ---- | C] () -- C:\Users\vinod\Application Data\Microsoft\Internet Explorer\Quick Launch\VMware Workstation.lnk
[2012/09/19 22:21:19 | 000,001,024 | ---- | C] () -- C:\.rnd
[2012/09/19 22:21:07 | 000,002,093 | ---- | C] () -- C:\Users\Public\Desktop\VMware Workstation.lnk
[2012/09/19 18:32:16 | 000,005,115 | ---- | C] () -- C:\ProgramData\zjyopzph.wxh
[2012/09/19 18:32:09 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\No Hands SEO.lnk
[2012/09/19 18:32:08 | 000,001,949 | ---- | C] () -- C:\Users\Public\Desktop\No Hands SEO Manual.lnk
[2012/09/19 15:41:17 | 001,271,603 | ---- | C] () -- C:\Users\vinod\Desktop\fblp.pdf
[2012/09/18 18:54:49 | 000,051,471 | ---- | C] () -- C:\Users\vinod\Desktop\GET VERIFIED PAYPAL.pdf
[2012/09/18 18:54:08 | 000,007,549 | ---- | C] () -- C:\Windows\System32\dopdf7.ctm
[2012/09/17 13:54:30 | 000,003,021 | ---- | C] () -- C:\Users\vinod\Desktop\Proxy Multiply.lnk
[2012/09/17 13:54:02 | 000,840,192 | ---- | C] () -- C:\ProgramData\setup.msi
[2012/09/17 13:54:02 | 000,428,032 | ---- | C] () -- C:\ProgramData\setup.exe
[2012/09/17 08:55:53 | 000,121,605 | ---- | C] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/09/14 20:39:51 | 000,002,025 | ---- | C] () -- C:\Users\vinod\Desktop\SENukeX.lnk
[2012/09/12 12:44:13 | 000,000,287 | ---- | C] () -- C:\Users\vinod\Documents\hb2-setings.json
[2012/09/12 09:10:57 | 000,157,060 | ---- | C] () -- C:\Users\vinod\Desktop\lf.png
[2012/09/11 12:00:11 | 000,050,189 | ---- | C] () -- C:\Users\vinod\Desktop\12.png
[2012/09/09 21:57:22 | 000,034,645 | ---- | C] () -- C:\Users\vinod\Desktop\21212.png
[2012/09/08 00:21:37 | 000,001,082 | ---- | C] () -- C:\Users\vinod\Desktop\Ace Utilities.lnk
[2012/09/07 20:28:47 | 000,001,053 | ---- | C] () -- C:\Users\vinod\Desktop\Sandboxed Web Browser.lnk
[2012/09/07 20:28:47 | 000,001,053 | ---- | C] () -- C:\Users\vinod\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2012/09/07 20:28:44 | 000,002,426 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012/09/06 10:34:01 | 000,035,942 | ---- | C] () -- C:\Users\vinod\Documents\cc_20120906_103400.reg
[2012/09/03 10:20:14 | 000,004,925 | ---- | C] () -- C:\Users\vinod\Desktop\11.png
[2012/09/01 19:10:10 | 000,024,221 | ---- | C] () -- C:\Users\vinod\Desktop\EVS.jpg
[2012/08/31 21:35:48 | 000,627,150 | ---- | C] () -- C:\Windows\System32\drivers\AVG\iavifw.avm
[2012/08/31 11:31:37 | 000,022,987 | ---- | C] () -- C:\Users\vinod\Desktop\NewPicture001.jpg
[2012/08/30 22:53:50 | 000,196,608 | ---- | C] () -- C:\Windows\System32\Ikeext.etl
[2012/08/30 13:49:30 | 000,030,948 | ---- | C] () -- C:\Users\vinod\Desktop\eqonixmoneymaking.pdf
[2012/08/30 10:41:35 | 000,025,042 | ---- | C] () -- C:\Users\vinod\Desktop\212121212.png
[2012/08/29 15:24:20 | 000,000,078 | ---- | C] () -- C:\Users\vinod\Desktop\Full VIdeo.rar
[2012/08/29 14:46:54 | 000,002,121 | ---- | C] () -- C:\Users\vinod\Application Data\Microsoft\Internet Explorer\Quick Launch\ImTOO Video Converter Ultimate.lnk
[2012/08/29 14:46:54 | 000,002,097 | ---- | C] () -- C:\Users\vinod\Desktop\ImTOO Video Converter Ultimate.lnk
[2012/08/29 11:33:39 | 000,000,935 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/08/29 00:52:40 | 000,001,823 | ---- | C] () -- C:\Users\vinod\Desktop\XBMC.lnk
[2012/08/29 00:52:36 | 001,018,032 | ---- | C] () -- C:\Users\vinod\Desktop\Navi-X_v37_6.zip
[2012/08/28 13:31:58 | 000,030,298 | ---- | C] () -- C:\Users\vinod\Desktop\21.png
[2012/08/27 00:22:09 | 000,031,859 | ---- | C] () -- C:\Users\vinod\Desktop\Untitled.png
[2012/08/26 17:30:15 | 000,197,219 | ---- | C] () -- C:\Users\vinod\Desktop\twitter.pdf
[2012/08/26 16:27:56 | 000,072,370 | ---- | C] () -- C:\Users\vinod\Desktop\How to get Approved by adsense.pdf
[2012/08/26 03:23:21 | 000,101,165 | ---- | C] () -- C:\Users\vinod\Desktop\123.png
[2012/08/26 03:08:24 | 000,000,260 | ---- | C] () -- C:\Users\vinod\SecurityKISSTunnel.config
[2012/08/22 10:38:59 | 000,039,437 | ---- | C] () -- C:\Users\vinod\Desktop\12hoursautopiloting.png
[2012/07/31 13:50:39 | 000,000,000 | ---- | C] () -- C:\Windows\System32\cd.dat
[2012/07/24 18:42:31 | 000,272,629 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012/07/22 16:29:46 | 000,030,098 | ---- | C] () -- C:\Users\vinod\AppData\Roaming\UserTile.png
[2011/03/02 23:57:40 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011/03/02 23:57:40 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011/03/02 23:57:40 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011/03/02 23:57:40 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012/07/24 09:11:07 | 000,000,000 | ---D | M] -- C:\Users\vinod\AppData\Roaming\Autodesk
[2012/09/11 23:56:13 | 000,000,000 | ---D | M] -- C:\Users\vinod\AppData\Roaming\AVG
[2012/08/29 11:34:01 | 000,000,000 | ---D | M] -- C:\Users\vinod\AppData\Roaming\AVG2012
[2012/09/09 21:37:51 | 000,000,000 | ---D | M] -- C:\Users\vinod\AppData\Roaming\BitTorrent
[2012/09/20 00:12:38 | 000,000,000 | ---D | M] -- C:\Users\vinod\AppData\Roaming\FileZilla
[2012/07/26 13:32:41 | 000,000,000 | ---D | M] -- C:\Users\vinod\AppData\Roaming\ImTOO Software Studio
[2012/08/07 01:23:19 | 000,000,000 | ---D | M] -- C:\Users\vinod\AppData\Roaming\Notepad++
[2012/08/31 01:47:19 | 000,000,000 | ---D | M] -- C:\Users\vinod\AppData\Roaming\OpenVPN Technologies
[2012/08/09 20:42:38 | 000,000,000 | ---D | M] -- C:\Users\vinod\AppData\Roaming\QFX Software
[2012/08/13 18:04:36 | 000,000,000 | ---D | M] -- C:\Users\vinod\AppData\Roaming\Samsung
[2012/09/18 18:54:08 | 000,000,000 | ---D | M] -- C:\Users\vinod\AppData\Roaming\Softland
[2012/08/29 14:35:26 | 000,000,000 | ---D | M] -- C:\Users\vinod\AppData\Roaming\Sony
[2012/08/13 15:31:20 | 000,000,000 | ---D | M] -- C:\Users\vinod\AppData\Roaming\TeamViewer
[2012/09/19 10:32:50 | 000,000,000 | ---D | M] -- C:\Users\vinod\AppData\Roaming\Tube Groove
[2012/09/20 01:39:41 | 000,000,000 | ---D | M] -- C:\Users\vinod\AppData\Roaming\UBot Studio
[2012/07/29 01:19:31 | 000,000,000 | ---D | M] -- C:\Users\vinod\AppData\Roaming\Wireshark
[2012/08/19 13:11:25 | 000,000,000 | -HSD | M] -- C:\Users\vinod\AppData\Roaming\wyUpdate AU
[2012/09/09 21:37:51 | 000,000,000 | ---D | M] -- C:\Users\vinod\AppData\Roaming\XBMC
[2012/09/01 17:21:22 | 000,032,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:E965A533

< End of report >