Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93117 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Spyware removal, hit wall - ping.exe causing problems.

Started by Louiep , Oct 04 2011 11:21 AM

  • This topic is locked This topic is locked
1 reply to this topic

#1 Louiep

Louiep

    New Member

  • New Member
  • Pip
  • 5 posts

Posted 04 October 2011 - 11:21 AM

Before coming to this site, I have run Malwarebytes; AVG; AuperAnitSpyware; and ZoneAlarm scans. Removed what I could. I needed to use the unhide.exe to restore my shortcuts and start menu items. I used OTL as instructed in the sticky. Here are the results:


OTL logfile created on: 10/4/2011 1:01:20 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Louis\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 1.45 Gb Available Physical Memory | 24.14% Memory free
12.00 Gb Paging File | 7.03 Gb Available in Paging File | 58.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.05 Gb Total Space | 6.09 Gb Free Space | 4.08% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 84.02 Gb Free Space | 18.04% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 290.08 Gb Free Space | 62.28% Space Free | Partition Type: NTFS
Drive H: | 139.73 Gb Total Space | 68.76 Gb Free Space | 49.21% Space Free | Partition Type: NTFS
Drive K: | 1.91 Gb Total Space | 0.47 Gb Free Space | 24.77% Space Free | Partition Type: FAT

Computer Name: WORKSTATION2 | User Name: Louis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Louis\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exe (Lavasoft Limited)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited)
PRC - C:\Users\Louis\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Users\Louis\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe (Google)
PRC - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
PRC - C:\Users\Louis\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Windows\SysWOW64\atashost.exe (Cisco WebEx LLC)
PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Java\jre6\bin\jp2launcher.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files (x86)\Java\jre6\bin\java.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files (x86)\DisplayFusion\DisplayFusionHookx86.exe (Binary Fortress Software)
PRC - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe ()
PRC - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe ()
PRC - C:\Program Files (x86)\Citrix\GoToMyPC\g2tray.exe (Citrix Online, a division of Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\GoToMyPC\g2svc.exe (Citrix Online, a division of Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\GoToMyPC\g2pre.exe (Citrix Online, a division of Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\GoToMyPC\g2comm.exe (Citrix Online, a division of Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Users\Louis\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
PRC - C:\Program Files\CrashPlan\CrashPlanTray.exe (Code 42 Software, Inc.)
PRC - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
PRC - C:\Windows\SysWOW64\PING.EXE (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Lavasoft\Ad-Aware\PrivacyClean.dll ()
MOD - C:\Users\Louis\AppData\Local\Google\Chrome\Application\14.0.835.187\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Louis\AppData\Local\Google\Chrome\Application\14.0.835.187\pdf.dll ()
MOD - C:\Users\Louis\AppData\Local\Google\Chrome\Application\14.0.835.187\avutil-51.dll ()
MOD - C:\Users\Louis\AppData\Local\Google\Chrome\Application\14.0.835.187\avformat-53.dll ()
MOD - C:\Users\Louis\AppData\Local\Google\Chrome\Application\14.0.835.187\avcodec-53.dll ()
MOD - C:\Users\Louis\AppData\Local\Google\Chrome\Application\14.0.835.187\gcswf32.dll ()
MOD - C:\Users\Louis\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll ()
MOD - C:\Users\Louis\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll ()
MOD - C:\Users\Louis\AppData\Local\Programs\Google\MusicManager\libid3tag.dll ()
MOD - C:\Users\Louis\AppData\Local\Programs\Google\MusicManager\libaacdec.dll ()
MOD - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe ()
MOD - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
MOD - \\?\globalroot\systemroot\syswow64\mswsock.DLL ()
MOD - \\.\globalroot\systemroot\syswow64\mswsock.dll ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (ZuneWlanCfgSvc) -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV:64bit: - (WMZuneComm) -- C:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV:64bit: - (ZuneNetworkSvc) -- C:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV:64bit: - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (Check Point Software Technologies)
SRV:64bit: - (CrashPlanService) -- C:\Program Files\CrashPlan\CrashPlanService.exe (CrashPlan)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (Akamai) -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_b31de1e.dll ()
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (vsmon) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
SRV - (atashost) -- C:\Windows\SysWOW64\atashost.exe (Cisco WebEx LLC)
SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (MotoHelper) -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe ()
SRV - (GoToMyPC) -- C:\Program Files (x86)\Citrix\GoToMyPC\g2svc.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (Lbd) -- C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (ISWKL) -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Vsdatant) -- C:\Windows\SysNative\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (cpuz134) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys ()
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (motandroidusb) -- C:\Windows\SysNative\drivers\motoandroid.sys (Motorola)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (SSPORT) -- C:\Windows\SysNative\drivers\SSPORT.SYS (Samsung Electronics)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV - (Lavasoft Kernexplorer) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys ()
DRV - (SASDIFSV) -- C:\Users\Louis\AppData\Local\Temp\SAS_SelfExtract\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Users\Louis\AppData\Local\Temp\SAS_SelfExtract\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.neverstatic.com/home.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FE DA 9B 5F B1 FE CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://neverstatic.com/home.html
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2
FF - prefs.js..keyword.URL: "http://www.google.co...form=ZGAADF&q="

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: E:\PROGRA~1\Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\PROGRA~1\Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll File not found
FF - HKCU\Software\MozillaPlugins\@spoon.net/Spoon Plugin 3.30: C:\Users\Louis\AppData\Local\Spoon\3.30.0.20\npMozillaSpoonPlugin.dll File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Louis\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Louis\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Louis\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Louis\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2011/10/04 12:12:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010/05/15 10:30:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2011/10/04 12:12:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2011/10/04 01:38:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/02 19:13:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/03/28 14:37:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/03/04 18:07:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\avgthb@avg.com: C:\Program Files (x86)\AVG\AVG2012\Thunderbird\ [2011/10/04 01:37:57 | 000,000,000 | ---D | M]

[2010/12/13 11:02:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Louis\AppData\Roaming\Mozilla\Extensions
[2010/12/13 11:02:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Louis\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/09/28 10:40:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Louis\AppData\Roaming\Mozilla\Extensions\songbird@songbirdnest.com
[2011/10/02 08:31:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Louis\AppData\Roaming\Mozilla\Firefox\Profiles\gbqepi2q.default\extensions
[2010/11/15 10:44:34 | 000,000,000 | ---D | M] (CacheViewer) -- C:\Users\Louis\AppData\Roaming\Mozilla\Firefox\Profiles\gbqepi2q.default\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}
[2011/02/06 16:47:21 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\Louis\AppData\Roaming\Mozilla\Firefox\Profiles\gbqepi2q.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2011/03/14 10:36:11 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Louis\AppData\Roaming\Mozilla\Firefox\Profiles\gbqepi2q.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2011/10/02 08:31:06 | 000,000,000 | ---D | M] (Flashbug) -- C:\Users\Louis\AppData\Roaming\Mozilla\Firefox\Profiles\gbqepi2q.default\extensions\flashbug@coursevector.com
[2011/08/25 11:22:10 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Louis\AppData\Roaming\Mozilla\Firefox\Profiles\gbqepi2q.default\extensions\foxmarks@kei.com
[2011/05/13 11:00:24 | 000,000,000 | ---D | M] (Ovi Maps 3D browser plugin) -- C:\Users\Louis\AppData\Roaming\Mozilla\Firefox\Profiles\gbqepi2q.default\extensions\maps@ovi.com
[2011/02/25 12:33:57 | 000,000,000 | ---D | M] ("Pencil") -- C:\Users\Louis\AppData\Roaming\Mozilla\Firefox\Profiles\gbqepi2q.default\extensions\pencil@evolus.vn
[2011/03/10 12:26:07 | 000,001,919 | ---- | M] () -- C:\Users\Louis\AppData\Roaming\Mozilla\Firefox\Profiles\gbqepi2q.default\searchplugins\bing-zugo.xml
[2011/06/30 08:11:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/08/18 09:09:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/24 21:46:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/10/04 01:38:01 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX4
() (No name found) -- C:\USERS\LOUIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GBQEPI2Q.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
() (No name found) -- C:\USERS\LOUIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GBQEPI2Q.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
() (No name found) -- C:\USERS\LOUIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GBQEPI2Q.DEFAULT\EXTENSIONS\ZIINKCL@ZIINK.XPI
[2011/10/02 19:13:16 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/09/15 05:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/02 19:13:15 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/09/21 12:10:06 | 000,002,223 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\websearch.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{googl
e:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chro
me&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client
=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Louis\AppData\Local\Google\Chrome\Application\14.0.835.187\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = E:\PROGRA~1\Office\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = E:\PROGRA~1\Office\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Louis\AppData\Local\Google\Chrome\Application\14.0.835.187\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Louis\AppData\Local\Google\Chrome\Application\14.0.835.187\pdf.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Users\Louis\AppData\Roaming\Mozilla\plugins\npatgpc.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Louis\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Louis\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files (x86)\Google\Google Updater\2.4.2166.3772\npCIDetect14.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Autopen - Email Signatures = C:\Users\Louis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmjcoiohflenpehfaalahocpmacjloof\0.8.0.1\
CHR - Extension: Web Clipboard (by Google) = C:\Users\Louis\AppData\Local\Google\Chrome\User Data\Default\Extensions\idonmcopbgceobhkdbikbdellmdogkih\2.0_0\
CHR - Extension: AVG Safe Search = C:\Users\Louis\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1804_0\
CHR - Extension: Google Voice (by Google) = C:\Users\Louis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.2.3.5_0\

Hosts file not found
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DebugBar BHO) - {69FC0024-10EB-480A-BBF2-3BF4E78E17B1} - C:\Program Files (x86)\Core Services\DebugBar\DebugInfoBar.dll (Core Services)
O2 - BHO: (MrFroggy Class) - {856E12B5-22D7-4E22-9ACA-EA9A008DD65B} - C:\Program Files (x86)\Minibar\Froggy.dll (TODO: <название компании>)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (MinibarBHO) - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files (x86)\Minibar\Kango.dll (KangoExtensions)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Program Files\Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (DebugBar) - {3E1201F4-1707-409F-BB45-A5F192381DA0} - C:\Program Files (x86)\Core Services\DebugBar\DebugToolBar.dll (Core Services)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [DisplayFusion] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
O4 - HKCU..\Run: [MusicManager] C:\Users\Louis\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.)
O4 - HKCU..\Run: [SansaDispatch] C:\Users\Louis\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
O4 - Startup: C:\Users\Louis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Louis\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - E:\Program Files\Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - E:\Program Files\Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: Share Your Mood - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files (x86)\Minibar\MinibarButton.dll (TODO: <Company name>)
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - Reg Error: Key error. File not found
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.1.66.0.cab (Reg Error: Key error.)
O16 - DPF: {298BFFEE-662D-11D5-ADAF-00E0810232D7} https://simulcast.ma...v/LiveSound.dll (lgbplay Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {A084A130-28AE-4B32-B51A-1C8CE164BC88} http://www.convergys...om/AppHardT.CAB (WNICheck2 Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CE5BA4C1-98C6-4295-9C3F-47680C3FB0DD}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/31 19:22:34 | 000,000,000 | ---- | M] () - H:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.MP42 - C:\Windows\SysWow64\MPG4c32.dll (Microsoft Corporation)
Drivers32: vidc.MP43 - C:\Windows\SysWow64\MPG4c32.dll (Microsoft Corporation)
Drivers32: vidc.MPG4 - C:\Windows\SysWow64\MPG4c32.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/10/04 12:53:56 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Louis\Desktop\OTL.exe
[2011/10/04 12:13:06 | 000,184,320 | ---- | C] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\srrstr.dll
[2011/10/04 12:13:04 | 000,184,320 | ---- | C] (The Imaging Source Europe GmbH) -- C:\ProgramData\DirectxManagerPolicy.dll
[2011/10/04 12:03:58 | 000,055,384 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2011/10/04 12:01:49 | 000,069,376 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2011/10/04 12:01:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2011/10/04 12:01:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2011/10/04 12:01:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2011/10/04 11:33:18 | 000,000,000 | ---D | C] -- C:\Users\Louis\AppData\Roaming\SUPERAntiSpyware.com
[2011/10/04 11:33:18 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/10/04 10:30:05 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011/10/04 08:21:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
[2011/10/04 01:48:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/10/04 01:46:40 | 000,000,000 | ---D | C] -- C:\Users\Louis\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/10/04 01:38:55 | 000,000,000 | ---D | C] -- C:\Users\Louis\AppData\Roaming\AVG2012
[2011/10/04 01:38:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SURF CANYON
[2011/10/04 01:38:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012
[2011/10/04 01:38:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2011/10/04 01:37:55 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2011/10/04 01:37:55 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2011/10/04 01:37:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2011/10/04 01:31:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Files
[2011/10/04 01:30:32 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/10/04 01:22:29 | 000,000,000 | ---D | C] -- C:\!KillBox
[2011/10/04 01:22:19 | 000,093,696 | ---- | C] (Option^Explicit Software vbtechcd@gmail.com) -- C:\Users\Louis\Desktop\KillBox-Beta.exe
[2011/10/04 00:56:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky SDK
[2011/10/04 00:55:56 | 000,000,000 | ---D | C] -- C:\Users\Louis\AppData\Roaming\MailFrontier
[2011/10/04 00:36:08 | 000,000,000 | ---D | C] -- C:\Users\Louis\Documents\ForceField Shared Files
[2011/10/04 00:36:08 | 000,000,000 | ---D | C] -- C:\Users\Louis\AppData\Roaming\CheckPoint
[2011/10/04 00:36:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\zonealarm_security_suite
[2011/10/04 00:35:57 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2011/10/04 00:35:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2011/10/04 00:35:32 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2011/10/04 00:35:24 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2011/10/04 00:35:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CheckPoint
[2011/10/04 00:33:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011/10/04 00:33:49 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/10/03 18:56:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Minibar
[2011/10/03 18:55:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FaceSmooch Smileys
[2011/10/03 18:55:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2011/10/03 17:42:30 | 000,000,000 | ---D | C] -- C:\Users\Louis\AppData\Roaming\yGGG55aQJ6dW8f
[2011/10/03 17:42:30 | 000,000,000 | ---D | C] -- C:\Users\Louis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Cloud AV
[2011/10/03 17:42:29 | 000,000,000 | ---D | C] -- C:\Users\Louis\AppData\Roaming\B22oobFF3p
[2011/10/03 17:42:26 | 000,000,000 | ---D | C] -- C:\Users\Louis\AppData\Roaming\ULLL9ggTXqjCeI
[2011/10/03 17:42:26 | 000,000,000 | ---D | C] -- C:\Users\Louis\AppData\Roaming\TbDDD3pnG4aQHsK
[2011/09/22 16:01:44 | 000,000,000 | ---D | C] -- C:\Users\Louis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager
[2011/09/22 13:11:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MpEngineStore
[2011/09/22 12:56:08 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/09/22 12:31:55 | 000,000,000 | ---D | C] -- C:\Windows\system64
[2011/09/22 07:40:34 | 000,000,000 | ---D | C] -- C:\Program Files\AutoHotkey
[2011/09/20 20:02:15 | 000,000,000 | ---D | C] -- C:\Users\Louis\AppData\Roaming\Littlelan
[2011/09/20 20:02:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Installer
[2011/09/20 20:02:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3nity
[2011/09/20 20:02:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Littlelan
[2011/09/20 16:23:23 | 000,000,000 | ---D | C] -- C:\Users\Louis\AppData\Local\Programs
[2011/09/19 20:39:35 | 000,000,000 | ---D | C] -- C:\Users\Louis\Documents\Subscriptions
[2011/09/19 20:32:37 | 000,000,000 | ---D | C] -- C:\Users\Louis\AppData\Local\doubleTwist Corporation
[2011/09/19 20:31:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\doubleTwist 2.0
[2011/09/19 12:12:39 | 000,000,000 | ---D | C] -- C:\Users\Louis\Desktop\images
[2011/09/19 12:09:19 | 000,000,000 | ---D | C] -- C:\Users\Louis\Desktop\Navica MLS - Systems Engineering, Inc_files
[2011/09/18 18:39:16 | 000,000,000 | ---D | C] -- C:\Users\Louis\AppData\Roaming\Android
[2011/09/18 16:49:45 | 000,000,000 | ---D | C] -- C:\Users\Louis\.gstreamer-0.10
[2011/09/18 16:49:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zecter
[2011/09/18 16:21:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune
[2011/09/11 18:40:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/09/11 18:40:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/09/08 12:42:44 | 000,000,000 | ---D | C] -- C:\Users\Louis\Desktop\costco

========== Files - Modified Within 30 Days ==========

[2011/10/04 13:09:43 | 000,184,320 | ---- | M] (The Imaging Source Europe GmbH) -- C:\Windows\SysWow64\srrstr.dll
[2011/10/04 12:59:01 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/10/04 12:53:58 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Louis\Desktop\OTL.exe
[2011/10/04 12:13:04 | 000,184,320 | ---- | M] (The Imaging Source Europe GmbH) -- C:\ProgramData\DirectxManagerPolicy.dll
[2011/10/04 12:12:03 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/04 12:10:05 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3408527122-935849262-2500537915-1001UA.job
[2011/10/04 12:09:58 | 000,000,457 | ---- | M] () -- C:\Users\Louis\mm.cfg
[2011/10/04 12:04:56 | 000,014,864 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/04 12:04:56 | 000,014,864 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/04 12:04:28 | 000,776,342 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/04 12:04:28 | 000,662,756 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/04 12:04:28 | 000,117,102 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/04 12:03:58 | 000,055,384 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2011/10/04 12:01:50 | 000,001,060 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2011/10/04 11:57:27 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/04 11:56:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/04 11:56:54 | 536,207,359 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/04 11:41:19 | 000,107,876 | ---- | M] () -- C:\Users\Louis\Desktop\FAX_20111004_1317740563.efx
[2011/10/04 11:29:14 | 017,239,824 | ---- | M] () -- C:\Users\Louis\Desktop\SAS_5599.COM
[2011/10/04 10:17:23 | 069,085,251 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/10/04 10:12:17 | 000,037,652 | ---- | M] () -- C:\Users\Louis\Desktop\cc_20111004_101212.reg
[2011/10/04 10:11:50 | 000,215,080 | ---- | M] () -- C:\Users\Louis\Desktop\cc_20111004_101140.reg
[2011/10/04 09:10:49 | 000,000,840 | ---- | M] () -- C:\Users\Louis\Desktop\CCleaner.lnk
[2011/10/04 01:48:33 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/04 01:41:47 | 001,008,092 | ---- | M] () -- C:\Users\Louis\Desktop\rkill.com
[2011/10/04 01:38:01 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2011/10/04 01:38:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2011/10/04 01:38:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2011/10/04 01:22:14 | 000,093,696 | ---- | M] (Option^Explicit Software vbtechcd@gmail.com) -- C:\Users\Louis\Desktop\KillBox-Beta.exe
[2011/10/04 00:55:56 | 000,415,855 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2011/10/04 00:31:49 | 312,319,308 | ---- | M] () -- C:\Users\Louis\Desktop\registry backup.reg
[2011/10/04 00:14:20 | 000,684,297 | ---- | M] () -- C:\Users\Louis\Desktop\unhide.exe
[2011/10/03 23:46:42 | 000,001,841 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk
[2011/10/03 23:10:23 | 007,099,768 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/10/03 07:10:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3408527122-935849262-2500537915-1001Core.job
[2011/10/02 19:13:23 | 000,002,046 | ---- | M] () -- C:\Users\Louis\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/09/23 12:00:49 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\Intel_C_CVPO006000SU160AGN.job
[2011/09/23 07:19:15 | 000,039,151 | ---- | M] () -- C:\Users\Louis\Desktop\CC AUTH.pdf
[2011/09/22 12:42:32 | 004,251,802 | ---- | M] () -- C:\Users\Louis\Desktop\pike2.png
[2011/09/22 12:42:28 | 006,360,429 | ---- | M] () -- C:\Users\Louis\Desktop\pike.png
[2011/09/22 12:42:23 | 006,199,063 | ---- | M] () -- C:\Users\Louis\Desktop\pike1.png
[2011/09/22 07:40:44 | 000,001,351 | ---- | M] () -- C:\Users\Louis\Documents\AutoHotkey.ahk
[2011/09/21 10:33:41 | 000,192,426 | ---- | M] () -- C:\Users\Louis\Desktop\Untitled-1.jpg
[2011/09/20 12:48:22 | 000,238,288 | ---- | M] () -- C:\Users\Louis\Desktop\FAX_20110920_1316536723.efx
[2011/09/20 08:09:54 | 000,055,741 | ---- | M] () -- C:\Users\Louis\Desktop\no name.gpx
[2011/09/19 20:09:10 | 000,020,995 | ---- | M] () -- C:\Users\Louis\Desktop\agentLabels.csv
[2011/09/19 12:20:21 | 000,426,561 | ---- | M] () -- C:\Users\Louis\Desktop\Untitled-1.html
[2011/09/19 12:12:43 | 000,169,188 | ---- | M] () -- C:\Users\Louis\Desktop\AGENTS.html
[2011/09/19 12:12:00 | 000,943,235 | ---- | M] () -- C:\Users\Louis\Desktop\AGENTS.pdf
[2011/09/19 12:09:19 | 000,002,063 | ---- | M] () -- C:\Users\Louis\Desktop\Navica MLS - Systems Engineering, Inc.htm
[2011/09/19 11:54:32 | 000,025,768 | ---- | M] () -- C:\Users\Louis\Desktop\FAX_20110919_1316447357.efx
[2011/09/19 10:53:14 | 000,076,940 | ---- | M] () -- C:\Users\Louis\Desktop\2011 millage sheets.pdf
[2011/09/18 13:14:12 | 000,545,563 | ---- | M] () -- C:\Users\Louis\Desktop\DMAPUnit1834.pdf
[2011/09/18 09:04:20 | 000,091,638 | ---- | M] () -- C:\Users\Louis\Desktop\WiNTM.pdf
[2011/09/18 08:59:51 | 000,006,502 | ---- | M] () -- C:\Users\Louis\Desktop\Book2.pdf
[2011/09/16 11:54:03 | 000,218,400 | ---- | M] () -- C:\Users\Louis\Desktop\Untitled-2.jpg
[2011/09/10 16:41:35 | 000,294,633 | ---- | M] () -- C:\Users\Louis\Desktop\emerald mountain.pdf
[2011/09/10 16:37:19 | 000,303,248 | ---- | M] () -- C:\Users\Louis\Desktop\slide mountain.pdf
[2011/09/10 16:36:30 | 000,291,553 | ---- | M] () -- C:\Users\Louis\Desktop\seedhouse3.pdf
[2011/09/10 16:33:02 | 000,006,149 | ---- | M] () -- C:\Users\Louis\Desktop\Untitled-3.jpg
[2011/09/09 17:10:37 | 003,565,939 | ---- | M] () -- C:\Users\Louis\Desktop\Tax Map.png
[2011/09/06 16:26:42 | 000,102,121 | ---- | M] () -- C:\Users\Louis\Desktop\Corning Application.pdf
[2011/09/05 18:23:50 | 000,025,766 | ---- | M] () -- C:\Users\Louis\Desktop\Shopping Cart.pdf

========== Files Created - No Company Name ==========

[2011/10/04 12:01:50 | 000,001,060 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2011/10/04 11:42:21 | 000,107,876 | ---- | C] () -- C:\Users\Louis\Desktop\FAX_20111004_1317740563.efx
[2011/10/04 11:28:49 | 017,239,824 | ---- | C] () -- C:\Users\Louis\Desktop\SAS_5599.COM
[2011/10/04 10:17:23 | 069,085,251 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/10/04 10:12:14 | 000,037,652 | ---- | C] () -- C:\Users\Louis\Desktop\cc_20111004_101212.reg
[2011/10/04 10:11:43 | 000,215,080 | ---- | C] () -- C:\Users\Louis\Desktop\cc_20111004_101140.reg
[2011/10/04 09:10:49 | 000,000,840 | ---- | C] () -- C:\Users\Louis\Desktop\CCleaner.lnk
[2011/10/04 01:48:33 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/04 01:41:51 | 001,008,092 | ---- | C] () -- C:\Users\Louis\Desktop\rkill.com
[2011/10/04 01:38:01 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2011/10/04 01:38:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2011/10/04 01:38:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2011/10/04 01:06:47 | 000,684,297 | ---- | C] () -- C:\Users\Louis\Desktop\unhide.exe
[2011/10/04 00:36:24 | 000,415,855 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2011/10/04 00:31:36 | 312,319,308 | ---- | C] () -- C:\Users\Louis\Desktop\registry backup.reg
[2011/10/03 23:46:42 | 000,001,841 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk
[2011/09/23 07:18:23 | 000,039,151 | ---- | C] () -- C:\Users\Louis\Desktop\CC AUTH.pdf
[2011/09/22 12:42:30 | 004,251,802 | ---- | C] () -- C:\Users\Louis\Desktop\pike2.png
[2011/09/22 12:42:25 | 006,360,429 | ---- | C] () -- C:\Users\Louis\Desktop\pike.png
[2011/09/22 12:42:20 | 006,199,063 | ---- | C] () -- C:\Users\Louis\Desktop\pike1.png
[2011/09/22 07:40:44 | 000,001,351 | ---- | C] () -- C:\Users\Louis\Documents\AutoHotkey.ahk
[2011/09/20 13:05:34 | 000,238,288 | ---- | C] () -- C:\Users\Louis\Desktop\FAX_20110920_1316536723.efx
[2011/09/20 08:09:57 | 000,055,741 | ---- | C] () -- C:\Users\Louis\Desktop\no name.gpx
[2011/09/19 12:20:21 | 000,426,561 | ---- | C] () -- C:\Users\Louis\Desktop\Untitled-1.html
[2011/09/19 12:12:39 | 000,169,188 | ---- | C] () -- C:\Users\Louis\Desktop\AGENTS.html
[2011/09/19 12:12:00 | 000,943,235 | ---- | C] () -- C:\Users\Louis\Desktop\AGENTS.pdf
[2011/09/19 12:09:19 | 000,002,063 | ---- | C] () -- C:\Users\Louis\Desktop\Navica MLS - Systems Engineering, Inc.htm
[2011/09/19 12:06:30 | 000,020,995 | ---- | C] () -- C:\Users\Louis\Desktop\agentLabels.csv
[2011/09/19 11:56:02 | 000,025,768 | ---- | C] () -- C:\Users\Louis\Desktop\FAX_20110919_1316447357.efx
[2011/09/19 10:53:14 | 000,076,940 | ---- | C] () -- C:\Users\Louis\Desktop\2011 millage sheets.pdf
[2011/09/18 13:14:12 | 000,545,563 | ---- | C] () -- C:\Users\Louis\Desktop\DMAPUnit1834.pdf
[2011/09/18 09:06:06 | 000,091,638 | ---- | C] () -- C:\Users\Louis\Desktop\WiNTM.pdf
[2011/09/18 08:59:51 | 000,006,502 | ---- | C] () -- C:\Users\Louis\Desktop\Book2.pdf
[2011/09/16 11:54:03 | 000,218,400 | ---- | C] () -- C:\Users\Louis\Desktop\Untitled-2.jpg
[2011/09/15 11:30:04 | 000,192,426 | ---- | C] () -- C:\Users\Louis\Desktop\Untitled-1.jpg
[2011/09/10 16:41:35 | 000,294,633 | ---- | C] () -- C:\Users\Louis\Desktop\emerald mountain.pdf
[2011/09/10 16:36:30 | 000,291,553 | ---- | C] () -- C:\Users\Louis\Desktop\seedhouse3.pdf
[2011/09/10 16:35:38 | 000,303,248 | ---- | C] () -- C:\Users\Louis\Desktop\slide mountain.pdf
[2011/09/10 16:33:02 | 000,006,149 | ---- | C] () -- C:\Users\Louis\Desktop\Untitled-3.jpg
[2011/09/09 17:10:35 | 003,565,939 | ---- | C] () -- C:\Users\Louis\Desktop\Tax Map.png
[2011/09/06 16:26:42 | 000,102,121 | ---- | C] () -- C:\Users\Louis\Desktop\Corning Application.pdf
[2011/09/05 18:23:50 | 000,025,766 | ---- | C] () -- C:\Users\Louis\Desktop\Shopping Cart.pdf
[2011/08/10 08:01:57 | 000,000,448 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/06/22 15:38:48 | 000,000,132 | ---- | C] () -- C:\Users\Louis\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011/06/21 15:30:10 | 000,000,037 | ---- | C] () -- C:\Windows\SWFConverter.INI
[2011/06/21 14:34:04 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/04/11 09:38:52 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe
[2011/03/01 15:41:49 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\ktdll.dll
[2011/01/18 13:41:03 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/01/18 13:40:50 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/01/18 13:26:52 | 000,011,776 | ---- | C] () -- C:\Users\Louis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/04 19:42:19 | 000,393,256 | ---- | C] () -- C:\Windows\SysWow64\CNQ2414N.DAT
[2010/09/28 12:21:15 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll
[2010/09/28 12:21:15 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll
[2010/08/10 12:56:16 | 000,000,132 | ---- | C] () -- C:\Users\Louis\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010/06/03 19:08:10 | 000,000,132 | ---- | C] () -- C:\Users\Louis\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2010/05/31 09:27:29 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/05/20 23:41:34 | 000,007,588 | ---- | C] () -- C:\Users\Louis\AppData\Local\resmon.resmoncfg
[2010/05/16 02:31:13 | 000,766,052 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[1999/01/21 08:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\MSRTEDIT.DLL

========== LOP Check ==========

[2011/09/18 18:39:16 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\Android
[2010/10/20 09:07:46 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\AndroidPlusYou.com
[2010/09/17 16:02:23 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\Audacity
[2011/01/18 17:33:25 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\Auslogics
[2010/07/26 10:47:08 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\Avery
[2011/10/04 01:38:55 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\AVG2012
[2011/10/03 17:42:29 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\B22oobFF3p
[2011/03/10 12:23:37 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\Broad Intelligence
[2010/10/04 21:10:13 | 000,000,000 | ---D | M] -- C:\LS\x00\x00\x00\x00

    Advertisements

Register to Remove

#2 Conspire

Conspire

    SuperHelper

  • Retired Classroom Teacher
  • 5,806 posts

Posted 05 October 2011 - 06:19 AM

Your post has been Moved, Closed or Edited for one of the following reasons: 1.) You posted multiple topics and only one is required 2.) You are spamming links to other places without approval 3.) Abusive language or other problems in your text 4.) Your topic is too old (20 days or more) and no replies from you after a volunteer tried to help you This is a family oriented forum to help those that need help. ==============================
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Posted Image
Posted Image

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·