Solved: How to get rid of win32-gen malware?

leo92 · 30-Jun-2010, 04:30 AM #1

Hello helper,

i have recently being encountering malware (svchost.exe) in windows temp folder.This virus keeps creating .tmp files in this particular directory(c\windows\temp) and avast deletes them automatically.For example toro.tmp,wavt.tmp and etc are file that i have encountered so far.Also they have some sort of {UPX} symbol after them.Here is my hijack scan:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:13:03, on 30-06-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files\CyberLink\Shared files\brs.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Bitcomet Ultra Accelerator\BitComet Ultra Accelerator.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\CometBird\CometBird.exe
C:\Program Files\CometBird\plugin-container.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.4.13.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [IObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [DriverMax_RESTART] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -RESTART
O4 - HKCU\..\Run: [googletalk] C:\Users\SACHIN\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
O4 - HKCU\..\Run: [DriverMax] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -agent
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: CCC.lnk = ?
O4 - Global Startup: Bitcomet Ultra Accelerator.lnk = C:\Program Files\Bitcomet Ultra Accelerator\BitComet Ultra Accelerator.exe
O4 - Global Startup: LimeWire Ultra Accelerator.lnk = C:\Program Files\LimeWire Ultra Accelerator\LimeWire Ultra Accelerator.exe
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.4.4.13.dll/206 (file missing)
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe

--
End of file - 8694 bytes

Rorschach112 · 01-Jul-2010, 06:26 PM #2

Download ComboFix here :

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Here is a guide on how to disable them

Click me
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.

leo92 · 02:10 AM

Avast is still detecting some malware in temp folder of windows,the problem isn't solved yet.I think now i have to reinstall vista.Anyways
Here is my log:

ComboFix 10-07-01.02 - SACHIN 02-07-2010 10:51:53.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.91.1033.18.2046.1206 [GMT 5.5:30]
Running from: c:\users\SACHIN\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\msconfig.exe
c:\windows\UA000106.DLL

c:\windows\system32\drivers\beep.sys . . . is infected!!

c:\windows\system32\srsvc.dll . . . is infected!!

.
((((((((((((((((((((((((( Files Created from 2010-06-02 to 2010-07-02 )))))))))))))))))))))))))))))))
.

2010-07-01 17:44 . 2010-07-01 17:57 -------- d-----w- c:\program files\Need for Speed Carbon
2010-07-01 15:26 . 2010-07-01 15:26 -------- d-----w- c:\program files\uTorrent
2010-07-01 15:25 . 2010-07-01 15:31 -------- d-----w- c:\users\SACHIN\AppData\Roaming\uTorrent
2010-07-01 14:03 . 2010-05-17 17:23 6630912 ----a-w- c:\windows\system32\drivers\NETw5v32.sys
2010-07-01 10:54 . 2010-07-01 10:47 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-07-01 10:47 . 2010-07-01 10:47 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-07-01 10:36 . 2010-07-01 10:36 -------- dc-h--w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-07-01 10:36 . 2010-02-04 15:53 2954656 -c--a-w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe
2010-07-01 10:35 . 2010-07-01 10:39 -------- d-----w- c:\programdata\Lavasoft
2010-07-01 10:35 . 2010-07-01 10:36 -------- d-----w- c:\program files\Lavasoft
2010-07-01 08:13 . 2010-07-01 08:13 1152 ----a-w- c:\windows\system32\windrv.sys
2010-07-01 08:00 . 2010-07-01 08:00 -------- d-----w- c:\users\SACHIN\AppData\Roaming\CleanMyPC Software
2010-07-01 08:00 . 2010-07-01 08:00 -------- d-----w- c:\program files\CleanMyPC
2010-06-30 08:28 . 2010-06-30 08:28 0 ----a-w- c:\windows\ativpsrm.bin
2010-06-30 08:04 . 2008-06-02 22:04 262144 ----a-w- c:\windows\system32\Oemdspif.dll
2010-06-30 08:04 . 2008-06-02 21:18 10043392 ----a-w- c:\windows\system32\atioglxx.dll
2010-06-30 08:04 . 2008-06-03 00:52 3695104 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-06-30 08:04 . 2008-04-28 15:39 172033 ----a-w- c:\windows\system32\atiicdxx.dat
2010-06-30 08:04 . 2008-03-05 19:08 90112 ----a-w- c:\windows\system32\atibrtmon.exe
2010-06-30 08:04 . 2008-06-02 21:19 32256 ----a-w- c:\windows\system32\atiadlxx.dll
2010-06-30 08:04 . 2008-06-02 21:04 49152 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-06-30 08:04 . 2008-06-02 21:20 49664 ----a-w- c:\windows\system32\amdpcom32.dll
2010-06-30 07:42 . 2010-06-30 07:42 -------- d-----w- c:\program files\Trend Micro
2010-06-30 07:15 . 2007-11-16 15:31 818688 ----a-w- c:\windows\system32\drivers\ti21sony.sys
2010-06-30 06:25 . 2010-06-30 06:25 -------- d-----w- c:\users\SACHIN\AppData\Roaming\Malwarebytes
2010-06-30 06:25 . 2010-04-29 10:09 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-30 06:25 . 2010-04-29 10:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-30 06:25 . 2010-06-30 06:25 -------- d-----w- c:\programdata\Malwarebytes
2010-06-30 06:25 . 2010-06-30 07:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-30 05:17 . 2010-06-30 05:17 -------- d-----w- c:\users\SACHIN\AppData\Roaming\GlarySoft
2010-06-30 05:14 . 2010-06-30 05:14 -------- d-----w- c:\program files\Glary Utilities
2010-06-30 04:50 . 2010-06-30 04:50 -------- d-----w- c:\program files\Sophos
2010-06-30 04:17 . 2007-01-18 12:00 3968 ----a-w- c:\windows\system32\drivers\AvgArCln.sys
2010-06-29 14:40 . 2010-06-29 14:40 -------- dc----w- c:\programdata\{9DF77379-A83D-46CF-968D-03CBC652096D}
2010-06-29 09:56 . 2010-05-21 08:44 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-06-29 09:52 . 2010-06-29 09:52 -------- d-----w- c:\program files\Microsoft.NET
2010-06-29 09:49 . 2009-03-08 11:32 72704 ----a-w- c:\windows\system32\admparse.dll
2010-06-29 09:23 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-06-29 07:52 . 2010-06-29 07:53 477184 ----a-w- c:\users\SACHIN\AppData\Roaming\Xilisoft\DVD Creator 6\x-dvd-creator6.exe
2010-06-29 07:36 . 2010-06-29 07:36 -------- d-----w- c:\users\SACHIN\AppData\Roaming\Publish Providers
2010-06-29 07:32 . 2010-06-29 07:32 -------- d-----w- c:\users\SACHIN\AppData\Local\Sony
2010-06-29 07:26 . 2010-06-29 07:26 -------- d-----w- c:\programdata\Sony
2010-06-29 07:23 . 2010-06-29 15:34 -------- d-----w- c:\users\SACHIN\AppData\Roaming\Sony
2010-06-29 06:50 . 2010-05-31 06:13 252008 ----a-w- c:\windows\system32\drivers\Rtlh86.sys
2010-06-29 06:50 . 2009-12-03 11:57 80416 ----a-w- c:\windows\system32\RtNicProp32.dll
2010-06-29 06:40 . 2010-06-29 06:42 2869784 ----a-w- c:\users\SACHIN\AppData\Roaming\Easeware\DriverEasy\drivers\1yjj4fol.do2\IN F_allOS_9.1.2.1007_PV.exe
2010-06-29 05:20 . 2010-07-01 10:34 -------- d-----w- c:\users\SACHIN\AppData\Roaming\Media Player Classic
2010-06-29 04:57 . 2010-03-15 09:31 165376 ----a-w- c:\windows\system32\unrar.dll
2010-06-29 04:57 . 2010-06-08 16:10 790528 ----a-w- c:\windows\system32\xvidcore.dll
2010-06-29 04:57 . 2010-06-08 16:10 134144 ----a-w- c:\windows\system32\xvidvfw.dll
2010-06-29 04:57 . 2010-06-02 08:00 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-06-29 04:57 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-06-29 04:57 . 2010-06-29 04:57 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-06-28 19:34 . 2010-06-29 04:54 -------- d-----w- c:\programdata\VistaCodecs
2010-06-28 19:01 . 2010-06-28 19:01 -------- d-----w- c:\programdata\Apple Computer
2010-06-28 18:53 . 2010-06-28 18:53 36864 ----a-w- c:\programdata\Temp\{E3D04529-6EDB-11D8-A372-0050BAE317E1}\PostBuild.exe
2010-06-28 18:52 . 2009-11-02 08:47 34088 ----a-w- c:\programdata\CyberLink\Power2Go\P2GoGadget.dll
2010-06-28 18:48 . 2010-06-28 18:48 53319 ----a-w- c:\programdata\Temp\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\PostBuild.exe
2010-06-28 13:04 . 2010-06-28 13:04 -------- d-----w- c:\users\SACHIN\AppData\Local\Ares
2010-06-28 13:03 . 2010-06-28 13:11 -------- d-----w- c:\program files\Ares
2010-06-28 12:46 . 2010-06-28 12:46 -------- d-----w- c:\users\SACHIN\AppData\Local\Xilisoft
2010-06-28 12:46 . 2010-06-28 12:46 -------- d-----w- c:\users\SACHIN\AppData\Roaming\Xilisoft
2010-06-28 12:44 . 2010-06-28 12:44 -------- d-----w- c:\program files\Xilisoft
2010-06-28 07:32 . 2010-06-28 07:32 -------- d-----w- c:\users\SACHIN\AppData\Roaming\InstallShield
2010-06-28 07:19 . 2010-06-28 07:29 -------- d-----w- c:\program files\Bitcomet Ultra Accelerator
2010-06-28 04:49 . 2010-06-28 04:49 -------- d-----w- c:\program files\Windows Portable Devices
2010-06-28 04:44 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2010-06-28 04:44 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2010-06-28 04:44 . 2009-10-01 01:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2010-06-28 04:44 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2010-06-28 04:44 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2010-06-28 04:44 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2010-06-28 04:44 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2010-06-28 04:44 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2010-06-28 04:44 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2010-06-28 04:44 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll
2010-06-28 04:44 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2010-06-28 04:44 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2010-06-28 04:43 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-06-28 04:43 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-06-28 04:43 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-06-27 05:18 . 2010-06-27 05:18 -------- d-----w- c:\users\SACHIN\Cyberlink
2010-06-27 03:59 . 2010-06-27 03:59 -------- d-----w- c:\users\SACHIN\AppData\Local\Power2Go
2010-06-26 19:09 . 2010-06-26 19:09 -------- d-----w- c:\program files\LimeWire Ultra Accelerator
2010-06-26 18:37 . 2010-06-28 04:34 -------- d-----w- c:\users\Public\CyberLink
2010-06-26 18:36 . 2010-06-28 19:13 53319 ----a-w- c:\programdata\Temp\{D36DD326-7280-11D8-97C8-000129760CBE}\PostBuild.exe
2010-06-26 18:33 . 2010-06-28 19:09 53319 ----a-w- c:\programdata\Temp\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\PostBuild.exe
2010-06-26 18:32 . 2010-06-28 19:08 36864 ----a-w- c:\programdata\Temp\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}\PostBuild.exe
2010-06-26 18:31 . 2010-06-28 19:06 36864 ----a-w- c:\programdata\Temp\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\PostBuild.exe
2010-06-26 18:30 . 2010-06-26 18:30 -------- d-----w- c:\program files\Common Files\CyberLink
2010-06-26 18:29 . 2010-06-28 19:03 53319 ----a-w- c:\programdata\Temp\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
2010-06-26 18:27 . 2010-06-26 18:27 -------- d-----w- c:\users\SACHIN\AppData\Local\Apple
2010-06-26 18:27 . 2010-06-26 18:27 -------- d-----w- c:\program files\Apple Software Update
2010-06-26 18:27 . 2010-06-26 18:27 -------- d-----w- c:\programdata\Apple
2010-06-26 18:22 . 2010-06-28 18:57 36864 ----a-w- c:\programdata\Temp\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\PostBuild.exe
2010-06-26 18:21 . 2010-06-28 18:53 36864 ----a-w- c:\programdata\Temp\{ADD5DB49-72CF-11D8-9D75-000129760D75}\PostBuild.exe
2010-06-26 18:19 . 2010-06-28 18:51 36864 ----a-w- c:\programdata\Temp\{40BF1E83-20EB-11D8-97C5-0009C5020658}\PostBuild.exe
2010-06-26 18:19 . 2010-06-28 18:26 -------- d-----w- c:\users\SACHIN\AppData\Roaming\CyberLink
2010-06-26 18:19 . 2010-06-28 19:13 -------- d-----w- c:\users\SACHIN\AppData\Local\Cyberlink
2010-06-26 18:16 . 2010-06-28 18:49 36864 ----a-w- c:\programdata\Temp\{80E158EA-7181-40FE-A701-301CE6BE64AB}\PostBuild.exe
2010-06-26 18:16 . 2010-06-28 19:13 -------- d-----w- c:\program files\CyberLink
2010-06-26 18:15 . 2010-06-28 19:36 -------- d-----w- c:\programdata\CyberLink
2010-06-26 18:11 . 2010-07-02 05:13 -------- d---a-w- c:\programdata\Temp
2010-06-26 18:11 . 2010-06-28 18:46 53319 ----a-w- c:\programdata\Temp\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\PostBuild.exe
2010-06-26 18:02 . 2010-06-26 18:02 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-06-26 18:01 . 2010-06-26 18:02 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-06-26 18:01 . 2010-06-26 18:10 -------- d-----w- c:\users\SACHIN\AppData\Roaming\DAEMON Tools Lite
2010-06-26 18:01 . 2010-06-26 18:01 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-06-26 17:37 . 2010-06-26 17:52 -------- d-----w- c:\program files\ZC DVD Creator Platinum
2010-06-26 17:02 . 2010-06-26 17:06 -------- d-----w- c:\users\SACHIN\AppData\Roaming\Ulead Systems
2010-06-26 16:55 . 2002-03-16 20:30 7420 ----a-w- c:\windows\UA000104.DLL
2010-06-26 16:54 . 2010-06-29 09:51 -------- d--h--w- c:\windows\msdownld.tmp
2010-06-26 16:54 . 2010-06-26 16:54 -------- d-----w- c:\program files\Windows Media Components
2010-06-26 16:53 . 2010-06-26 16:53 -------- d-----w- c:\program files\Common Files\LightScribe
2010-06-26 16:51 . 2010-06-26 17:02 -------- d-----w- c:\programdata\Ulead Systems
2010-06-26 16:51 . 2010-06-26 16:51 -------- d-----w- c:\program files\Corel
2010-06-26 15:28 . 2010-06-26 15:28 -------- d-----w- c:\windows\tiinst
2010-06-26 15:28 . 2010-06-26 15:28 -------- d-----w- C:\Dell
2010-06-26 14:04 . 2010-06-26 14:04 274472 ----a-w- c:\windows\system32\drivers\btwampfl.sys
2010-06-26 12:59 . 2009-07-14 17:45 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2010-06-26 12:59 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2010-06-26 12:58 . 2010-06-26 14:02 68070224 ----a-w- c:\users\SACHIN\AppData\Roaming\Easeware\DriverEasy\drivers\yoqvili5.cht\se tupBTW_6.3.0.3102_DELL_BY_514_517.exe
2010-06-26 12:58 . 2010-01-21 10:36 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2010-06-26 12:58 . 2010-01-21 10:36 230448 ----a-w- c:\windows\system32\drivers\SynTP.sys
2010-06-26 12:58 . 2010-01-21 10:36 161064 ----a-w- c:\windows\system32\SynTPAPI.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-01 14:04 . 2006-11-02 10:25 51200 ----a-w- c:\windows\inf\infpub.dat
2010-07-01 14:04 . 2006-11-02 10:25 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-07-01 14:04 . 2006-11-02 10:25 86016 ----a-w- c:\windows\inf\infstor.dat
2010-07-01 11:03 . 2010-07-01 11:00 -------- d-----w- c:\program files\Spyware Doctor
2010-07-01 11:01 . 2010-07-01 11:00 -------- d-----w- c:\program files\Common Files\PC Tools
2010-07-01 11:00 . 2010-07-01 11:00 -------- d-----w- c:\users\SACHIN\AppData\Roaming\PC Tools
2010-07-01 11:00 . 2010-07-01 11:00 -------- d-----w- c:\programdata\PC Tools
2010-06-28 19:03 . 2009-10-14 07:30 505128 ----a-w- c:\windows\system32\msvcp71.dll
2010-06-28 19:03 . 2009-01-08 07:43 353576 ----a-w- c:\windows\system32\msvcr71.dll
2010-06-28 04:49 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-06-28 04:48 . 2010-06-28 04:48 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-06-26 15:28 . 2010-06-26 15:21 -------- d--h--w- c:\program files\Temp
2010-06-26 13:00 . 2010-06-26 13:00 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf
2010-06-26 13:00 . 2010-06-26 13:00 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-06-25 13:41 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-06-21 14:44 . 2010-06-21 14:44 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2010-05-04 05:59 . 2010-06-29 09:50 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-06-29 09:50 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-05-04 05:55 . 2010-06-29 09:50 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-05-04 04:31 . 2010-06-29 09:50 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-04-30 11:55 . 2010-06-26 15:21 1775136 ----a-w- c:\windows\system32\RtkPgExt.dll
2010-04-30 11:54 . 2010-06-26 15:21 367136 ----a-w- c:\windows\system32\RtkApoApi.dll
2010-04-30 11:29 . 2010-06-26 15:21 3086752 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2010-04-27 15:21 . 2010-06-26 15:21 1738072 ----a-w- c:\windows\system32\WavesGUILib.dll
2010-04-27 15:21 . 2010-06-26 15:21 253272 ----a-w- c:\windows\system32\MaxxVolumeSDAPO.dll
2010-04-27 15:21 . 2010-06-26 15:21 253784 ----a-w- c:\windows\system32\MaxxAudioAPO30.dll
2010-04-27 15:21 . 2010-06-26 15:21 1312088 ----a-w- c:\windows\system32\MaxxAudioRealtek.dll
2010-04-27 08:20 . 2010-06-26 15:21 299424 ----a-w- c:\windows\system32\FMAPO.dll
2010-04-16 16:43 . 2010-06-24 15:52 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll
2010-04-16 16:43 . 2010-06-24 15:52 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll
2010-04-16 16:43 . 2010-06-24 15:52 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll
2010-04-16 16:43 . 2010-06-24 15:52 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll
2010-04-14 12:25 . 2010-06-26 15:21 232792 ----a-w- c:\windows\system32\MaxxAudioAPO20.dll
2010-04-08 08:59 . 2010-07-01 11:00 63360 ----a-w- c:\windows\system32\drivers\pctplsg.sys
.

------- Sigcheck -------

[-] 2008-01-21 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\System32\drivers\asyncmac.sys

[-] 2008-01-21 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\System32\drivers\null.sys

[-] 2008-01-21 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\System32\browser.dll

[-] 2009-06-15 . 3978F3540329E16C0AC3BCF677E5669F . 9728 . . [6.0.6000.16386] . . c:\windows\System32\lsass.exe

[-] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\System32\netman.dll

[-] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\System32\qmgr.dll

[-] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6000.16386] . . c:\windows\System32\rpcss.dll

[-] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\System32\services.exe

[-] 2009-04-11 . 524BFBEA40E6E404737CCBC754647A2E . 127488 . . [6.0.6000.16386] . . c:\windows\System32\spoolsv.exe

[-] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\System32\winlogon.exe

[-] 2008-01-21 . 50CDFD99E606D172875E73B87C64053D . 531968 . . [5.82] . . c:\windows\System32\comctl32.dll

[-] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6000.16386] . . c:\windows\System32\cryptsvc.dll

[-] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\System32\es.dll

[-] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\System32\imm32.dll

[-] 2009-04-11 . BB8509089E7DF514310814E1B2593FFC . 891392 . . [6.0.6001.18000] . . c:\windows\System32\kernel32.dll

[-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\System32\linkinfo.dll

[-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\System32\lpk.dll

[-] 2010-05-04 . B1E862448C38B0F70139BC28F67332DE . 5950976 . . [8.00.6001.18702] . . c:\windows\System32\mshtml.dll

[-] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\System32\msvcrt.dll

[-] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6000.16386] . . c:\windows\System32\mswsock.dll

[-] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\System32\netlogon.dll

[-] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\System32\powrprof.dll

[-] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\System32\scecli.dll

[-] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\sfc.dll

[-] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6000.16386] . . c:\windows\System32\svchost.exe

[-] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\System32\tapisrv.dll

[-] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\System32\user32.dll

[-] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\System32\userinit.exe

[-] 2010-05-04 . F317362AEB06140E7FB1B29331FDC038 . 916480 . . [8.00.6001.18702] . . c:\windows\System32\wininet.dll

[-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\System32\ws2_32.dll

[-] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ws2help.dll

[-] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\explorer.exe

[-] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\System32\ctfmon.exe

[-] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll

[-] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\System32\regsvc.dll

[-] 2009-04-11 . 323AE0BDFD2EB15B668DDA50CC597329 . 595456 . . [6.0.6001.18000] . . c:\windows\System32\schedsvc.dll

[-] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\System32\ssdpsrv.dll

[-] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\System32\termsrv.dll

[-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\System32\ias.dll

[-] 2006-11-02 09:46 . BA8639F9EB0F74F2946DE6DE1AF4691F . 924944 . . [4.1.6140] . . c:\windows\System32\mfc40u.dll

[-] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\System32\upnphost.dll

[-] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\System32\dsound.dll

[-] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\System32\d3d9.dll

[-] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\System32\ddraw.dll

[-] 2009-04-11 13:18 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\System32\olepro32.dll

[-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\System32\perfctrs.dll

c:\windows\System32\drivers\beep.sys ... is missing !!
c:\windows\System32\srsvc.dll ... is missing !!
c:\windows\System32\wscntfy.exe ... is missing !!
c:\windows\System32\xmlprov.dll ... is missing !!
c:\windows\System32\eventlog.dll ... is missing !!
c:\windows\System32\sfcfiles.dll ... is missing !!
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"BitComet"="c:\program files\BitComet\BitComet.exe" [2010-05-28 3085104]
"DriverMax_RESTART"="c:\program files\Innovative Solutions\DriverMax\devices.exe" [2010-03-01 9216928]
"googletalk"="c:\users\SACHIN\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"ares"="c:\program files\Ares\Ares.exe" [2010-02-08 1015808]
"Registry Cleaner Scheduler"="c:\program files\CleanMyPC\Registry Cleaner\RCHelper.exe" [2008-03-02 913664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"VAIOCameraUtility"="c:\program files\Sony\VAIO Camera Utility\VCUServe.exe" [2007-05-28 415864]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-01-21 1594664]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-30 9210400]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2010-04-30 1833504]
"IObit Security 360"="c:\program files\IObit\IObit Security 360\IS360tray.exe" [2010-06-11 1280344]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2009-04-27 50472]
"BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2009-09-01 75048]

c:\users\SACHIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2007-6-1 49152]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bitcomet Ultra Accelerator.lnk - c:\program files\Bitcomet Ultra Accelerator\BitComet Ultra Accelerator.exe [2010-6-22 260096]
LimeWire Ultra Accelerator.lnk - c:\program files\LimeWire Ultra Accelerator\LimeWire Ultra Accelerator.exe [2010-6-4 260096]
Orbit.lnk - c:\program files\Orbitdownloader\orbitdm.exe [2010-6-24 1809680]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\syste m]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInf o]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavaso ft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSv c]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Tablet InputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Truste dInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr .sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr x.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDef end]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1 FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D4817 9BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE 5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):62,22,80,d4,a9,ba,c9,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Logg ing]
"LogFileSize"= 4096 (0x1000)
"LogFilePath"= %systemroot%\system32\LogFiles\Firewall\pfirewall.log

R0 CLFS;Common Log (CLFS);c:\windows\System32\clfs.sys [11-04-2009 18:48 245736]
R0 Ecache;ReadyBoost Caching Driver;c:\windows\System32\drivers\ecache.sys [11-04-2009 18:48 141288]
R0 FileInfo;File Information FS MiniFilter;c:\windows\System32\drivers\fileinfo.sys [21-01-2008 07:54 58936]
R0 msisadrv;ISA/EISA Class Driver;c:\windows\System32\drivers\msisadrv.sys [21-01-2008 07:53 16440]
R0 PCTCore;PCTools KDS;c:\windows\System32\drivers\PCTCore.sys [01-07-2010 16:30 218592]
R0 spldr;Security Processor Loader Driver;c:\windows\System32\drivers\spldr.sys [21-01-2008 07:54 21048]
R0 volmgr;Volume Manager Driver;c:\windows\System32\drivers\volmgr.sys [21-01-2008 07:53 52792]
R0 volmgrx;Dynamic Volume Manager;c:\windows\System32\drivers\volmgrx.sys [11-04-2009 18:48 292840]
R1 aswSP;aswSP;c:\windows\System32\drivers\aswSP.sys [22-06-2010 11:44 165456]
R1 DfsC;DFS Namespace Client Driver;c:\windows\System32\drivers\dfsc.sys [11-04-2009 18:48 75264]
R1 nsiproxy;NSI proxy service;c:\windows\System32\drivers\nsiproxy.sys [21-01-2008 07:54 16384]
R1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\System32\drivers\RDPENCDD.sys [21-01-2008 07:54 6144]
R1 Smb;Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session);c:\windows\System32\drivers\smb.sys [11-04-2009 18:48 66560]
R1 tdx;NetIO Legacy TDI Support Driver;c:\windows\System32\drivers\tdx.sys [11-04-2009 18:48 72192]
R1 Wanarpv6;Remote Access IPv6 ARP Driver;c:\windows\System32\drivers\wanarp.sys [21-01-2008 07:54 62464]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/06/29 00:35];c:\program files\CyberLink\PowerDVD9\000.fcl [01-09-2009 16:59 87536]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [22-06-2010 11:44 17744]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [22-06-2010 11:44 50256]
R2 AudioEndpointBuilder;Windows Audio Endpoint Builder;c:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [21-01-2008 07:53 21504]
R2 BFE;Base Filtering Engine;c:\windows\system32\svchost.exe -k LocalServiceNoNetwork [21-01-2008 07:53 21504]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [01-07-2010 16:30 112592]
R2 DPS;Diagnostic Policy Service;c:\windows\System32\svchost.exe -k LocalServiceNoNetwork [21-01-2008 07:53 21504]
R2 EMDMgmt;ReadyBoost;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [21-01-2008 07:53 21504]
R2 FDResPub;Function Discovery Resource Publication;c:\windows\system32\svchost.exe -k LocalService [21-01-2008 07:53 21504]
R2 gpsvc;Group Policy Client;c:\windows\system32\svchost.exe -k GPSvcGroup [21-01-2008 07:53 21504]
R2 IKEEXT;IKE and AuthIP IPsec Keying Modules;c:\windows\system32\svchost.exe -k netsvcs [21-01-2008 07:53 21504]
R2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\is360srv.exe [27-06-2010 00:15 312152]
R2 KtmRm;KtmRm for Distributed Transaction Coordinator;c:\windows\System32\svchost.exe -k NetworkService [21-01-2008 07:53 21504]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\System32\drivers\lltdio.sys [21-01-2008 07:54 47104]
R2 luafv;UAC File Virtualization;c:\windows\System32\drivers\luafv.sys [21-01-2008 07:54 84480]
R2 MMCSS;Multimedia Class Scheduler;c:\windows\system32\svchost.exe -k netsvcs [21-01-2008 07:53 21504]
R2 netprofm;Network List Service;c:\windows\System32\svchost.exe -k LocalService [21-01-2008 07:53 21504]
R2 NlaSvc;Network Location Awareness;c:\windows\System32\svchost.exe -k NetworkService [21-01-2008 07:53 21504]
R2 nsi;Network Store Interface Service;c:\windows\system32\svchost.exe -k LocalService [21-01-2008 07:53 21504]
R2 PcaSvc;Program Compatibility Assistant Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [21-01-2008 07:53 21504]
R2 PEAUTH;PEAUTH;c:\windows\System32\drivers\PEAuth.sys [02-11-2006 14:34 878080]
R2 ProfSvc;User Profile Service;c:\windows\system32\svchost.exe -k netsvcs [21-01-2008 07:53 21504]
R2 slsvc;Software Licensing;c:\windows\System32\SLsvc.exe [11-04-2009 18:48 3408896]
R2 SysMain;Superfetch;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [21-01-2008 07:53 21504]
R2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\System32\drivers\tcpipreg.sys [24-06-2010 21:22 30720]
R2 UxSms;Desktop Window Manager Session Manager;c:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [21-01-2008 07:53 21504]
R2 WerSvc;Windows Error Reporting Service;c:\windows\System32\svchost.exe -k WerSvcGroup [21-01-2008 07:53 21504]
R2 WinDefend;Windows Defender;c:\windows\System32\svchost.exe -k secsvcs [21-01-2008 07:53 21504]
R2 Wlansvc;WLAN AutoConfig;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [21-01-2008 07:53 21504]
R2 WPDBusEnum;Portable Device Enumerator Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [21-01-2008 07:53 21504]
R3 Appinfo;Application Information;c:\windows\system32\svchost.exe -k netsvcs [21-01-2008 07:53 21504]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\System32\drivers\athrusb.sys [29-07-2008 04:45 904192]
R3 bowser;Bowser;c:\windows\System32\drivers\bowser.sys [21-01-2008 07:53 69632]
R3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [28-06-2010 10:15 634880]
R3 fdPHost;Function Discovery Provider Host;c:\windows\system32\svchost.exe -k LocalService [21-01-2008 07:53 21504]
R3 iScsiPrt;iScsiPort Driver;c:\windows\System32\drivers\msiscsi.sys [11-04-2009 18:48 180712]
R3 KeyIso;CNG Key Isolation;c:\windows\System32\lsass.exe [25-06-2010 12:36 9728]
R3 monitor;Microsoft Monitor Class Function Driver Service;c:\windows\System32\drivers\monitor.sys [21-01-2008 07:53 41984]
R3 mrxsmb10;SMB 1.x MiniRedirector;c:\windows\System32\drivers\mrxsmb10.sys [24-06-2010 08:28 212992]
R3 mrxsmb20;SMB 2.0 MiniRedirector;c:\windows\System32\drivers\mrxsmb20.sys [24-06-2010 08:28 79360]
R3 NativeWifiP;NativeWiFi Filter;c:\windows\System32\drivers\nwifi.sys [11-04-2009 18:48 148480]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [01-07-2010 19:33 6630912]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\System32\drivers\R5U870FLx86.sys [21-06-2010 20:14 73472]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\System32\drivers\R5U870FUx86.sys [21-06-2010 20:14 43904]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys [21-06-2010 20:21 9344]
R3 srv2;srv2;c:\windows\System32\drivers\srv2.sys [23-06-2010 12:57 144896]
R3 srvnet;srvnet;c:\windows\System32\drivers\srvnet.sys [25-06-2010 12:39 98816]
R3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21sony.sys [30-06-2010 12:45 818688]
R3 umbus;UMBus Enumerator Driver;c:\windows\System32\drivers\umbus.sys [21-01-2008 07:53 34816]
R3 WdiSystemHost;Diagnostic System Host;c:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [21-01-2008 07:53 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-03-2010 13:16 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [22-06-2010 11:44 136176]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [04-02-2010 21:22 1352832]
S2 TBS;TPM Base Services;c:\windows\System32\svchost.exe -k LocalService [21-01-2008 07:53 21504]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\System32\drivers\BrFiltLo.sys [02-11-2006 15:08 13568]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\System32\drivers\BrFiltUp.sys [02-11-2006 15:07 5248]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\System32\drivers\btwampfl.sys [26-06-2010 19:34 274472]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [26-06-2010 17:46 29472]
S3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver;c:\windows\System32\drivers\E1G60I32.sys [21-01-2008 07:53 118784]
S3 Filetrace;FileTrace;c:\windows\System32\drivers\filetrace.sys [21-01-2008 07:54 27648]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21-01-2008 07:53 21504]
S3 IPBusEnum;PnP-X IP Bus Enumerator;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [21-01-2008 07:53 21504]
S3 lltdsvc;Link-Layer Topology Discovery Mapper;c:\windows\System32\svchost.exe -k LocalService [21-01-2008 07:53 21504]
S3 mpsdrv;Windows Firewall Authorization Driver;c:\windows\System32\drivers\mpsdrv.sys [21-01-2008 07:54 64000]
S3 MSiSCSI;Microsoft iSCSI Initiator Service;c:\windows\system32\svchost.exe -k netsvcs [21-01-2008 07:53 21504]
S3 MsRPC;MsRPC;c:\windows\System32\drivers\msrpc.sys [11-04-2009 18:48 161752]
S3 pla;Performance Logs & Alerts;c:\windows\System32\svchost.exe -k LocalServiceNoNetwork [21-01-2008 07:53 21504]
S3 PNRPAutoReg;PNRP Machine Name Publication Service;c:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted [21-01-2008 07:53 21504]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [01-07-2010 16:30 366840]
S3 SDRSVC;Windows Backup;c:\windows\system32\svchost.exe -k SDRSVC [21-01-2008 07:53 21504]
S3 SessionEnv;Terminal Services Configuration;c:\windows\System32\svchost.exe -k netsvcs [21-01-2008 07:53 21504]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC;c:\windows\System32\drivers\sffp_mmc.sys [02-11-2006 14:21 12288]
S3 SLUINotify;SL UI Notification Service;c:\windows\system32\svchost.exe -k LocalService [21-01-2008 07:53 21504]
S3 THREADORDER;Thread Ordering Server;c:\windows\system32\svchost.exe -k LocalService [21-01-2008 07:53 21504]
S3 TrustedInstaller;Windows Modules Installer;c:\windows\servicing\TrustedInstaller.exe [11-04-2009 18:48 39424]
S3 tssecsrv;Terminal Services Security Filter Driver;c:\windows\System32\drivers\tssecsrv.sys [21-01-2008 07:54 23552]
S3 tunnel;Microsoft IPv6 Tunnel Miniport Adapter Driver;c:\windows\System32\drivers\tunnel.sys [24-06-2010 21:22 25088]
S3 UI0Detect;Interactive Services Detection;c:\windows\System32\UI0Detect.exe [21-01-2008 07:54 35840]
S3 uliagpkx;Uli AGP Bus Filter;c:\windows\System32\drivers\ULIAGPKX.SYS [02-11-2006 14:05 60984]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [28-06-2010 13:08 722288]
S3 wcncsvc;Windows Connect Now - Config Registrar;c:\windows\System32\svchost.exe -k LocalService [21-01-2008 07:53 21504]
S3 WcsPlugInService;Windows Color System;c:\windows\system32\svchost.exe -k wcssvc [21-01-2008 07:53 21504]
S3 WdiServiceHost;Diagnostic Service Host;c:\windows\System32\svchost.exe -k wdisvc [21-01-2008 07:53 21504]
S3 Wecsvc;Windows Event Collector;c:\windows\system32\svchost.exe -k NetworkService [21-01-2008 07:53 21504]
S3 wercplsupport;Problem Reports and Solutions Control Panel Support;c:\windows\System32\svchost.exe -k netsvcs [21-01-2008 07:53 21504]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\System32\svchost.exe -k NetworkService [21-01-2008 07:53 21504]
S3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted [21-01-2008 07:53 21504]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v040 0.exe [18-03-2010 13:16 753504]
S4 adp94xx;adp94xx;c:\windows\System32\drivers\adp94xx.sys [02-11-2006 13:06 422968]
S4 adpahci;adpahci;c:\windows\System32\drivers\adpahci.sys [02-11-2006 13:06 300600]
S4 arcsas;arcsas;c:\windows\System32\drivers\arcsas.sys [02-11-2006 13:06 79928]
S4 blbdrive;blbdrive;c:\windows\System32\drivers\blbdrive.sys [21-01-2008 08:41 45568]
S4 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\drivers\BrSerId.sys [02-11-2006 14:52 71808]
S4 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\drivers\BrSerWdm.sys [02-11-2006 15:06 62336]
S4 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\drivers\BrUsbMdm.sys [02-11-2006 15:07 12160]
S4 CertPropSvc;Certificate Propagation;c:\windows\system32\svchost.exe -k netsvcs [21-01-2008 07:53 21504]
S4 circlass;Consumer IR Devices;c:\windows\System32\drivers\circlass.sys [02-11-2006 14:25 35328]
S4 Crusoe;Transmeta Crusoe Processor Driver;c:\windows\System32\drivers\crusoe.sys [02-11-2006 14:00 40960]
S4 DFSR;DFS Replication;c:\windows\System32\dfsr.exe [11-04-2009 18:48 2092544]
S4 elxstor;elxstor;c:\windows\System32\drivers\elxstor.sys [02-11-2006 13:06 342584]
S4 HpCISSs;HpCISSs;c:\windows\System32\drivers\HpCISSs.sys [02-11-2006 13:06 69096]
S4 iaStorV;Intel RAID Controller Vista;c:\windows\System32\drivers\iaStorV.sys [02-11-2006 13:06 235064]
S4 iphlpsvc;IP Helper;c:\windows\System32\svchost.exe -k NetSvcs [21-01-2008 07:53 21504]
S4 IPMIDRV;IPMIDRV;c:\windows\System32\drivers\IPMIDrv.sys [02-11-2006 14:12 64512]
S4 iteraid;ITERAID_Service_Install;c:\windows\System32\drivers\iteraid.sys [02-11-2006 13:06 35944]
S4 LSI_FC;LSI_FC;c:\windows\System32\drivers\lsi_fc.sys [02-11-2006 13:06 96312]
S4 LSI_SAS;LSI_SAS;c:\windows\System32\drivers\lsi_sas.sys [02-11-2006 13:06 89656]
S4 LSI_SCSI;LSI_SCSI;c:\windows\System32\drivers\lsi_scsi.sys [21-01-2008 07:53 96312]
S4 Mcx2Svc;Windows Media Center Extender Service;c:\windows\system32\svchost.exe -k LocalService [21-01-2008 07:53 21504]
S4 megasas;megasas;c:\windows\System32\drivers\megasas.sys [02-11-2006 13:06 31288]
S4 mpio;Microsoft Multi-Path Bus Driver;c:\windows\System32\drivers\mpio.sys [02-11-2006 14:22 107496]
S4 MpsSvc;Windows Firewall;c:\windows\system32\svchost.exe -k LocalServiceNoNetwork [21-01-2008 07:53 21504]
S4 msahci;msahci;c:\windows\System32\drivers\msahci.sys [02-11-2006 14:21 27112]
S4 msdsm;Microsoft Multi-Path Device Specific Module;c:\windows\System32\drivers\msdsm.sys [02-11-2006 14:22 93160]
S4 nfrd960;nfrd960;c:\windows\System32\drivers\nfrd960.sys [02-11-2006 13:06 45160]
S4 ntrigdigi;N-trig HID Tablet Driver;c:\windows\System32\drivers\ntrigdigi.sys [02-11-2006 13:06 20608]
S4 nvstor;nvstor;c:\windows\System32\drivers\nvstor.sys [02-11-2006 13:06 45112]
S4 ql2300;QLogic Fibre Channel Miniport Driver;c:\windows\System32\drivers\ql2300.sys [02-11-2006 13:06 1122360]
S4 ql40xx;QLogic iSCSI Miniport Driver;c:\windows\System32\drivers\ql40xx.sys [02-11-2006 13:06 106088]
S4 SCPolicySvc;Smart Card Removal Policy;c:\windows\system32\svchost.exe -k netsvcs [21-01-2008 07:53 21504]
S4 SiSRaid4;SiSRaid4;c:\windows\System32\drivers\sisraid4.sys [02-11-2006 13:06 74808]
S4 sptd;sptd;c:\windows\System32\drivers\sptd.sys [26-06-2010 23:32 691696]
S4 TabletInputService;Tablet PC Input Service;c:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [21-01-2008 07:53 21504]
S4 uliahci;uliahci;c:\windows\System32\drivers\uliahci.sys [02-11-2006 13:06 238648]
S4 ulsata2;ulsata2;c:\windows\System32\drivers\ulsata2.sys [02-11-2006 13:06 115816]
S4 usbcir;eHome Infrared Receiver (USBCIR);c:\windows\System32\drivers\usbcir.sys [02-11-2006 14:25 68608]
S4 ViaC7;VIA C7 Processor Driver;c:\windows\System32\drivers\viac7.sys [02-11-2006 14:00 41472]
S4 vsmraid;vsmraid;c:\windows\System32\drivers\vsmraid.sys [02-11-2006 13:06 130616]
S4 WacomPen;Wacom Serial Pen HID Driver;c:\windows\System32\drivers\wacompen.sys [02-11-2006 14:22 20608]
S4 Wd;Microsoft Watchdog Timer Driver;c:\windows\System32\drivers\wd.sys [02-11-2006 14:24 22072]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
NetworkServiceNetworkRestricted REG_MULTI_SZ PolicyAgent
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc ehstart
WerSvcGroup REG_MULTI_SZ wersvc
swprv REG_MULTI_SZ swprv
regsvc REG_MULTI_SZ RemoteRegistry
wcssvc REG_MULTI_SZ WcsPlugInService
DcomLaunch REG_MULTI_SZ PlugPlay DcomLaunch
wdisvc REG_MULTI_SZ WdiServiceHost
sdrsvc REG_MULTI_SZ sdrsvc
secsvcs REG_MULTI_SZ WinDefend
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
GPSvcGroup REG_MULTI_SZ GPSvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
wercplsupport
CertPropSvc
SCPolicySvc
gpsvc
IKEEXT
LogonHours
PCAudit
iphlpsvc
AppInfo
msiscsi
MMCSS
ProfSvc
EapHost
SessionEnv

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
2009-09-10 14:58 310784 ----a-w- c:\windows\System32\unregmp2.exe
.
Contents of the 'Scheduled Tasks' folder

2010-07-02 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 10:43]

2010-07-02 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-06-23 08:41]

2010-07-02 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-06-23 07:44]

2010-07-01 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2010-06-23 11:50]

2010-07-02 c:\windows\Tasks\DriverCure Startup.job
- c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2009-02-27 06:30]

2010-06-29 c:\windows\Tasks\DriverCure.job
- c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2009-02-27 06:30]

2010-07-02 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-06-30 05:44]

2010-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-22 06:14]

2010-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-22 06:14]

2010-07-01 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-13 14:59]

2010-07-01 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2010-04-06 21:30]

2010-06-24 c:\windows\Tasks\ParetoLogic Update Version2.job
- c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 14:59]

2010-06-22 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2010-04-06 21:30]

2010-07-01 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2010-05-19 07:15]

2010-06-22 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2010-05-19 07:15]

2010-06-23 c:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2010-06-23 07:27]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.orbitdownloader.com
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: Send image to &Bluetooth Device... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-sacsvr

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-02 11:03
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwEnumerateKey, ZwQueryKey, ZwOpenKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile, ZwQueryDirectoryFile, ZwQuerySystemInformation

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2010-07-02 11:09:24
ComboFix-quarantined-files.txt 2010-07-02 05:39

Pre-Run: 138,053,484,544 bytes free
Post-Run: 138,619,809,792 bytes free

Current=1 Default=1 Failed=0 LastKnownGood=10 Sets=1,2,3,4,5,6,7,8,9,10
- - End Of File - - 413BC94C81637E7AEE7BA8C76305055C

Rorschach112 · 02-Jul-2010, 08:08 AM #4

you need to let combofix install the recovery console

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

Quote:

File::

Folder::

Registry::

Driver::
Restore::
c:\windows\system32\drivers\beep.sys
c:\windows\system32\srsvc.dll

MIA::
c:\windows\System32\drivers\beep.sys
c:\windows\System32\srsvc.dll
c:\windows\System32\wscntfy.exe
c:\windows\System32\xmlprov.dll
c:\windows\System32\eventlog.dll
c:\windows\System32\sfcfiles.dll
FixCSet::

Save this as CFScript.txt, in the same location as ComboFix.exe

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

leo92 · 03-Jul-2010, 05:44 AM #5

here is the log:

ComboFix 10-07-01.02 - SACHIN 03-07-2010 14:51:40.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.91.1033.18.2046.1122 [GMT 5.5:30]
Running from: c:\users\SACHIN\Desktop\ComboFix.exe
Command switches used :: c:\users\SACHIN\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

Infected copy of c:\windows\system32\drivers\beep.sys was found and disinfected
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys

c:\windows\system32\srsvc.dll . . . is infected!!

c:\windows\System32\srsvc.dll . . . is missing!!

c:\windows\System32\wscntfy.exe . . . is missing!!

c:\windows\System32\xmlprov.dll . . . is missing!!

c:\windows\System32\eventlog.dll . . . is missing!!

c:\windows\System32\sfcfiles.dll . . . is missing!!

.
((((((((((((((((((((((((( Files Created from 2010-06-03 to 2010-07-03 )))))))))))))))))))))))))))))))
.

2010-07-03 09:18 . 2008-01-21 02:23 6144 ----a-w- c:\windows\system32\drivers\beep.sys
2010-07-03 05:13 . 2010-07-03 05:19 -------- d-----w- c:\windows\$regcmp$
2010-07-01 17:44 . 2010-07-01 17:57 -------- d-----w- c:\program files\Need for Speed Carbon
2010-07-01 15:26 . 2010-07-01 15:26 -------- d-----w- c:\program files\uTorrent
2010-07-01 15:25 . 2010-07-01 15:31 -------- d-----w- c:\users\SACHIN\AppData\Roaming\uTorrent
2010-07-01 14:03 . 2010-05-17 17:23 6630912 ----a-w- c:\windows\system32\drivers\NETw5v32.sys
2010-07-01 10:54 . 2010-07-01 10:47 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-07-01 10:47 . 2010-07-01 10:47 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-07-01 10:36 . 2010-07-01 10:36 -------- dc-h--w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-07-01 10:36 . 2010-02-04 15:53 2954656 -c--a-w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe
2010-07-01 10:35 . 2010-07-01 10:39 -------- d-----w- c:\programdata\Lavasoft
2010-07-01 10:35 . 2010-07-01 10:36 -------- d-----w- c:\program files\Lavasoft
2010-07-01 08:13 . 2010-07-01 08:13 1152 ----a-w- c:\windows\system32\windrv.sys
2010-07-01 08:00 . 2010-07-01 08:00 -------- d-----w- c:\users\SACHIN\AppData\Roaming\CleanMyPC Software
2010-07-01 08:00 . 2010-07-01 08:00 -------- d-----w- c:\program files\CleanMyPC
2010-06-30 08:28 . 2010-06-30 08:28 0 ----a-w- c:\windows\ativpsrm.bin
2010-06-30 08:04 . 2008-06-02 22:04 262144 ----a-w- c:\windows\system32\Oemdspif.dll
2010-06-30 08:04 . 2008-06-02 21:18 10043392 ----a-w- c:\windows\system32\atioglxx.dll
2010-06-30 08:04 . 2008-06-03 00:52 3695104 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-06-30 08:04 . 2008-04-28 15:39 172033 ----a-w- c:\windows\system32\atiicdxx.dat
2010-06-30 08:04 . 2008-03-05 19:08 90112 ----a-w- c:\windows\system32\atibrtmon.exe
2010-06-30 08:04 . 2008-06-02 21:19 32256 ----a-w- c:\windows\system32\atiadlxx.dll
2010-06-30 08:04 . 2008-06-02 21:04 49152 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-06-30 08:04 . 2008-06-02 21:20 49664 ----a-w- c:\windows\system32\amdpcom32.dll
2010-06-30 07:42 . 2010-06-30 07:42 -------- d-----w- c:\program files\Trend Micro
2010-06-30 07:15 . 2007-11-16 15:31 818688 ----a-w- c:\windows\system32\drivers\ti21sony.sys
2010-06-30 06:25 . 2010-06-30 06:25 -------- d-----w- c:\users\SACHIN\AppData\Roaming\Malwarebytes
2010-06-30 06:25 . 2010-04-29 10:09 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-30 06:25 . 2010-04-29 10:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-30 06:25 . 2010-06-30 06:25 -------- d-----w- c:\programdata\Malwarebytes
2010-06-30 06:25 . 2010-06-30 07:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-30 05:17 . 2010-06-30 05:17 -------- d-----w- c:\users\SACHIN\AppData\Roaming\GlarySoft
2010-06-30 05:14 . 2010-06-30 05:14 -------- d-----w- c:\program files\Glary Utilities
2010-06-30 04:50 . 2010-06-30 04:50 -------- d-----w- c:\program files\Sophos
2010-06-30 04:17 . 2007-01-18 12:00 3968 ----a-w- c:\windows\system32\drivers\AvgArCln.sys
2010-06-29 14:40 . 2010-06-29 14:40 -------- dc----w- c:\programdata\{9DF77379-A83D-46CF-968D-03CBC652096D}
2010-06-29 09:56 . 2010-05-21 08:44 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-06-29 09:52 . 2010-06-29 09:52 -------- d-----w- c:\program files\Microsoft.NET
2010-06-29 09:49 . 2009-03-08 11:32 72704 ----a-w- c:\windows\system32\admparse.dll
2010-06-29 09:23 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-06-29 07:52 . 2010-06-29 07:53 477184 ----a-w- c:\users\SACHIN\AppData\Roaming\Xilisoft\DVD Creator 6\x-dvd-creator6.exe
2010-06-29 07:36 . 2010-06-29 07:36 -------- d-----w- c:\users\SACHIN\AppData\Roaming\Publish Providers
2010-06-29 07:32 . 2010-06-29 07:32 -------- d-----w- c:\users\SACHIN\AppData\Local\Sony
2010-06-29 07:26 . 2010-06-29 07:26 -------- d-----w- c:\programdata\Sony
2010-06-29 07:23 . 2010-06-29 15:34 -------- d-----w- c:\users\SACHIN\AppData\Roaming\Sony
2010-06-29 06:50 . 2010-05-31 06:13 252008 ----a-w- c:\windows\system32\drivers\Rtlh86.sys
2010-06-29 06:50 . 2009-12-03 11:57 80416 ----a-w- c:\windows\system32\RtNicProp32.dll
2010-06-29 06:40 . 2010-06-29 06:42 2869784 ----a-w- c:\users\SACHIN\AppData\Roaming\Easeware\DriverEasy\drivers\1yjj4fol.do2\IN F_allOS_9.1.2.1007_PV.exe
2010-06-29 05:20 . 2010-07-03 07:44 -------- d-----w- c:\users\SACHIN\AppData\Roaming\Media Player Classic
2010-06-29 04:57 . 2010-03-15 09:31 165376 ----a-w- c:\windows\system32\unrar.dll
2010-06-29 04:57 . 2010-06-08 16:10 790528 ----a-w- c:\windows\system32\xvidcore.dll
2010-06-29 04:57 . 2010-06-08 16:10 134144 ----a-w- c:\windows\system32\xvidvfw.dll
2010-06-29 04:57 . 2010-06-02 08:00 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-06-29 04:57 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-06-29 04:57 . 2010-06-29 04:57 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-06-28 19:34 . 2010-06-29 04:54 -------- d-----w- c:\programdata\VistaCodecs
2010-06-28 19:01 . 2010-06-28 19:01 -------- d-----w- c:\programdata\Apple Computer
2010-06-28 18:53 . 2010-06-28 18:53 36864 ----a-w- c:\programdata\Temp\{E3D04529-6EDB-11D8-A372-0050BAE317E1}\PostBuild.exe
2010-06-28 18:52 . 2009-11-02 08:47 34088 ----a-w- c:\programdata\CyberLink\Power2Go\P2GoGadget.dll
2010-06-28 18:48 . 2010-06-28 18:48 53319 ----a-w- c:\programdata\Temp\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\PostBuild.exe
2010-06-28 13:04 . 2010-06-28 13:04 -------- d-----w- c:\users\SACHIN\AppData\Local\Ares
2010-06-28 13:03 . 2010-06-28 13:11 -------- d-----w- c:\program files\Ares
2010-06-28 12:46 . 2010-06-28 12:46 -------- d-----w- c:\users\SACHIN\AppData\Local\Xilisoft
2010-06-28 12:46 . 2010-06-28 12:46 -------- d-----w- c:\users\SACHIN\AppData\Roaming\Xilisoft
2010-06-28 12:44 . 2010-06-28 12:44 -------- d-----w- c:\program files\Xilisoft
2010-06-28 07:32 . 2010-06-28 07:32 -------- d-----w- c:\users\SACHIN\AppData\Roaming\InstallShield
2010-06-28 07:19 . 2010-06-28 07:29 -------- d-----w- c:\program files\Bitcomet Ultra Accelerator
2010-06-28 04:49 . 2010-06-28 04:49 -------- d-----w- c:\program files\Windows Portable Devices
2010-06-28 04:44 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2010-06-28 04:44 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2010-06-28 04:44 . 2009-10-01 01:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2010-06-28 04:44 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2010-06-28 04:44 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2010-06-28 04:44 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2010-06-28 04:44 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2010-06-28 04:44 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2010-06-28 04:44 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2010-06-28 04:44 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll
2010-06-28 04:44 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2010-06-28 04:44 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2010-06-28 04:43 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-06-28 04:43 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-06-28 04:43 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-06-27 05:18 . 2010-06-27 05:18 -------- d-----w- c:\users\SACHIN\Cyberlink
2010-06-27 03:59 . 2010-06-27 03:59 -------- d-----w- c:\users\SACHIN\AppData\Local\Power2Go
2010-06-26 19:09 . 2010-06-26 19:09 -------- d-----w- c:\program files\LimeWire Ultra Accelerator
2010-06-26 18:37 . 2010-06-28 04:34 -------- d-----w- c:\users\Public\CyberLink
2010-06-26 18:36 . 2010-06-28 19:13 53319 ----a-w- c:\programdata\Temp\{D36DD326-7280-11D8-97C8-000129760CBE}\PostBuild.exe
2010-06-26 18:33 . 2010-06-28 19:09 53319 ----a-w- c:\programdata\Temp\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\PostBuild.exe
2010-06-26 18:32 . 2010-06-28 19:08 36864 ----a-w- c:\programdata\Temp\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}\PostBuild.exe
2010-06-26 18:31 . 2010-06-28 19:06 36864 ----a-w- c:\programdata\Temp\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\PostBuild.exe
2010-06-26 18:30 . 2010-06-26 18:30 -------- d-----w- c:\program files\Common Files\CyberLink
2010-06-26 18:29 . 2010-06-28 19:03 53319 ----a-w- c:\programdata\Temp\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
2010-06-26 18:27 . 2010-06-26 18:27 -------- d-----w- c:\users\SACHIN\AppData\Local\Apple
2010-06-26 18:27 . 2010-06-26 18:27 -------- d-----w- c:\program files\Apple Software Update
2010-06-26 18:27 . 2010-06-26 18:27 -------- d-----w- c:\programdata\Apple
2010-06-26 18:22 . 2010-06-28 18:57 36864 ----a-w- c:\programdata\Temp\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\PostBuild.exe
2010-06-26 18:21 . 2010-06-28 18:53 36864 ----a-w- c:\programdata\Temp\{ADD5DB49-72CF-11D8-9D75-000129760D75}\PostBuild.exe
2010-06-26 18:19 . 2010-06-28 18:51 36864 ----a-w- c:\programdata\Temp\{40BF1E83-20EB-11D8-97C5-0009C5020658}\PostBuild.exe
2010-06-26 18:19 . 2010-06-28 18:26 -------- d-----w- c:\users\SACHIN\AppData\Roaming\CyberLink
2010-06-26 18:19 . 2010-06-28 19:13 -------- d-----w- c:\users\SACHIN\AppData\Local\Cyberlink
2010-06-26 18:16 . 2010-06-28 18:49 36864 ----a-w- c:\programdata\Temp\{80E158EA-7181-40FE-A701-301CE6BE64AB}\PostBuild.exe
2010-06-26 18:16 . 2010-06-28 19:13 -------- d-----w- c:\program files\CyberLink
2010-06-26 18:15 . 2010-06-28 19:36 -------- d-----w- c:\programdata\CyberLink
2010-06-26 18:11 . 2010-06-28 18:46 53319 ----a-w- c:\programdata\Temp\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\PostBuild.exe
2010-06-26 18:02 . 2010-06-26 18:02 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-06-26 18:01 . 2010-06-26 18:02 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-06-26 18:01 . 2010-06-26 18:10 -------- d-----w- c:\users\SACHIN\AppData\Roaming\DAEMON Tools Lite
2010-06-26 18:01 . 2010-06-26 18:01 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-06-26 17:37 . 2010-06-26 17:52 -------- d-----w- c:\program files\ZC DVD Creator Platinum
2010-06-26 17:02 . 2010-06-26 17:06 -------- d-----w- c:\users\SACHIN\AppData\Roaming\Ulead Systems
2010-06-26 16:55 . 2002-03-16 20:30 7420 ----a-w- c:\windows\UA000104.DLL
2010-06-26 16:54 . 2010-06-29 09:51 -------- d--h--w- c:\windows\msdownld.tmp
2010-06-26 16:54 . 2010-06-26 16:54 -------- d-----w- c:\program files\Windows Media Components
2010-06-26 16:53 . 2010-06-26 16:53 -------- d-----w- c:\program files\Common Files\LightScribe
2010-06-26 16:51 . 2010-06-26 17:02 -------- d-----w- c:\programdata\Ulead Systems
2010-06-26 16:51 . 2010-06-26 16:51 -------- d-----w- c:\program files\Corel
2010-06-26 15:28 . 2010-06-26 15:28 -------- d-----w- c:\windows\tiinst
2010-06-26 15:28 . 2010-06-26 15:28 -------- d-----w- C:\Dell
2010-06-26 14:04 . 2010-06-26 14:04 274472 ----a-w- c:\windows\system32\drivers\btwampfl.sys
2010-06-26 12:59 . 2009-07-14 17:45 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2010-06-26 12:59 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2010-06-26 12:58 . 2010-06-26 14:02 68070224 ----a-w- c:\users\SACHIN\AppData\Roaming\Easeware\DriverEasy\drivers\yoqvili5.cht\se tupBTW_6.3.0.3102_DELL_BY_514_517.exe
2010-06-26 12:58 . 2010-01-21 10:36 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2010-06-26 12:58 . 2010-01-21 10:36 230448 ----a-w- c:\windows\system32\drivers\SynTP.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-01 11:03 . 2010-07-01 11:00 -------- d-----w- c:\program files\Spyware Doctor
2010-07-01 11:01 . 2010-07-01 11:00 -------- d-----w- c:\program files\Common Files\PC Tools
2010-07-01 11:00 . 2010-07-01 11:00 -------- d-----w- c:\users\SACHIN\AppData\Roaming\PC Tools
2010-07-01 11:00 . 2010-07-01 11:00 -------- d-----w- c:\programdata\PC Tools
2010-06-28 19:03 . 2009-10-14 07:30 505128 ----a-w- c:\windows\system32\msvcp71.dll
2010-06-28 19:03 . 2009-01-08 07:43 353576 ----a-w- c:\windows\system32\msvcr71.dll
2010-06-28 04:49 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-06-28 04:48 . 2010-06-28 04:48 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-06-26 15:28 . 2010-06-26 15:21 -------- d--h--w- c:\program files\Temp
2010-06-26 13:00 . 2010-06-26 13:00 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf
2010-06-26 13:00 . 2010-06-26 13:00 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-06-25 13:41 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-06-21 14:44 . 2010-06-21 14:44 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2010-05-04 05:59 . 2010-06-29 09:50 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-06-29 09:50 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-05-04 05:55 . 2010-06-29 09:50 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-05-04 04:31 . 2010-06-29 09:50 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-04-30 11:55 . 2010-06-26 15:21 1775136 ----a-w- c:\windows\system32\RtkPgExt.dll
2010-04-30 11:54 . 2010-06-26 15:21 367136 ----a-w- c:\windows\system32\RtkApoApi.dll
2010-04-30 11:29 . 2010-06-26 15:21 3086752 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2010-04-27 15:21 . 2010-06-26 15:21 1738072 ----a-w- c:\windows\system32\WavesGUILib.dll
2010-04-27 15:21 . 2010-06-26 15:21 253272 ----a-w- c:\windows\system32\MaxxVolumeSDAPO.dll
2010-04-27 15:21 . 2010-06-26 15:21 253784 ----a-w- c:\windows\system32\MaxxAudioAPO30.dll
2010-04-27 15:21 . 2010-06-26 15:21 1312088 ----a-w- c:\windows\system32\MaxxAudioRealtek.dll
2010-04-27 08:20 . 2010-06-26 15:21 299424 ----a-w- c:\windows\system32\FMAPO.dll
2010-04-16 16:43 . 2010-06-24 15:52 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll
2010-04-16 16:43 . 2010-06-24 15:52 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll
2010-04-16 16:43 . 2010-06-24 15:52 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll
2010-04-16 16:43 . 2010-06-24 15:52 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll
2010-04-14 12:25 . 2010-06-26 15:21 232792 ----a-w- c:\windows\system32\MaxxAudioAPO20.dll
2010-04-08 08:59 . 2010-07-01 11:00 63360 ----a-w- c:\windows\system32\drivers\pctplsg.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DriverMax_RESTART"="c:\program files\Innovative Solutions\DriverMax\devices.exe" [2010-03-01 9216928]
"Registry Cleaner Scheduler"="c:\program files\CleanMyPC\Registry Cleaner\RCHelper.exe" [2008-03-02 913664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"VAIOCameraUtility"="c:\program files\Sony\VAIO Camera Utility\VCUServe.exe" [2007-05-28 415864]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-01-21 1594664]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-30 9210400]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2010-04-30 1833504]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2009-04-27 50472]
"BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2009-09-01 75048]

c:\users\SACHIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2007-6-1 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\syste m]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavaso ft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDef end]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bitcomet Ultra Accelerator.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bitcomet Ultra Accelerator.lnk
backup=c:\windows\pss\Bitcomet Ultra Accelerator.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
2010-02-08 14:51 1015808 ----a-w- c:\program files\Ares\Ares.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
2010-05-28 08:55 3085104 ----a-w- c:\program files\BitComet\BitComet.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):62,22,80,d4,a9,ba,c9,01

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-22 136176]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrusb.sys [2008-07-28 904192]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-06-26 274472]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-12-02 29472]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-04-15 722288]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v040 0.exe [2010-03-18 753504]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-06-26 691696]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-03-29 218592]
S1 aswSP;aswSP; [x]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/06/29 00:35];c:\program files\CyberLink\PowerDVD9\000.fcl [2009-09-01 11:29 87536]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592]
S2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\IS360srv.exe [2010-06-11 312152]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-07-01 1352832]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2010-05-17 6630912]
S3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\Drivers\R5U870FLx86.sys [2008-03-25 73472]
S3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\Drivers\R5U870FUx86.sys [2008-03-25 43904]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2008-03-25 9344]
S3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-11-16 818688]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
kvxqiwfj
.
Contents of the 'Scheduled Tasks' folder

2010-07-03 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 10:43]

2010-07-03 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-06-23 08:41]

2010-07-03 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-06-23 07:44]

2010-07-03 c:\windows\Tasks\DriverCure Startup.job
- c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2009-02-27 06:30]

2010-06-29 c:\windows\Tasks\DriverCure.job
- c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2009-02-27 06:30]

2010-07-03 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-06-30 05:44]

2010-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-22 06:14]

2010-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-22 06:14]

2010-07-02 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-13 14:59]

2010-07-02 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2010-04-06 21:30]

2010-06-24 c:\windows\Tasks\ParetoLogic Update Version2.job
- c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 14:59]

2010-06-22 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2010-04-06 21:30]

2010-07-01 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2010-05-19 07:15]

2010-06-22 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2010-05-19 07:15]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.orbitdownloader.com
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: Send image to &Bluetooth Device... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
.

**************************************************************************
scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files:

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_Ac tiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(3520)
c:\program files\ThinkPad\Bluetooth Software\btncopy.dll
c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\ThinkPad\Bluetooth Software\btwdins.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Sony\Wireless Switch Setting Utility\Switcher.exe
c:\program files\Sony\VAIO Update 5\VAIOUpdt.exe
c:\program files\Alwil Software\Avast5\AvastUI.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\NOTEPAD.EXE
.
**************************************************************************
.
Completion time: 2010-07-03 15:08:03 - machine was rebooted
ComboFix-quarantined-files.txt 2010-07-03 09:38
ComboFix2.txt 2010-07-02 05:39

Pre-Run: 138,062,667,776 bytes free
Post-Run: 137,661,628,416 bytes free

Current=1 Default=1 Failed=0 LastKnownGood=1 Sets=1,2,3,4,5,6,7,8,9,10,11
- - End Of File - - 7FD9F6FB90EB6879D2C54833A5BF7315

Rorschach112 · 03-Jul-2010, 09:05 AM #6

Download OTL to your Desktop

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Under the Custom Scan box paste this in

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32 /all
%SYSTEMDRIVE%\*.*
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\user32.dll /md5
%systemroot%\system32\ws2_32.dll /md5
%systemroot%\system32\*.wt
%systemroot%\system32\*.ruy
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\system32\spool\prtprocs\w32x86\*.tmp
CREATERESTOREPOINT
%PROGRAMFILES%\*.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
/md5start
srsvc.*
wscntfy.*
xmlprov.*
eventlog.*
sfcfiles.*
/md5stop
Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time

leo92 · 05-Jul-2010, 03:44 AM #7

Sorry for the late reply my net was down in INDIA.

Here is the OTL.txt:

OTL logfile created on: 05-07-2010 12:20:30 - Run 1
OTL by OldTimer - Version 3.2.7.1 Folder = C:\Users\SACHIN\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 61.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.94 Gb Total Space | 127.61 Gb Free Space | 57.24% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SACHIN-PC
Current User Name: SACHIN
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010-07-05 12:16:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\SACHIN\Downloads\OTL.exe
PRC - [2010-06-30 12:42:31 | 000,008,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\CometBird\plugin-container.exe
PRC - [2010-06-30 12:42:11 | 000,116,024 | ---- | M] (CometNetwork) -- C:\Program Files\CometBird\CometBird.exe
PRC - [2010-06-29 02:27:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-06-29 02:27:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-06-11 18:14:22 | 000,312,152 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Security 360\is360srv.exe
PRC - [2010-04-15 13:13:18 | 001,459,568 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
PRC - [2010-01-22 08:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2009-11-02 14:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009-10-02 17:48:26 | 000,595,232 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
PRC - [2009-09-01 21:30:11 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files\CyberLink\Shared files\brs.exe
PRC - [2009-07-06 14:22:04 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
PRC - [2009-04-11 18:48:30 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-03-02 22:18:08 | 000,913,664 | ---- | M] (CleanMyPC Software) -- C:\Program Files\CleanMyPC\Registry Cleaner\RCHelper.exe
PRC - [2008-01-21 07:53:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007-06-15 12:45:20 | 000,469,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe

========== Modules (SafeList) ==========

MOD - [2010-07-05 12:16:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\SACHIN\Downloads\OTL.exe
MOD - [2009-04-11 18:48:14 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008-01-21 07:54:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Windows\System32\xmlprov.dll -- (xmlprov)
SRV - File not found [On_Demand | Stopped] -- C:\Windows\System32\ups.exe -- (UPS)
SRV - File not found [Auto | Stopped] -- C:\Windows\System32\ersvc.dll -- (ERSvc)
SRV - File not found [On_Demand | Stopped] -- C:\Windows\System32\cisvc.exe -- (CiSvc)
SRV - [2010-07-01 16:13:41 | 001,352,832 | ---- | M] (Lavasoft) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010-06-29 02:27:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-06-29 02:27:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-06-29 02:27:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-06-11 18:14:22 | 000,312,152 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Security 360\is360srv.exe -- (IS360service)
SRV - [2010-04-15 13:13:18 | 000,722,288 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV - [2010-03-18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2010-03-11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010-01-22 08:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2009-10-02 17:48:26 | 000,595,232 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009-09-25 06:57:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2008-01-21 07:53:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2010-06-29 02:07:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-06-29 02:07:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-06-29 02:03:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-06-29 02:02:56 | 000,050,256 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010-06-29 02:02:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-06-26 23:32:03 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010-06-26 19:34:00 | 000,274,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwampfl.sys -- (btwampfl)
DRV - [2010-06-26 16:45:23 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2010-05-31 11:43:16 | 000,252,008 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2010-05-17 22:53:06 | 006,630,912 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2010-04-30 16:59:12 | 003,086,752 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010-03-29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010-01-21 16:06:18 | 000,230,448 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2009-12-02 13:11:04 | 000,018,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2009-12-02 13:11:02 | 000,108,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2009-12-02 13:11:02 | 000,086,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2009-12-02 13:11:02 | 000,029,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2009-09-01 16:59:44 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/06/29 00:35:09] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2009-06-19 16:44:14 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2009-04-11 18:48:32 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) RMCAST (Pgm)
DRV - [2009-04-11 18:48:01 | 000,069,096 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008-07-29 04:45:00 | 000,904,192 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb)
DRV - [2008-06-03 06:22:56 | 003,695,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008-03-25 11:41:00 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2008-03-25 11:27:18 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2008-03-25 11:27:16 | 000,073,472 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2008-01-21 07:53:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008-01-21 07:53:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008-01-21 07:53:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008-01-21 07:53:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008-01-21 07:53:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008-01-21 07:53:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008-01-21 07:53:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008-01-21 07:53:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008-01-21 07:53:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008-01-21 07:53:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008-01-21 07:53:23 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf)
DRV - [2008-01-21 07:53:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008-01-21 07:53:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008-01-21 07:53:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008-01-21 07:53:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008-01-21 07:53:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008-01-21 07:53:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008-01-21 07:53:22 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV)
DRV - [2008-01-21 07:53:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008-01-21 07:53:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008-01-21 07:53:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008-01-21 07:53:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008-01-21 07:53:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008-01-21 07:53:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008-01-21 07:53:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008-01-21 07:53:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008-01-21 07:53:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007-11-28 14:35:02 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007-11-16 21:01:54 | 000,818,688 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007-01-31 19:03:46 | 000,005,632 | ---- | M] (GRISOFT, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\DRIVERS\avgarkt.sys -- (AVG Anti-Rootkit)
DRV - [2007-01-18 17:30:28 | 000,003,968 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\AvgArCln.sys -- (AvgArCln)
DRV - [2006-11-02 15:20:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 15:20:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 15:20:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 15:20:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 15:20:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 15:20:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 15:20:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 15:20:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 15:20:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 15:19:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 15:19:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 13:55:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 13:54:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 13:54:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 13:54:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 13:54:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 13:54:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 13:06:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2004-12-17 16:14:44 | 000,013,952 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\UBHelper.sys -- (UBHelper)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[2010-06-22 11:17:21 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\Mozilla\Extensions

O1 HOSTS File: ([2010-07-03 15:02:11 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.4.13.dll (BitComet)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [VAIOCameraUtility] C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe (Sony Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DriverMax_RESTART] C:\Program Files\Innovative Solutions\DriverMax\devices.exe (Innovative Solutions)
O4 - HKCU..\Run: [Registry Cleaner Scheduler] C:\Program Files\CleanMyPC\Registry Cleaner\RCHelper.exe (CleanMyPC Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.4.13.dll (BitComet)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 124.124.5.141 124.124.5.140
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img8.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img8.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-06-26 16:46:43 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - C:\Windows\System32\ntmssvc.dll File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - C:\Windows\System32\srsvc.dll File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: kvxqiwfj - File not found

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bitcomet Ultra Accelerator.lnk - C:\Program Files\Bitcomet Ultra Accelerator\BitComet Ultra Accelerator.exe - (TrafficSpeeders LLC)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe - (Broadcom Corporation.)
MsConfig - StartUpReg: ares - hkey= - key= - C:\Program Files\Ares\Ares.exe (Ares Development Group)
MsConfig - StartUpReg: BitComet - hkey= - key= - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - C:\Windows\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - C:\Windows\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: aux - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.i420 - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: VIDC.IYUV - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YUY2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
Drivers32: VIDC.YVU9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2010-07-03 15:02:15 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2010-07-03 15:00:00 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010-07-03 14:45:32 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010-07-03 14:45:12 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010-07-03 10:43:34 | 000,000,000 | ---D | C] -- C:\Windows\$regcmp$
[2010-07-02 10:37:07 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010-07-02 10:37:06 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010-07-02 10:37:06 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010-07-02 10:36:43 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010-07-02 10:33:32 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010-07-01 23:28:55 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Documents\NFS Carbon
[2010-07-01 23:14:11 | 000,000,000 | ---D | C] -- C:\Program Files\Need for Speed Carbon
[2010-07-01 20:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010-07-01 20:55:25 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\uTorrent
[2010-07-01 16:30:57 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2010-07-01 16:30:56 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2010-07-01 16:30:56 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2010-07-01 16:30:28 | 000,233,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2010-07-01 16:30:28 | 000,100,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2010-07-01 16:30:24 | 000,218,592 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010-07-01 16:30:24 | 000,088,040 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2010-07-01 16:30:17 | 000,063,360 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010-07-01 16:30:05 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010-07-01 16:30:05 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\PC Tools
[2010-07-01 16:30:05 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010-07-01 16:30:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010-07-01 16:17:44 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010-07-01 16:06:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010-07-01 16:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010-07-01 16:05:50 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010-07-01 13:30:40 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\CleanMyPC Software
[2010-07-01 13:30:36 | 000,000,000 | ---D | C] -- C:\Program Files\CleanMyPC
[2010-06-30 13:34:14 | 000,262,144 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2010-06-30 13:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010-06-30 12:45:02 | 000,818,688 | ---- | C] (Texas Instruments) -- C:\Windows\System32\drivers\ti21sony.sys
[2010-06-30 11:55:24 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Malwarebytes
[2010-06-30 11:55:22 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010-06-30 11:55:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010-06-30 11:55:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010-06-30 11:55:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-06-30 10:47:17 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\GlarySoft
[2010-06-30 10:44:18 | 000,000,000 | ---D | C] -- C:\Program Files\Glary Utilities
[2010-06-30 10:20:36 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2010-06-30 09:47:37 | 000,003,968 | ---- | C] (GRISOFT, s.r.o.) -- C:\Windows\System32\drivers\AvgArCln.sys
[2010-06-30 09:47:36 | 000,000,000 | ---D | C] -- C:\Program Files\GRISOFT
[2010-06-29 20:10:15 | 000,000,000 | ---D | C] -- C:\ProgramData\{9DF77379-A83D-46CF-968D-03CBC652096D}
[2010-06-29 15:22:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010-06-29 14:53:29 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\avastSS.scr
[2010-06-29 13:06:58 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Publish Providers
[2010-06-29 13:02:39 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Documents\Vegas Movie Studio HD Platinum 10.0 Projects
[2010-06-29 13:02:39 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Sony
[2010-06-29 12:56:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2010-06-29 12:53:34 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Sony
[2010-06-29 12:20:25 | 000,252,008 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rtlh86.sys
[2010-06-29 10:50:01 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Media Player Classic
[2010-06-29 10:27:03 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm
[2010-06-29 10:27:02 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2010-06-29 10:27:02 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm
[2010-06-29 10:27:00 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2010-06-29 01:04:39 | 000,000,000 | ---D | C] -- C:\ProgramData\VistaCodecs
[2010-06-29 00:31:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010-06-28 18:34:02 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Ares
[2010-06-28 18:33:57 | 000,000,000 | ---D | C] -- C:\Program Files\Ares
[2010-06-28 18:16:41 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Xilisoft
[2010-06-28 18:16:37 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Xilisoft
[2010-06-28 18:14:55 | 000,000,000 | ---D | C] -- C:\Program Files\Xilisoft
[2010-06-28 13:02:51 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\InstallShield
[2010-06-28 12:49:57 | 000,000,000 | ---D | C] -- C:\Program Files\Bitcomet Ultra Accelerator
[2010-06-28 10:19:22 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2010-06-28 10:04:49 | 000,000,000 | -H-D | C] -- C:\Users\SACHIN\Documents\PDRMUSIC.TMP
[2010-06-27 10:48:51 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Documents\CyberLink
[2010-06-27 10:48:50 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Cyberlink
[2010-06-27 09:29:54 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Power2Go
[2010-06-27 00:39:05 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire Ultra Accelerator
[2010-06-27 00:13:54 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010-06-27 00:00:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CyberLink
[2010-06-26 23:57:30 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Apple
[2010-06-26 23:57:27 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010-06-26 23:57:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010-06-26 23:49:21 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\CyberLink
[2010-06-26 23:49:19 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Cyberlink
[2010-06-26 23:46:15 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2010-06-26 23:45:01 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010-06-26 23:41:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2010-06-26 23:32:02 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys
[2010-06-26 23:31:37 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010-06-26 23:31:17 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\DAEMON Tools Lite
[2010-06-26 23:31:15 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010-06-26 23:07:57 | 000,000,000 | ---D | C] -- C:\Program Files\ZC DVD Creator Platinum
[2010-06-26 22:32:21 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Documents\Corel DVD MovieFactory
[2010-06-26 22:32:19 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Ulead Systems
[2010-06-26 22:24:06 | 000,000,000 | ---D | C] -- C:\Windows\RegisteredPackages
[2010-06-26 22:24:05 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp
[2010-06-26 22:24:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Components
[2010-06-26 22:23:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2010-06-26 22:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Ulead Systems
[2010-06-26 22:21:02 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2010-06-26 20:58:57 | 000,000,000 | ---D | C] -- C:\Windows\tiinst
[2010-06-26 20:58:26 | 000,000,000 | ---D | C] -- C:\Dell
[2010-06-26 20:51:50 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2010-06-26 20:51:50 | 001,738,072 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2010-06-26 20:51:50 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010-06-26 20:51:50 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2010-06-26 20:51:50 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2010-06-26 20:51:50 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2010-06-26 20:51:43 | 000,357,576 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2010-06-26 20:51:43 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2010-06-26 20:51:43 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2010-06-26 20:51:43 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2010-06-26 20:51:42 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2010-06-26 20:51:42 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2010-06-26 20:51:41 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2010-06-26 20:51:41 | 001,312,088 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2010-06-26 20:51:41 | 000,253,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2010-06-26 20:51:41 | 000,253,272 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2010-06-26 20:51:41 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2010-06-26 20:51:41 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2010-06-26 20:51:38 | 001,131,280 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2010-06-26 20:51:38 | 000,961,296 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2010-06-26 20:51:38 | 000,427,792 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2010-06-26 20:51:38 | 000,405,776 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2010-06-26 20:51:38 | 000,299,424 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2010-06-26 20:51:38 | 000,290,064 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2010-06-26 20:51:38 | 000,223,504 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2010-06-26 20:51:37 | 000,900,368 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2010-06-26 20:51:37 | 000,448,272 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2010-06-26 20:51:37 | 000,235,280 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2010-06-26 20:51:37 | 000,103,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2010-06-26 20:51:37 | 000,103,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2010-06-26 20:51:37 | 000,102,160 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2010-06-26 20:51:34 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2010-06-26 18:28:50 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Documents\DriverEasy
[2010-06-26 18:28:15 | 000,230,448 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\drivers\SynTP.sys
[2010-06-26 18:28:15 | 000,206,120 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynCtrl.dll
[2010-06-26 18:28:15 | 000,161,064 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynTPAPI.dll
[2010-06-26 18:28:15 | 000,120,104 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynTPCo4.dll
[2010-06-26 17:51:20 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Broadcom
[2010-06-26 17:51:20 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Documents\Bluetooth Exchange Folder
[2010-06-26 17:44:36 | 000,000,000 | ---D | C] -- C:\Program Files\ThinkPad
[2010-06-26 17:43:01 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010-06-26 17:41:18 | 000,000,000 | ---D | C] -- C:\DRIVERS
[2010-06-26 17:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\NtiDvdCopy
[2010-06-26 16:46:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\muvee Technologies
[2010-06-26 16:46:35 | 000,226,816 | ---- | C] (honest technology) -- C:\Windows\System32\htvcdsvcd.ax
[2010-06-26 16:46:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\NewTech Infosystems
[2010-06-26 16:46:21 | 000,000,000 | ---D | C] -- C:\Program Files\NewTech Infosystems
[2010-06-26 16:45:23 | 000,006,144 | ---- | C] (NewTech Infosystems, Inc.) -- C:\Windows\System32\drivers\NTIDrvr.sys
[2010-06-26 16:19:29 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Easeware
[2010-06-26 16:19:12 | 000,000,000 | ---D | C] -- C:\Program Files\Easeware
[2010-06-26 13:11:13 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Documents\My Drivers
[2010-06-26 13:11:13 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Innovative Solutions
[2010-06-26 13:11:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Innovative Solutions
[2010-06-26 13:11:08 | 000,000,000 | ---D | C] -- C:\Program Files\Innovative Solutions
[2010-06-26 00:57:37 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Adobe
[2010-06-26 00:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010-06-26 00:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010-06-26 00:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010-06-25 13:18:53 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010-06-24 22:50:32 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Desktop\Pazera_Video_Converters_Suite
[2010-06-24 15:33:56 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\AVS4YOU
[2010-06-24 15:33:56 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2010-06-24 15:33:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia
[2010-06-24 15:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU
[2010-06-24 15:28:21 | 000,000,000 | ---D | C] -- C:\myyoutube
[2010-06-24 15:27:34 | 000,000,000 | ---D | C] -- C:\Program Files\1-Click YouTube Downloader
[2010-06-24 15:24:26 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader
[2010-06-24 15:18:27 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\GrabPro
[2010-06-24 15:18:25 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\OpenCandy
[2010-06-24 15:18:18 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\OpenCandy
[2010-06-24 15:18:16 | 000,000,000 | ---D | C] -- C:\Program Files\Orbitdownloader
[2010-06-24 15:18:16 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Orbit
[2010-06-24 15:10:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2010-06-24 11:41:17 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2010-06-24 11:41:14 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\TigerPlayer
[2010-06-24 11:40:02 | 000,000,000 | ---D | C] -- C:\Program Files\MpcStar
[2010-06-24 01:24:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010-06-24 01:24:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010-06-24 01:23:56 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Documents\LimeWire
[2010-06-24 01:23:43 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\LimeWire
[2010-06-24 01:22:50 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010-06-24 01:13:58 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2010-06-24 00:49:23 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2010-06-23 23:28:21 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\TuneUp Software
[2010-06-23 23:27:49 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2010-06-23 23:27:42 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010-06-23 23:24:59 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Google
[2010-06-23 10:28:16 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\IObit
[2010-06-23 10:28:16 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010-06-23 10:11:20 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Uniblue
[2010-06-22 21:55:16 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\DAEMON Tools
[2010-06-22 21:49:29 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Desktop\Plants vs Zombies
[2010-06-22 20:56:30 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games
[2010-06-22 14:54:35 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010-06-22 13:46:01 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Documents\DriverGenius
[2010-06-22 13:43:45 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
[2010-06-22 13:25:14 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters
[2010-06-22 12:38:44 | 000,000,000 | ---D | C] -- C:\Program Files\Wise Disk Cleaner
[2010-06-22 12:34:42 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2010-06-22 12:34:42 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010-06-22 12:33:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010-06-22 12:32:51 | 004,018,176 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
[2010-06-22 12:28:34 | 000,094,208 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll
[2010-06-22 12:28:30 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010-06-22 12:25:43 | 000,173,352 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynCOM.dll
[2010-06-22 12:25:43 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2010-06-22 12:11:43 | 000,000,000 | ---D | C] -- C:\ProgramData\RegCure
[2010-06-22 12:11:43 | 000,000,000 | ---D | C] -- C:\Program Files\RegCure
[2010-06-22 12:10:49 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\WinRAR
[2010-06-22 12:10:33 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010-06-22 12:01:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloads
[2010-06-22 11:55:43 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\BitComet
[2010-06-22 11:55:32 | 000,000,000 | ---D | C] -- C:\Program Files\BitComet
[2010-06-22 11:45:36 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\DriverCure
[2010-06-22 11:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2010-06-22 11:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2010-06-22 11:45:28 | 000,000,000 | ---D | C] -- C:\Program Files\ParetoLogic
[2010-06-22 11:45:28 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverCure
[2010-06-22 11:44:40 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Google
[2010-06-22 11:44:40 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010-06-22 11:44:38 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010-06-22 11:44:38 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010-06-22 11:44:36 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010-06-22 11:44:34 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010-06-22 11:44:30 | 000,050,256 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010-06-22 11:43:33 | 000,165,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2010-06-22 11:43:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010-06-22 11:43:18 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-06-22 11:21:07 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Macromedia
[2010-06-22 11:21:06 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Adobe
[2010-06-22 11:20:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010-06-22 11:17:21 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Mozilla
[2010-06-22 11:17:13 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\CometNetwork
[2010-06-22 11:17:13 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\CometNetwork
[2010-06-22 11:17:00 | 000,000,000 | ---D | C] -- C:\Program Files\CometBird
[2010-06-22 10:07:03 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Apps
[2010-06-22 09:08:29 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010-06-22 08:37:20 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2010-06-22 08:18:58 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010-06-22 08:09:20 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010-06-21 23:10:39 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\vlc
[2010-06-21 22:54:02 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010-06-21 20:34:57 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Microsoft Games
[2010-06-21 20:29:40 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\ATI
[2010-06-21 20:29:40 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\ATI
[2010-06-21 20:29:40 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010-06-21 20:26:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2010-06-21 20:22:37 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Sony Corporation
[2010-06-21 20:22:34 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2010-06-21 20:22:33 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010-06-21 20:22:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010-06-21 20:17:33 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010-06-21 20:17:29 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010-06-21 20:17:26 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2010-06-21 20:16:48 | 000,327,680 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2010-06-21 20:16:47 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2010-06-21 20:14:48 | 000,073,472 | ---- | C] (Ricoh) -- C:\Windows\System32\drivers\R5U870FLx86.sys
[2010-06-21 20:14:48 | 000,043,904 | ---- | C] (Ricoh) -- C:\Windows\System32\drivers\R5U870FUx86.sys
[2010-06-21 20:12:21 | 000,000,000 | R--D | C] -- C:\Users\SACHIN\Searches
[2010-06-21 20:12:08 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Identities
[2010-06-21 20:12:05 | 000,000,000 | R--D | C] -- C:\Users\SACHIN\Contacts
[2010-06-21 20:12:03 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\VirtualStore
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\AppData\Local\Temporary Internet Files
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\Templates
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\Start Menu
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\SendTo
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\Recent
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\PrintHood
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\NetHood
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\Documents\My Videos
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\Documents\My Pictures
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\Documents\My Music
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\My Documents
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\Local Settings
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\AppData\Local\History
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\Cookies
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\Application Data
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\AppData\Local\Application Data
[2010-06-21 20:11:56 | 000,000,000 | --SD | C] -- C:\Users\SACHIN\AppData\Roaming\Microsoft
[2010-06-21 20:11:56 | 000,000,000 | R--D | C] -- C:\Users\SACHIN\Videos
[2010-06-21 20:11:56 | 000,000,000 | R--D | C] -- C:\Users\SACHIN\Saved Games
[2010-06-21 20:11:56 | 000,000,000 | R--D | C] -- C:\Users\SACHIN\Pictures
[2010-06-21 20:11:56 | 000,000,000 | R--D | C] -- C:\Users\SACHIN\Music
[2010-06-21 20:11:56 | 000,000,000 | R--D | C] -- C:\Users\SACHIN\Links
[2010-06-21 20:11:56 | 000,000,000 | R--D | C] -- C:\Users\SACHIN\Favorites
[2010-06-21 20:11:56 | 000,000,000 | R--D | C] -- C:\Users\SACHIN\Downloads
[2010-06-21 20:11:56 | 000,000,000 | R--D | C] -- C:\Users\SACHIN\Documents
[2010-06-21 20:11:56 | 000,000,000 | R--D | C] -- C:\Users\SACHIN\Desktop
[2010-06-21 20:11:56 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Temp
[2010-06-21 20:11:56 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Microsoft
[2010-06-21 20:11:56 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Media Center Programs
[2010-06-21 20:11:56 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData
[2010-06-21 13:27:46 | 000,000,000 | ---D | C] -- C:\QUARANTINE
[2010-06-19 14:27:46 | 000,000,000 | ---D | C] -- C:\Intel Desktop Board
[2010-06-19 06:09:57 | 000,000,000 | ---D | C] -- C:\Temp1
[2010-06-15 10:04:27 | 000,069,632 | ---- | C] ( ) -- C:\nporbit.dll
[2010-06-12 15:15:05 | 000,000,000 | ---D | C] -- C:\Ares
[2010-06-03 20:25:27 | 000,000,000 | ---D | C] -- C:\IObit
[2010-06-02 15:32:08 | 000,000,000 | ---D | C] -- C:\DVDTemp
[2010-06-01 13:38:54 | 000,000,000 | ---D | C] -- C:\ZCVideoDVD
[2010-05-31 23:15:08 | 000,000,000 | ---D | C] -- C:\Temp
[2010-05-29 22:01:59 | 000,000,000 | ---D | C] -- C:\My Works
[2010-04-20 16:57:58 | 000,000,000 | ---D | C] -- C:\Pcsx2
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\SACHIN\Documents\*.tmp files -> C:\Users\SACHIN\Documents\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010-07-05 12:22:27 | 002,883,584 | ---- | M] () -- C:\Users\SACHIN\NTUSER.DAT
[2010-07-05 12:13:14 | 000,703,388 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010-07-05 12:13:14 | 000,609,196 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-07-05 12:13:14 | 000,108,672 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-07-05 11:49:05 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010-07-05 11:49:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010-07-05 11:48:00 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2010-07-05 11:47:54 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\AWC AutoSweep.job
[2010-07-05 11:47:52 | 000,000,398 | ---- | M] () -- C:\Windows\tasks\DriverCure Startup.job
[2010-07-05 11:47:48 | 000,000,314 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2010-07-05 11:47:23 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-07-05 11:47:23 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-07-05 11:47:22 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-07-05 11:47:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-07-05 11:42:51 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010-07-05 11:42:50 | 000,524,288 | -HS- | M] () -- C:\Users\SACHIN\NTUSER.DAT{86f727d0-865e-11df-acae-001a80cdd7e6}.TMContainer00000000000000000001.regtrans-ms
[2010-07-05 11:42:50 | 000,065,536 | -HS- | M] () -- C:\Users\SACHIN\NTUSER.DAT{86f727d0-865e-11df-acae-001a80cdd7e6}.TM.blf
[2010-07-05 11:42:44 | 002,779,331 | -H-- | M] () -- C:\Users\SACHIN\AppData\Local\IconCache.db
[2010-07-04 20:04:09 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010-07-03 18:00:00 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2010-07-03 18:00:00 | 000,000,444 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job
[2010-07-03 17:23:05 | 000,037,888 | ---- | M] () -- C:\Users\SACHIN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-07-03 17:00:01 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\RegCure Program Check.job
[2010-07-03 15:02:20 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010-07-03 15:02:11 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010-07-03 13:14:56 | 000,524,288 | -HS- | M] () -- C:\Users\SACHIN\NTUSER.DAT{86f727d0-865e-11df-acae-001a80cdd7e6}.TMContainer00000000000000000002.regtrans-ms
[2010-07-03 10:47:18 | 000,524,288 | -HS- | M] () -- C:\Users\SACHIN\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010-07-03 10:47:18 | 000,065,536 | -HS- | M] () -- C:\Users\SACHIN\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010-07-02 10:33:07 | 003,725,496 | R--- | M] () -- C:\Users\SACHIN\Desktop\ComboFix.exe
[2010-07-02 10:13:59 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010-07-01 23:27:56 | 000,000,657 | ---- | M] () -- C:\Users\SACHIN\Desktop\NFSC.lnk
[2010-07-01 20:56:10 | 000,000,776 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010-07-01 20:56:10 | 000,000,752 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010-07-01 16:30:20 | 000,001,759 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010-07-01 16:17:41 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010-07-01 16:17:20 | 000,015,880 | ---- | M] () -- C:\Windows\System32\lsdelete.exe
[2010-07-01 16:06:24 | 000,001,031 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010-07-01 16:06:24 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010-07-01 13:43:01 | 000,001,152 | ---- | M] () -- C:\Windows\System32\windrv.sys
[2010-07-01 13:30:37 | 000,000,906 | ---- | M] () -- C:\Users\SACHIN\Desktop\CleanMyPC - Registry Cleaner.lnk
[2010-06-30 13:58:32 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010-06-30 13:12:30 | 000,001,874 | ---- | M] () -- C:\Users\SACHIN\Desktop\HijackThis.lnk
[2010-06-30 11:55:22 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-06-30 10:44:21 | 000,000,797 | ---- | M] () -- C:\Users\SACHIN\Desktop\Glary Utilities.lnk
[2010-06-30 09:47:38 | 000,000,968 | ---- | M] () -- C:\Users\Public\Desktop\AVG Anti-Rootkit Free.lnk
[2010-06-30 09:43:40 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010-06-30 00:57:04 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\DriverCure.job
[2010-06-29 16:01:01 | 000,000,943 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010-06-29 14:53:30 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010-06-29 02:27:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\avastSS.scr
[2010-06-29 02:27:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2010-06-29 02:07:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010-06-29 02:07:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010-06-29 02:03:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010-06-29 02:02:56 | 000,050,256 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010-06-29 02:02:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010-06-29 00:40:07 | 000,001,803 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink Media Suite.lnk
[2010-06-28 18:41:09 | 000,000,748 | ---- | M] () -- C:\Users\SACHIN\Desktop\Ares.lnk
[2010-06-28 18:34:00 | 000,000,704 | ---- | M] () -- C:\Users\Public\Desktop\Ares.lnk
[2010-06-28 18:15:59 | 000,001,912 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Xilisoft DVD Creator 6.lnk
[2010-06-28 18:15:59 | 000,001,888 | ---- | M] () -- C:\Users\Public\Desktop\Xilisoft DVD Creator 6.lnk
[2010-06-28 12:50:05 | 000,001,044 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Bitcomet Ultra Accelerator.lnk
[2010-06-28 12:50:05 | 000,001,020 | ---- | M] () -- C:\Users\Public\Desktop\Bitcomet Ultra Accelerator.lnk
[2010-06-28 10:18:52 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010-06-28 09:58:39 | 007,141,504 | ---- | M] () -- C:\Users\SACHIN\Documents\02. Flo Rida - Ack Like You Know.mp3
[2010-06-27 17:36:57 | 000,264,928 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010-06-27 10:51:41 | 000,005,632 | ---- | M] () -- C:\Users\SACHIN\Documents\MO_Audio_Test.grf
[2010-06-27 09:48:21 | 000,067,192 | ---- | M] () -- C:\Users\SACHIN\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-06-27 00:39:13 | 000,001,044 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\LimeWire Ultra Accelerator.lnk
[2010-06-27 00:39:13 | 000,001,020 | ---- | M] () -- C:\Users\Public\Desktop\LimeWire Ultra Accelerator.lnk
[2010-06-26 23:32:03 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys
[2010-06-26 23:32:03 | 000,001,735 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010-06-26 23:08:27 | 000,000,028 | ---- | M] () -- C:\Windows\ZC DVD Creator Platinum.INI
[2010-06-26 23:08:11 | 000,000,902 | ---- | M] () -- C:\Users\SACHIN\Desktop\ZC DVD Creator Platinum.lnk
[2010-06-26 18:30:34 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010-06-26 18:30:22 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010-06-26 16:46:43 | 000,000,074 | ---- | M] () -- C:\autoexec.bat
[2010-06-26 16:46:18 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\NTI CD & DVD-Maker 7.lnk
[2010-06-26 16:46:10 | 000,001,024 | RH-- | M] () -- C:\Windows\System32\NTICDMK7.dll
[2010-06-26 16:45:43 | 000,001,024 | RH-- | M] () -- C:\Windows\System32\NTIMPEG2.dll
[2010-06-26 16:45:43 | 000,001,024 | RH-- | M] () -- C:\Windows\System32\NTIMP3.dll
[2010-06-26 16:45:43 | 000,001,024 | RH-- | M] () -- C:\Windows\System32\NTIFCD3.dll
[2010-06-26 16:45:23 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Windows\System32\drivers\NTIDrvr.sys
[2010-06-26 16:19:16 | 000,000,881 | ---- | M] () -- C:\Users\Public\Desktop\DriverEasy.lnk
[2010-06-26 15:56:32 | 000,000,919 | ---- | M] () -- C:\Users\SACHIN\Desktop\DriverMax.lnk
[2010-06-25 13:18:55 | 000,000,804 | ---- | M] () -- C:\Users\SACHIN\Desktop\CCleaner.lnk
[2010-06-25 00:34:48 | 000,000,418 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version2.job
[2010-06-25 00:27:06 | 006,301,976 | ---- | M] () -- C:\Users\SACHIN\Desktop\bmc Admission form.rtf
[2010-06-25 00:25:18 | 006,301,976 | ---- | M] () -- C:\Users\SACHIN\Documents\BMC College Fee Receipt.rtf
[2010-06-25 00:13:29 | 006,301,976 | ---- | M] () -- C:\Users\SACHIN\Documents\BMC College Admission No..rtf
[2010-06-24 15:27:34 | 000,000,999 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\1-Click YouTube Downloader.lnk
[2010-06-24 15:27:34 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\1-Click YouTube Downloader.lnk
[2010-06-24 15:24:27 | 000,000,919 | ---- | M] () -- C:\Users\SACHIN\Desktop\YouTube Downloader.lnk
[2010-06-24 15:18:27 | 000,000,872 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Orbit.lnk
[2010-06-24 15:18:26 | 000,000,848 | ---- | M] () -- C:\Users\SACHIN\Desktop\Orbit.lnk
[2010-06-24 14:49:21 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2010-06-24 01:14:24 | 000,001,710 | ---- | M] () -- C:\Users\SACHIN\Desktop\LimeWire PRO 4.18.8.lnk
[2010-06-23 10:28:25 | 000,001,038 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk
[2010-06-23 10:28:25 | 000,001,014 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010-06-22 13:43:47 | 000,000,916 | ---- | M] () -- C:\Users\SACHIN\Desktop\Driver Genius Professional Edition.lnk
[2010-06-22 12:46:18 | 000,000,420 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2010-06-22 12:46:18 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\RegCure.job
[2010-06-22 12:38:45 | 000,001,786 | ---- | M] () -- C:\Users\SACHIN\Desktop\Clean disk with 1 click.lnk
[2010-06-22 12:38:45 | 000,000,926 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Wise Disk Cleaner.lnk
[2010-06-22 12:11:46 | 000,000,784 | ---- | M] () -- C:\Users\Public\Desktop\RegCure.lnk
[2010-06-22 11:58:33 | 000,001,004 | ---- | M] () -- C:\Users\Public\Desktop\ParetoLogic DriverCure.lnk
[2010-06-22 11:55:36 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\BitComet.lnk
[2010-06-22 11:49:11 | 000,001,955 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010-06-22 11:44:39 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010-06-22 11:17:02 | 000,001,710 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\CometBird.lnk
[2010-06-22 11:17:02 | 000,001,686 | ---- | M] () -- C:\Users\Public\Desktop\CometBird.lnk
[2010-06-22 09:08:16 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010-06-22 08:20:13 | 000,136,009 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010-06-21 22:54:10 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010-06-21 20:48:12 | 000,000,938 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010-06-21 20:26:30 | 000,524,288 | -HS- | M] () -- C:\Users\SACHIN\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010-06-21 20:18:48 | 000,001,973 | ---- | M] () -- C:\Users\SACHIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CCC.lnk
[2010-06-21 20:14:18 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010-06-21 20:12:45 | 000,000,680 | ---- | M] () -- C:\Users\SACHIN\AppData\Local\d3d9caps.dat
[2010-06-21 20:11:58 | 000,000,020 | -HS- | M] () -- C:\Users\SACHIN\ntuser.ini
[2010-06-08 21:40:50 | 000,790,528 | ---- | M] () -- C:\Windows\System32\xvidcore.dll
[2010-06-08 21:40:50 | 000,134,144 | ---- | M] () -- C:\Windows\System32\xvidvfw.dll
[2010-06-02 13:30:00 | 000,108,032 | ---- | M] () -- C:\Windows\System32\ff_vfw.dll
[2010-06-02 13:30:00 | 000,000,038 | ---- | M] () -- C:\Windows\avisplitter.ini
[2010-05-31 11:43:16 | 000,252,008 | ---- | M] (Realtek ) -- C:\Windows\System32\drivers\Rtlh86.sys
[2010-05-05 14:19:56 | 000,050,688 | ---- | M] () -- C:\Windows\System32\ff_acm.acm
[2010-05-04 08:28:45 | 000,057,667 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010-04-29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010-04-27 20:51:40 | 001,738,072 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2010-04-27 20:51:32 | 000,253,272 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2010-04-27 20:51:24 | 000,253,784 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2010-04-27 20:51:04 | 001,312,088 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2010-04-27 13:50:10 | 000,299,424 | ---- | M] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2010-04-26 15:58:12 | 000,256,512 | ---- | M] () -- C:\Windows\PEV.exe
[2010-04-14 17:55:20 | 000,232,792 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2010-04-08 14:29:32 | 000,063,360 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\SACHIN\Documents\*.tmp files -> C:\Users\SACHIN\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010-07-03 14:41:42 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010-07-03 10:48:39 | 000,524,288 | -HS- | C] () -- C:\Users\SACHIN\NTUSER.DAT{86f727d0-865e-11df-acae-001a80cdd7e6}.TMContainer00000000000000000002.regtrans-ms
[2010-07-03 10:48:39 | 000,524,288 | -HS- | C] () -- C:\Users\SACHIN\NTUSER.DAT{86f727d0-865e-11df-acae-001a80cdd7e6}.TMContainer00000000000000000001.regtrans-ms
[2010-07-03 10:48:39 | 000,065,536 | -HS- | C] () -- C:\Users\SACHIN\NTUSER.DAT{86f727d0-865e-11df-acae-001a80cdd7e6}.TM.blf
[2010-07-02 10:37:07 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010-07-02 10:37:06 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010-07-02 10:37:06 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010-07-02 10:37:06 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010-07-02 10:37:06 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010-07-02 10:34:31 | 003,725,496 | R--- | C] () -- C:\Users\SACHIN\Desktop\ComboFix.exe
[2010-07-01 23:27:56 | 000,000,657 | ---- | C] () -- C:\Users\SACHIN\Desktop\NFSC.lnk
[2010-07-01 20:56:10 | 000,000,776 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010-07-01 20:56:10 | 000,000,752 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010-07-01 16:30:57 | 001,152,444 | ---- | C] () -- C:\Windows\UDB.zip
[2010-07-01 16:30:57 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010-07-01 16:30:57 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2010-07-01 16:30:57 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2010-07-01 16:30:57 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2010-07-01 16:30:28 | 000,007,387 | ---- | C] () -- C:\Windows\System32\drivers\pctgntdi.cat
[2010-07-01 16:30:24 | 000,007,412 | ---- | C] () -- C:\Windows\System32\drivers\PCTAppEvent.cat
[2010-07-01 16:30:24 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctcore.cat
[2010-07-01 16:30:20 | 000,001,759 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010-07-01 16:30:17 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctplsg.cat
[2010-07-01 16:24:40 | 000,015,880 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2010-07-01 16:06:24 | 000,001,031 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010-07-01 16:06:24 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010-07-01 13:43:01 | 000,001,152 | ---- | C] () -- C:\Windows\System32\windrv.sys
[2010-07-01 13:30:37 | 000,000,906 | ---- | C] () -- C:\Users\SACHIN\Desktop\CleanMyPC - Registry Cleaner.lnk
[2010-06-30 13:58:32 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010-06-30 13:34:14 | 000,052,400 | ---- | C] () -- C:\Windows\System32\drivers\ativvpxx.vp
[2010-06-30 13:34:09 | 000,013,848 | ---- | C] () -- C:\Windows\atiogl.xml
[2010-06-30 13:34:04 | 000,172,033 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010-06-30 13:34:03 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2010-06-30 13:12:30 | 000,001,874 | ---- | C] () -- C:\Users\SACHIN\Desktop\HijackThis.lnk
[2010-06-30 11:55:22 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-06-30 10:44:27 | 000,000,314 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
[2010-06-30 10:44:21 | 000,000,797 | ---- | C] () -- C:\Users\SACHIN\Desktop\Glary Utilities.lnk
[2010-06-30 09:47:38 | 000,000,968 | ---- | C] () -- C:\Users\Public\Desktop\AVG Anti-Rootkit Free.lnk
[2010-06-29 15:20:26 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010-06-29 12:20:25 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010-06-29 10:27:07 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010-06-29 10:27:06 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010-06-29 10:27:03 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml
[2010-06-29 10:27:02 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010-06-29 10:27:02 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010-06-29 10:27:02 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010-06-29 00:40:07 | 000,001,803 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink Media Suite.lnk
[2010-06-28 18:41:09 | 000,000,748 | ---- | C] () -- C:\Users\SACHIN\Desktop\Ares.lnk
[2010-06-28 18:34:00 | 000,000,704 | ---- | C] () -- C:\Users\Public\Desktop\Ares.lnk
[2010-06-28 18:15:59 | 000,001,912 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Xilisoft DVD Creator 6.lnk
[2010-06-28 18:15:59 | 000,001,888 | ---- | C] () -- C:\Users\Public\Desktop\Xilisoft DVD Creator 6.lnk
[2010-06-28 12:50:05 | 000,001,044 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Bitcomet Ultra Accelerator.lnk
[2010-06-28 12:50:05 | 000,001,020 | ---- | C] () -- C:\Users\Public\Desktop\Bitcomet Ultra Accelerator.lnk
[2010-06-28 10:18:52 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010-06-28 09:58:38 | 007,141,504 | ---- | C] () -- C:\Users\SACHIN\Documents\02. Flo Rida - Ack Like You Know.mp3
[2010-06-27 10:51:41 | 000,005,632 | ---- | C] () -- C:\Users\SACHIN\Documents\MO_Audio_Test.grf
[2010-06-27 00:39:13 | 000,001,044 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\LimeWire Ultra Accelerator.lnk
[2010-06-27 00:39:13 | 000,001,020 | ---- | C] () -- C:\Users\Public\Desktop\LimeWire Ultra Accelerator.lnk
[2010-06-26 23:32:03 | 000,001,735 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010-06-26 23:08:27 | 000,000,028 | ---- | C] () -- C:\Windows\ZC DVD Creator Platinum.INI
[2010-06-26 23:08:11 | 000,000,902 | ---- | C] () -- C:\Users\SACHIN\Desktop\ZC DVD Creator Platinum.lnk
[2010-06-26 22:25:04 | 000,007,420 | ---- | C] () -- C:\Windows\UA000104.DLL
[2010-06-26 18:30:34 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010-06-26 18:30:22 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010-06-26 18:29:39 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2010-06-26 16:46:56 | 000,013,952 | ---- | C] () -- C:\Windows\System32\drivers\UBHelper.sys
[2010-06-26 16:46:18 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\NTI CD & DVD-Maker 7.lnk
[2010-06-26 16:46:10 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTICDMK7.dll
[2010-06-26 16:45:43 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIMPEG2.dll
[2010-06-26 16:45:43 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIMP3.dll
[2010-06-26 16:45:43 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIFCD3.dll
[2010-06-26 16:19:16 | 000,000,881 | ---- | C] () -- C:\Users\Public\Desktop\DriverEasy.lnk
[2010-06-26 13:11:11 | 000,000,919 | ---- | C] () -- C:\Users\SACHIN\Desktop\DriverMax.lnk
[2010-06-26 00:56:46 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010-06-25 13:18:55 | 000,000,804 | ---- | C] () -- C:\Users\SACHIN\Desktop\CCleaner.lnk
[2010-06-25 00:26:45 | 006,301,976 | ---- | C] () -- C:\Users\SACHIN\Desktop\bmc Admission form.rtf
[2010-06-25 00:25:18 | 006,301,976 | ---- | C] () -- C:\Users\SACHIN\Documents\BMC College Fee Receipt.rtf
[2010-06-25 00:13:29 | 006,301,976 | ---- | C] () -- C:\Users\SACHIN\Documents\BMC College Admission No..rtf
[2010-06-24 15:27:34 | 000,000,999 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\1-Click YouTube Downloader.lnk
[2010-06-24 15:27:34 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\1-Click YouTube Downloader.lnk
[2010-06-24 15:24:27 | 000,000,919 | ---- | C] () -- C:\Users\SACHIN\Desktop\YouTube Downloader.lnk
[2010-06-24 15:18:27 | 000,000,872 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Orbit.lnk
[2010-06-24 15:18:26 | 000,000,848 | ---- | C] () -- C:\Users\SACHIN\Desktop\Orbit.lnk
[2010-06-24 01:14:24 | 000,001,710 | ---- | C] () -- C:\Users\SACHIN\Desktop\LimeWire PRO 4.18.8.lnk
[2010-06-23 23:55:27 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010-06-23 10:30:39 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\AWC AutoSweep.job
[2010-06-23 10:28:28 | 000,000,372 | ---- | C] () -- C:\Windows\tasks\AWC Startup.job
[2010-06-23 10:28:25 | 000,001,038 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk
[2010-06-23 10:28:25 | 000,001,014 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010-06-22 13:43:47 | 000,000,916 | ---- | C] () -- C:\Users\SACHIN\Desktop\Driver Genius Professional Edition.lnk
[2010-06-22 12:38:45 | 000,001,786 | ---- | C] () -- C:\Users\SACHIN\Desktop\Clean disk with 1 click.lnk
[2010-06-22 12:38:45 | 000,000,926 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Wise Disk Cleaner.lnk
[2010-06-22 12:28:02 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010-06-22 12:11:48 | 000,000,392 | ---- | C] () -- C:\Windows\tasks\RegCure Program Check.job
[2010-06-22 12:11:47 | 000,000,374 | ---- | C] () -- C:\Windows\tasks\RegCure.job
[2010-06-22 12:11:46 | 000,000,784 | ---- | C] () -- C:\Users\Public\Desktop\RegCure.lnk
[2010-06-22 11:58:40 | 000,000,444 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Registration.job
[2010-06-22 11:58:34 | 000,000,418 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Update Version2.job
[2010-06-22 11:55:36 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\BitComet.lnk
[2010-06-22 11:49:11 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010-06-22 11:49:11 | 000,001,955 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010-06-22 11:45:37 | 000,000,446 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2010-06-22 11:45:33 | 000,001,004 | ---- | C] () -- C:\Users\Public\Desktop\ParetoLogic DriverCure.lnk
[2010-06-22 11:45:33 | 000,000,398 | ---- | C] () -- C:\Windows\tasks\DriverCure Startup.job
[2010-06-22 11:45:32 | 000,000,420 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2010-06-22 11:45:29 | 000,000,382 | ---- | C] () -- C:\Windows\tasks\DriverCure.job
[2010-06-22 11:44:51 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010-06-22 11:44:48 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010-06-22 11:44:39 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010-06-22 11:17:02 | 000,001,710 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\CometBird.lnk
[2010-06-22 11:17:02 | 000,001,686 | ---- | C] () -- C:\Users\Public\Desktop\CometBird.lnk
[2010-06-22 09:59:08 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010-06-21 22:54:10 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010-06-21 20:48:12 | 000,000,938 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010-06-21 20:48:09 | 000,037,888 | ---- | C] () -- C:\Users\SACHIN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-21 20:20:00 | 000,000,943 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010-06-21 20:18:48 | 000,001,973 | ---- | C] () -- C:\Users\SACHIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CCC.lnk
[2010-06-21 20:16:48 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2010-06-21 20:16:48 | 000,328,162 | ---- | C] () -- C:\Windows\System32\drivers\ativcaxx.cpa
[2010-06-21 20:16:48 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2010-06-21 20:16:48 | 000,002,096 | ---- | C] () -- C:\Windows\System32\drivers\ativpkxx.vp
[2010-06-21 20:16:48 | 000,002,096 | ---- | C] () -- C:\Windows\System32\drivers\ativokxx.vp
[2010-06-21 20:16:48 | 000,002,096 | ---- | C] () -- C:\Windows\System32\drivers\ativdkxx.vp
[2010-06-21 20:16:48 | 000,000,929 | ---- | C] () -- C:\Windows\System32\drivers\ativcaxx.vp
[2010-06-21 20:14:18 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010-06-21 20:12:00 | 000,000,680 | ---- | C] () -- C:\Users\SACHIN\AppData\Local\d3d9caps.dat
[2010-06-21 20:11:58 | 000,000,020 | -HS- | C] () -- C:\Users\SACHIN\ntuser.ini
[2010-06-21 20:11:57 | 000,524,288 | -HS- | C] () -- C:\Users\SACHIN\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010-06-21 20:11:57 | 000,524,288 | -HS- | C] () -- C:\Users\SACHIN\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010-06-21 20:11:57 | 000,065,536 | -HS- | C] () -- C:\Users\SACHIN\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010-06-21 20:11:56 | 002,883,584 | ---- | C] () -- C:\Users\SACHIN\NTUSER.DAT
[2010-06-21 20:11:56 | 000,262,144 | -H-- | C] () -- C:\Users\SACHIN\ntuser.dat.LOG1
[2010-06-21 20:11:56 | 000,000,258 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010-06-21 20:11:56 | 000,000,240 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010-06-21 20:11:56 | 000,000,000 | -H-- | C] () -- C:\Users\SACHIN\ntuser.dat.LOG2
[2010-06-19 06:34:19 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2010-05-05 14:19:56 | 000,050,688 | ---- | C] () -- C:\Windows\System32\ff_acm.acm
[2009-04-11 18:48:11 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2008-09-12 15:21:02 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2006-11-02 18:05:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 13:10:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001-12-26 15:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001-09-03 22:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001-07-30 15:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001-07-23 21:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2010-07-03 14:43:42 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\BitComet
[2010-07-01 13:30:40 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\CleanMyPC Software
[2010-06-22 11:17:13 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\CometNetwork
[2010-06-22 21:55:27 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\DAEMON Tools
[2010-06-26 23:40:12 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\DAEMON Tools Lite
[2010-06-22 11:45:56 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\DriverCure
[2010-06-26 16:19:29 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\Easeware
[2010-06-30 10:47:17 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\GlarySoft
[2010-06-24 15:18:27 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\GrabPro
[2010-06-23 14:31:52 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\IObit
[2010-06-30 01:34:38 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\LimeWire
[2010-06-24 15:18:18 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\OpenCandy
[2010-07-03 14:43:30 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\Orbit
[2010-06-29 13:06:58 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\Publish Providers
[2010-06-29 21:04:24 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\Sony
[2010-06-24 11:41:30 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\TigerPlayer
[2010-06-23 23:28:21 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\TuneUp Software
[2010-06-26 22:36:57 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\Ulead Systems
[2010-06-25 13:14:41 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\Uniblue
[2010-07-01 21:01:21 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\uTorrent
[2010-06-28 18:16:37 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\Xilisoft
[2010-07-04 20:04:09 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2010-07-05 11:47:54 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\AWC AutoSweep.job
[2010-07-05 11:48:00 | 000,000,372 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2010-07-05 11:47:52 | 000,000,398 | ---- | M] () -- C:\Windows\Tasks\DriverCure Startup.job
[2010-06-30 00:57:04 | 000,000,382 | ---- | M] () -- C:\Windows\Tasks\DriverCure.job
[2010-07-05 11:47:48 | 000,000,314 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2010-07-03 18:00:00 | 000,000,444 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration.job
[2010-07-03 18:00:00 | 000,000,446 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job
[2010-06-25 00:34:48 | 000,000,418 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version2.job
[2010-06-22 12:46:18 | 000,000,420 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version3.job
[2010-07-03 17:00:01 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\RegCure Program Check.job
[2010-06-22 12:46:18 | 000,000,374 | ---- | M] () -- C:\Windows\Tasks\RegCure.job
[2010-07-05 11:42:52 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2010-07-05 11:47:11 | 000,005,683 | ---- | M] () -- C:\aaw7boot.log
[2010-06-26 16:46:43 | 000,000,074 | ---- | M] () -- C:\autoexec.bat
[2009-04-11 18:48:38 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2010-06-22 09:08:16 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010-07-03 15:08:04 | 000,028,011 | ---- | M] () -- C:\ComboFix.txt
[2006-09-19 03:13:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2005-01-03 19:07:18 | 000,000,017 | -H-- | M] () -- C:\initrd.pam
[2008-09-27 01:46:25 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2007-03-28 03:03:48 | 000,000,067 | -H-- | M] () -- C:\kernel.pam
[2010-07-02 11:14:06 | 000,047,330 | ---- | M] () -- C:\log.txt
[2008-09-27 01:46:25 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009-07-06 14:42:12 | 000,069,632 | ---- | M] ( ) -- C:\nporbit.dll
[2009-09-17 12:29:33 | 000,005,120 | -H-- | M] () -- C:\ntuser.dat.LOG1
[2009-09-17 12:29:33 | 000,000,000 | -H-- | M] () -- C:\ntuser.dat.LOG2
[2009-09-17 12:29:34 | 000,065,536 | -HS- | M] () -- C:\ntuser.dat{74b5f3e1-a347-11de-ab3a-dd5aff4aa4a4}.TM.blf
[2009-09-17 12:29:34 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{74b5f3e1-a347-11de-ab3a-dd5aff4aa4a4}.TMContainer00000000000000000001.regtrans-ms
[2009-09-17 12:29:34 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{74b5f3e1-a347-11de-ab3a-dd5aff4aa4a4}.TMContainer00000000000000000002.regtrans-ms
[2010-07-05 11:47:11 | 2459,631,616 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2006-11-02 18:05:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008-06-03 03:35:30 | 000,413,696 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll
[2009-04-11 18:48:38 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009-04-11 18:48:36 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\*.exe /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009-04-11 19:38:12 | 023,552,000 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2009-04-11 19:37:55 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2009-04-11 19:38:12 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006-11-02 16:04:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006-11-02 16:04:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\user32.dll /md5 >
[2009-04-11 18:48:28 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\ws2_32.dll /md5 >
[2008-01-21 07:54:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.com >
[2006-11-02 18:07:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006-11-02 18:07:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006-11-02 18:07:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009-04-11 18:49:50 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.ini >
[2006-09-19 03:07:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >

< %PROGRAMFILES%\*. >
[2010-06-24 15:28:21 | 000,000,000 | ---D | M] -- C:\Program Files\1-Click YouTube Downloader
[2010-06-26 00:55:59 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010-06-22 11:43:18 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2010-06-26 23:57:28 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2010-06-28 18:41:10 | 000,000,000 | ---D | M] -- C:\Program Files\Ares
[2010-06-21 20:17:26 | 000,000,000 | ---D | M] -- C:\Program Files\ATI
[2010-06-21 20:19:21 | 000,000,000 | ---D | M] -- C:\Program Files\ATI Technologies
[2010-06-27 09:44:44 | 000,000,000 | ---D | M] -- C:\Program Files\AVS4YOU
[2010-06-22 11:55:36 | 000,000,000 | ---D | M] -- C:\Program Files\BitComet
[2010-06-28 12:59:08 | 000,000,000 | ---D | M] -- C:\Program Files\Bitcomet Ultra Accelerator
[2010-06-25 13:18:55 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2010-07-01 13:30:36 | 000,000,000 | ---D | M] -- C:\Program Files\CleanMyPC
[2010-07-02 11:13:36 | 000,000,000 | ---D | M] -- C:\Program Files\CometBird
[2010-07-03 14:54:16 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010-06-26 22:21:02 | 000,000,000 | ---D | M] -- C:\Program Files\Corel
[2010-06-29 00:43:11 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2010-06-26 23:32:04 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Lite
[2010-06-26 17:43:01 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2010-06-22 13:43:45 | 000,000,000 | ---D | M] -- C:\Program Files\Driver-Soft
[2010-06-26 16:19:12 | 000,000,000 | ---D | M] -- C:\Program Files\Easeware
[2010-06-30 10:44:21 | 000,000,000 | ---D | M] -- C:\Program Files\Glary Utilities
[2010-06-22 11:49:01 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010-06-30 09:47:36 | 000,000,000 | ---D | M] -- C:\Program Files\GRISOFT
[2010-06-26 13:11:08 | 000,000,000 | ---D | M] -- C:\Program Files\Innovative Solutions
[2010-06-29 00:40:27 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010-06-22 12:34:42 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2010-06-29 15:54:27 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010-06-27 00:14:58 | 000,000,000 | ---D | M] -- C:\Program Files\IObit
[2010-06-24 01:22:50 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010-06-29 10:27:31 | 000,000,000 | ---D | M] -- C:\Program Files\K-Lite Codec Pack
[2010-07-01 16:06:32 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2010-06-25 17:51:19 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire
[2010-06-27 00:39:13 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire Ultra Accelerator
[2010-06-30 12:38:31 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2006-11-02 18:07:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2010-06-29 15:22:50 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010-06-25 19:11:08 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010-06-29 00:47:00 | 000,000,000 | ---D | M] -- C:\Program Files\MpcStar
[2006-11-02 18:07:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2010-07-01 23:27:55 | 000,000,000 | ---D | M] -- C:\Program Files\Need for Speed Carbon
[2010-06-26 16:46:21 | 000,000,000 | ---D | M] -- C:\Program Files\NewTech Infosystems
[2010-06-24 15:18:31 | 000,000,000 | ---D | M] -- C:\Program Files\Orbitdownloader
[2010-06-22 11:45:28 | 000,000,000 | ---D | M] -- C:\Program Files\ParetoLogic
[2010-06-29 12:20:25 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2006-11-02 18:07:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2010-06-22 12:16:34 | 000,000,000 | ---D | M] -- C:\Program Files\RegCure
[2010-06-29 12:55:40 | 000,000,000 | ---D | M] -- C:\Program Files\Sony
[2010-06-30 10:20:36 | 000,000,000 | ---D | M] -- C:\Program Files\Sophos
[2010-07-01 16:33:02 | 000,000,000 | ---D | M] -- C:\Program Files\Spyware Doctor
[2010-06-22 12:25:43 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2010-06-26 20:58:20 | 000,000,000 | -H-D | M] -- C:\Program Files\Temp
[2010-06-26 17:44:36 | 000,000,000 | ---D | M] -- C:\Program Files\ThinkPad
[2010-06-30 13:12:30 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2006-11-02 18:31:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2010-07-01 20:56:10 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2010-06-21 22:54:02 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2009-04-11 18:53:33 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009-04-11 18:53:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2009-04-11 18:53:28 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2009-04-11 18:53:31 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2010-06-25 19:11:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2010-06-26 22:24:04 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Components
[2010-06-25 19:10:55 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006-11-02 18:07:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009-04-11 18:53:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2010-06-28 10:19:23 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2009-04-11 18:53:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2010-06-22 12:43:27 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2010-06-22 12:43:39 | 000,000,000 | ---D | M] -- C:\Program Files\Wise Disk Cleaner
[2010-06-28 18:14:55 | 000,000,000 | ---D | M] -- C:\Program Files\Xilisoft
[2010-06-24 15:29:45 | 000,000,000 | ---D | M] -- C:\Program Files\YouTube Downloader
[2010-06-26 23:22:33 | 000,000,000 | ---D | M] -- C:\Program Files\ZC DVD Creator Platinum

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< MD5 for: EVENTLOG.DLL >
[2008-06-06 14:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll

< MD5 for: EVENTLOG.ETL >
[2010-07-05 12:27:24 | 000,196,608 | ---- | M] () MD5=F8AE0270E806C54EB78A311CDBE10401 -- C:\Windows\System32\NDF\eventlog.etl

< MD5 for: WSCNTFY.DLL >
[2009-04-11 18:48:07 | 000,223,744 | ---- | M] (Microsoft Corporation) MD5=0B5AC46982E77CAF3EC1D55C9AC6AB56 -- C:\Windows\System32\wscntfy.dll
[2009-04-11 18:48:07 | 000,223,744 | ---- | M] (Microsoft Corporation) MD5=0B5AC46982E77CAF3EC1D55C9AC6AB56 -- C:\Windows\winsxs\x86_microsoft-windows-s..tycenter-notifyicon_31bf3856ad364e35_6.0.6002.18005_none_0015b648d92092e2\wscntfy.dl l

< MD5 for: WSCNTFY.DLL.MUI >
[2006-11-02 18:11:32 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=DC3682BEB013B14470318C5C920E6589 -- C:\Windows\System32\en-US\wscntfy.dll.mui
[2006-11-02 18:11:32 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=DC3682BEB013B14470318C5C920E6589 -- C:\Windows\winsxs\x86_microsoft-windows-s..otifyicon.resources_31bf3856ad364e35_6.0.6000.16386_en-us_9fecff8addf581a9\wscntfy.dll.mui

========== Alternate Data Streams ==========

@Alternate Data Stream - 169 bytes -> C:\ProgramData\Temp:ECF54A0E
@Alternate Data Stream - 158 bytes -> C:\ProgramData\Temp

FC5A2B2
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:A8ADE5D8
< End of report >

leo92 · 05-Jul-2010, 03:47 AM #8

Sorry for the late reply, my net connection was down in INDIA.

here is my otl.txt:

OTL logfile created on: 05-07-2010 12:20:30 - Run 1
OTL by OldTimer - Version 3.2.7.1 Folder = C:\Users\SACHIN\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 61.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.94 Gb Total Space | 127.61 Gb Free Space | 57.24% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SACHIN-PC
Current User Name: SACHIN
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010-07-05 12:16:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\SACHIN\Downloads\OTL.exe
PRC - [2010-06-30 12:42:31 | 000,008,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\CometBird\plugin-container.exe
PRC - [2010-06-30 12:42:11 | 000,116,024 | ---- | M] (CometNetwork) -- C:\Program Files\CometBird\CometBird.exe
PRC - [2010-06-29 02:27:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-06-29 02:27:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-06-11 18:14:22 | 000,312,152 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Security 360\is360srv.exe
PRC - [2010-04-15 13:13:18 | 001,459,568 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
PRC - [2010-01-22 08:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2009-11-02 14:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009-10-02 17:48:26 | 000,595,232 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
PRC - [2009-09-01 21:30:11 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files\CyberLink\Shared files\brs.exe
PRC - [2009-07-06 14:22:04 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
PRC - [2009-04-11 18:48:30 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-03-02 22:18:08 | 000,913,664 | ---- | M] (CleanMyPC Software) -- C:\Program Files\CleanMyPC\Registry Cleaner\RCHelper.exe
PRC - [2008-01-21 07:53:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007-06-15 12:45:20 | 000,469,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe

========== Modules (SafeList) ==========

MOD - [2010-07-05 12:16:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\SACHIN\Downloads\OTL.exe
MOD - [2009-04-11 18:48:14 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008-01-21 07:54:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Windows\System32\xmlprov.dll -- (xmlprov)
SRV - File not found [On_Demand | Stopped] -- C:\Windows\System32\ups.exe -- (UPS)
SRV - File not found [Auto | Stopped] -- C:\Windows\System32\ersvc.dll -- (ERSvc)
SRV - File not found [On_Demand | Stopped] -- C:\Windows\System32\cisvc.exe -- (CiSvc)
SRV - [2010-07-01 16:13:41 | 001,352,832 | ---- | M] (Lavasoft) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010-06-29 02:27:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-06-29 02:27:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-06-29 02:27:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-06-11 18:14:22 | 000,312,152 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Security 360\is360srv.exe -- (IS360service)
SRV - [2010-04-15 13:13:18 | 000,722,288 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV - [2010-03-18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2010-03-11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010-01-22 08:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2009-10-02 17:48:26 | 000,595,232 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009-09-25 06:57:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2008-01-21 07:53:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2010-06-29 02:07:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-06-29 02:07:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-06-29 02:03:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-06-29 02:02:56 | 000,050,256 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010-06-29 02:02:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-06-26 23:32:03 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010-06-26 19:34:00 | 000,274,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwampfl.sys -- (btwampfl)
DRV - [2010-06-26 16:45:23 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2010-05-31 11:43:16 | 000,252,008 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2010-05-17 22:53:06 | 006,630,912 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2010-04-30 16:59:12 | 003,086,752 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010-03-29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010-01-21 16:06:18 | 000,230,448 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2009-12-02 13:11:04 | 000,018,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2009-12-02 13:11:02 | 000,108,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2009-12-02 13:11:02 | 000,086,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2009-12-02 13:11:02 | 000,029,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2009-09-01 16:59:44 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/06/29 00:35:09] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2009-06-19 16:44:14 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2009-04-11 18:48:32 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) RMCAST (Pgm)
DRV - [2009-04-11 18:48:01 | 000,069,096 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008-07-29 04:45:00 | 000,904,192 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb)
DRV - [2008-06-03 06:22:56 | 003,695,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008-03-25 11:41:00 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2008-03-25 11:27:18 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2008-03-25 11:27:16 | 000,073,472 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2008-01-21 07:53:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008-01-21 07:53:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008-01-21 07:53:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008-01-21 07:53:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008-01-21 07:53:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008-01-21 07:53:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008-01-21 07:53:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008-01-21 07:53:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008-01-21 07:53:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008-01-21 07:53:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008-01-21 07:53:23 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf)
DRV - [2008-01-21 07:53:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008-01-21 07:53:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008-01-21 07:53:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008-01-21 07:53:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008-01-21 07:53:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008-01-21 07:53:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008-01-21 07:53:22 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV)
DRV - [2008-01-21 07:53:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008-01-21 07:53:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008-01-21 07:53:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008-01-21 07:53:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008-01-21 07:53:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008-01-21 07:53:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008-01-21 07:53:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008-01-21 07:53:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008-01-21 07:53:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007-11-28 14:35:02 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007-11-16 21:01:54 | 000,818,688 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007-01-31 19:03:46 | 000,005,632 | ---- | M] (GRISOFT, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\DRIVERS\avgarkt.sys -- (AVG Anti-Rootkit)
DRV - [2007-01-18 17:30:28 | 000,003,968 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\AvgArCln.sys -- (AvgArCln)
DRV - [2006-11-02 15:20:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 15:20:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 15:20:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 15:20:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 15:20:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 15:20:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 15:20:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 15:20:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 15:20:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 15:19:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 15:19:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 13:55:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 13:54:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 13:54:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 13:54:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 13:54:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 13:54:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 13:06:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2004-12-17 16:14:44 | 000,013,952 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\UBHelper.sys -- (UBHelper)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[2010-06-22 11:17:21 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\Mozilla\Extensions

O1 HOSTS File: ([2010-07-03 15:02:11 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.4.13.dll (BitComet)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [VAIOCameraUtility] C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe (Sony Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DriverMax_RESTART] C:\Program Files\Innovative Solutions\DriverMax\devices.exe (Innovative Solutions)
O4 - HKCU..\Run: [Registry Cleaner Scheduler] C:\Program Files\CleanMyPC\Registry Cleaner\RCHelper.exe (CleanMyPC Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.4.13.dll (BitComet)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 124.124.5.141 124.124.5.140
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img8.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img8.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-06-26 16:46:43 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - C:\Windows\System32\ntmssvc.dll File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - C:\Windows\System32\srsvc.dll File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: kvxqiwfj - File not found

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bitcomet Ultra Accelerator.lnk - C:\Program Files\Bitcomet Ultra Accelerator\BitComet Ultra Accelerator.exe - (TrafficSpeeders LLC)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe - (Broadcom Corporation.)
MsConfig - StartUpReg: ares - hkey= - key= - C:\Program Files\Ares\Ares.exe (Ares Development Group)
MsConfig - StartUpReg: BitComet - hkey= - key= - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - C:\Windows\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - C:\Windows\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: aux - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.i420 - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: VIDC.IYUV - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YUY2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
Drivers32: VIDC.YVU9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2010-07-03 15:02:15 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2010-07-03 15:00:00 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010-07-03 14:45:32 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010-07-03 14:45:12 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010-07-03 10:43:34 | 000,000,000 | ---D | C] -- C:\Windows\$regcmp$
[2010-07-02 10:37:07 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010-07-02 10:37:06 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010-07-02 10:37:06 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010-07-02 10:36:43 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010-07-02 10:33:32 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010-07-01 23:28:55 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Documents\NFS Carbon
[2010-07-01 23:14:11 | 000,000,000 | ---D | C] -- C:\Program Files\Need for Speed Carbon
[2010-07-01 20:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010-07-01 20:55:25 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\uTorrent
[2010-07-01 16:30:57 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2010-07-01 16:30:56 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2010-07-01 16:30:56 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2010-07-01 16:30:28 | 000,233,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2010-07-01 16:30:28 | 000,100,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2010-07-01 16:30:24 | 000,218,592 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010-07-01 16:30:24 | 000,088,040 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2010-07-01 16:30:17 | 000,063,360 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010-07-01 16:30:05 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010-07-01 16:30:05 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\PC Tools
[2010-07-01 16:30:05 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010-07-01 16:30:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010-07-01 16:17:44 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010-07-01 16:06:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010-07-01 16:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010-07-01 16:05:50 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010-07-01 13:30:40 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\CleanMyPC Software
[2010-07-01 13:30:36 | 000,000,000 | ---D | C] -- C:\Program Files\CleanMyPC
[2010-06-30 13:34:14 | 000,262,144 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2010-06-30 13:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010-06-30 12:45:02 | 000,818,688 | ---- | C] (Texas Instruments) -- C:\Windows\System32\drivers\ti21sony.sys
[2010-06-30 11:55:24 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Malwarebytes
[2010-06-30 11:55:22 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010-06-30 11:55:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010-06-30 11:55:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010-06-30 11:55:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-06-30 10:47:17 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\GlarySoft
[2010-06-30 10:44:18 | 000,000,000 | ---D | C] -- C:\Program Files\Glary Utilities
[2010-06-30 10:20:36 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2010-06-30 09:47:37 | 000,003,968 | ---- | C] (GRISOFT, s.r.o.) -- C:\Windows\System32\drivers\AvgArCln.sys
[2010-06-30 09:47:36 | 000,000,000 | ---D | C] -- C:\Program Files\GRISOFT
[2010-06-29 20:10:15 | 000,000,000 | ---D | C] -- C:\ProgramData\{9DF77379-A83D-46CF-968D-03CBC652096D}
[2010-06-29 15:22:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010-06-29 14:53:29 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\avastSS.scr
[2010-06-29 13:06:58 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Publish Providers
[2010-06-29 13:02:39 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Documents\Vegas Movie Studio HD Platinum 10.0 Projects
[2010-06-29 13:02:39 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Sony
[2010-06-29 12:56:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2010-06-29 12:53:34 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Sony
[2010-06-29 12:20:25 | 000,252,008 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rtlh86.sys
[2010-06-29 10:50:01 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Media Player Classic
[2010-06-29 10:27:03 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm
[2010-06-29 10:27:02 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2010-06-29 10:27:02 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm
[2010-06-29 10:27:00 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2010-06-29 01:04:39 | 000,000,000 | ---D | C] -- C:\ProgramData\VistaCodecs
[2010-06-29 00:31:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010-06-28 18:34:02 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Ares
[2010-06-28 18:33:57 | 000,000,000 | ---D | C] -- C:\Program Files\Ares
[2010-06-28 18:16:41 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Xilisoft
[2010-06-28 18:16:37 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Xilisoft
[2010-06-28 18:14:55 | 000,000,000 | ---D | C] -- C:\Program Files\Xilisoft
[2010-06-28 13:02:51 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\InstallShield
[2010-06-28 12:49:57 | 000,000,000 | ---D | C] -- C:\Program Files\Bitcomet Ultra Accelerator
[2010-06-28 10:19:22 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2010-06-28 10:04:49 | 000,000,000 | -H-D | C] -- C:\Users\SACHIN\Documents\PDRMUSIC.TMP
[2010-06-27 10:48:51 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Documents\CyberLink
[2010-06-27 10:48:50 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Cyberlink
[2010-06-27 09:29:54 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Power2Go
[2010-06-27 00:39:05 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire Ultra Accelerator
[2010-06-27 00:13:54 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010-06-27 00:00:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CyberLink
[2010-06-26 23:57:30 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Apple
[2010-06-26 23:57:27 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010-06-26 23:57:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010-06-26 23:49:21 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\CyberLink
[2010-06-26 23:49:19 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Cyberlink
[2010-06-26 23:46:15 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2010-06-26 23:45:01 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010-06-26 23:41:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2010-06-26 23:32:02 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys
[2010-06-26 23:31:37 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010-06-26 23:31:17 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\DAEMON Tools Lite
[2010-06-26 23:31:15 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010-06-26 23:07:57 | 000,000,000 | ---D | C] -- C:\Program Files\ZC DVD Creator Platinum
[2010-06-26 22:32:21 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Documents\Corel DVD MovieFactory
[2010-06-26 22:32:19 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Ulead Systems
[2010-06-26 22:24:06 | 000,000,000 | ---D | C] -- C:\Windows\RegisteredPackages
[2010-06-26 22:24:05 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp
[2010-06-26 22:24:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Components
[2010-06-26 22:23:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2010-06-26 22:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Ulead Systems
[2010-06-26 22:21:02 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2010-06-26 20:58:57 | 000,000,000 | ---D | C] -- C:\Windows\tiinst
[2010-06-26 20:58:26 | 000,000,000 | ---D | C] -- C:\Dell
[2010-06-26 20:51:50 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2010-06-26 20:51:50 | 001,738,072 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2010-06-26 20:51:50 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010-06-26 20:51:50 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2010-06-26 20:51:50 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2010-06-26 20:51:50 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2010-06-26 20:51:43 | 000,357,576 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2010-06-26 20:51:43 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2010-06-26 20:51:43 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2010-06-26 20:51:43 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2010-06-26 20:51:42 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2010-06-26 20:51:42 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2010-06-26 20:51:41 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2010-06-26 20:51:41 | 001,312,088 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2010-06-26 20:51:41 | 000,253,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2010-06-26 20:51:41 | 000,253,272 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2010-06-26 20:51:41 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2010-06-26 20:51:41 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2010-06-26 20:51:38 | 001,131,280 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2010-06-26 20:51:38 | 000,961,296 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2010-06-26 20:51:38 | 000,427,792 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2010-06-26 20:51:38 | 000,405,776 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2010-06-26 20:51:38 | 000,299,424 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2010-06-26 20:51:38 | 000,290,064 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2010-06-26 20:51:38 | 000,223,504 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2010-06-26 20:51:37 | 000,900,368 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2010-06-26 20:51:37 | 000,448,272 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2010-06-26 20:51:37 | 000,235,280 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2010-06-26 20:51:37 | 000,103,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2010-06-26 20:51:37 | 000,103,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2010-06-26 20:51:37 | 000,102,160 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2010-06-26 20:51:34 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2010-06-26 18:28:50 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Documents\DriverEasy
[2010-06-26 18:28:15 | 000,230,448 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\drivers\SynTP.sys
[2010-06-26 18:28:15 | 000,206,120 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynCtrl.dll
[2010-06-26 18:28:15 | 000,161,064 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynTPAPI.dll
[2010-06-26 18:28:15 | 000,120,104 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynTPCo4.dll
[2010-06-26 17:51:20 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Broadcom
[2010-06-26 17:51:20 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Documents\Bluetooth Exchange Folder
[2010-06-26 17:44:36 | 000,000,000 | ---D | C] -- C:\Program Files\ThinkPad
[2010-06-26 17:43:01 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010-06-26 17:41:18 | 000,000,000 | ---D | C] -- C:\DRIVERS
[2010-06-26 17:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\NtiDvdCopy
[2010-06-26 16:46:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\muvee Technologies
[2010-06-26 16:46:35 | 000,226,816 | ---- | C] (honest technology) -- C:\Windows\System32\htvcdsvcd.ax
[2010-06-26 16:46:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\NewTech Infosystems
[2010-06-26 16:46:21 | 000,000,000 | ---D | C] -- C:\Program Files\NewTech Infosystems
[2010-06-26 16:45:23 | 000,006,144 | ---- | C] (NewTech Infosystems, Inc.) -- C:\Windows\System32\drivers\NTIDrvr.sys
[2010-06-26 16:19:29 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Easeware
[2010-06-26 16:19:12 | 000,000,000 | ---D | C] -- C:\Program Files\Easeware
[2010-06-26 13:11:13 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Documents\My Drivers
[2010-06-26 13:11:13 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Innovative Solutions
[2010-06-26 13:11:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Innovative Solutions
[2010-06-26 13:11:08 | 000,000,000 | ---D | C] -- C:\Program Files\Innovative Solutions
[2010-06-26 00:57:37 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Adobe
[2010-06-26 00:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010-06-26 00:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010-06-26 00:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010-06-25 13:18:53 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010-06-24 22:50:32 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Desktop\Pazera_Video_Converters_Suite
[2010-06-24 15:33:56 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\AVS4YOU
[2010-06-24 15:33:56 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2010-06-24 15:33:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia
[2010-06-24 15:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU
[2010-06-24 15:28:21 | 000,000,000 | ---D | C] -- C:\myyoutube
[2010-06-24 15:27:34 | 000,000,000 | ---D | C] -- C:\Program Files\1-Click YouTube Downloader
[2010-06-24 15:24:26 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader
[2010-06-24 15:18:27 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\GrabPro
[2010-06-24 15:18:25 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\OpenCandy
[2010-06-24 15:18:18 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\OpenCandy
[2010-06-24 15:18:16 | 000,000,000 | ---D | C] -- C:\Program Files\Orbitdownloader
[2010-06-24 15:18:16 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Orbit
[2010-06-24 15:10:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2010-06-24 11:41:17 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2010-06-24 11:41:14 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\TigerPlayer
[2010-06-24 11:40:02 | 000,000,000 | ---D | C] -- C:\Program Files\MpcStar
[2010-06-24 01:24:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010-06-24 01:24:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010-06-24 01:23:56 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Documents\LimeWire
[2010-06-24 01:23:43 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\LimeWire
[2010-06-24 01:22:50 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010-06-24 01:13:58 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2010-06-24 00:49:23 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2010-06-23 23:28:21 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\TuneUp Software
[2010-06-23 23:27:49 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2010-06-23 23:27:42 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010-06-23 23:24:59 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Google
[2010-06-23 10:28:16 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\IObit
[2010-06-23 10:28:16 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010-06-23 10:11:20 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Uniblue
[2010-06-22 21:55:16 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\DAEMON Tools
[2010-06-22 21:49:29 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Desktop\Plants vs Zombies
[2010-06-22 20:56:30 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games
[2010-06-22 14:54:35 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010-06-22 13:46:01 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\Documents\DriverGenius
[2010-06-22 13:43:45 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
[2010-06-22 13:25:14 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters
[2010-06-22 12:38:44 | 000,000,000 | ---D | C] -- C:\Program Files\Wise Disk Cleaner
[2010-06-22 12:34:42 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2010-06-22 12:34:42 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010-06-22 12:33:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010-06-22 12:32:51 | 004,018,176 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
[2010-06-22 12:28:34 | 000,094,208 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll
[2010-06-22 12:28:30 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010-06-22 12:25:43 | 000,173,352 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynCOM.dll
[2010-06-22 12:25:43 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2010-06-22 12:11:43 | 000,000,000 | ---D | C] -- C:\ProgramData\RegCure
[2010-06-22 12:11:43 | 000,000,000 | ---D | C] -- C:\Program Files\RegCure
[2010-06-22 12:10:49 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\WinRAR
[2010-06-22 12:10:33 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010-06-22 12:01:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloads
[2010-06-22 11:55:43 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\BitComet
[2010-06-22 11:55:32 | 000,000,000 | ---D | C] -- C:\Program Files\BitComet
[2010-06-22 11:45:36 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\DriverCure
[2010-06-22 11:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2010-06-22 11:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2010-06-22 11:45:28 | 000,000,000 | ---D | C] -- C:\Program Files\ParetoLogic
[2010-06-22 11:45:28 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverCure
[2010-06-22 11:44:40 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Google
[2010-06-22 11:44:40 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010-06-22 11:44:38 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010-06-22 11:44:38 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010-06-22 11:44:36 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010-06-22 11:44:34 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010-06-22 11:44:30 | 000,050,256 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010-06-22 11:43:33 | 000,165,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2010-06-22 11:43:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010-06-22 11:43:18 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-06-22 11:21:07 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Macromedia
[2010-06-22 11:21:06 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Adobe
[2010-06-22 11:20:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010-06-22 11:17:21 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Mozilla
[2010-06-22 11:17:13 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\CometNetwork
[2010-06-22 11:17:13 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\CometNetwork
[2010-06-22 11:17:00 | 000,000,000 | ---D | C] -- C:\Program Files\CometBird
[2010-06-22 10:07:03 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Apps
[2010-06-22 09:08:29 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010-06-22 08:37:20 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2010-06-22 08:18:58 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010-06-22 08:09:20 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010-06-21 23:10:39 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\vlc
[2010-06-21 22:54:02 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010-06-21 20:34:57 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Microsoft Games
[2010-06-21 20:29:40 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\ATI
[2010-06-21 20:29:40 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\ATI
[2010-06-21 20:29:40 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010-06-21 20:26:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2010-06-21 20:22:37 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Sony Corporation
[2010-06-21 20:22:34 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2010-06-21 20:22:33 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010-06-21 20:22:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010-06-21 20:17:33 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010-06-21 20:17:29 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010-06-21 20:17:26 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2010-06-21 20:16:48 | 000,327,680 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2010-06-21 20:16:47 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2010-06-21 20:14:48 | 000,073,472 | ---- | C] (Ricoh) -- C:\Windows\System32\drivers\R5U870FLx86.sys
[2010-06-21 20:14:48 | 000,043,904 | ---- | C] (Ricoh) -- C:\Windows\System32\drivers\R5U870FUx86.sys
[2010-06-21 20:12:21 | 000,000,000 | R--D | C] -- C:\Users\SACHIN\Searches
[2010-06-21 20:12:08 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Identities
[2010-06-21 20:12:05 | 000,000,000 | R--D | C] -- C:\Users\SACHIN\Contacts
[2010-06-21 20:12:03 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\VirtualStore
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\AppData\Local\Temporary Internet Files
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\Templates
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\Start Menu
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\SendTo
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\Recent
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\PrintHood
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\NetHood
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\Documents\My Videos
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\Documents\My Pictures
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\Documents\My Music
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\My Documents
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\Local Settings
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\AppData\Local\History
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\Cookies
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\Application Data
[2010-06-21 20:11:58 | 000,000,000 | -HSD | C] -- C:\Users\SACHIN\AppData\Local\Application Data
[2010-06-21 20:11:56 | 000,000,000 | --SD | C] -- C:\Users\SACHIN\AppData\Roaming\Microsoft
[2010-06-21 20:11:56 | 000,000,000 | R--D | C] -- C:\Users\SACHIN\Videos
[2010-06-21 20:11:56 | 000,000,000 | R--D | C] -- C:\Users\SACHIN\Saved Games
[2010-06-21 20:11:56 | 000,000,000 | R--D | C] -- C:\Users\SACHIN\Pictures
[2010-06-21 20:11:56 | 000,000,000 | R--D | C] -- C:\Users\SACHIN\Music
[2010-06-21 20:11:56 | 000,000,000 | R--D | C] -- C:\Users\SACHIN\Links
[2010-06-21 20:11:56 | 000,000,000 | R--D | C] -- C:\Users\SACHIN\Favorites
[2010-06-21 20:11:56 | 000,000,000 | R--D | C] -- C:\Users\SACHIN\Downloads
[2010-06-21 20:11:56 | 000,000,000 | R--D | C] -- C:\Users\SACHIN\Documents
[2010-06-21 20:11:56 | 000,000,000 | R--D | C] -- C:\Users\SACHIN\Desktop
[2010-06-21 20:11:56 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Temp
[2010-06-21 20:11:56 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Local\Microsoft
[2010-06-21 20:11:56 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData\Roaming\Media Center Programs
[2010-06-21 20:11:56 | 000,000,000 | ---D | C] -- C:\Users\SACHIN\AppData
[2010-06-21 13:27:46 | 000,000,000 | ---D | C] -- C:\QUARANTINE
[2010-06-19 14:27:46 | 000,000,000 | ---D | C] -- C:\Intel Desktop Board
[2010-06-19 06:09:57 | 000,000,000 | ---D | C] -- C:\Temp1
[2010-06-15 10:04:27 | 000,069,632 | ---- | C] ( ) -- C:\nporbit.dll
[2010-06-12 15:15:05 | 000,000,000 | ---D | C] -- C:\Ares
[2010-06-03 20:25:27 | 000,000,000 | ---D | C] -- C:\IObit
[2010-06-02 15:32:08 | 000,000,000 | ---D | C] -- C:\DVDTemp
[2010-06-01 13:38:54 | 000,000,000 | ---D | C] -- C:\ZCVideoDVD
[2010-05-31 23:15:08 | 000,000,000 | ---D | C] -- C:\Temp
[2010-05-29 22:01:59 | 000,000,000 | ---D | C] -- C:\My Works
[2010-04-20 16:57:58 | 000,000,000 | ---D | C] -- C:\Pcsx2
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\SACHIN\Documents\*.tmp files -> C:\Users\SACHIN\Documents\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010-07-05 12:22:27 | 002,883,584 | ---- | M] () -- C:\Users\SACHIN\NTUSER.DAT
[2010-07-05 12:13:14 | 000,703,388 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010-07-05 12:13:14 | 000,609,196 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-07-05 12:13:14 | 000,108,672 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-07-05 11:49:05 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010-07-05 11:49:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010-07-05 11:48:00 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2010-07-05 11:47:54 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\AWC AutoSweep.job
[2010-07-05 11:47:52 | 000,000,398 | ---- | M] () -- C:\Windows\tasks\DriverCure Startup.job
[2010-07-05 11:47:48 | 000,000,314 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2010-07-05 11:47:23 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-07-05 11:47:23 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-07-05 11:47:22 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-07-05 11:47:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-07-05 11:42:51 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010-07-05 11:42:50 | 000,524,288 | -HS- | M] () -- C:\Users\SACHIN\NTUSER.DAT{86f727d0-865e-11df-acae-001a80cdd7e6}.TMContainer00000000000000000001.regtrans-ms
[2010-07-05 11:42:50 | 000,065,536 | -HS- | M] () -- C:\Users\SACHIN\NTUSER.DAT{86f727d0-865e-11df-acae-001a80cdd7e6}.TM.blf
[2010-07-05 11:42:44 | 002,779,331 | -H-- | M] () -- C:\Users\SACHIN\AppData\Local\IconCache.db
[2010-07-04 20:04:09 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010-07-03 18:00:00 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2010-07-03 18:00:00 | 000,000,444 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job
[2010-07-03 17:23:05 | 000,037,888 | ---- | M] () -- C:\Users\SACHIN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-07-03 17:00:01 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\RegCure Program Check.job
[2010-07-03 15:02:20 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010-07-03 15:02:11 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010-07-03 13:14:56 | 000,524,288 | -HS- | M] () -- C:\Users\SACHIN\NTUSER.DAT{86f727d0-865e-11df-acae-001a80cdd7e6}.TMContainer00000000000000000002.regtrans-ms
[2010-07-03 10:47:18 | 000,524,288 | -HS- | M] () -- C:\Users\SACHIN\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010-07-03 10:47:18 | 000,065,536 | -HS- | M] () -- C:\Users\SACHIN\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010-07-02 10:33:07 | 003,725,496 | R--- | M] () -- C:\Users\SACHIN\Desktop\ComboFix.exe
[2010-07-02 10:13:59 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010-07-01 23:27:56 | 000,000,657 | ---- | M] () -- C:\Users\SACHIN\Desktop\NFSC.lnk
[2010-07-01 20:56:10 | 000,000,776 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010-07-01 20:56:10 | 000,000,752 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010-07-01 16:30:20 | 000,001,759 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010-07-01 16:17:41 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010-07-01 16:17:20 | 000,015,880 | ---- | M] () -- C:\Windows\System32\lsdelete.exe
[2010-07-01 16:06:24 | 000,001,031 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010-07-01 16:06:24 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010-07-01 13:43:01 | 000,001,152 | ---- | M] () -- C:\Windows\System32\windrv.sys
[2010-07-01 13:30:37 | 000,000,906 | ---- | M] () -- C:\Users\SACHIN\Desktop\CleanMyPC - Registry Cleaner.lnk
[2010-06-30 13:58:32 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010-06-30 13:12:30 | 000,001,874 | ---- | M] () -- C:\Users\SACHIN\Desktop\HijackThis.lnk
[2010-06-30 11:55:22 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-06-30 10:44:21 | 000,000,797 | ---- | M] () -- C:\Users\SACHIN\Desktop\Glary Utilities.lnk
[2010-06-30 09:47:38 | 000,000,968 | ---- | M] () -- C:\Users\Public\Desktop\AVG Anti-Rootkit Free.lnk
[2010-06-30 09:43:40 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010-06-30 00:57:04 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\DriverCure.job
[2010-06-29 16:01:01 | 000,000,943 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010-06-29 14:53:30 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010-06-29 02:27:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\avastSS.scr
[2010-06-29 02:27:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2010-06-29 02:07:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010-06-29 02:07:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010-06-29 02:03:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010-06-29 02:02:56 | 000,050,256 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010-06-29 02:02:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010-06-29 00:40:07 | 000,001,803 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink Media Suite.lnk
[2010-06-28 18:41:09 | 000,000,748 | ---- | M] () -- C:\Users\SACHIN\Desktop\Ares.lnk
[2010-06-28 18:34:00 | 000,000,704 | ---- | M] () -- C:\Users\Public\Desktop\Ares.lnk
[2010-06-28 18:15:59 | 000,001,912 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Xilisoft DVD Creator 6.lnk
[2010-06-28 18:15:59 | 000,001,888 | ---- | M] () -- C:\Users\Public\Desktop\Xilisoft DVD Creator 6.lnk
[2010-06-28 12:50:05 | 000,001,044 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Bitcomet Ultra Accelerator.lnk
[2010-06-28 12:50:05 | 000,001,020 | ---- | M] () -- C:\Users\Public\Desktop\Bitcomet Ultra Accelerator.lnk
[2010-06-28 10:18:52 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010-06-28 09:58:39 | 007,141,504 | ---- | M] () -- C:\Users\SACHIN\Documents\02. Flo Rida - Ack Like You Know.mp3
[2010-06-27 17:36:57 | 000,264,928 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010-06-27 10:51:41 | 000,005,632 | ---- | M] () -- C:\Users\SACHIN\Documents\MO_Audio_Test.grf
[2010-06-27 09:48:21 | 000,067,192 | ---- | M] () -- C:\Users\SACHIN\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-06-27 00:39:13 | 000,001,044 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\LimeWire Ultra Accelerator.lnk
[2010-06-27 00:39:13 | 000,001,020 | ---- | M] () -- C:\Users\Public\Desktop\LimeWire Ultra Accelerator.lnk
[2010-06-26 23:32:03 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys
[2010-06-26 23:32:03 | 000,001,735 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010-06-26 23:08:27 | 000,000,028 | ---- | M] () -- C:\Windows\ZC DVD Creator Platinum.INI
[2010-06-26 23:08:11 | 000,000,902 | ---- | M] () -- C:\Users\SACHIN\Desktop\ZC DVD Creator Platinum.lnk
[2010-06-26 18:30:34 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010-06-26 18:30:22 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010-06-26 16:46:43 | 000,000,074 | ---- | M] () -- C:\autoexec.bat
[2010-06-26 16:46:18 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\NTI CD & DVD-Maker 7.lnk
[2010-06-26 16:46:10 | 000,001,024 | RH-- | M] () -- C:\Windows\System32\NTICDMK7.dll
[2010-06-26 16:45:43 | 000,001,024 | RH-- | M] () -- C:\Windows\System32\NTIMPEG2.dll
[2010-06-26 16:45:43 | 000,001,024 | RH-- | M] () -- C:\Windows\System32\NTIMP3.dll
[2010-06-26 16:45:43 | 000,001,024 | RH-- | M] () -- C:\Windows\System32\NTIFCD3.dll
[2010-06-26 16:45:23 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Windows\System32\drivers\NTIDrvr.sys
[2010-06-26 16:19:16 | 000,000,881 | ---- | M] () -- C:\Users\Public\Desktop\DriverEasy.lnk
[2010-06-26 15:56:32 | 000,000,919 | ---- | M] () -- C:\Users\SACHIN\Desktop\DriverMax.lnk
[2010-06-25 13:18:55 | 000,000,804 | ---- | M] () -- C:\Users\SACHIN\Desktop\CCleaner.lnk
[2010-06-25 00:34:48 | 000,000,418 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version2.job
[2010-06-25 00:27:06 | 006,301,976 | ---- | M] () -- C:\Users\SACHIN\Desktop\bmc Admission form.rtf
[2010-06-25 00:25:18 | 006,301,976 | ---- | M] () -- C:\Users\SACHIN\Documents\BMC College Fee Receipt.rtf
[2010-06-25 00:13:29 | 006,301,976 | ---- | M] () -- C:\Users\SACHIN\Documents\BMC College Admission No..rtf
[2010-06-24 15:27:34 | 000,000,999 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\1-Click YouTube Downloader.lnk
[2010-06-24 15:27:34 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\1-Click YouTube Downloader.lnk
[2010-06-24 15:24:27 | 000,000,919 | ---- | M] () -- C:\Users\SACHIN\Desktop\YouTube Downloader.lnk
[2010-06-24 15:18:27 | 000,000,872 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Orbit.lnk
[2010-06-24 15:18:26 | 000,000,848 | ---- | M] () -- C:\Users\SACHIN\Desktop\Orbit.lnk
[2010-06-24 14:49:21 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2010-06-24 01:14:24 | 000,001,710 | ---- | M] () -- C:\Users\SACHIN\Desktop\LimeWire PRO 4.18.8.lnk
[2010-06-23 10:28:25 | 000,001,038 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk
[2010-06-23 10:28:25 | 000,001,014 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010-06-22 13:43:47 | 000,000,916 | ---- | M] () -- C:\Users\SACHIN\Desktop\Driver Genius Professional Edition.lnk
[2010-06-22 12:46:18 | 000,000,420 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2010-06-22 12:46:18 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\RegCure.job
[2010-06-22 12:38:45 | 000,001,786 | ---- | M] () -- C:\Users\SACHIN\Desktop\Clean disk with 1 click.lnk
[2010-06-22 12:38:45 | 000,000,926 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Wise Disk Cleaner.lnk
[2010-06-22 12:11:46 | 000,000,784 | ---- | M] () -- C:\Users\Public\Desktop\RegCure.lnk
[2010-06-22 11:58:33 | 000,001,004 | ---- | M] () -- C:\Users\Public\Desktop\ParetoLogic DriverCure.lnk
[2010-06-22 11:55:36 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\BitComet.lnk
[2010-06-22 11:49:11 | 000,001,955 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010-06-22 11:44:39 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010-06-22 11:17:02 | 000,001,710 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\CometBird.lnk
[2010-06-22 11:17:02 | 000,001,686 | ---- | M] () -- C:\Users\Public\Desktop\CometBird.lnk
[2010-06-22 09:08:16 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010-06-22 08:20:13 | 000,136,009 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010-06-21 22:54:10 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010-06-21 20:48:12 | 000,000,938 | ---- | M] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010-06-21 20:26:30 | 000,524,288 | -HS- | M] () -- C:\Users\SACHIN\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010-06-21 20:18:48 | 000,001,973 | ---- | M] () -- C:\Users\SACHIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CCC.lnk
[2010-06-21 20:14:18 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010-06-21 20:12:45 | 000,000,680 | ---- | M] () -- C:\Users\SACHIN\AppData\Local\d3d9caps.dat
[2010-06-21 20:11:58 | 000,000,020 | -HS- | M] () -- C:\Users\SACHIN\ntuser.ini
[2010-06-08 21:40:50 | 000,790,528 | ---- | M] () -- C:\Windows\System32\xvidcore.dll
[2010-06-08 21:40:50 | 000,134,144 | ---- | M] () -- C:\Windows\System32\xvidvfw.dll
[2010-06-02 13:30:00 | 000,108,032 | ---- | M] () -- C:\Windows\System32\ff_vfw.dll
[2010-06-02 13:30:00 | 000,000,038 | ---- | M] () -- C:\Windows\avisplitter.ini
[2010-05-31 11:43:16 | 000,252,008 | ---- | M] (Realtek ) -- C:\Windows\System32\drivers\Rtlh86.sys
[2010-05-05 14:19:56 | 000,050,688 | ---- | M] () -- C:\Windows\System32\ff_acm.acm
[2010-05-04 08:28:45 | 000,057,667 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010-04-29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010-04-27 20:51:40 | 001,738,072 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2010-04-27 20:51:32 | 000,253,272 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2010-04-27 20:51:24 | 000,253,784 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2010-04-27 20:51:04 | 001,312,088 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2010-04-27 13:50:10 | 000,299,424 | ---- | M] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2010-04-26 15:58:12 | 000,256,512 | ---- | M] () -- C:\Windows\PEV.exe
[2010-04-14 17:55:20 | 000,232,792 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2010-04-08 14:29:32 | 000,063,360 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\SACHIN\Documents\*.tmp files -> C:\Users\SACHIN\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010-07-03 14:41:42 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010-07-03 10:48:39 | 000,524,288 | -HS- | C] () -- C:\Users\SACHIN\NTUSER.DAT{86f727d0-865e-11df-acae-001a80cdd7e6}.TMContainer00000000000000000002.regtrans-ms
[2010-07-03 10:48:39 | 000,524,288 | -HS- | C] () -- C:\Users\SACHIN\NTUSER.DAT{86f727d0-865e-11df-acae-001a80cdd7e6}.TMContainer00000000000000000001.regtrans-ms
[2010-07-03 10:48:39 | 000,065,536 | -HS- | C] () -- C:\Users\SACHIN\NTUSER.DAT{86f727d0-865e-11df-acae-001a80cdd7e6}.TM.blf
[2010-07-02 10:37:07 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010-07-02 10:37:06 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010-07-02 10:37:06 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010-07-02 10:37:06 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010-07-02 10:37:06 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010-07-02 10:34:31 | 003,725,496 | R--- | C] () -- C:\Users\SACHIN\Desktop\ComboFix.exe
[2010-07-01 23:27:56 | 000,000,657 | ---- | C] () -- C:\Users\SACHIN\Desktop\NFSC.lnk
[2010-07-01 20:56:10 | 000,000,776 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010-07-01 20:56:10 | 000,000,752 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010-07-01 16:30:57 | 001,152,444 | ---- | C] () -- C:\Windows\UDB.zip
[2010-07-01 16:30:57 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010-07-01 16:30:57 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2010-07-01 16:30:57 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2010-07-01 16:30:57 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2010-07-01 16:30:28 | 000,007,387 | ---- | C] () -- C:\Windows\System32\drivers\pctgntdi.cat
[2010-07-01 16:30:24 | 000,007,412 | ---- | C] () -- C:\Windows\System32\drivers\PCTAppEvent.cat
[2010-07-01 16:30:24 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctcore.cat
[2010-07-01 16:30:20 | 000,001,759 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010-07-01 16:30:17 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctplsg.cat
[2010-07-01 16:24:40 | 000,015,880 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2010-07-01 16:06:24 | 000,001,031 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010-07-01 16:06:24 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010-07-01 13:43:01 | 000,001,152 | ---- | C] () -- C:\Windows\System32\windrv.sys
[2010-07-01 13:30:37 | 000,000,906 | ---- | C] () -- C:\Users\SACHIN\Desktop\CleanMyPC - Registry Cleaner.lnk
[2010-06-30 13:58:32 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010-06-30 13:34:14 | 000,052,400 | ---- | C] () -- C:\Windows\System32\drivers\ativvpxx.vp
[2010-06-30 13:34:09 | 000,013,848 | ---- | C] () -- C:\Windows\atiogl.xml
[2010-06-30 13:34:04 | 000,172,033 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010-06-30 13:34:03 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2010-06-30 13:12:30 | 000,001,874 | ---- | C] () -- C:\Users\SACHIN\Desktop\HijackThis.lnk
[2010-06-30 11:55:22 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-06-30 10:44:27 | 000,000,314 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
[2010-06-30 10:44:21 | 000,000,797 | ---- | C] () -- C:\Users\SACHIN\Desktop\Glary Utilities.lnk
[2010-06-30 09:47:38 | 000,000,968 | ---- | C] () -- C:\Users\Public\Desktop\AVG Anti-Rootkit Free.lnk
[2010-06-29 15:20:26 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010-06-29 12:20:25 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010-06-29 10:27:07 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010-06-29 10:27:06 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010-06-29 10:27:03 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml
[2010-06-29 10:27:02 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010-06-29 10:27:02 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010-06-29 10:27:02 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010-06-29 00:40:07 | 000,001,803 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink Media Suite.lnk
[2010-06-28 18:41:09 | 000,000,748 | ---- | C] () -- C:\Users\SACHIN\Desktop\Ares.lnk
[2010-06-28 18:34:00 | 000,000,704 | ---- | C] () -- C:\Users\Public\Desktop\Ares.lnk
[2010-06-28 18:15:59 | 000,001,912 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Xilisoft DVD Creator 6.lnk
[2010-06-28 18:15:59 | 000,001,888 | ---- | C] () -- C:\Users\Public\Desktop\Xilisoft DVD Creator 6.lnk
[2010-06-28 12:50:05 | 000,001,044 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Bitcomet Ultra Accelerator.lnk
[2010-06-28 12:50:05 | 000,001,020 | ---- | C] () -- C:\Users\Public\Desktop\Bitcomet Ultra Accelerator.lnk
[2010-06-28 10:18:52 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010-06-28 09:58:38 | 007,141,504 | ---- | C] () -- C:\Users\SACHIN\Documents\02. Flo Rida - Ack Like You Know.mp3
[2010-06-27 10:51:41 | 000,005,632 | ---- | C] () -- C:\Users\SACHIN\Documents\MO_Audio_Test.grf
[2010-06-27 00:39:13 | 000,001,044 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\LimeWire Ultra Accelerator.lnk
[2010-06-27 00:39:13 | 000,001,020 | ---- | C] () -- C:\Users\Public\Desktop\LimeWire Ultra Accelerator.lnk
[2010-06-26 23:32:03 | 000,001,735 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010-06-26 23:08:27 | 000,000,028 | ---- | C] () -- C:\Windows\ZC DVD Creator Platinum.INI
[2010-06-26 23:08:11 | 000,000,902 | ---- | C] () -- C:\Users\SACHIN\Desktop\ZC DVD Creator Platinum.lnk
[2010-06-26 22:25:04 | 000,007,420 | ---- | C] () -- C:\Windows\UA000104.DLL
[2010-06-26 18:30:34 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010-06-26 18:30:22 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010-06-26 18:29:39 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2010-06-26 16:46:56 | 000,013,952 | ---- | C] () -- C:\Windows\System32\drivers\UBHelper.sys
[2010-06-26 16:46:18 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\NTI CD & DVD-Maker 7.lnk
[2010-06-26 16:46:10 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTICDMK7.dll
[2010-06-26 16:45:43 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIMPEG2.dll
[2010-06-26 16:45:43 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIMP3.dll
[2010-06-26 16:45:43 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIFCD3.dll
[2010-06-26 16:19:16 | 000,000,881 | ---- | C] () -- C:\Users\Public\Desktop\DriverEasy.lnk
[2010-06-26 13:11:11 | 000,000,919 | ---- | C] () -- C:\Users\SACHIN\Desktop\DriverMax.lnk
[2010-06-26 00:56:46 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010-06-25 13:18:55 | 000,000,804 | ---- | C] () -- C:\Users\SACHIN\Desktop\CCleaner.lnk
[2010-06-25 00:26:45 | 006,301,976 | ---- | C] () -- C:\Users\SACHIN\Desktop\bmc Admission form.rtf
[2010-06-25 00:25:18 | 006,301,976 | ---- | C] () -- C:\Users\SACHIN\Documents\BMC College Fee Receipt.rtf
[2010-06-25 00:13:29 | 006,301,976 | ---- | C] () -- C:\Users\SACHIN\Documents\BMC College Admission No..rtf
[2010-06-24 15:27:34 | 000,000,999 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\1-Click YouTube Downloader.lnk
[2010-06-24 15:27:34 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\1-Click YouTube Downloader.lnk
[2010-06-24 15:24:27 | 000,000,919 | ---- | C] () -- C:\Users\SACHIN\Desktop\YouTube Downloader.lnk
[2010-06-24 15:18:27 | 000,000,872 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Orbit.lnk
[2010-06-24 15:18:26 | 000,000,848 | ---- | C] () -- C:\Users\SACHIN\Desktop\Orbit.lnk
[2010-06-24 01:14:24 | 000,001,710 | ---- | C] () -- C:\Users\SACHIN\Desktop\LimeWire PRO 4.18.8.lnk
[2010-06-23 23:55:27 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010-06-23 10:30:39 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\AWC AutoSweep.job
[2010-06-23 10:28:28 | 000,000,372 | ---- | C] () -- C:\Windows\tasks\AWC Startup.job
[2010-06-23 10:28:25 | 000,001,038 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk
[2010-06-23 10:28:25 | 000,001,014 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010-06-22 13:43:47 | 000,000,916 | ---- | C] () -- C:\Users\SACHIN\Desktop\Driver Genius Professional Edition.lnk
[2010-06-22 12:38:45 | 000,001,786 | ---- | C] () -- C:\Users\SACHIN\Desktop\Clean disk with 1 click.lnk
[2010-06-22 12:38:45 | 000,000,926 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Wise Disk Cleaner.lnk
[2010-06-22 12:28:02 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010-06-22 12:11:48 | 000,000,392 | ---- | C] () -- C:\Windows\tasks\RegCure Program Check.job
[2010-06-22 12:11:47 | 000,000,374 | ---- | C] () -- C:\Windows\tasks\RegCure.job
[2010-06-22 12:11:46 | 000,000,784 | ---- | C] () -- C:\Users\Public\Desktop\RegCure.lnk
[2010-06-22 11:58:40 | 000,000,444 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Registration.job
[2010-06-22 11:58:34 | 000,000,418 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Update Version2.job
[2010-06-22 11:55:36 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\BitComet.lnk
[2010-06-22 11:49:11 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010-06-22 11:49:11 | 000,001,955 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010-06-22 11:45:37 | 000,000,446 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2010-06-22 11:45:33 | 000,001,004 | ---- | C] () -- C:\Users\Public\Desktop\ParetoLogic DriverCure.lnk
[2010-06-22 11:45:33 | 000,000,398 | ---- | C] () -- C:\Windows\tasks\DriverCure Startup.job
[2010-06-22 11:45:32 | 000,000,420 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2010-06-22 11:45:29 | 000,000,382 | ---- | C] () -- C:\Windows\tasks\DriverCure.job
[2010-06-22 11:44:51 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010-06-22 11:44:48 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010-06-22 11:44:39 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010-06-22 11:17:02 | 000,001,710 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\CometBird.lnk
[2010-06-22 11:17:02 | 000,001,686 | ---- | C] () -- C:\Users\Public\Desktop\CometBird.lnk
[2010-06-22 09:59:08 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010-06-21 22:54:10 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010-06-21 20:48:12 | 000,000,938 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010-06-21 20:48:09 | 000,037,888 | ---- | C] () -- C:\Users\SACHIN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-21 20:20:00 | 000,000,943 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010-06-21 20:18:48 | 000,001,973 | ---- | C] () -- C:\Users\SACHIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CCC.lnk
[2010-06-21 20:16:48 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2010-06-21 20:16:48 | 000,328,162 | ---- | C] () -- C:\Windows\System32\drivers\ativcaxx.cpa
[2010-06-21 20:16:48 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2010-06-21 20:16:48 | 000,002,096 | ---- | C] () -- C:\Windows\System32\drivers\ativpkxx.vp
[2010-06-21 20:16:48 | 000,002,096 | ---- | C] () -- C:\Windows\System32\drivers\ativokxx.vp
[2010-06-21 20:16:48 | 000,002,096 | ---- | C] () -- C:\Windows\System32\drivers\ativdkxx.vp
[2010-06-21 20:16:48 | 000,000,929 | ---- | C] () -- C:\Windows\System32\drivers\ativcaxx.vp
[2010-06-21 20:14:18 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010-06-21 20:12:00 | 000,000,680 | ---- | C] () -- C:\Users\SACHIN\AppData\Local\d3d9caps.dat
[2010-06-21 20:11:58 | 000,000,020 | -HS- | C] () -- C:\Users\SACHIN\ntuser.ini
[2010-06-21 20:11:57 | 000,524,288 | -HS- | C] () -- C:\Users\SACHIN\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010-06-21 20:11:57 | 000,524,288 | -HS- | C] () -- C:\Users\SACHIN\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010-06-21 20:11:57 | 000,065,536 | -HS- | C] () -- C:\Users\SACHIN\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010-06-21 20:11:56 | 002,883,584 | ---- | C] () -- C:\Users\SACHIN\NTUSER.DAT
[2010-06-21 20:11:56 | 000,262,144 | -H-- | C] () -- C:\Users\SACHIN\ntuser.dat.LOG1
[2010-06-21 20:11:56 | 000,000,258 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010-06-21 20:11:56 | 000,000,240 | ---- | C] () -- C:\Users\SACHIN\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010-06-21 20:11:56 | 000,000,000 | -H-- | C] () -- C:\Users\SACHIN\ntuser.dat.LOG2
[2010-06-19 06:34:19 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2010-05-05 14:19:56 | 000,050,688 | ---- | C] () -- C:\Windows\System32\ff_acm.acm
[2009-04-11 18:48:11 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2008-09-12 15:21:02 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2006-11-02 18:05:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 13:10:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001-12-26 15:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001-09-03 22:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001-07-30 15:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001-07-23 21:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2010-07-03 14:43:42 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\BitComet
[2010-07-01 13:30:40 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\CleanMyPC Software
[2010-06-22 11:17:13 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\CometNetwork
[2010-06-22 21:55:27 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\DAEMON Tools
[2010-06-26 23:40:12 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\DAEMON Tools Lite
[2010-06-22 11:45:56 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\DriverCure
[2010-06-26 16:19:29 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\Easeware
[2010-06-30 10:47:17 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\GlarySoft
[2010-06-24 15:18:27 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\GrabPro
[2010-06-23 14:31:52 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\IObit
[2010-06-30 01:34:38 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\LimeWire
[2010-06-24 15:18:18 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\OpenCandy
[2010-07-03 14:43:30 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\Orbit
[2010-06-29 13:06:58 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\Publish Providers
[2010-06-29 21:04:24 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\Sony
[2010-06-24 11:41:30 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\TigerPlayer
[2010-06-23 23:28:21 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\TuneUp Software
[2010-06-26 22:36:57 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\Ulead Systems
[2010-06-25 13:14:41 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\Uniblue
[2010-07-01 21:01:21 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\uTorrent
[2010-06-28 18:16:37 | 000,000,000 | ---D | M] -- C:\Users\SACHIN\AppData\Roaming\Xilisoft
[2010-07-04 20:04:09 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2010-07-05 11:47:54 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\AWC AutoSweep.job
[2010-07-05 11:48:00 | 000,000,372 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2010-07-05 11:47:52 | 000,000,398 | ---- | M] () -- C:\Windows\Tasks\DriverCure Startup.job
[2010-06-30 00:57:04 | 000,000,382 | ---- | M] () -- C:\Windows\Tasks\DriverCure.job
[2010-07-05 11:47:48 | 000,000,314 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2010-07-03 18:00:00 | 000,000,444 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration.job
[2010-07-03 18:00:00 | 000,000,446 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job
[2010-06-25 00:34:48 | 000,000,418 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version2.job
[2010-06-22 12:46:18 | 000,000,420 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version3.job
[2010-07-03 17:00:01 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\RegCure Program Check.job
[2010-06-22 12:46:18 | 000,000,374 | ---- | M] () -- C:\Windows\Tasks\RegCure.job
[2010-07-05 11:42:52 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2010-07-05 11:47:11 | 000,005,683 | ---- | M] () -- C:\aaw7boot.log
[2010-06-26 16:46:43 | 000,000,074 | ---- | M] () -- C:\autoexec.bat
[2009-04-11 18:48:38 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2010-06-22 09:08:16 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010-07-03 15:08:04 | 000,028,011 | ---- | M] () -- C:\ComboFix.txt
[2006-09-19 03:13:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2005-01-03 19:07:18 | 000,000,017 | -H-- | M] () -- C:\initrd.pam
[2008-09-27 01:46:25 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2007-03-28 03:03:48 | 000,000,067 | -H-- | M] () -- C:\kernel.pam
[2010-07-02 11:14:06 | 000,047,330 | ---- | M] () -- C:\log.txt
[2008-09-27 01:46:25 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009-07-06 14:42:12 | 000,069,632 | ---- | M] ( ) -- C:\nporbit.dll
[2009-09-17 12:29:33 | 000,005,120 | -H-- | M] () -- C:\ntuser.dat.LOG1
[2009-09-17 12:29:33 | 000,000,000 | -H-- | M] () -- C:\ntuser.dat.LOG2
[2009-09-17 12:29:34 | 000,065,536 | -HS- | M] () -- C:\ntuser.dat{74b5f3e1-a347-11de-ab3a-dd5aff4aa4a4}.TM.blf
[2009-09-17 12:29:34 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{74b5f3e1-a347-11de-ab3a-dd5aff4aa4a4}.TMContainer00000000000000000001.regtrans-ms
[2009-09-17 12:29:34 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{74b5f3e1-a347-11de-ab3a-dd5aff4aa4a4}.TMContainer00000000000000000002.regtrans-ms
[2010-07-05 11:47:11 | 2459,631,616 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2006-11-02 18:05:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008-06-03 03:35:30 | 000,413,696 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll
[2009-04-11 18:48:38 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009-04-11 18:48:36 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\*.exe /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009-04-11 19:38:12 | 023,552,000 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2009-04-11 19:37:55 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2009-04-11 19:38:12 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006-11-02 16:04:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006-11-02 16:04:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\user32.dll /md5 >
[2009-04-11 18:48:28 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\ws2_32.dll /md5 >
[2008-01-21 07:54:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.com >
[2006-11-02 18:07:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006-11-02 18:07:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006-11-02 18:07:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009-04-11 18:49:50 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.ini >
[2006-09-19 03:07:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >

< %PROGRAMFILES%\*. >
[2010-06-24 15:28:21 | 000,000,000 | ---D | M] -- C:\Program Files\1-Click YouTube Downloader
[2010-06-26 00:55:59 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010-06-22 11:43:18 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2010-06-26 23:57:28 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2010-06-28 18:41:10 | 000,000,000 | ---D | M] -- C:\Program Files\Ares
[2010-06-21 20:17:26 | 000,000,000 | ---D | M] -- C:\Program Files\ATI
[2010-06-21 20:19:21 | 000,000,000 | ---D | M] -- C:\Program Files\ATI Technologies
[2010-06-27 09:44:44 | 000,000,000 | ---D | M] -- C:\Program Files\AVS4YOU
[2010-06-22 11:55:36 | 000,000,000 | ---D | M] -- C:\Program Files\BitComet
[2010-06-28 12:59:08 | 000,000,000 | ---D | M] -- C:\Program Files\Bitcomet Ultra Accelerator
[2010-06-25 13:18:55 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2010-07-01 13:30:36 | 000,000,000 | ---D | M] -- C:\Program Files\CleanMyPC
[2010-07-02 11:13:36 | 000,000,000 | ---D | M] -- C:\Program Files\CometBird
[2010-07-03 14:54:16 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010-06-26 22:21:02 | 000,000,000 | ---D | M] -- C:\Program Files\Corel
[2010-06-29 00:43:11 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2010-06-26 23:32:04 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Lite
[2010-06-26 17:43:01 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2010-06-22 13:43:45 | 000,000,000 | ---D | M] -- C:\Program Files\Driver-Soft
[2010-06-26 16:19:12 | 000,000,000 | ---D | M] -- C:\Program Files\Easeware
[2010-06-30 10:44:21 | 000,000,000 | ---D | M] -- C:\Program Files\Glary Utilities
[2010-06-22 11:49:01 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010-06-30 09:47:36 | 000,000,000 | ---D | M] -- C:\Program Files\GRISOFT
[2010-06-26 13:11:08 | 000,000,000 | ---D | M] -- C:\Program Files\Innovative Solutions
[2010-06-29 00:40:27 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010-06-22 12:34:42 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2010-06-29 15:54:27 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010-06-27 00:14:58 | 000,000,000 | ---D | M] -- C:\Program Files\IObit
[2010-06-24 01:22:50 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010-06-29 10:27:31 | 000,000,000 | ---D | M] -- C:\Program Files\K-Lite Codec Pack
[2010-07-01 16:06:32 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2010-06-25 17:51:19 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire
[2010-06-27 00:39:13 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire Ultra Accelerator
[2010-06-30 12:38:31 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2006-11-02 18:07:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2010-06-29 15:22:50 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010-06-25 19:11:08 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010-06-29 00:47:00 | 000,000,000 | ---D | M] -- C:\Program Files\MpcStar
[2006-11-02 18:07:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2010-07-01 23:27:55 | 000,000,000 | ---D | M] -- C:\Program Files\Need for Speed Carbon
[2010-06-26 16:46:21 | 000,000,000 | ---D | M] -- C:\Program Files\NewTech Infosystems
[2010-06-24 15:18:31 | 000,000,000 | ---D | M] -- C:\Program Files\Orbitdownloader
[2010-06-22 11:45:28 | 000,000,000 | ---D | M] -- C:\Program Files\ParetoLogic
[2010-06-29 12:20:25 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2006-11-02 18:07:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2010-06-22 12:16:34 | 000,000,000 | ---D | M] -- C:\Program Files\RegCure
[2010-06-29 12:55:40 | 000,000,000 | ---D | M] -- C:\Program Files\Sony
[2010-06-30 10:20:36 | 000,000,000 | ---D | M] -- C:\Program Files\Sophos
[2010-07-01 16:33:02 | 000,000,000 | ---D | M] -- C:\Program Files\Spyware Doctor
[2010-06-22 12:25:43 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2010-06-26 20:58:20 | 000,000,000 | -H-D | M] -- C:\Program Files\Temp
[2010-06-26 17:44:36 | 000,000,000 | ---D | M] -- C:\Program Files\ThinkPad
[2010-06-30 13:12:30 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2006-11-02 18:31:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2010-07-01 20:56:10 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2010-06-21 22:54:02 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2009-04-11 18:53:33 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009-04-11 18:53:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2009-04-11 18:53:28 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2009-04-11 18:53:31 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2010-06-25 19:11:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2010-06-26 22:24:04 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Components
[2010-06-25 19:10:55 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006-11-02 18:07:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009-04-11 18:53:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2010-06-28 10:19:23 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2009-04-11 18:53:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2010-06-22 12:43:27 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2010-06-22 12:43:39 | 000,000,000 | ---D | M] -- C:\Program Files\Wise Disk Cleaner
[2010-06-28 18:14:55 | 000,000,000 | ---D | M] -- C:\Program Files\Xilisoft
[2010-06-24 15:29:45 | 000,000,000 | ---D | M] -- C:\Program Files\YouTube Downloader
[2010-06-26 23:22:33 | 000,000,000 | ---D | M] -- C:\Program Files\ZC DVD Creator Platinum

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< MD5 for: EVENTLOG.DLL >
[2008-06-06 14:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll

< MD5 for: EVENTLOG.ETL >
[2010-07-05 12:27:24 | 000,196,608 | ---- | M] () MD5=F8AE0270E806C54EB78A311CDBE10401 -- C:\Windows\System32\NDF\eventlog.etl

< MD5 for: WSCNTFY.DLL >
[2009-04-11 18:48:07 | 000,223,744 | ---- | M] (Microsoft Corporation) MD5=0B5AC46982E77CAF3EC1D55C9AC6AB56 -- C:\Windows\System32\wscntfy.dll
[2009-04-11 18:48:07 | 000,223,744 | ---- | M] (Microsoft Corporation) MD5=0B5AC46982E77CAF3EC1D55C9AC6AB56 -- C:\Windows\winsxs\x86_microsoft-windows-s..tycenter-notifyicon_31bf3856ad364e35_6.0.6002.18005_none_0015b648d92092e2\wscntfy.dl l

< MD5 for: WSCNTFY.DLL.MUI >
[2006-11-02 18:11:32 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=DC3682BEB013B14470318C5C920E6589 -- C:\Windows\System32\en-US\wscntfy.dll.mui
[2006-11-02 18:11:32 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=DC3682BEB013B14470318C5C920E6589 -- C:\Windows\winsxs\x86_microsoft-windows-s..otifyicon.resources_31bf3856ad364e35_6.0.6000.16386_en-us_9fecff8addf581a9\wscntfy.dll.mui

========== Alternate Data Streams ==========

@Alternate Data Stream - 169 bytes -> C:\ProgramData\Temp:ECF54A0E
@Alternate Data Stream - 158 bytes -> C:\ProgramData\Temp

FC5A2B2
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:A8ADE5D8
< End of report >

leo92 · 05-Jul-2010, 03:50 AM #9

Here is my Extras.txt:

OTL Extras logfile created on: 05-07-2010 12:20:30 - Run 1
OTL by OldTimer - Version 3.2.7.1 Folder = C:\Users\SACHIN\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 61.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.94 Gb Total Space | 127.61 Gb Free Space | 57.24% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SACHIN-PC
Current User Name: SACHIN
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = CometBirdHTML] -- C:\Program Files\CometBird\CometBird.exe (CometNetwork)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules]
"{2A2437F1-A02D-4ACD-A6CE-AAD10AB75159}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{B2BD64A1-2664-466D-8805-E09FBDA0D691}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"TCP Query User{FF6B841F-1F47-4886-815D-9386A40234C3}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{CC1734B0-DFD4-45C7-84A8-C43EAD4573F9}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00E3E16A-EF37-6F18-2501-821AAB6903AB}" = ccc-core-static
"{0299E902-A8ED-7748-4A47-8080C42436F2}" = Catalyst Control Center Core Implementation
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{0C8EBB00-4909-459C-8347-B2068B7F0319}" = CyberLink DVD Menu Template Pack
"{165E861A-D87F-5BED-190E-8EBC4ECCE65E}" = Catalyst Control Center Graphics Light
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.6
"{1E0D8F69-A6AB-4934-9B2D-159D9F97BA4A}" = ParetoLogic DriverCure
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{28B52CF6-FC4D-38E7-2438-62EB527780FD}" = Catalyst Control Center Graphics Full Existing
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40AE01BE-A290-4FFB-8DAB-C624C17DC87E}" = Vegas Movie Studio HD Platinum 10.0
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{568457D9-A55B-D9BC-13EC-14C84E69BD86}" = Catalyst Control Center Graphics Full New
"{56A6F256-5323-4617-3AE8-45B28B559E37}" = CCC Help English
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{6AF6D196-FE4B-4B4D-B6D0-54439FF6CC50}" = VAIO Camera Utility
"{6D2576EC-A0E9-418A-A09A-409933A3B6F4}" = VAIO Camera Capture Utility
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista
"{95B87E45-CC33-49B6-9B4C-6570941FA90C}" = NTI CD & DVD-Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup
"{B54B8CD3-E12B-4C29-AF5A-2101E2FF5F53}" = TIPCI
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B982D59B-B732-C911-51F3-CC962F906573}" = ccc-utility
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C9FF844C-02F5-4221-8AD4-0BD823533C6E}_is1" = Ares 3.1.5.3038
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{DA3C6D93-6EB8-BF5C-2C14-2B1A08284DBD}" = Catalyst Control Center Graphics Previews Vista
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DEFB9CA4-6242-B988-E263-CD102219F54F}" = Skins
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E8EF1266-1D1F-C2FB-1E98-2FB9E71B3C7C}" = Catalyst Control Center Graphics Previews Common
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FD0F66-34CF-4555-8B13-BCFC96F3864C}" = Branding
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1-Click YouTube Downloader_is1" = 1-Click YouTube Downloader 4.0
"A5C76F143DE85710B0FDBABC39480EC492EE05CF" = Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407)
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Ares" = Ares 2.1.5
"avast5" = avast! Free Antivirus
"AVGantiRootkit" = AVG Anti-Rootkit Free
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"BitComet" = BitComet 1.22
"Bitcomet Ultra Accelerator" = Bitcomet Ultra Accelerator
"Browser Defender_is1" = Browser Defender 2.0.6.15
"CCleaner" = CCleaner
"CleanMyPC - Registry Cleaner_is1" = CleanMyPC - Registry Cleaner
"CometBird (3.6.3)" = CometBird (3.6.3)
"DMX5_is1" = DriverMax 5
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"DriverEasy_is1" = DriverEasy 2.3.0
"Glary Utilities_is1" = Glary Utilities Pro 2.26.0.956
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{95B87E45-CC33-49B6-9B4C-6570941FA90C}" = NTI CD & DVD-Maker 7 Platinum
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup
"InstallShield_{B54B8CD3-E12B-4C29-AF5A-2101E2FF5F53}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"IObit Security 360_is1" = IObit Security 360
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.1.0 (Full)
"LimeWire" = LimeWire PRO 4.18.8
"LimeWire Ultra Accelerator" = LimeWire Ultra Accelerator
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Orbit_is1" = Orbit Downloader
"RegCure" = RegCure
"Smart Defrag_is1" = Smart Defrag
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.4
"Spyware Doctor" = Spyware Doctor 7.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.5
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinRAR archiver" = WinRAR archiver
"Wise Disk Cleaner_is1" = Wise Disk Cleaner Professional v5.12
"Xilisoft DVD Creator 6" = Xilisoft DVD Creator 6
"ZC DVD Creator Platinum_is1" = ZC DVD Creator Platinum 6.5.1

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 03-07-2010 09:19:06 | Computer Name = SACHIN-PC | Source = Google Update | ID = 20
Description =

Error - 03-07-2010 13:19:05 | Computer Name = SACHIN-PC | Source = Google Update | ID = 20
Description =

Error - 04-07-2010 02:19:06 | Computer Name = SACHIN-PC | Source = Google Update | ID = 20
Description =

Error - 04-07-2010 03:19:06 | Computer Name = SACHIN-PC | Source = Google Update | ID = 20
Description =

Error - 04-07-2010 03:53:58 | Computer Name = SACHIN-PC | Source = EventSystem | ID = 4621
Description =

Error - 04-07-2010 03:54:04 | Computer Name = SACHIN-PC | Source = IS360service | ID = 0
Description =

Error - 05-07-2010 00:55:30 | Computer Name = SACHIN-PC | Source = Application Error | ID = 1000
Description = Faulting application NFSC.exe, version 0.0.0.0, time stamp 0x4534574b,
faulting module NFSC.exe, version 0.0.0.0, time stamp 0x4534574b, exception code
0xc0000005, fault offset 0x003312d5, process id 0xf60, application start time 0x01cb1bf97d047cc5.

Error - 05-07-2010 01:19:06 | Computer Name = SACHIN-PC | Source = Google Update | ID = 20
Description =

Error - 05-07-2010 02:12:48 | Computer Name = SACHIN-PC | Source = EventSystem | ID = 4621
Description =

Error - 05-07-2010 02:19:05 | Computer Name = SACHIN-PC | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 05-07-2010 01:50:46 | Computer Name = SACHIN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 05-07-2010 01:52:27 | Computer Name = SACHIN-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 05-07-2010 01:52:27 | Computer Name = SACHIN-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 05-07-2010 02:16:58 | Computer Name = SACHIN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 05-07-2010 02:17:11 | Computer Name = SACHIN-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 05-07-2010 02:17:55 | Computer Name = SACHIN-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 05-07-2010 02:17:55 | Computer Name = SACHIN-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 05-07-2010 02:21:37 | Computer Name = SACHIN-PC | Source = athrusb | ID = 5003
Description = Atheros USB 2.0 Wireless Network Adapter : Could not find a network
adapter.

Error - 05-07-2010 02:22:51 | Computer Name = SACHIN-PC | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 00026F56FFF5. The following
error occurred: %%1223. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 05-07-2010 02:42:01 | Computer Name = SACHIN-PC | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 00026F56FFF5. The following
error occurred: %%121. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

< End of report >

Rorschach112 · 05-Jul-2010, 07:38 AM **#10**

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

Code:

:OTL
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
NetSvcs: kvxqiwfj - File not found

:Services

:Reg

:Files

:Commands
[purity]
[resethosts]
[emptytemp]
[EMPTYFLASH]
[CREATERESTOREPOINT]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done

you got your windows cd ?

leo92 · 06-Jul-2010, 12:56 AM **#11**

Do u mean vista cd?

Yes i've got a copy of vista but in my flash drive which contains vista service pack2 installer.(not from manufacturer).And by the way thanks a lot ,SIR for helping me remove this malware, now there are no detections by avast antivirus anymore. I got a log after reboot of otl.Do you want me to put that?

Rorschach112 · 06-Jul-2010, 09:23 AM **#12**

no

do this with your copy of vista

Go Start>Run ("Start Search" in Vista), type in:
sfc /scannow
Click OK (hold CTRL, and SHIFT, hit Enter in Vista).
Have Windows CD/DVD handy (with Vista, most likely, you won't need it).
If System File Checker (sfc) will find any errors, it may ask you for the CD/DVD (rarely in Vista case).

Open up your start menu and type cmd in the white box.
Right click the cmd.exe entry that appears and Run as Administrator
In the black box, type chkdsk /r
Confirm by pressing Y then reboot the machine.
NOTE: This could take a while as it is a thorough check.

leo92 · 07-Jul-2010, 11:38 PM **#13**

i did what you said chkdsk and sfc/scannow.

Rorschach112 · 08-Jul-2010, 09:45 AM **#14**

download a new version of combofix, run that, post its log

leo92 · 12-Jul-2010, 01:52 AM **#15**

Sorry for the late reply as you know my internet was down. here is the log:

ComboFix 10-07-01.02 - SACHIN 11-07-2010 10:10:22.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.91.1033.18.2046.1049 [GMT 5.5:30]
Running from: c:\users\SACHIN\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
- REDUCED FUNCTIONALITY MODE -
.

((((((((((((((((((((((((( Files Created from 2010-06-11 to 2010-07-11 )))))))))))))))))))))))))))))))
.

2010-07-06 09:32 . 2010-07-06 09:32 -------- d-----w- c:\program files\Conduit
2010-07-06 09:32 . 2010-07-07 10:43 -------- d-----w- c:\program files\Gossiper
2010-07-06 09:31 . 2010-07-06 09:59 -------- d-----w- c:\program files\uTorrent Ultra Accelerator
2010-07-06 04:38 . 2010-07-06 04:38 -------- d-----w- C:\_OTL
2010-07-03 09:42 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-07-03 09:42 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2010-07-03 09:42 . 2009-06-15 14:53 270848 ----a-w- c:\windows\system32\schannel.dll
2010-07-03 09:18 . 2008-01-21 02:23 6144 ----a-w- c:\windows\system32\drivers\beep.sys
2010-07-01 17:44 . 2010-07-01 17:57 -------- d-----w- c:\program files\Need for Speed Carbon
2010-07-01 15:26 . 2010-07-01 15:26 -------- d-----w- c:\program files\uTorrent
2010-07-01 15:25 . 2010-07-07 12:37 -------- d-----w- c:\users\SACHIN\AppData\Roaming\uTorrent
2010-07-01 14:03 . 2010-05-17 17:23 6630912 ----a-w- c:\windows\system32\drivers\NETw5v32.sys
2010-07-01 10:54 . 2010-07-01 10:47 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-07-01 10:47 . 2010-07-01 10:47 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-07-01 10:36 . 2010-07-01 10:36 -------- dc-h--w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-07-01 10:36 . 2010-02-04 15:53 2954656 -c--a-w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe
2010-07-01 10:35 . 2010-07-01 10:39 -------- d-----w- c:\programdata\Lavasoft
2010-07-01 10:35 . 2010-07-01 10:36 -------- d-----w- c:\program files\Lavasoft
2010-07-01 08:13 . 2010-07-01 08:13 1152 ----a-w- c:\windows\system32\windrv.sys
2010-07-01 08:00 . 2010-07-01 08:00 -------- d-----w- c:\users\SACHIN\AppData\Roaming\CleanMyPC Software
2010-07-01 08:00 . 2010-07-01 08:00 -------- d-----w- c:\program files\CleanMyPC
2010-06-30 08:28 . 2010-06-30 08:28 0 ----a-w- c:\windows\ativpsrm.bin
2010-06-30 08:04 . 2008-06-02 22:04 262144 ----a-w- c:\windows\system32\Oemdspif.dll
2010-06-30 08:04 . 2008-06-02 21:18 10043392 ----a-w- c:\windows\system32\atioglxx.dll
2010-06-30 08:04 . 2008-06-03 00:52 3695104 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-06-30 08:04 . 2008-04-28 15:39 172033 ----a-w- c:\windows\system32\atiicdxx.dat
2010-06-30 08:04 . 2008-03-05 19:08 90112 ----a-w- c:\windows\system32\atibrtmon.exe
2010-06-30 08:04 . 2008-06-02 21:19 32256 ----a-w- c:\windows\system32\atiadlxx.dll
2010-06-30 08:04 . 2008-06-02 21:04 49152 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-06-30 08:04 . 2008-06-02 21:20 49664 ----a-w- c:\windows\system32\amdpcom32.dll
2010-06-30 07:42 . 2010-06-30 07:42 -------- d-----w- c:\program files\Trend Micro
2010-06-30 07:15 . 2007-11-16 15:31 818688 ----a-w- c:\windows\system32\drivers\ti21sony.sys
2010-06-30 06:25 . 2010-06-30 06:25 -------- d-----w- c:\users\SACHIN\AppData\Roaming\Malwarebytes
2010-06-30 06:25 . 2010-04-29 10:09 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-30 06:25 . 2010-04-29 10:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-30 06:25 . 2010-06-30 06:25 -------- d-----w- c:\programdata\Malwarebytes
2010-06-30 06:25 . 2010-06-30 07:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-30 05:17 . 2010-06-30 05:17 -------- d-----w- c:\users\SACHIN\AppData\Roaming\GlarySoft
2010-06-30 05:14 . 2010-06-30 05:14 -------- d-----w- c:\program files\Glary Utilities
2010-06-30 04:50 . 2010-06-30 04:50 -------- d-----w- c:\program files\Sophos
2010-06-30 04:17 . 2007-01-18 12:00 3968 ----a-w- c:\windows\system32\drivers\AvgArCln.sys
2010-06-29 14:40 . 2010-06-29 14:40 -------- dc----w- c:\programdata\{9DF77379-A83D-46CF-968D-03CBC652096D}
2010-06-29 09:56 . 2010-05-21 08:44 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-06-29 09:52 . 2010-06-29 09:52 -------- d-----w- c:\program files\Microsoft.NET
2010-06-29 09:49 . 2009-03-08 11:32 72704 ----a-w- c:\windows\system32\admparse.dll
2010-06-29 09:23 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-06-29 07:52 . 2010-06-29 07:53 477184 ----a-w- c:\users\SACHIN\AppData\Roaming\Xilisoft\DVD Creator 6\x-dvd-creator6.exe
2010-06-29 07:36 . 2010-06-29 07:36 -------- d-----w- c:\users\SACHIN\AppData\Roaming\Publish Providers
2010-06-29 07:32 . 2010-06-29 07:32 -------- d-----w- c:\users\SACHIN\AppData\Local\Sony
2010-06-29 07:26 . 2010-06-29 07:26 -------- d-----w- c:\programdata\Sony
2010-06-29 07:23 . 2010-06-29 15:34 -------- d-----w- c:\users\SACHIN\AppData\Roaming\Sony
2010-06-29 06:50 . 2010-05-31 06:13 252008 ----a-w- c:\windows\system32\drivers\Rtlh86.sys
2010-06-29 06:50 . 2009-12-03 11:57 80416 ----a-w- c:\windows\system32\RtNicProp32.dll
2010-06-29 06:40 . 2010-06-29 06:42 2869784 ----a-w- c:\users\SACHIN\AppData\Roaming\Easeware\DriverEasy\drivers\1yjj4fol.do2\IN F_allOS_9.1.2.1007_PV.exe
2010-06-29 05:20 . 2010-07-07 03:58 -------- d-----w- c:\users\SACHIN\AppData\Roaming\Media Player Classic
2010-06-29 04:57 . 2010-03-15 09:31 165376 ----a-w- c:\windows\system32\unrar.dll
2010-06-29 04:57 . 2010-06-08 16:10 790528 ----a-w- c:\windows\system32\xvidcore.dll
2010-06-29 04:57 . 2010-06-08 16:10 134144 ----a-w- c:\windows\system32\xvidvfw.dll
2010-06-29 04:57 . 2010-06-02 08:00 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-06-29 04:57 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-06-29 04:57 . 2010-06-29 04:57 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-06-28 19:34 . 2010-06-29 04:54 -------- d-----w- c:\programdata\VistaCodecs
2010-06-28 19:01 . 2010-06-28 19:01 -------- d-----w- c:\programdata\Apple Computer
2010-06-28 18:53 . 2010-06-28 18:53 36864 ----a-w- c:\programdata\Temp\{E3D04529-6EDB-11D8-A372-0050BAE317E1}\PostBuild.exe
2010-06-28 18:52 . 2009-11-02 08:47 34088 ----a-w- c:\programdata\CyberLink\Power2Go\P2GoGadget.dll
2010-06-28 18:48 . 2010-06-28 18:48 53319 ----a-w- c:\programdata\Temp\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\PostBuild.exe
2010-06-28 13:04 . 2010-06-28 13:04 -------- d-----w- c:\users\SACHIN\AppData\Local\Ares
2010-06-28 13:03 . 2010-06-28 13:11 -------- d-----w- c:\program files\Ares
2010-06-28 12:46 . 2010-06-28 12:46 -------- d-----w- c:\users\SACHIN\AppData\Local\Xilisoft
2010-06-28 12:46 . 2010-06-28 12:46 -------- d-----w- c:\users\SACHIN\AppData\Roaming\Xilisoft
2010-06-28 12:44 . 2010-06-28 12:44 -------- d-----w- c:\program files\Xilisoft
2010-06-28 07:32 . 2010-06-28 07:32 -------- d-----w- c:\users\SACHIN\AppData\Roaming\InstallShield
2010-06-28 07:19 . 2010-06-28 07:29 -------- d-----w- c:\program files\Bitcomet Ultra Accelerator
2010-06-28 04:49 . 2010-06-28 04:49 -------- d-----w- c:\program files\Windows Portable Devices
2010-06-28 04:44 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2010-06-28 04:44 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2010-06-28 04:44 . 2009-10-01 01:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2010-06-28 04:44 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2010-06-28 04:44 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2010-06-28 04:44 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2010-06-28 04:44 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2010-06-28 04:44 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2010-06-28 04:44 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2010-06-28 04:44 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll
2010-06-28 04:44 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2010-06-28 04:44 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2010-06-28 04:43 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-06-28 04:43 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-06-28 04:43 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-06-27 05:18 . 2010-06-27 05:18 -------- d-----w- c:\users\SACHIN\Cyberlink
2010-06-27 03:59 . 2010-06-27 03:59 -------- d-----w- c:\users\SACHIN\AppData\Local\Power2Go
2010-06-26 19:09 . 2010-06-26 19:09 -------- d-----w- c:\program files\LimeWire Ultra Accelerator
2010-06-26 18:37 . 2010-06-28 04:34 -------- d-----w- c:\users\Public\CyberLink
2010-06-26 18:36 . 2010-06-28 19:13 53319 ----a-w- c:\programdata\Temp\{D36DD326-7280-11D8-97C8-000129760CBE}\PostBuild.exe
2010-06-26 18:33 . 2010-06-28 19:09 53319 ----a-w- c:\programdata\Temp\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\PostBuild.exe
2010-06-26 18:32 . 2010-06-28 19:08 36864 ----a-w- c:\programdata\Temp\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}\PostBuild.exe
2010-06-26 18:31 . 2010-06-28 19:06 36864 ----a-w- c:\programdata\Temp\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\PostBuild.exe
2010-06-26 18:30 . 2010-06-26 18:30 -------- d-----w- c:\program files\Common Files\CyberLink
2010-06-26 18:29 . 2010-06-28 19:03 53319 ----a-w- c:\programdata\Temp\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
2010-06-26 18:27 . 2010-06-26 18:27 -------- d-----w- c:\users\SACHIN\AppData\Local\Apple
2010-06-26 18:27 . 2010-06-26 18:27 -------- d-----w- c:\program files\Apple Software Update
2010-06-26 18:27 . 2010-06-26 18:27 -------- d-----w- c:\programdata\Apple
2010-06-26 18:22 . 2010-06-28 18:57 36864 ----a-w- c:\programdata\Temp\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\PostBuild.exe
2010-06-26 18:21 . 2010-06-28 18:53 36864 ----a-w- c:\programdata\Temp\{ADD5DB49-72CF-11D8-9D75-000129760D75}\PostBuild.exe
2010-06-26 18:19 . 2010-06-28 18:51 36864 ----a-w- c:\programdata\Temp\{40BF1E83-20EB-11D8-97C5-0009C5020658}\PostBuild.exe
2010-06-26 18:19 . 2010-06-28 18:26 -------- d-----w- c:\users\SACHIN\AppData\Roaming\CyberLink
2010-06-26 18:19 . 2010-06-28 19:13 -------- d-----w- c:\users\SACHIN\AppData\Local\Cyberlink
2010-06-26 18:16 . 2010-06-28 18:49 36864 ----a-w- c:\programdata\Temp\{80E158EA-7181-40FE-A701-301CE6BE64AB}\PostBuild.exe
2010-06-26 18:16 . 2010-06-28 19:13 -------- d-----w- c:\program files\CyberLink
2010-06-26 18:15 . 2010-06-28 19:36 -------- d-----w- c:\programdata\CyberLink
2010-06-26 18:11 . 2010-06-28 18:46 53319 ----a-w- c:\programdata\Temp\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\PostBuild.exe
2010-06-26 18:02 . 2010-06-26 18:02 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-06-26 18:01 . 2010-06-26 18:02 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-06-26 18:01 . 2010-06-26 18:10 -------- d-----w- c:\users\SACHIN\AppData\Roaming\DAEMON Tools Lite
2010-06-26 18:01 . 2010-06-26 18:01 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-06-26 17:37 . 2010-06-26 17:52 -------- d-----w- c:\program files\ZC DVD Creator Platinum
2010-06-26 17:02 . 2010-06-26 17:06 -------- d-----w- c:\users\SACHIN\AppData\Roaming\Ulead Systems
2010-06-26 16:55 . 2002-03-16 20:30 7420 ----a-w- c:\windows\UA000104.DLL
2010-06-26 16:54 . 2010-06-26 16:54 -------- d-----w- c:\program files\Windows Media Components
2010-06-26 16:53 . 2010-06-26 16:53 -------- d-----w- c:\program files\Common Files\LightScribe
2010-06-26 16:51 . 2010-06-26 17:02 -------- d-----w- c:\programdata\Ulead Systems
2010-06-26 16:51 . 2010-06-26 16:51 -------- d-----w- c:\program files\Corel
2010-06-26 15:28 . 2010-06-26 15:28 -------- d-----w- c:\windows\tiinst
2010-06-26 15:28 . 2010-06-26 15:28 -------- d-----w- C:\Dell
2010-06-26 14:04 . 2010-06-26 14:04 274472 ----a-w- c:\windows\system32\drivers\btwampfl.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-01 11:03 . 2010-07-01 11:00 -------- d-----w- c:\program files\Spyware Doctor
2010-07-01 11:01 . 2010-07-01 11:00 -------- d-----w- c:\program files\Common Files\PC Tools
2010-07-01 11:00 . 2010-07-01 11:00 -------- d-----w- c:\users\SACHIN\AppData\Roaming\PC Tools
2010-07-01 11:00 . 2010-07-01 11:00 -------- d-----w- c:\programdata\PC Tools
2010-06-28 19:03 . 2009-10-14 07:30 505128 ----a-w- c:\windows\system32\msvcp71.dll
2010-06-28 19:03 . 2009-01-08 07:43 353576 ----a-w- c:\windows\system32\msvcr71.dll
2010-06-28 04:49 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-06-28 04:48 . 2010-06-28 04:48 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-06-26 15:28 . 2010-06-26 15:21 -------- d--h--w- c:\program files\Temp
2010-06-26 13:00 . 2010-06-26 13:00 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf
2010-06-26 13:00 . 2010-06-26 13:00 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-06-25 13:41 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-06-21 14:44 . 2010-06-21 14:44 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2010-06-09 08:06 . 2010-06-09 08:06 976832 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\15600\AdobeARM.exe
2010-06-09 08:06 . 2010-06-09 08:06 70584 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\15600\AdobeExtractFiles.dll
2010-06-09 08:06 . 2010-06-09 08:06 331176 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\15600\ReaderUpdater.exe
2010-06-09 08:06 . 2010-06-09 08:06 331176 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\15600\AcrobatUpdater.exe
2010-06-08 02:16 . 2010-07-01 11:00 763832 ----a-w- c:\windows\BDTSupport.dll
2010-06-08 00:21 . 2010-07-01 11:00 1652664 ----a-w- c:\windows\PCTBDCore.dll
2010-05-04 05:59 . 2010-06-29 09:50 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-06-29 09:50 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-05-04 05:55 . 2010-06-29 09:50 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-05-04 04:31 . 2010-06-29 09:50 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-04-30 11:55 . 2010-06-26 15:21 1775136 ----a-w- c:\windows\system32\RtkPgExt.dll
2010-04-30 11:54 . 2010-06-26 15:21 367136 ----a-w- c:\windows\system32\RtkApoApi.dll
2010-04-30 11:29 . 2010-06-26 15:21 3086752 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2010-04-27 15:21 . 2010-06-26 15:21 1738072 ----a-w- c:\windows\system32\WavesGUILib.dll
2010-04-27 15:21 . 2010-06-26 15:21 253272 ----a-w- c:\windows\system32\MaxxVolumeSDAPO.dll
2010-04-27 15:21 . 2010-06-26 15:21 253784 ----a-w- c:\windows\system32\MaxxAudioAPO30.dll
2010-04-27 15:21 . 2010-06-26 15:21 1312088 ----a-w- c:\windows\system32\MaxxAudioRealtek.dll
2010-04-27 08:20 . 2010-06-26 15:21 299424 ----a-w- c:\windows\system32\FMAPO.dll
2010-04-16 16:43 . 2010-06-24 15:52 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll
2010-04-16 16:43 . 2010-06-24 15:52 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll
2010-04-16 16:43 . 2010-06-24 15:52 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll
2010-04-16 16:43 . 2010-06-24 15:52 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll
2010-04-14 12:25 . 2010-06-26 15:21 232792 ----a-w- c:\windows\system32\MaxxAudioAPO20.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0a452a47-c5a8-4854-a237-4b9b06b376f0}"= "c:\program files\Gossiper\tbGoss.dll" [2010-05-20 2675296]

[HKEY_CLASSES_ROOT\clsid\{0a452a47-c5a8-4854-a237-4b9b06b376f0}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0a452a47-c5a8-4854-a237-4b9b06b376f0}]
2010-05-20 10:05 2675296 ----a-w- c:\program files\Gossiper\tbGoss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{0a452a47-c5a8-4854-a237-4b9b06b376f0}"= "c:\program files\Gossiper\tbGoss.dll" [2010-05-20 2675296]

[HKEY_CLASSES_ROOT\clsid\{0a452a47-c5a8-4854-a237-4b9b06b376f0}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{0A452A47-C5A8-4854-A237-4B9B06B376F0}"= "c:\program files\Gossiper\tbGoss.dll" [2010-05-20 2675296]

[HKEY_CLASSES_ROOT\clsid\{0a452a47-c5a8-4854-a237-4b9b06b376f0}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DriverMax_RESTART"="c:\program files\Innovative Solutions\DriverMax\devices.exe" [2010-03-01 9216928]
"Registry Cleaner Scheduler"="c:\program files\CleanMyPC\Registry Cleaner\RCHelper.exe" [2008-03-02 913664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"VAIOCameraUtility"="c:\program files\Sony\VAIO Camera Utility\VCUServe.exe" [2007-05-28 415864]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-01-21 1594664]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-30 9210400]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2010-04-30 1833504]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2009-04-27 50472]
"BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2009-09-01 75048]

c:\users\SACHIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2007-6-1 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\syste m]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavaso ft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDef end]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bitcomet Ultra Accelerator.lnk]
backup=c:\windows\pss\Bitcomet Ultra Accelerator.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
2010-02-08 14:51 1015808 ----a-w- c:\program files\Ares\Ares.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
2010-06-30 04:56 3205424 ----a-w- c:\program files\BitComet\BitComet.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):62,22,80,d4,a9,ba,c9,01

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-22 136176]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-07-01 1352832]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrusb.sys [2008-07-28 904192]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-06-26 274472]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-12-02 29472]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-04-15 722288]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v040 0.exe [2010-03-18 753504]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-06-26 691696]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-03-29 218592]
S1 aswSP;aswSP; [x]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/06/29 00:35];c:\program files\CyberLink\PowerDVD9\000.fcl [2009-09-01 11:29 87536]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592]
S2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\IS360srv.exe [2010-06-11 312152]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2010-05-17 6630912]
S3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\Drivers\R5U870FLx86.sys [2008-03-25 73472]
S3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\Drivers\R5U870FUx86.sys [2008-03-25 43904]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2008-03-25 9344]
S3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-11-16 818688]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder

2010-07-10 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 10:43]

2010-07-10 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-06-23 08:41]

2010-07-11 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-06-23 12:03]

2010-07-10 c:\windows\Tasks\DriverCure Startup.job
- c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2009-02-27 06:30]

2010-07-06 c:\windows\Tasks\DriverCure.job
- c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2009-02-27 06:30]

2010-07-10 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-06-30 05:44]

2010-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-22 06:14]

2010-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-22 06:14]

2010-07-07 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-13 14:59]

2010-07-07 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2010-04-06 21:30]

2010-06-24 c:\windows\Tasks\ParetoLogic Update Version2.job
- c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 14:59]

2010-06-22 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2010-04-06 21:30]

2010-07-06 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2010-05-19 07:15]

2010-06-22 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2010-05-19 07:15]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1547340
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: Send image to &Bluetooth Device... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-11 10:15
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_Ac tiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(5860)
c:\program files\ThinkPad\Bluetooth Software\btncopy.dll
c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
.
Completion time: 2010-07-11 10:21:33
ComboFix-quarantined-files.txt 2010-07-11 04:51
ComboFix2.txt 2010-07-03 09:38
ComboFix3.txt 2010-07-02 05:39

Pre-Run: 118,815,772,672 bytes free
Post-Run: 118,763,778,048 bytes free

Current=1 Default=1 Failed=0 LastKnownGood=18 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18
- - End Of File - - 61D5BB73EED6BCC218D74AEF7FBAEE32

Similar Threads
Title	Thread Starter	Forum	Replies	Last Post
Google Virus/Groxua/Gz1/Result5 - How to get rid of this?	soundcolorlife	Virus & Other Malware Removal	3	01-Jul-2010 06:25 PM
How to get rid of CiD advertisements?	Gootmorik	Virus & Other Malware Removal	20	01-Aug-2009 12:53 PM
NMAP XMAS SCAN --how to get rid of it?	melson3	General Security	13	08-Mar-2009 08:10 PM
how to get rid of this n2.bat	pearljp05	Virus & Other Malware Removal	0	22-May-2008 12:41 AM
Solved: How to get rid of win32 trojan -gen???	Darekk1982	Virus & Other Malware Removal	10	03-Jan-2005 03:06 PM

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Search
Search for:

Solved: How to get rid of win32-gen malware?

Find the solution to your computer problem!

Find the solution to your
computer problem!