TDSSKiller won't run (Re-direct/System Fix Virus) - Page 2 - Computer Technical Help

SGicz · 12-21-2011, 05:35 PM

I tried accessing that information for my router, but I couldn't access. Apparently, it's a common problem with linksys routers. I used to be able to get to it by typing "192.168.1.1" into the address bar, but it no longer works. Do you think I would be able to get that same information if I were to type in "inconfig /all" into Command Prompt?

Gabethebabe · 12-22-2011, 03:15 AM

No you will not get that info with ipconfig /all

Try and make a hard reset of your router if you cannot enter.

Usually this is something like press the reset button with a paperclip for like 10 seconds
This will reset your router to factory settings and reset DNS settings to the DNS of your ISP.

SGicz · 12-25-2011, 09:25 AM

Ok, so I was able to reset it, finally. Took a few attempts. I couldn't find exactly what you referred to, but I have this:

Subnet Mask: 255.255.254.0
Default Gateway: 99.254.190.1
DNS 1: 64.71.255.198

I don't know if that's what exactly you were looking forward, though. I took a couple screenshots, and I could PM those to you if you want.

Gabethebabe · 12-25-2011, 03:35 PM

The redirects still exist?

Do you have the Windows setup disk of your system?

SGicz · 12-25-2011, 03:37 PM

The re-direct still exists. I'm still not able to use TDSSKiller. Never loads.

I'm sure I do have the Windows setup disk somewhere. What's the next step?

Gabethebabe · 12-25-2011, 04:08 PM

if you have your WIN setup disk, proceed with the following:

Put the Windows install disk in the disk drive and restart the computer.
Press a key when you are prompted.
Select a language, a time, a currency, a keyboard or an input method and click Next.
Click Repair your computer.
Click the operating system that you want to repair and click Next.
In the System Recovery Options dialog box, click Command Prompt.
Type Bootrec.exe /FixMbr and hit Enter.
Type exit and hit Enter to reboot your computer normally (remove the Windows install disk).

NOTE: if you don´t know how to make your computer boot from a disk, check out this page.

SGicz · 12-30-2011, 05:02 PM

Unfortunately, I don't have the WIN setup disk for this computer.

Gabethebabe · 12-31-2011, 03:48 AM

ugh

this is not going well

Lets have a look with another system analysis tool: OTL
Follow instructions here

SGicz · 12-31-2011, 10:00 AM

Not going well...you're telling me

I appreciate all the help you're providing.

Here's the logs:
------------------------

OTL logfile created on: 12/31/11 9:46:38 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Sumit\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: M/dd/yy

7.98 Gb Total Physical Memory | 6.08 Gb Available Physical Memory | 76.17% Memory free
15.96 Gb Paging File | 13.81 Gb Available in Paging File | 86.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449.58 Gb Total Space | 184.64 Gb Free Space | 41.07% Space Free | Partition Type: NTFS

Computer Name: SUMIT-VAIO | User Name: Sumit | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/31 09:44:42 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Sumit\Desktop\OTL.exe
PRC - [2011/11/28 19:05:08 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011/11/28 13:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/09/05 09:04:54 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/08/19 04:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/08/12 11:18:42 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/04/21 18:32:26 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/03/07 15:47:18 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/03/07 15:47:09 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011/03/05 15:42:36 | 000,180,928 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2011/03/05 15:42:36 | 000,064,704 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2011/02/23 13:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2011/02/15 10:47:02 | 002,757,312 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2011/02/14 12:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Care\VCService.exe
PRC - [2011/01/29 04:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Program Files\Sony\VAIO Care\listener.exe
PRC - [2011/01/12 17:00:42 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/01/12 17:00:38 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/11/26 23:55:42 | 000,648,032 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2010/11/26 23:55:42 | 000,398,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2010/09/30 02:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2010/09/22 17:11:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2010/05/20 15:15:00 | 000,110,736 | R--- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2010/03/11 13:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

========== Modules (No Company Name) ==========

MOD - [2011/10/20 17:48:41 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAS torUtil\356136d6f23fe3cde33dc96fbda2df0a\IAStorUti l.ni.dll
MOD - [2011/10/20 17:48:41 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAS torCommon\b40ad47b1338dd50c41d2c5571819a09\IAStorC ommon.ni.dll
MOD - [2011/10/20 17:09:45 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d \System.Runtime.Remoting.ni.dll
MOD - [2011/10/20 17:09:25 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db \System.Windows.Forms.ni.dll
MOD - [2011/10/20 17:09:20 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Drawing\3b2cfd85528a27eb71dc41d8067359a1\Syste m.Drawing.ni.dll
MOD - [2011/10/20 17:09:10 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Win dowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsB ase.ni.dll
MOD - [2011/10/20 17:09:06 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Xml\130ad4d9719e566ca933ac7158a04203\System.Xm l.ni.dll
MOD - [2011/10/20 17:09:04 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Configuration\2d5bcbeb9475ef62189f605bcca1cec6 \System.Configuration.ni.dll
MOD - [2011/10/20 17:09:03 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/10/20 17:08:59 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\msc orlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni .dll
MOD - [2011/08/12 11:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011/08/12 11:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011/08/12 11:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011/08/12 11:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011/08/12 11:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2011/07/28 18:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/09/23 14:37:08 | 001,429,608 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2011/08/12 15:35:30 | 000,971,704 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:64bit: - [2011/07/19 03:45:52 | 000,104,096 | ---- | M] (Atheros Communication Inc.) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe -- (DCDhcpService)
SRV:64bit: - [2011/05/24 08:00:00 | 000,652,016 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2011/03/24 15:42:48 | 000,968,480 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2011/02/18 21:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2011/02/18 21:02:08 | 000,385,336 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:64bit: - [2011/02/14 16:54:50 | 000,550,080 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2011/02/14 12:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)
SRV:64bit: - [2011/01/29 04:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2011/01/20 11:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/09/05 09:04:54 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/08/19 04:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/07/29 22:50:16 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/04/21 18:32:26 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/03/07 15:47:18 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2011/03/07 15:47:09 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2011/03/05 15:42:36 | 000,064,704 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2011/02/23 13:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2011/02/21 11:55:08 | 000,113,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2011/02/21 11:55:08 | 000,067,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2011/01/20 11:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2011/01/12 17:00:42 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/11/26 23:55:42 | 000,398,176 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010/09/30 02:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/05/20 15:15:00 | 000,110,736 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/11 13:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/11/28 12:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/11/28 12:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/11/28 12:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/11/28 12:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/11/28 12:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/11/28 12:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/08/19 04:27:30 | 004,869,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech QuickCam Pro 9000(UVC)
DRV:64bit: - [2011/08/19 04:27:30 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/06/21 00:03:42 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/05/09 08:47:43 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/01 15:19:40 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/04/01 15:16:41 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011/04/01 15:16:39 | 000,163,880 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011/04/01 15:16:38 | 000,436,776 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2011/04/01 15:16:38 | 000,150,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011/04/01 15:15:28 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/07 16:01:02 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/07 15:54:57 | 001,404,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/03/07 15:47:07 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2011/03/01 15:03:34 | 000,098,816 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsnxc64.sys -- (risdsnpe)
DRV:64bit: - [2011/03/01 15:03:26 | 000,102,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:64bit: - [2010/12/10 12:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/12/10 12:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/04/26 15:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2010/03/19 02:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress) Intel(R)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 13:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2007/05/14 15:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007/04/17 10:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV:64bit: - [2007/04/17 10:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (6077757b)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSour...ctid=CT3007394
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "WhiteSmoke Bar Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3007394&SearchSource=3&q={s earchTerms}"
FF - prefs.js..browser.startup.homepage: "www.yahoo.com"
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_10 2.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Sumit\AppData\Roaming\Mozilla\plugins\npg oogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Sumit\AppData\Roaming\Mozilla\plugins\npg tpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sumit\AppData\Local\Google\Update\1.3.21. 79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sumit\AppData\Local\Google\Update\1.3.21. 79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/12/13 15:10:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/12/19 21:33:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/28 19:04:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/11/28 19:05:32 | 000,000,000 | ---D | M]

[2011/08/04 17:12:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sumit\AppData\Roaming\Mozilla\Extensions
[2011/12/13 22:25:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sumit\AppData\Roaming\Mozilla\Firefox\Pro files\w5znxcrh.default\extensions
[2011/08/04 18:35:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Sumit\AppData\Roaming\Mozilla\Firefox\Pro files\w5znxcrh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/12/13 22:25:18 | 000,000,000 | ---D | M] (Anti-Aliasing Tuner) -- C:\Users\Sumit\AppData\Roaming\Mozilla\Firefox\Pro files\w5znxcrh.default\extensions\aatuner@hotmint. com
[2011/08/04 18:35:24 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Sumit\AppData\Roaming\Mozilla\Firefox\Pro files\w5znxcrh.default\extensions\firefox@tvunetwo rks.com
[2011/08/04 18:35:24 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Sumit\AppData\Roaming\Mozilla\Firefox\Pro files\w5znxcrh.default\extensions\vshare@toolbar
[2011/10/19 12:49:46 | 000,000,931 | ---- | M] () -- C:\Users\Sumit\AppData\Roaming\Mozilla\Firefox\Pro files\w5znxcrh.default\searchplugins\conduit.xml
[2011/08/04 17:12:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/12/19 21:33:09 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video&gt

-- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2011/11/09 18:12:45 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/03 04:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll
[2011/07/11 16:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011/10/02 16:03:30 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/09 18:12:45 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:accepte dSuggestion}{google

riginalQueryForSuggestion}{go ogle:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEnco ding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldt rialParameter}{google:instantFieldTrialGroupParame ter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sumit\AppData\Local\Google\Chrome\Applica tion\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Sumit\AppData\Local\Google\Chrome\Applica tion\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Sumit\AppData\Local\Google\Chrome\Applica tion\16.0.912.63\pdf.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Users\Sumit\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllec mejgjj\1.3_0\chvsharetvplg.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Sumit\AppData\Roaming\Mozilla\plugins\npg oogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Sumit\AppData\Roaming\Mozilla\plugins\npg tpo3dautoplugin.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Sumit\AppData\Local\Google\Update\1.3.21. 79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Sumit\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2.2_0\
CHR - Extension: Google Search = C:\Users\Sumit\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf\0.0.0.16_0\
CHR - Extension: vshare plugin = C:\Users\Sumit\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllec mejgjj\1.3_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Sumit\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacok ifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Sumit\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\6.1.4_0\

O1 HOSTS File: ([2011/12/19 20:32:47 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{48BA5FE9-6DF2-41F9-919C-4915A19D222E}: DhcpNameServer = 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{7002E9E3-0135-4E45-9807-F30A26E61C91}: DhcpNameServer = 64.71.255.198
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.e xe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PEVSystemStart - Service
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: procexp90.Sys - Driver
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PEVSystemStart - Service
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: procexp90.Sys - Driver
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSe tup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSe tup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32:64bit: vidc.tscc - C:\Windows\SysWOW64\tsccvid64.dll (TechSmith Corporation)
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Program Files (x86)\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.tscc - C:\Windows\SysWOW64\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)

========== Files/Folders - Created Within 30 Days ==========

[2011/12/31 09:44:42 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Sumit\Desktop\OTL.exe
[2011/12/30 10:50:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies
[2011/12/30 10:50:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Applian Technologies
[2011/12/27 14:50:58 | 000,000,000 | ---D | C] -- C:\Users\Sumit\AppData\Local\TechSmith
[2011/12/27 14:50:51 | 000,000,000 | ---D | C] -- C:\Users\Sumit\Documents\Camtasia Studio
[2011/12/27 14:49:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 7
[2011/12/27 14:49:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared
[2011/12/27 14:49:05 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2011/12/27 14:49:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith
[2011/12/19 20:57:51 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/12/19 20:56:53 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2011/12/19 19:54:40 | 000,000,000 | ---D | C] -- C:\myapp
[2011/12/16 08:39:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011/12/16 08:39:22 | 000,000,000 | ---D | C] -- C:\Users\Sumit\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\HiJackThis
[2011/12/15 09:23:23 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/12/15 09:23:23 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/12/15 09:23:22 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/12/15 09:23:22 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/12/15 09:23:22 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/12/15 09:23:22 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/12/15 09:23:20 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/12/15 09:23:20 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/12/15 09:23:20 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/12/15 09:23:20 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/12/15 09:23:19 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/12/15 09:21:10 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011/12/15 09:20:44 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/12/15 09:20:44 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/12/14 14:57:19 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/12/14 14:57:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/12/14 14:57:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/12/14 14:56:12 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/12/14 14:55:56 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/12/14 14:52:27 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/12/14 13:12:53 | 000,000,000 | ---D | C] -- C:\Users\Sumit\AppData\Roaming\Resource Tuner
[2011/12/14 13:12:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Resource Tuner
[2011/12/14 12:09:32 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/12/13 13:52:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/11 19:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack
[2011/12/11 19:44:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Combined Community Codec Pack
[2011/12/11 09:02:10 | 000,000,000 | ---D | C] -- C:\ProgramData\{CC6525B7-42F2-42DB-BF33-445E26F52EC1}
[2011/12/10 20:07:39 | 000,000,000 | ---D | C] -- C:\ProgramData\BDJ
[2011/12/06 19:39:34 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2011/12/05 20:55:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solveig Multimedia
[2011/12/05 20:55:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Solveig Multimedia
[2011/12/05 20:55:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Solveig Multimedia

========== Files - Modified Within 30 Days ==========

[2011/12/31 09:44:42 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Sumit\Desktop\OTL.exe
[2011/12/31 09:42:15 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1092261522-3968376865-3905991002-1000UA.job
[2011/12/31 09:40:52 | 000,021,200 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/31 09:40:52 | 000,021,200 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/31 09:27:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/31 09:27:18 | 2132,713,471 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/30 21:33:19 | 000,116,271 | ---- | M] () -- C:\Users\Sumit\Straight_Edge.jpg
[2011/12/30 19:32:55 | 000,083,791 | ---- | M] () -- C:\Users\Sumit\darkknightrises-tlr1_h720p.jpg
[2011/12/29 23:41:13 | 000,779,266 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/29 23:41:13 | 000,664,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/29 23:41:13 | 000,125,696 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/28 19:31:08 | 000,024,064 | ---- | M] () -- C:\Users\Sumit\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/26 20:04:49 | 000,299,354 | ---- | M] () -- C:\Users\Sumit\bitw_fb_sm.jpg
[2011/12/26 19:57:03 | 000,366,203 | ---- | M] () -- C:\Users\Sumit\bitw_fb.jpg
[2011/12/26 19:21:29 | 000,173,271 | ---- | M] () -- C:\Users\Sumit\cm_punk_best_in_the_world_3_by_kear se-d40xe99.jpg
[2011/12/26 15:39:52 | 000,022,138 | ---- | M] () -- C:\Users\Sumit\RP4856.jpg
[2011/12/26 02:26:47 | 000,001,885 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/12/26 02:26:47 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/12/25 09:21:04 | 008,294,454 | ---- | M] () -- C:\Users\Sumit\76BE.bmp
[2011/12/25 09:20:38 | 008,294,454 | ---- | M] () -- C:\Users\Sumit\1F7.bmp
[2011/12/23 05:42:01 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1092261522-3968376865-3905991002-1000Core.job
[2011/12/20 19:48:58 | 097,734,470 | ---- | M] () -- C:\Users\Sumit\darkknightrises-tlr1_h720p.mov
[2011/12/19 20:32:47 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/12/15 09:28:39 | 000,385,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/14 23:43:45 | 000,002,363 | ---- | M] () -- C:\Users\Sumit\Desktop\Google Chrome.lnk
[2011/12/14 12:09:32 | 644,622,217 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/12/14 09:33:29 | 019,257,616 | ---- | M] () -- C:\Users\Sumit\The Dark Knight Rises 6 Minute Prologue Leaked!.mp4
[2011/12/13 15:10:52 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/12/13 15:01:35 | 000,001,017 | ---- | M] () -- C:\Users\Sumit\Desktop\Sumit.lnk
[2011/12/10 20:07:10 | 000,000,952 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys

========== Files Created - No Company Name ==========

[2011/12/30 21:33:19 | 000,116,271 | ---- | C] () -- C:\Users\Sumit\Straight_Edge.jpg
[2011/12/30 19:32:55 | 000,083,791 | ---- | C] () -- C:\Users\Sumit\darkknightrises-tlr1_h720p.jpg
[2011/12/26 20:04:48 | 000,299,354 | ---- | C] () -- C:\Users\Sumit\bitw_fb_sm.jpg
[2011/12/26 19:57:03 | 000,366,203 | ---- | C] () -- C:\Users\Sumit\bitw_fb.jpg
[2011/12/26 19:21:29 | 000,173,271 | ---- | C] () -- C:\Users\Sumit\cm_punk_best_in_the_world_3_by_kear se-d40xe99.jpg
[2011/12/26 15:39:57 | 000,022,138 | ---- | C] () -- C:\Users\Sumit\RP4856.jpg
[2011/12/25 09:21:04 | 008,294,454 | ---- | C] () -- C:\Users\Sumit\76BE.bmp
[2011/12/25 09:20:38 | 008,294,454 | ---- | C] () -- C:\Users\Sumit\1F7.bmp
[2011/12/20 19:48:57 | 097,734,470 | ---- | C] () -- C:\Users\Sumit\darkknightrises-tlr1_h720p.mov
[2011/12/14 14:57:19 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/12/14 14:57:17 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/12/14 14:57:17 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/12/14 14:57:17 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/12/14 14:57:17 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/12/14 12:09:32 | 644,622,217 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/12/14 09:33:23 | 019,257,616 | ---- | C] () -- C:\Users\Sumit\The Dark Knight Rises 6 Minute Prologue Leaked!.mp4
[2011/12/13 15:01:35 | 000,001,017 | ---- | C] () -- C:\Users\Sumit\Desktop\Sumit.lnk
[2011/12/13 14:58:44 | 000,002,661 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Word 2010.lnk
[2011/12/13 14:58:44 | 000,002,623 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Excel 2010.lnk
[2011/12/13 14:58:44 | 000,001,885 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/12/13 14:58:44 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Photoshop Elements 9.lnk
[2011/12/13 14:58:44 | 000,001,624 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Webcam Software .lnk
[2011/12/13 14:58:44 | 000,001,142 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/12/13 14:58:44 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2011/12/13 14:58:44 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/12/13 14:58:38 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2011/12/13 14:58:31 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/12/13 14:58:31 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[2011/12/13 14:58:31 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2011/12/13 14:58:30 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/12/13 14:58:30 | 000,002,507 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 9 Standard.lnk
[2011/12/13 14:58:30 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 9.lnk
[2011/12/13 14:58:30 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/12/13 14:58:30 | 000,002,269 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Data Restore Tool.lnk
[2011/12/13 14:58:30 | 000,002,267 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Elements 9.lnk
[2011/12/13 14:58:30 | 000,002,201 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Smart Network.lnk
[2011/12/13 14:58:30 | 000,002,076 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Gate.lnk
[2011/12/13 14:58:30 | 000,002,017 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care.lnk
[2011/12/13 14:58:30 | 000,001,995 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
[2011/12/13 14:58:30 | 000,001,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 9.lnk
[2011/12/13 14:58:30 | 000,001,852 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Easy Connect.lnk
[2011/12/13 14:58:30 | 000,001,531 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk
[2011/12/13 14:58:30 | 000,001,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
[2011/12/13 14:58:30 | 000,001,400 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO3DPortal.lnk
[2011/12/13 14:58:30 | 000,001,352 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[2011/12/13 14:58:30 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011/12/13 14:58:30 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2011/12/13 14:58:30 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011/12/13 14:58:30 | 000,001,303 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Gallery.lnk
[2011/12/13 14:58:30 | 000,001,275 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Transfer.lnk
[2011/12/13 14:58:30 | 000,001,189 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Keyboard.lnk
[2011/12/13 14:58:30 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2011/12/13 14:58:30 | 000,001,154 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/12/13 14:58:30 | 000,001,121 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB.lnk
[2011/12/13 14:58:30 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2011/12/13 14:58:30 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup Trial.url
[2011/12/13 13:52:37 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/08 07:35:51 | 000,001,068 | -HS- | C] () -- C:\Users\Sumit\AppData\Local\cmkk080234g6b6e418wo3 736s778sk14tmsf3rj
[2011/09/08 07:35:51 | 000,001,068 | -HS- | C] () -- C:\ProgramData\cmkk080234g6b6e418wo3736s778sk14tms f3rj
[2011/09/08 07:35:50 | 000,000,000 | ---- | C] () -- C:\ProgramData\rgtr.exe
[2011/09/08 07:35:50 | 000,000,000 | ---- | C] () -- C:\ProgramData\ppft.exe
[2011/09/08 07:35:50 | 000,000,000 | ---- | C] () -- C:\ProgramData\pltf.exe
[2011/09/08 07:35:50 | 000,000,000 | ---- | C] () -- C:\ProgramData\mher.exe
[2011/08/29 14:20:41 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/08/19 04:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2011/08/19 04:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2011/08/19 04:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011/08/12 17:01:56 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/08/07 18:53:04 | 000,024,064 | ---- | C] () -- C:\Users\Sumit\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/04 17:12:38 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/07/29 23:13:57 | 000,333,824 | ---- | C] () -- C:\Windows\SysWow64\SonyVideoProcessor.dll
[2011/07/29 22:25:49 | 000,000,226 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32. bc
[2011/03/07 19:53:48 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011/02/10 18:03:27 | 000,764,810 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== Custom Scans ==========

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\drivers\*.sys >
[2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\wimmount.sys

< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %SYSTEMDRIVE%\*.* >
[2011/08/06 08:13:18 | 000,000,000 | ---- | M] () -- C:\AdobeDebug.txt
[2011/12/19 20:51:46 | 000,032,920 | ---- | M] () -- C:\ComboFix.txt
[2011/12/31 09:27:18 | 2132,713,471 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/29 23:42:26 | 000,315,724 | ---- | M] () -- C:\lv.log
[2011/12/31 09:27:20 | 4275,273,727 | -HS- | M] () -- C:\pagefile.sys
[2011/07/29 22:31:14 | 000,002,197 | ---- | M] () -- C:\RHDSetup.log
[2011/12/25 16:32:54 | 000,000,391 | ---- | M] () -- C:\rkill.log
[2011/07/29 23:42:19 | 000,000,074 | ---- | M] () -- C:\splash.idx
[2011/12/14 09:37:30 | 000,001,900 | ---- | M] () -- C:\TDSSKiller.2.6.23.0_14.12.2011_09.37.23_log.txt
[2011/12/14 09:39:11 | 000,080,638 | ---- | M] () -- C:\TDSSKiller.2.6.23.0_14.12.2011_09.38.41_log.txt
[2011/12/14 09:42:28 | 000,080,638 | ---- | M] () -- C:\TDSSKiller.2.6.23.0_14.12.2011_09.42.02_log.txt
[2011/03/01 11:58:36 | 000,004,112 | ---- | M] () -- C:\version

< %PROGRAMFILES%\*. >
[2011/07/29 23:21:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2011/08/04 18:27:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2011/12/30 10:50:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Applian Technologies
[2011/07/29 23:27:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ArcSoft
[2011/10/07 20:53:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Atheros WiFi Driver Installation
[2011/12/11 19:44:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Combined Community Codec Pack
[2011/12/27 14:49:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2011/07/29 23:25:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Corel
[2011/12/11 09:02:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DDNi
[2011/12/19 21:33:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DivX
[2011/07/29 23:41:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Downloaded Installations
[2011/08/04 18:22:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FLV Player
[2011/10/17 19:15:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2011/10/07 20:55:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/07/29 22:38:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2011/12/15 09:27:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2011/07/29 22:44:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2011/09/16 15:05:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Logitech
[2011/12/13 13:52:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/08/04 17:02:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2011/08/04 18:52:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Analysis Services
[2011/09/17 13:42:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2011/08/04 18:54:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2011/10/20 17:03:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/11/02 20:18:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/11/02 20:18:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2011/08/04 18:53:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2011/08/04 18:34:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MozBackup
[2011/11/09 18:13:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2011/07/29 23:32:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2011/07/29 23:30:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
[2011/11/01 07:52:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2011/11/28 19:05:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Real
[2011/07/29 22:30:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2011/07/29 22:38:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Renesas Electronics
[2011/12/14 14:16:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Resource Tuner
[2011/11/04 22:39:30 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2011/08/04 18:23:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Smart Projects
[2011/07/29 22:59:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SmartSound Software
[2011/12/05 20:55:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Solveig Multimedia
[2011/07/29 23:55:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Sony
[2011/11/05 19:52:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SopCast
[2011/08/04 19:17:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Sports Interactive
[2011/12/27 14:49:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TechSmith
[2011/07/29 22:31:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Temp
[2011/12/16 08:39:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Trend Micro
[2009/07/13 23:57:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Uninstall Information
[2011/10/20 17:03:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\uTorrent
[2011/10/15 20:04:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Veetle
[2011/08/04 18:38:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN
[2011/10/15 20:26:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\vShare.tv plugin
[2011/08/04 18:39:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Winamp
[2011/08/04 18:39:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Winamp Detect
[2011/07/30 02:19:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2011/08/04 17:03:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2011/08/04 17:02:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live SkyDrive
[2011/07/30 02:19:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2011/07/30 02:19:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2011/07/30 02:19:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2010/11/20 22:31:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2011/07/30 02:19:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2011/08/04 18:25:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Yahoo!
[2011/08/04 19:21:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Zero G Registry

< MD5 for: ATAPI.SYS >
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\ms hdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35 _6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87 e574ddfe652d\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa7 9dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b033 3b22a99da332\explorer.exe
[2010/11/20 22:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f 56d3c4bcbafb\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc 4815c4e292b5\explorer.exe
[2010/11/20 22:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afda ac81905bf900\explorer.exe

< MD5 for: IASTOR.SYS >
[2011/05/09 08:47:43 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Windows\SysNative\drivers\iaStor.sys
[2011/05/09 08:47:43 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Windows\SysNative\DriverStore\FileRepository\ia ahci.inf_amd64_neutral_a36325196df56f7d\iaStor.sys
[2011/05/09 08:47:43 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Windows\SysNative\DriverStore\FileRepository\ia stor.inf_amd64_neutral_e3082ac13af8d3bf\iaStor.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache86\userinit.exe
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de30 24012ff21116\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\ERDNT\cache64\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4e bf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\ERDNT\cache64\winlogon.exe
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde9 0685eb910636\winlogon.exe

< End of report >

SGicz · 12-31-2011, 10:02 AM

OTL Extras logfile created on: 12/31/11 9:46:38 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Sumit\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: M/dd/yy

7.98 Gb Total Physical Memory | 6.08 Gb Available Physical Memory | 76.17% Memory free
15.96 Gb Paging File | 13.81 Gb Available in Paging File | 86.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449.58 Gb Total Space | 184.64 Gb Free Space | 41.07% Space Free | Partition Type: NTFS

Computer Name: SUMIT-VAIO | User Name: Sumit | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --playlist-enqueue "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --no-playlist-enqueue "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --playlist-enqueue "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --no-playlist-enqueue "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery
"{11D25EF7-85FC-4B58-8278-485939C8637F}" = VAIO Update Merge Module x64
"{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PMB VAIO Edition Plug-in
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = Sony Corporation
"{57DD35E9-D9BB-4089-BB05-EF933C586CB3}" = Broadcom InConcert Maestro
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 268.30
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 268.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 268.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.22.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}" = WIDCOMM Bluetooth Software
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{F1DC5C16-9B1F-467B-85E3-CB48C27AC50D}" = VESx64
"{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}" = VSNx64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
"{07441A52-E208-478A-92B7-5C337CA8C131}" = VAIO - Remote Play with PlayStation®3
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08D7BC86-7358-464C-8AD0-0D84B5F0A0C9}" = Remote Keyboard
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18894D16-5448-4BF9-A128-F7E937322F91}" = OOBE
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21DD6041-7251-40FA-9D06-C5EB30268E0F}" = Qualcomm Atheros Direct Connect
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{270380EB-8812-42E1-8289-53700DB840D2}" = PMB VAIO Edition Plug-in
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3A94F54D-A8A4-4B82-B346-92B4D56A2708}" = VESx86
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}" = VAIO Quick Web Access
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5CF6EEE9-86B1-3DB6-A07C-8F6C079C39BA}" = Google Talk Plugin
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO Transfer Support
"{5FA51AAF-23FE-42F4-A724-D79F85F41D4B}" = Remote Play with PlayStation 3
"{61438020-DDD4-42FA-99A2-50225441980A}" = ArcSoft Magic-i Visual Effects 2
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{70EED410-697B-4193-A2CB-2F790F82B420}" = VAIO Data Restore Tool
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - Remote Keyboard
"{73D8886A-D416-4687-B609-0D3836BA410C}" = VAIO Event Service
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Atheros WiFi Driver Installation
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{8356CB97-A48F-44CB-837A-A12838DC4669}" = PMB VAIO Edition Plug-in
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B088046-8A01-4355-99DD-8530C022F682}" = VCCx86
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49A517F-5332-4665-922C-6D9AD31ADD4F}" = VSNx86
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-1033-0000-BA7E-000000000004}" = Adobe Acrobat 9 Standard
"{AC76BA86-1033-0000-BA7E-000000000004}_941" = Adobe Acrobat 9.4.1 - CPSID_83708
"{AC76BA86-1033-0000-BA7E-000000000004}{AC76BA86-1033-0000-BA7E-000000000004}" = Adobe Acrobat 9 Standard
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.1) MUI
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}" = Camtasia Studio 7
"{C14EAE86-C526-4E00-B245-CFF86233C3D2}" = VAIO 3D Portal
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO Manual
"{C72E35E5-C5C6-4328-AD9A-BBCCC816A2E6}" = VAIO Hardware Diagnostics
"{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}" = ArcSoft WebCam Companion 4
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D312F154-8455-45C1-A44E-1AED321E6E95}" = NVIDIA 3D Vision Video Player
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D4E7BB46-310E-4A21-B261-052A5997EA2F}" = V3DPX86
"{D531F5A4-18F6-4130-B9A4-9179D6E349FC}" = VAIO Care
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help
"{F5248E24-F52C-4FD1-B76F-102460BAFD6B}" = VAIO Help and Support
"{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}" = VAIO - Media Gallery
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
"Applian FLV and Media Player" = Applian FLV and Media Player 3.1.1.12
"avast" = avast! Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE. 1" = Adobe Community Help
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-11-11
"DivX Setup" = DivX Setup
"FLV Player2.0.25" = FLV Player
"Football Manager 2011" = Football Manager 2011
"InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}" = VAIO - PMB VAIO Edition Plug-in
"InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"IsoBuster_is1" = IsoBuster 2.8.5
"Logitech Vid" = Logitech Vid HD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 8.0 (x86 en-US)" = Mozilla Firefox 8.0 (x86 en-US)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"PremElem90" = Adobe Premiere Elements 9
"SolveigMM AVI Trimmer 2.0.1111.07" = SolveigMM AVI Trimmer
"SopCast" = SopCast 3.0.3
"splashtop" = VAIO Quick Web Access
"uTorrent" = µTorrent
"VAIO Satisfaction Survey.3.0" = VAIO Satisfaction Survey.
"Veetle TV" = Veetle TV
"VLC media player" = VLC media player 1.1.11
"vShare.tv plugin" = vShare.tv plugin 1.3
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/16/11 6:27:47 PM | Computer Name = Sumit-VAIO | Source = WinMgmt | ID = 10
Description =

Error - 12/16/11 9:20:35 PM | Computer Name = Sumit-VAIO | Source = WinMgmt | ID = 10
Description =

Error - 12/17/11 9:39:40 AM | Computer Name = Sumit-VAIO | Source = WinMgmt | ID = 10
Description =

Error - 12/17/11 12:53:34 PM | Computer Name = Sumit-VAIO | Source = WinMgmt | ID = 10
Description =

Error - 12/17/11 1:22:53 PM | Computer Name = Sumit-VAIO | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BU ILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 12/17/11 1:24:26 PM | Computer Name = Sumit-VAIO | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "c:\program files (x86)\windows
live\photo gallery\MovieMaker.Exe".Error in manifest or policy file "c:\program
files (x86)\windows live\photo gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32", version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",ve rsion="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.

Error - 12/17/11 4:02:41 PM | Computer Name = Sumit-VAIO | Source = WinMgmt | ID = 10
Description =

Error - 12/17/11 11:18:45 PM | Computer Name = Sumit-VAIO | Source = WinMgmt | ID = 10
Description =

Error - 12/17/11 11:32:21 PM | Computer Name = Sumit-VAIO | Source = WinMgmt | ID = 10
Description =

Error - 12/18/11 9:32:10 AM | Computer Name = Sumit-VAIO | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 10/30/11 9:01:20 AM | Computer Name = Sumit-VAIO | Source = Service Control Manager | ID = 7022
Description = The VAIO Care Performance Service service hung on starting.

Error - 10/30/11 9:05:29 AM | Computer Name = Sumit-VAIO | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.

Error - 11/16/11 7:21:35 AM | Computer Name = Sumit-VAIO | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

< End of report >

Gabethebabe · 01-01-2012, 12:55 PM

Please run OTL.exe again
Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:

Code:

:files
C:\32788R22FWJFW
C:\myapp
C:\ProgramData\{CC6525B7-42F2-42DB-BF33-445E26F52EC1}
C:\ProgramData\BDJ
C:\Users\Sumit\AppData\Local\cmkk080234g6b6e418wo3736s778sk14tmsf3rj
C:\ProgramData\cmkk080234g6b6e418wo3736s778sk14tmsf3rj
C:\ProgramData\rgtr.exe
C:\ProgramData\ppft.exe
C:\ProgramData\pltf.exe
C:\ProgramData\mher.exe

:otl
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

:commands
[reboot]

Then click the Run Fix button at the top (Not the Run Scan!).
Allow it to run. It may take some time and you may see some things happen to your desktop - this is normal.
If it asks to reboot the computer, allow it to reboot.
If the program freezes, and the computer fails to reboot - let me know.
Finally, post the contents of the log. (Located at C:\_OTL\Moved Files)

====================

This will delete some malware files I found, but I don´t think it will solve your problem.

Do you have redirects only on chrome or also in Firefox / Internet explorer?
Are you able to lay your hand on a WIN7 64-bit setup disk?

====================

Please download MBRCheck by a_d_13 from either of the following mirrors and save it to your Desktop.
Double click MBRCheck.exe to run it (right click > Run as Administrator for Vista and WIN7)
It will show a black screen with a report of what has been found.
Exit from the program, also if an infection is found.
The report can be found on your desktop, named MBRCheckxxxx.txt
Please post the contents of that report in your next reply.

SGicz · 01-01-2012, 03:15 PM

The OTL Moved Files log:

========== FILES ==========
C:\32788R22FWJFW\N_ folder moved successfully.
C:\32788R22FWJFW\License folder moved successfully.
C:\32788R22FWJFW\EN-US folder moved successfully.
C:\32788R22FWJFW\en-CA folder moved successfully.
C:\32788R22FWJFW folder moved successfully.
C:\myapp folder moved successfully.
C:\ProgramData\{CC6525B7-42F2-42DB-BF33-445E26F52EC1}\{0131D7EF-65FF-478F-8ABD-5ABEE24EC8EF} folder moved successfully.
C:\ProgramData\{CC6525B7-42F2-42DB-BF33-445E26F52EC1} folder moved successfully.
C:\ProgramData\BDJ\BindingUnit\-886-45-31-103-10-38-3637-1-86-88169796-5714-106-11018\ffffd54d\1963b93f68564d638dadb74d0a293987 folder moved successfully.
C:\ProgramData\BDJ\BindingUnit\-886-45-31-103-10-38-3637-1-86-88169796-5714-106-11018\ffffd54d folder moved successfully.
C:\ProgramData\BDJ\BindingUnit\-886-45-31-103-10-38-3637-1-86-88169796-5714-106-11018 folder moved successfully.
C:\ProgramData\BDJ\BindingUnit folder moved successfully.
C:\ProgramData\BDJ\ApplicationData\lfm folder moved successfully.
C:\ProgramData\BDJ\ApplicationData\-886-45-31-103-10-38-3637-1-86-88169796-5714-106-11018\ffffd54d\5804 folder moved successfully.
C:\ProgramData\BDJ\ApplicationData\-886-45-31-103-10-38-3637-1-86-88169796-5714-106-11018\ffffd54d folder moved successfully.
C:\ProgramData\BDJ\ApplicationData\-886-45-31-103-10-38-3637-1-86-88169796-5714-106-11018 folder moved successfully.
C:\ProgramData\BDJ\ApplicationData folder moved successfully.
C:\ProgramData\BDJ folder moved successfully.
C:\Users\Sumit\AppData\Local\cmkk080234g6b6e418wo3 736s778sk14tmsf3rj moved successfully.
C:\ProgramData\cmkk080234g6b6e418wo3736s778sk14tms f3rj moved successfully.
C:\ProgramData\rgtr.exe moved successfully.
C:\ProgramData\ppft.exe moved successfully.
C:\ProgramData\pltf.exe moved successfully.
C:\ProgramData\mher.exe moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8 A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.31.0 log created on 01012012_150735

=============================================

And the MRBCheck log:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Sony Corporation
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: Sony Corporation
System Product Name: VPCF2290S
Logical Drives Mask: 0x00000014

Kernel Drivers (total 204):
0x02E56000 \SystemRoot\system32\ntoskrnl.exe
0x02E0D000 \SystemRoot\system32\hal.dll
0x00BCE000 \SystemRoot\system32\kdcom.dll
0x00CCD000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00D1C000 \SystemRoot\system32\PSHED.dll
0x00D30000 \SystemRoot\system32\CLFS.SYS
0x00C00000 \SystemRoot\system32\CI.dll
0x00E27000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00ECB000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00EDA000 \SystemRoot\system32\drivers\ACPI.sys
0x00F31000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00F3A000 \SystemRoot\system32\drivers\msisadrv.sys
0x00F44000 \SystemRoot\system32\drivers\pci.sys
0x00F77000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00F84000 \SystemRoot\System32\drivers\partmgr.sys
0x00F99000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00FA2000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00FAE000 \SystemRoot\system32\drivers\volmgr.sys
0x00D8E000 \SystemRoot\System32\drivers\volmgrx.sys
0x00FC3000 \SystemRoot\System32\drivers\mountmgr.sys
0x0107B000 \SystemRoot\system32\drivers\iaStor.sys
0x011CF000 \SystemRoot\system32\drivers\amdxata.sys
0x01000000 \SystemRoot\system32\drivers\fltmgr.sys
0x0104C000 \SystemRoot\system32\drivers\fileinfo.sys
0x01060000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x01246000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01428000 \SystemRoot\System32\Drivers\msrpc.sys
0x01486000 \SystemRoot\System32\Drivers\ksecdd.sys
0x014A1000 \SystemRoot\System32\Drivers\cng.sys
0x01513000 \SystemRoot\System32\drivers\pcw.sys
0x01524000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x016EF000 \SystemRoot\system32\drivers\ndis.sys
0x01600000 \SystemRoot\system32\drivers\NETIO.SYS
0x01660000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x018B5000 \SystemRoot\System32\drivers\tcpip.sys
0x01AB9000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01B03000 \SystemRoot\system32\drivers\volsnap.sys
0x01B4F000 \SystemRoot\System32\Drivers\spldr.sys
0x01B57000 \SystemRoot\System32\drivers\rdyboost.sys
0x01B91000 \SystemRoot\System32\Drivers\mup.sys
0x01BA3000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01BAC000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01BE6000 \SystemRoot\system32\drivers\disk.sys
0x01800000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x02F7D000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x0152E000 \SystemRoot\System32\Drivers\aswSnx.SYS
0x02FA7000 \SystemRoot\System32\Drivers\Null.SYS
0x02FB0000 \SystemRoot\System32\Drivers\Beep.SYS
0x02FB7000 \SystemRoot\System32\drivers\vga.sys
0x02FC5000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x02FEA000 \SystemRoot\System32\drivers\watchdog.sys
0x02E00000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x02E09000 \SystemRoot\system32\drivers\rdpencdd.sys
0x0183E000 \SystemRoot\system32\drivers\rdprefmp.sys
0x01847000 \SystemRoot\System32\Drivers\Msfs.SYS
0x01852000 \SystemRoot\System32\Drivers\Npfs.SYS
0x01863000 \SystemRoot\system32\DRIVERS\tdx.sys
0x01885000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x01892000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x044A7000 \SystemRoot\system32\drivers\afd.sys
0x04530000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x0453D000 \SystemRoot\System32\DRIVERS\netbt.sys
0x04582000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x0458B000 \SystemRoot\system32\DRIVERS\pacer.sys
0x045B1000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x045C7000 \SystemRoot\system32\DRIVERS\netbios.sys
0x045D6000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x04400000 \SystemRoot\system32\DRIVERS\termdd.sys
0x04414000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x04465000 \SystemRoot\system32\drivers\nsiproxy.sys
0x04471000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x0447C000 \SystemRoot\System32\drivers\discache.sys
0x0168B000 \SystemRoot\System32\Drivers\dfsc.sys
0x0448B000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x04A7E000 \SystemRoot\System32\Drivers\aswSP.SYS
0x04ACF000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x0F218000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x0FE8E000 \SystemRoot\System32\Drivers\nvBridge.kmd
0x0FE90000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x0FF84000 \SystemRoot\System32\drivers\dxgmms1.sys
0x0FFCA000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x0FFEE000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x0F200000 \SystemRoot\system32\drivers\usbehci.sys
0x04AF5000 \SystemRoot\system32\drivers\USBPORT.SYS
0x04CC5000 \SystemRoot\system32\DRIVERS\athrx.sys
0x04F6B000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x04F78000 \SystemRoot\system32\DRIVERS\risdsnxc64.sys
0x04F96000 \SystemRoot\system32\DRIVERS\rimssne64.sys
0x04FB8000 \SystemRoot\system32\DRIVERS\1394ohci.sys
0x04C00000 \SystemRoot\system32\DRIVERS\nusb3xhc.sys
0x04C31000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x04C33000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x04C9A000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x04B4B000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x05289000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x053E6000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x053F5000 \SystemRoot\system32\DRIVERS\SFEP.sys
0x05200000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x05209000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x0521F000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x05224000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x05234000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x0524A000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x0526E000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x04B5A000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x04B89000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x04BA4000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x04BC5000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x0527A000 \SystemRoot\system32\DRIVERS\swenum.sys
0x04A00000 \SystemRoot\system32\DRIVERS\ks.sys
0x04A43000 \SystemRoot\system32\DRIVERS\umbus.sys
0x0588E000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x058E8000 \SystemRoot\system32\DRIVERS\nusb3hub.sys
0x05901000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x05916000 \SystemRoot\system32\drivers\nvhda64v.sys
0x05943000 \SystemRoot\system32\drivers\portcls.sys
0x05980000 \SystemRoot\system32\drivers\drmk.sys
0x059A2000 \SystemRoot\system32\drivers\ksthunk.sys
0x06A55000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x06CF1000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x06D0E000 \SystemRoot\System32\Drivers\usbvideo.sys
0x06D3C000 \SystemRoot\system32\DRIVERS\ArcSoftKsUFilter.sys
0x06E82000 \SystemRoot\system32\DRIVERS\btwampfl.sys
0x07172000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x0717B000 \SystemRoot\System32\Drivers\BTHUSB.sys
0x06D46000 \SystemRoot\System32\Drivers\bthport.sys
0x000E0000 \SystemRoot\System32\win32k.sys
0x07193000 \SystemRoot\System32\drivers\Dxapi.sys
0x0719F000 \SystemRoot\System32\Drivers\crashdmp.sys
0x02E12000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x071AD000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x071C0000 \SystemRoot\system32\DRIVERS\rfcomm.sys
0x071EC000 \SystemRoot\system32\drivers\BthEnum.sys
0x06E00000 \SystemRoot\system32\DRIVERS\bthpan.sys
0x05800000 \SystemRoot\system32\DRIVERS\btwavdt.sys
0x02020000 \SystemRoot\system32\drivers\btwaudio.sys
0x020B5000 \SystemRoot\system32\DRIVERS\btwl2cap.sys
0x020C3000 \SystemRoot\system32\DRIVERS\btwrchid.sys
0x020C7000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x020E0000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00450000 \SystemRoot\System32\TSDDD.dll
0x006F0000 \SystemRoot\System32\cdd.dll
0x020EE000 \SystemRoot\system32\drivers\luafv.sys
0x02111000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0x0214D000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0x02156000 \SystemRoot\system32\drivers\WudfPf.sys
0x02177000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x0218C000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x021DF000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x02000000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x0B879000 \SystemRoot\system32\drivers\HTTP.sys
0x0B942000 \SystemRoot\system32\DRIVERS\bowser.sys
0x0B960000 \SystemRoot\System32\drivers\mpsdrv.sys
0x0B978000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x0B9A5000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x0B800000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x0B824000 \??\C:\Windows\system32\drivers\regi.sys
0x0BE25000 \SystemRoot\system32\drivers\peauth.sys
0x0BECB000 \SystemRoot\System32\Drivers\secdrv.SYS
0x0BED6000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x0BF07000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0BF19000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0C2A7000 \SystemRoot\System32\DRIVERS\srv.sys
0x0C33F000 \SystemRoot\system32\drivers\spsys.sys
0x77090000 \Windows\System32\ntdll.dll
0x47BA0000 \Windows\System32\smss.exe
0xFF3B0000 \Windows\System32\apisetschema.dll
0xFFAA0000 \Windows\System32\autochk.exe
0xFF390000 \Windows\System32\nsi.dll
0xFF370000 \Windows\System32\imagehlp.dll
0x76F40000 \Windows\System32\urlmon.dll
0xFF190000 \Windows\System32\setupapi.dll
0xFF080000 \Windows\System32\msctf.dll
0xFEFA0000 \Windows\System32\oleaut32.dll
0xFED90000 \Windows\System32\ole32.dll
0x76E20000 \Windows\System32\kernel32.dll
0xFED10000 \Windows\System32\difxapi.dll
0xFEBE0000 \Windows\System32\rpcrt4.dll
0xFEB80000 \Windows\System32\Wldap32.dll
0xFEAE0000 \Windows\System32\clbcatq.dll
0xFEAC0000 \Windows\System32\sechost.dll
0x77260000 \Windows\System32\normaliz.dll
0xFDD30000 \Windows\System32\shell32.dll
0xFDC50000 \Windows\System32\advapi32.dll
0xFDC20000 \Windows\System32\imm32.dll
0xFDBA0000 \Windows\System32\shlwapi.dll
0xFDB50000 \Windows\System32\ws2_32.dll
0xFDAB0000 \Windows\System32\comdlg32.dll
0x76CC0000 \Windows\System32\wininet.dll
0xFDA10000 \Windows\System32\msvcrt.dll
0x76AB0000 \Windows\System32\iertutil.dll
0xFD9A0000 \Windows\System32\gdi32.dll
0x77250000 \Windows\System32\psapi.dll
0xFD990000 \Windows\System32\lpk.dll
0x769B0000 \Windows\System32\user32.dll
0xFD8C0000 \Windows\System32\usp10.dll
0xFD750000 \Windows\System32\crypt32.dll
0xFD730000 \Windows\System32\devobj.dll
0xFD6F0000 \Windows\System32\wintrust.dll
0xFD6B0000 \Windows\System32\cfgmgr32.dll
0xFD640000 \Windows\System32\KernelBase.dll
0xFD5A0000 \Windows\System32\comctl32.dll
0xFD590000 \Windows\System32\msasn1.dll
0x75120000 \Windows\SysWOW64\normaliz.dll

Processes (total 90):
0 System Idle Process
4 System
392 C:\Windows\System32\smss.exe
572 csrss.exe
656 C:\Windows\System32\wininit.exe
676 csrss.exe
724 C:\Windows\System32\services.exe
732 C:\Windows\System32\lsass.exe
740 C:\Windows\System32\lsm.exe
848 C:\Windows\System32\svchost.exe
944 C:\Windows\System32\nvvsvc.exe
984 C:\Windows\System32\svchost.exe
1020 C:\Windows\System32\winlogon.exe
504 C:\Windows\System32\svchost.exe
832 C:\Windows\System32\svchost.exe
1036 C:\Windows\System32\svchost.exe
1064 C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
1140 C:\Windows\System32\audiodg.exe
1192 C:\Windows\System32\svchost.exe
1280 C:\Windows\System32\svchost.exe
1424 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
1436 C:\Windows\System32\nvvsvc.exe
1548 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
1556 C:\Windows\System32\wlanext.exe
1564 C:\Windows\System32\conhost.exe
1736 C:\Windows\System32\dwm.exe
1760 C:\Windows\explorer.exe
1940 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1948 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
1212 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
1528 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
704 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
1752 C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
1808 C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
1908 C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
2284 C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
2292 C:\Program Files\AVAST Software\Avast\AvastUI.exe
2432 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2440 C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
2588 dllhost.exe
2636 C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
2992 C:\Windows\System32\spoolsv.exe
3008 taskeng.exe
1184 C:\Windows\System32\svchost.exe
2368 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
1088 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
2692 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
2836 C:\Windows\System32\svchost.exe
2736 C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
3152 C:\Windows\System32\taskhost.exe
3196 C:\Windows\System32\taskeng.exe
3236 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
3296 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
3324 C:\Windows\System32\svchost.exe
3356 C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
3496 C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
3504 C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
3576 dllhost.exe
3924 dllhost.exe
2896 C:\Windows\System32\svchost.exe
3016 C:\Windows\System32\SearchIndexer.exe
2912 WmiPrvSE.exe
4640 C:\Program Files\Windows Media Player\wmpnetwk.exe
4848 C:\Windows\System32\svchost.exe
4296 C:\Windows\SysWOW64\rundll32.exe
4720 C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
4908 C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
4888 C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
4524 C:\Windows\System32\SearchProtocolHost.exe
5160 C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
5628 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
6040 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
148 C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
4760 WmiPrvSE.exe
5996 C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
6080 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
4340 C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
1412 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
892 C:\Program Files\Sony\VAIO Care\VCPerfService.exe
5400 C:\Program Files\Sony\VAIO Care\listener.exe
5220 C:\Windows\System32\sppsvc.exe
4584 C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
3392 C:\Program Files\Sony\VAIO Power Management\SPMService.exe
1980 C:\Windows\System32\svchost.exe
5964 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
1164 taskhost.exe
1776 C:\Users\Sumit\Desktop\MBRCheck.exe
5512 C:\Windows\System32\SearchFilterHost.exe
5428 C:\Windows\System32\conhost.exe
5312 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000004`0bc00000 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS545050B9SA00, Rev: PB4OC60X

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 MBR Code Faked!
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79

Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!
=============================================

As for the re-directs, I mainly use Firefox. I do use Chrome every now and then, and the problem is on both browser. I will search high and low for a Windows 7 disk.

Gabethebabe · 01-02-2012, 07:53 AM

Lets see if mbrcheck can fix the problem.

Warning - the fix below will overwrite your infected Master Boot Record (MBR) with a clean standard MBR. If you had a non-standard MBR, e.g. some computer brands like Dell sometimes alter the MBR to enable a startup option to revert to factory settings or you have something like GRUB installed, you will lose this functionality when the standard MBR is written. Do not proceed if you had a non-standard MBR and wish to maintain that functionality. Also note that overwriting the MBR is usually problemless, but it doesn´t hurt to have good backups available in case things go wrong.

Doubleclick MBRCheck.exe to run it
Choose Y for more options, 2 for restoring the MBR and 0 for the physical disk number
From the list of MBRs, choose the one that corresponds with your operating system
Choose Y when asked for confirmation
The MBR will be written and the black window will show a report
Left click the title bar of the black window and choose Edit > Select All
Hit enter to copy the highlighted contents and paste it into your next reply.

SGicz · 01-02-2012, 10:37 AM

The information in the black box is the same as a log it generated:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Sony Corporation
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: Sony Corporation
System Product Name: VPCF2290S
Logical Drives Mask: 0x00000014

Kernel Drivers (total 203):
0x02E65000 \SystemRoot\system32\ntoskrnl.exe
0x02E1C000 \SystemRoot\system32\hal.dll
0x00BBA000 \SystemRoot\system32\kdcom.dll
0x00C19000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00C68000 \SystemRoot\system32\PSHED.dll
0x00C7C000 \SystemRoot\system32\CLFS.SYS
0x00CDA000 \SystemRoot\system32\CI.dll
0x00EFB000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F9F000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00E00000 \SystemRoot\system32\drivers\ACPI.sys
0x00E57000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00E60000 \SystemRoot\system32\drivers\msisadrv.sys
0x00E6A000 \SystemRoot\system32\drivers\pci.sys
0x00E9D000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00EAA000 \SystemRoot\System32\drivers\partmgr.sys
0x00EBF000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00EC8000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00ED4000 \SystemRoot\system32\drivers\volmgr.sys
0x00D9A000 \SystemRoot\System32\drivers\volmgrx.sys
0x00FAE000 \SystemRoot\System32\drivers\mountmgr.sys
0x0101D000 \SystemRoot\system32\drivers\iaStor.sys
0x01171000 \SystemRoot\system32\drivers\amdxata.sys
0x0117C000 \SystemRoot\system32\drivers\fltmgr.sys
0x011C8000 \SystemRoot\system32\drivers\fileinfo.sys
0x011DC000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x0121B000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01427000 \SystemRoot\System32\Drivers\msrpc.sys
0x01485000 \SystemRoot\System32\Drivers\ksecdd.sys
0x014A0000 \SystemRoot\System32\Drivers\cng.sys
0x01512000 \SystemRoot\System32\drivers\pcw.sys
0x01523000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x016D9000 \SystemRoot\system32\drivers\ndis.sys
0x01600000 \SystemRoot\system32\drivers\NETIO.SYS
0x01660000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x018AC000 \SystemRoot\System32\drivers\tcpip.sys
0x01AB0000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01AFA000 \SystemRoot\system32\drivers\volsnap.sys
0x01B46000 \SystemRoot\System32\Drivers\spldr.sys
0x01B4E000 \SystemRoot\System32\drivers\rdyboost.sys
0x01B88000 \SystemRoot\System32\Drivers\mup.sys
0x01B9A000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01BA3000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01BDD000 \SystemRoot\system32\drivers\disk.sys
0x01800000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x043BA000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x0152D000 \SystemRoot\System32\Drivers\aswSnx.SYS
0x043E4000 \SystemRoot\System32\Drivers\Null.SYS
0x043ED000 \SystemRoot\System32\Drivers\Beep.SYS
0x04200000 \SystemRoot\System32\drivers\vga.sys
0x0420E000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x04233000 \SystemRoot\System32\drivers\watchdog.sys
0x04243000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x043F4000 \SystemRoot\system32\drivers\rdpencdd.sys
0x0183E000 \SystemRoot\system32\drivers\rdprefmp.sys
0x01847000 \SystemRoot\System32\Drivers\Msfs.SYS
0x01852000 \SystemRoot\System32\Drivers\Npfs.SYS
0x01863000 \SystemRoot\system32\DRIVERS\tdx.sys
0x01885000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x01892000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x02EFA000 \SystemRoot\system32\drivers\afd.sys
0x02F83000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x02F90000 \SystemRoot\System32\DRIVERS\netbt.sys
0x02FD5000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x02E00000 \SystemRoot\system32\DRIVERS\pacer.sys
0x02E26000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x02E3C000 \SystemRoot\system32\DRIVERS\netbios.sys
0x02E4B000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x02E66000 \SystemRoot\system32\DRIVERS\termdd.sys
0x02E7A000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x02ECB000 \SystemRoot\system32\drivers\nsiproxy.sys
0x02ED7000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x02EE2000 \SystemRoot\System32\drivers\discache.sys
0x02FDE000 \SystemRoot\System32\Drivers\dfsc.sys
0x0168B000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x04601000 \SystemRoot\System32\Drivers\aswSP.SYS
0x04652000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x0F23B000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x0FEB1000 \SystemRoot\System32\Drivers\nvBridge.kmd
0x0FEB3000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x0FFA7000 \SystemRoot\System32\drivers\dxgmms1.sys
0x0F200000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x0F224000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x0FFED000 \SystemRoot\system32\drivers\usbehci.sys
0x04678000 \SystemRoot\system32\drivers\USBPORT.SYS
0x04CEA000 \SystemRoot\system32\DRIVERS\athrx.sys
0x04F90000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x04F9D000 \SystemRoot\system32\DRIVERS\risdsnxc64.sys
0x04FBB000 \SystemRoot\system32\DRIVERS\rimssne64.sys
0x04C00000 \SystemRoot\system32\DRIVERS\1394ohci.sys
0x04C3E000 \SystemRoot\system32\DRIVERS\nusb3xhc.sys
0x04C6F000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x04C71000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x04FDD000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x04CD8000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x0548A000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x055E7000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x055F6000 \SystemRoot\system32\DRIVERS\SFEP.sys
0x05400000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x05409000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x0541F000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x05424000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x05434000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x0544A000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x0546E000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x046CE000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x046FD000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x04718000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x04739000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x0547A000 \SystemRoot\system32\DRIVERS\swenum.sys
0x04753000 \SystemRoot\system32\DRIVERS\ks.sys
0x04796000 \SystemRoot\system32\DRIVERS\umbus.sys
0x058CD000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x05927000 \SystemRoot\system32\DRIVERS\nusb3hub.sys
0x05940000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x05955000 \SystemRoot\system32\drivers\nvhda64v.sys
0x05982000 \SystemRoot\system32\drivers\portcls.sys
0x059BF000 \SystemRoot\system32\drivers\drmk.sys
0x059E1000 \SystemRoot\system32\drivers\ksthunk.sys
0x06A2E000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x00040000 \SystemRoot\System32\win32k.sys
0x06CCA000 \SystemRoot\System32\drivers\Dxapi.sys
0x06CD6000 \SystemRoot\System32\Drivers\crashdmp.sys
0x0424C000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x06CE4000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x06CF7000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00550000 \SystemRoot\System32\TSDDD.dll
0x00630000 \SystemRoot\System32\cdd.dll
0x06D05000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x06D22000 \SystemRoot\System32\Drivers\usbvideo.sys
0x06D50000 \SystemRoot\system32\DRIVERS\ArcSoftKsUFilter.sys
0x06E5B000 \SystemRoot\system32\DRIVERS\btwampfl.sys
0x0714B000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x07154000 \SystemRoot\System32\Drivers\BTHUSB.sys
0x0716C000 \SystemRoot\System32\Drivers\bthport.sys
0x06E00000 \SystemRoot\system32\DRIVERS\rfcomm.sys
0x06E2C000 \SystemRoot\system32\drivers\BthEnum.sys
0x06D5A000 \SystemRoot\system32\DRIVERS\bthpan.sys
0x06D7A000 \SystemRoot\system32\DRIVERS\btwavdt.sys
0x05800000 \SystemRoot\system32\drivers\btwaudio.sys
0x06E3C000 \SystemRoot\system32\DRIVERS\btwl2cap.sys
0x06E4A000 \SystemRoot\system32\DRIVERS\btwrchid.sys
0x06A00000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x05895000 \SystemRoot\system32\drivers\luafv.sys
0x047A8000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0x06E4E000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0x0169C000 \SystemRoot\system32\drivers\WudfPf.sys
0x06A19000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x05641000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x05694000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x056A7000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x056BF000 \SystemRoot\system32\drivers\HTTP.sys
0x05788000 \SystemRoot\system32\DRIVERS\bowser.sys
0x057A6000 \SystemRoot\System32\drivers\mpsdrv.sys
0x057BE000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x0AE95000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x0AEE3000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x0AF07000 \??\C:\Windows\system32\drivers\regi.sys
0x0AF0F000 \SystemRoot\system32\drivers\peauth.sys
0x0AFB5000 \SystemRoot\System32\Drivers\secdrv.SYS
0x0AFC0000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x0AE00000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0AE12000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0B6FE000 \SystemRoot\System32\DRIVERS\srv.sys
0x77180000 \Windows\System32\ntdll.dll
0x47D80000 \Windows\System32\smss.exe
0xFF4A0000 \Windows\System32\apisetschema.dll
0xFF520000 \Windows\System32\autochk.exe
0xFF380000 \Windows\System32\msctf.dll
0x77020000 \Windows\System32\wininet.dll
0xFF2B0000 \Windows\System32\usp10.dll
0xFF290000 \Windows\System32\sechost.dll
0xFF1B0000 \Windows\System32\advapi32.dll
0xFF140000 \Windows\System32\gdi32.dll
0x77350000 \Windows\System32\normaliz.dll
0xFF010000 \Windows\System32\rpcrt4.dll
0xFE280000 \Windows\System32\shell32.dll
0xFE070000 \Windows\System32\ole32.dll
0xFDFD0000 \Windows\System32\clbcatq.dll
0xFDDF0000 \Windows\System32\setupapi.dll
0xFDD70000 \Windows\System32\difxapi.dll
0xFDD10000 \Windows\System32\Wldap32.dll
0x76F00000 \Windows\System32\kernel32.dll
0xFDD00000 \Windows\System32\lpk.dll
0x76E00000 \Windows\System32\user32.dll
0x77340000 \Windows\System32\psapi.dll
0x76BF0000 \Windows\System32\iertutil.dll
0xFDC20000 \Windows\System32\oleaut32.dll
0xFDC00000 \Windows\System32\imagehlp.dll
0xFDB80000 \Windows\System32\shlwapi.dll
0xFDAE0000 \Windows\System32\comdlg32.dll
0xFDAB0000 \Windows\System32\imm32.dll
0xFDA10000 \Windows\System32\msvcrt.dll
0xFDA00000 \Windows\System32\nsi.dll
0xFD9B0000 \Windows\System32\ws2_32.dll
0x76AA0000 \Windows\System32\urlmon.dll
0xFD910000 \Windows\System32\comctl32.dll
0xFD8D0000 \Windows\System32\wintrust.dll
0xFD8B0000 \Windows\System32\devobj.dll
0xFD840000 \Windows\System32\KernelBase.dll
0xFD6D0000 \Windows\System32\crypt32.dll
0xFD690000 \Windows\System32\cfgmgr32.dll
0xFD680000 \Windows\System32\msasn1.dll
0x77330000 \Windows\SysWOW64\normaliz.dll

Processes (total 92):
0 System Idle Process
4 System
392 C:\Windows\System32\smss.exe
556 csrss.exe
632 C:\Windows\System32\wininit.exe
652 csrss.exe
700 C:\Windows\System32\services.exe
712 C:\Windows\System32\lsass.exe
724 C:\Windows\System32\lsm.exe
856 C:\Windows\System32\svchost.exe
912 C:\Windows\System32\winlogon.exe
968 C:\Windows\System32\nvvsvc.exe
1008 C:\Windows\System32\svchost.exe
708 C:\Windows\System32\svchost.exe
452 C:\Windows\System32\svchost.exe
1036 C:\Windows\System32\svchost.exe
1064 C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
1208 C:\Windows\System32\svchost.exe
1292 C:\Windows\System32\svchost.exe
1396 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
1408 C:\Windows\System32\nvvsvc.exe
1524 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
1532 C:\Windows\System32\wlanext.exe
1540 C:\Windows\System32\conhost.exe
1736 C:\Windows\System32\dwm.exe
1764 C:\Windows\explorer.exe
1928 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1940 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
1328 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
2108 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
2116 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
2240 C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
2272 C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
2496 C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
2504 C:\Program Files\AVAST Software\Avast\AvastUI.exe
2536 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2588 dllhost.exe
2620 C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
2728 C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
1164 C:\Windows\System32\spoolsv.exe
2372 C:\Windows\System32\svchost.exe
2332 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
2456 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
2896 C:\Windows\System32\taskhost.exe
2936 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
2352 C:\Windows\System32\svchost.exe
3116 C:\Windows\System32\taskeng.exe
3204 C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
3224 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
3260 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
3316 C:\Windows\System32\svchost.exe
3404 C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
3504 C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
3512 C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
3844 dllhost.exe
3908 dllhost.exe
4056 WmiPrvSE.exe
1076 C:\Windows\System32\SearchIndexer.exe
4104 C:\Windows\System32\svchost.exe
4524 C:\Program Files\Windows Media Player\wmpnetwk.exe
4840 C:\Windows\System32\svchost.exe
3160 C:\Windows\SysWOW64\rundll32.exe
4456 C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
5176 C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
5256 C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
5716 C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
5408 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
4776 C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
4820 C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
4704 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
5064 C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
4648 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
2884 C:\Program Files\Sony\VAIO Care\VCPerfService.exe
5920 C:\Program Files\Sony\VAIO Care\listener.exe
4612 C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
5964 C:\Program Files\Sony\VAIO Power Management\SPMService.exe
2228 C:\Windows\System32\svchost.exe
5988 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
2012 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
828 C:\Windows\System32\wuauclt.exe
1484 C:\Windows\servicing\TrustedInstaller.exe
3172 C:\Program Files\Sony\VAIO Care\VCsystray.exe
3928 C:\Program Files\Sony\VAIO Care\VCService.exe
5432 C:\Program Files\Sony\VAIO Care\VCAgent.exe
4964 C:\Windows\System32\vds.exe
4932 C:\Windows\System32\audiodg.exe
1964 C:\Windows\System32\SearchProtocolHost.exe
3924 C:\Windows\System32\SearchFilterHost.exe
1836 C:\Users\Sumit\Desktop\MBRCheck.exe
5464 C:\Windows\System32\conhost.exe
5444 C:\Program Files (x86)\Real\RealPlayer\realplay.exe
5044 C:\Program Files (x86)\Real\RealPlayer\realplay.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000004`0bc00000 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS545050B9SA00, Rev: PB4OC60X

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 MBR Code Faked!
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79

Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.

Enter your choice: Enter the physical disk number to fix (0-99, -1 to cancel): 0Available MBR codes:
[ 0] Default (Windows 7)
[ 1] Windows XP
[ 2] Windows Server 2003
[ 3] Windows Vista
[ 4] Windows 2008
[ 5] Windows 7
[-1] Cancel

Please select the MBR code to write to this drive: 5
Do you want to fix the MBR code? Type 'YES' and hit ENTER to continue: yes
Successfully wrote new MBR code!
Please reboot your computer to complete the fix.

Done!

Gabethebabe · 01-02-2012, 10:39 AM

OK, can you now rerun mbrcheck (only the report, no fixing) to see if it still shows the same problem?