Code:
:OTL
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [WinampAgent] File not found
O4 - HKU\S-1-5-21-1983776509-132609297-3775980313-1000..\Run: [BitTorrent] C:\Program Files\BitTorrent\bittorrent.exe ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O33 - MountPoints2\{a9c4a371-f3a2-11df-bd73-001d92f57446}\Shell - "" = AutoRun
O33 - MountPoints2\{a9c4a371-f3a2-11df-bd73-001d92f57446}\Shell\AutoRun\command - "" = K:\Autorun_rlsmm.exe
O33 - MountPoints2\{a9c4a371-f3a2-11df-bd73-001d92f57446}\Shell\checker\command - "" = K:\TEST\CHECKER.exe
O33 - MountPoints2\{a9c4a371-f3a2-11df-bd73-001d92f57446}\Shell\dstest\command - "" = K:\TEST\DSTEST.exe
[2011/03/21 20:54:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\{870E601A-FE70-4098-94B2-6E9963FCAA51}
[2011/03/21 20:54:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2011/03/21 19:31:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/03/21 19:31:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/03/21 19:31:47 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/03/21 19:22:35 | 000,000,000 | ---D | C] -- C:\ProgramData\RegCure
[2011/03/21 19:16:00 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2011/03/19 19:41:40 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Roaming\ParetoLogic
[2011/03/19 19:41:40 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Roaming\DriverCure
[2011/03/19 19:41:29 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
[2011/03/19 19:41:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2011/03/19 19:41:21 | 000,000,000 | ---D | C] -- C:\Program Files\ParetoLogic
[2011/03/19 19:41:20 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2011/03/19 19:40:28 | 005,193,608 | ---- | C] (ParetoLogic Inc.) -- C:\Users\Justin\Documents\ParetoLogic PC Health Advisor.exe
[2011/03/19 17:15:05 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{2CACCC08-4937-447B-AB31-6A501E2DE91B}
[2011/02/22 01:02:19 | 011,708,760 | ---- | C] (Nullsoft, Inc.) -- C:\Users\Justin\Documents\winamp5601_full_emusic-7plus_en-us.exe
[2009/07/13 18:24:44 | 000,361,472 | ---- | C] (Fujitsu Takamisawa Component Limited) -- C:\Users\Justin\AppData\Local\ahafuyip.dll_old.old
[2011/03/22 18:00:01 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2011/03/21 17:21:49 | 000,000,120 | ---- | M] () -- C:\Users\Justin\AppData\Local\Fmitanahifureqi.dat
[2011/03/21 13:45:59 | 000,012,136 | -HS- | M] () -- C:\ProgramData\02gx6r2l0370v70bm00a6ixv8r8l63551ywf7757812x05i
[2011/03/21 12:17:41 | 000,000,042 | ---- | M] () -- C:\Windows\System32\scud.udf
2011/03/19 19:52:59 | 000,000,420 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2011/03/19 19:52:59 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\PC Health Advisor Defrag.job
[2011/03/19 19:52:59 | 000,000,360 | ---- | M] () -- C:\Windows\tasks\PC Health Advisor.job
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:63238B95
@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:68F4226F
:Files
ipconfig /flushdns /c
C:\Program Files\BitTorrent
:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe"=-
:Commands
[Purity]
[ResetHosts]
[EmptyFlash]
[EmptyTemp]
[CreateRestorePoint]
[Reboot]