Navigate to a folder, where Windows is actually installed.
In most cases, it'd be C:\Windows
Printable View
Navigate to a folder, where Windows is actually installed.
In most cases, it'd be C:\Windows
When i run OTL, should i include all the Custom info you posted in the previous post when you first instructed me to run OTL or should i ONLY run it without it?
No custom script needed.
One thing for sure, the "progress" at the bottom of that window is going lightening speed compared to what it WAS doing. This is DEFINITELY working. Not sure how long it will take, but probably not 12 hours!
As I told you before, I don't feel like we're dealing here with any infection.
I'll know more, when I'll get that log.
Since the process goes fine while booted from the CD, you may have either Windows installation problem, or hard drive issue, since neither is involved while booting from the CD.
Tried twice to post this... maybe it is too long so i will split it in half.
OTL logfile created on: 6/3/2011 11:48:00 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium (Version = 6.1.7600) - Type = System
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = K: | %SystemRoot% = K:\Windows | %ProgramFiles% = K:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 75.87 Mb Free Space | 75.87% Space Free | Partition Type: NTFS
Drive D: | 931.50 Gb Total Space | 293.53 Gb Free Space | 31.51% Space Free | Partition Type: NTFS
Drive E: | 243.49 Mb Total Space | 137.96 Mb Free Space | 56.66% Space Free | Partition Type: FAT
Drive K: | 683.54 Gb Total Space | 462.76 Gb Free Space | 67.70% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010/11/11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand] -- K:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010/11/11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto] -- K:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/06/29 13:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto] -- K:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2009/11/23 14:53:58 | 000,127,784 | ---- | M] (Wacom Technology, Corp.) [Auto] -- K:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV:64bit: - [2009/11/23 14:53:54 | 005,556,520 | ---- | M] (Wacom Technology, Corp.) [Auto] -- K:\Windows\System32\Pen_Tablet.exe -- (TabletServicePen)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- K:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/03 22:47:12 | 000,240,160 | ---- | M] (Acer) [Auto] -- K:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2011/05/17 20:20:35 | 003,275,864 | ---- | M] () [Auto] -- K:\Program Files (x86)\Common Files\Akamai\netsession_win_8832f4b.dll -- (Akamai)
SRV - [2011/04/18 05:41:17 | 001,181,328 | ---- | M] (Lavasoft) [Auto] -- K:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/04/15 05:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) [Auto] -- K:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/01/28 13:50:42 | 002,437,536 | ---- | M] (Neevia Technology) [On_Demand] -- K:\Program Files (x86)\neevia.com\docuPrinterPro\neeviaDP6.lib -- (NVDPservice)
SRV - [2010/12/12 10:19:57 | 003,246,040 | ---- | M] (Acronis) [Auto] -- K:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2010/12/06 04:58:36 | 001,112,240 | ---- | M] (Acronis) [Auto] -- K:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010/03/11 13:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto] -- K:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- K:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/10/13 15:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- K:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2009/09/30 23:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto] -- K:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009/09/30 23:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto] -- K:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009/09/10 09:42:46 | 000,305,448 | ---- | M] () [On_Demand] -- K:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009/08/12 19:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) [Auto] -- K:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand] -- K:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/22 14:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand] -- K:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto] -- K:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/06/05 12:20:32 | 000,177,704 | ---- | M] () [Auto] -- K:\Windows\SysWOW64\PSIService.exe -- (ProtexisLicensing)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2010/12/12 10:20:00 | 000,285,280 | ---- | M] (Acronis) [File_System | On_Demand] -- K:\Windows\System32\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2010/12/12 10:19:55 | 001,263,200 | ---- | M] (Acronis) [Kernel | Boot] -- K:\Windows\System32\drivers\tdrpm273.sys -- (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273)
DRV:64bit: - [2010/12/12 10:19:53 | 000,970,336 | ---- | M] (Acronis) [Kernel | Boot] -- K:\Windows\System32\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2010/12/12 10:19:49 | 000,277,088 | ---- | M] (Acronis) [Kernel | Boot] -- K:\Windows\System32\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2010/10/24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- K:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010/03/27 20:00:48 | 000,083,488 | ---- | M] (Acronis) [File_System | Auto] -- K:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter)
DRV:64bit: - [2010/03/19 11:40:39 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot] -- K:\Windows\System32\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2010/02/22 12:53:27 | 000,121,280 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand] -- K:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2010/02/17 14:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- K:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2010/02/17 14:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- K:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2009/10/29 04:14:38 | 000,115,824 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot] -- K:\Windows\System32\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009/10/07 20:37:48 | 007,749,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- K:\Windows\System32\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/09/25 19:42:58 | 000,233,984 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- K:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2009/09/23 05:11:04 | 000,283,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- K:\Windows\System32\drivers\e1k62x64.sys -- (e1kexpress) Intel(R)
DRV:64bit: - [2009/09/17 00:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- K:\Windows\System32\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/08/27 14:06:34 | 000,018,216 | ---- | M] (Wacom Technology) [Kernel | On_Demand] -- K:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2009/07/17 16:14:50 | 000,095,744 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand] -- K:\Windows\System32\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2009/06/19 18:56:08 | 000,712,704 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand] -- K:\Windows\System32\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009/06/11 01:34:38 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- K:\Windows\System32\drivers\agrsm64.sys -- (AGERESoftModem)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- K:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- K:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- K:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- K:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/02 07:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System] -- K:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/02 07:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System] -- K:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/02 07:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System] -- K:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/20 10:54:06 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand] -- K:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2007/02/16 09:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand] -- K:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2010/02/22 12:53:27 | 000,121,280 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand] -- K:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=...5v145w4941u445
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\user_ON_K\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKU\user_ON_K\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Reg Error: Key error. File not found
IE - HKU\user_ON_K\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\user_ON_K\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
[2011/02/11 23:27:24 | 000,000,000 | ---D | M] (No name found) -- K:\Program Files (x86)\Mozilla Firefox\extensions
[2011/02/11 23:27:24 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- K:\Program Files (x86)\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
O1 HOSTS File: ([2011/06/02 09:59:58 | 000,000,027 | ---- | M]) - K:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - K:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - K:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - K:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - K:\Program Files (x86)\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - K:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - K:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - K:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - K:\Program Files (x86)\WOT\WOT.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - K:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - K:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - K:\Program Files (x86)\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - K:\Program Files (x86)\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Barre d'outils) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - K:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3:64bit: - HKU\user_ON_K\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - K:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\user_ON_K\..\Toolbar\WebBrowser: (Softonic-Eng7 Toolbar) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - K:\Program Files (x86)\Softonic-Eng7\tbSoft.dll (Conduit Ltd.)
O3 - HKU\user_ON_K\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - K:\Program Files (x86)\WOT\WOT.dll ()
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] K:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [IAAnotif] K:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] K:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] K:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] K:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] K:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BackupManagerTray] K:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [Corel File Shell Monitor] K:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ()
O4 - HKLM..\Run: [EgisTecLiveUpdate] K:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Hotkey Utility] K:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [JMB36X IDE Setup] K:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [PDVD8LanguageShortcut] K:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl8] K:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SAOB Monitor] K:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [Standby] K:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe (Corel)
O4 - HKLM..\Run: [TrueImageMonitor.exe] K:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKU\user_ON_K..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] K:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\user_ON_K..\Run: [Corel Photo Downloader] K:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)
O4 - HKU\user_ON_K..\Run: [Jing] K:\Program Files (x86)\TechSmith\Jing\Jing.exe (TechSmith Corporation)
O4 - HKU\user_ON_K..\Run: [Messenger (Yahoo!)] K:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\user_ON_K..\Run: [NoteZilla] K:\Program Files (x86)\Conceptworld\NoteZilla\NoteZilla.exe (Conceptworld Corporation)
O4 - HKU\user_ON_K..\Run: [SUPERAntiSpyware] K:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: Error locating startup folders.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\user_ON_K\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - K:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - K:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - K:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - K:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - K:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanage...ex-2.2.5.4.cab (DLM Control)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com/...?1269960903891 (MUCatalogWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {C7DEDA04-2FFF-4B81-AE66-0A0E0EF4AD2F} http://persnicketyprints.lifepics.co...Uploader57.cab (Image Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - K:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - K:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - K:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/04/04 21:01:02 | 000,000,016 | -H-- | M] () - E:\AUTORUN.INF -- [ FAT ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Second part:
========== Files/Folders - Created Within 30 Days ==========
[2011/06/03 03:38:40 | 000,580,096 | ---- | C] (OldTimer Tools) -- K:\Users\user\Desktop\OTL.exe
[2011/06/02 23:00:34 | 000,589,632 | ---- | C] (AVAST Software) -- K:\Users\user\Desktop\aswMBR.exe
[2011/06/02 22:52:47 | 000,000,000 | R--D | C] -- K:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
[2011/06/02 21:16:38 | 000,000,000 | -HSD | C] -- K:\$RECYCLE.BIN
[2011/06/02 20:03:57 | 000,000,000 | ---D | C] -- K:\Users\user\AppData\Roaming\SUPERAntiSpyware.com
[2011/06/02 20:03:57 | 000,000,000 | ---D | C] -- K:\ProgramData\SUPERAntiSpyware.com
[2011/06/02 19:55:33 | 000,000,000 | ---D | C] -- K:\ProgramData\!SASCORE
[2011/06/02 19:55:08 | 000,000,000 | ---D | C] -- K:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/06/02 19:50:27 | 000,000,000 | ---D | C] -- K:\Program Files\SUPERAntiSpyware
[2011/06/02 19:49:29 | 011,008,200 | ---- | C] (SUPERAntiSpyware.com) -- K:\Users\user\Desktop\SUPERAntiSpyware.exe
[2011/06/02 11:51:33 | 000,000,000 | ---D | C] -- K:\Windows\temp
[2011/06/01 02:14:27 | 000,518,144 | ---- | C] (SteelWerX) -- K:\Windows\SWREG.exe
[2011/06/01 02:14:27 | 000,406,528 | ---- | C] (SteelWerX) -- K:\Windows\SWSC.exe
[2011/06/01 02:14:27 | 000,060,416 | ---- | C] (NirSoft) -- K:\Windows\NIRCMD.exe
[2011/05/31 21:59:14 | 000,000,000 | ---D | C] -- K:\Qoobox
[2011/05/31 21:42:13 | 004,109,019 | R--- | C] (Swearware) -- K:\Users\user\Desktop\ComboFix.exe
[2011/05/31 19:41:01 | 000,606,738 | R--- | C] (Swearware) -- K:\Users\user\Desktop\dds.scr
[2011/05/30 19:13:49 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- K:\Users\user\Desktop\scanner1.exe
[2011/05/29 21:17:30 | 000,000,000 | ---D | C] -- K:\Users\user\AppData\Roaming\Atari
[2011/05/28 13:29:14 | 000,000,000 | ---D | C] -- K:\Users\user\AppData\Roaming\Leadertech
[2011/05/28 13:29:12 | 000,000,000 | ---D | C] -- K:\Users\user\Documents\RCT3
[2011/05/28 13:29:10 | 000,000,000 | ---D | C] -- K:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
[2011/05/28 13:18:23 | 000,000,000 | ---D | C] -- K:\Program Files (x86)\Atari
[2011/05/28 09:21:02 | 000,000,000 | ---D | C] -- K:\Users\user\Documents\Wondershare DVD Slideshow Builder Standard
[2011/05/28 09:21:02 | 000,000,000 | ---D | C] -- K:\ProgramData\Wondershare
[2011/05/28 09:20:38 | 000,000,000 | ---D | C] -- K:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
[2011/05/28 09:20:05 | 000,000,000 | ---D | C] -- K:\Program Files (x86)\Wondershare
[2011/05/21 15:19:20 | 000,000,000 | ---D | C] -- K:\Program Files (x86)\TeamViewer
[2011/05/21 15:09:22 | 000,000,000 | ---D | C] -- K:\Users\user\AppData\Roaming\TeamViewer
[2011/05/18 18:49:04 | 000,142,336 | ---- | C] (Microsoft Corporation) -- K:\Windows\System32\poqexec.exe
[2011/05/18 18:49:04 | 000,123,904 | ---- | C] (Microsoft Corporation) -- K:\Windows\SysWow64\poqexec.exe
[2011/05/11 06:01:32 | 005,509,504 | ---- | C] (Microsoft Corporation) -- K:\Windows\System32\ntoskrnl.exe
[2011/05/11 06:01:31 | 003,957,632 | ---- | C] (Microsoft Corporation) -- K:\Windows\SysWow64\ntkrnlpa.exe
[2011/05/11 06:01:29 | 003,901,824 | ---- | C] (Microsoft Corporation) -- K:\Windows\SysWow64\ntoskrnl.exe
[2011/05/09 20:45:52 | 000,000,000 | ---D | C] -- K:\Users\user\AppData\Roaming\Ulead Systems
[2011/05/09 20:45:50 | 000,000,000 | ---D | C] -- K:\Users\user\Documents\Corel PaintShop Pro
[2011/05/09 20:45:50 | 000,000,000 | ---D | C] -- K:\Users\user\AppData\Local\Corel PaintShop Pro
[2011/05/09 20:44:44 | 000,000,000 | ---D | C] -- K:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X4
[2010/03/19 11:15:39 | 000,082,816 | ---- | C] (VSO Software) -- K:\Users\user\AppData\Roaming\pcouffin.sys
========== Files - Modified Within 30 Days ==========
[2011/06/03 20:31:13 | 000,000,898 | ---- | M] () -- K:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/03 13:32:12 | 000,000,894 | ---- | M] () -- K:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/03 03:29:30 | 000,580,096 | ---- | M] (OldTimer Tools) -- K:\Users\user\Desktop\OTL.exe
[2011/06/02 23:10:40 | 000,009,920 | -H-- | M] () -- K:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/02 23:10:37 | 000,009,920 | -H-- | M] () -- K:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/02 22:52:25 | 000,065,536 | ---- | M] () -- K:\Windows\System32\Ikeext.etl
[2011/06/02 22:52:11 | 000,067,584 | --S- | M] () -- K:\Windows\bootstat.dat
[2011/06/02 22:52:02 | 3113,533,440 | -HS- | M] () -- K:\hiberfil.sys
[2011/06/02 22:45:48 | 000,589,632 | ---- | M] (AVAST Software) -- K:\Users\user\Desktop\aswMBR.exe
[2011/06/02 19:55:31 | 000,001,844 | ---- | M] () -- K:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/06/02 19:55:31 | 000,000,000 | ---D | M] -- K:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/06/02 19:43:34 | 011,008,200 | ---- | M] (SUPERAntiSpyware.com) -- K:\Users\user\Desktop\SUPERAntiSpyware.exe
[2011/06/02 09:59:58 | 000,000,027 | ---- | M] () -- K:\Windows\System32\drivers\etc\hosts
[2011/06/01 09:51:08 | 000,001,189 | ---- | M] () -- K:\Windows\System32\Pen_Tablet.dat
[2011/05/31 21:41:09 | 000,000,804 | ---- | M] () -- K:\Users\user\Desktop\ComboFix.exe - Shortcut (3).lnk
[2011/05/31 21:40:51 | 000,000,804 | ---- | M] () -- K:\Users\user\Desktop\ComboFix.exe - Shortcut (2).lnk
[2011/05/31 21:30:24 | 000,000,804 | ---- | M] () -- K:\Users\user\Desktop\ComboFix.exe - Shortcut.lnk
[2011/05/31 21:11:40 | 004,109,019 | R--- | M] (Swearware) -- K:\Users\user\Desktop\ComboFix.exe
[2011/05/31 20:44:51 | 000,625,390 | ---- | M] () -- K:\Windows\System32\perfh009.dat
[2011/05/31 20:44:51 | 000,112,280 | ---- | M] () -- K:\Windows\System32\perfc009.dat
[2011/05/30 19:37:40 | 000,000,000 | ---D | M] -- K:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/30 19:00:42 | 000,606,738 | R--- | M] (Swearware) -- K:\Users\user\Desktop\dds.scr
[2011/05/30 19:00:16 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- K:\Users\user\Desktop\scanner1.exe
[2011/05/30 19:00:10 | 000,080,384 | ---- | M] () -- K:\Users\user\Desktop\MBRCheck.exe
[2011/05/30 18:59:50 | 000,302,592 | ---- | M] () -- K:\Users\user\Desktop\my1f1yw0.exe
[2011/05/28 17:10:23 | 000,012,288 | ---- | M] () -- K:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/28 13:29:10 | 000,000,000 | ---D | M] -- K:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
[2011/05/28 09:20:38 | 000,000,000 | ---D | M] -- K:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
[2011/05/26 21:33:36 | 000,001,682 | -HS- | M] () -- K:\ProgramData\KGyGaAvL.sys
[2011/05/26 18:59:14 | 000,000,230 | ---- | M] () -- K:\Windows\wininit.ini
[2011/05/26 18:59:12 | 000,001,014 | ---- | M] () -- K:\Users\user\Desktop\Dropbox.lnk
[2011/05/26 18:59:12 | 000,000,994 | ---- | M] () -- K:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011/05/25 21:22:49 | 000,002,930 | -HS- | M] () -- K:\Windows\SysWow64\KGyGaAvL.sys
[2011/05/22 14:58:57 | 000,001,096 | ---- | M] () -- K:\Users\Public\Desktop\Ad-Aware.lnk
[2011/05/21 15:19:28 | 000,001,210 | ---- | M] () -- K:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk
[2011/05/21 15:19:28 | 000,001,198 | ---- | M] () -- K:\Users\Public\Desktop\TeamViewer 6.lnk
[2011/05/18 22:21:30 | 000,004,515 | ---- | M] () -- K:\Users\user\Documents\ChatLog Office Hours 2011_05_18 23_21.rtf
[2011/05/09 20:44:45 | 000,001,126 | ---- | M] () -- K:\Users\Public\Desktop\Corel PaintShop Pro X4.lnk
[2011/05/09 20:44:45 | 000,000,000 | ---D | M] -- K:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X4
========== Files Created - No Company Name ==========
[2011/06/02 19:55:31 | 000,001,844 | ---- | C] () -- K:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/06/01 02:14:27 | 000,256,512 | ---- | C] () -- K:\Windows\PEV.exe
[2011/06/01 02:14:27 | 000,208,896 | ---- | C] () -- K:\Windows\MBR.exe
[2011/06/01 02:14:27 | 000,098,816 | ---- | C] () -- K:\Windows\sed.exe
[2011/06/01 02:14:27 | 000,080,412 | ---- | C] () -- K:\Windows\grep.exe
[2011/06/01 02:14:27 | 000,068,096 | ---- | C] () -- K:\Windows\zip.exe
[2011/05/31 21:41:09 | 000,000,804 | ---- | C] () -- K:\Users\user\Desktop\ComboFix.exe - Shortcut (3).lnk
[2011/05/31 21:40:51 | 000,000,804 | ---- | C] () -- K:\Users\user\Desktop\ComboFix.exe - Shortcut (2).lnk
[2011/05/31 21:30:24 | 000,000,804 | ---- | C] () -- K:\Users\user\Desktop\ComboFix.exe - Shortcut.lnk
[2011/05/31 19:11:15 | 000,080,384 | ---- | C] () -- K:\Users\user\Desktop\MBRCheck.exe
[2011/05/31 16:51:24 | 000,302,592 | ---- | C] () -- K:\Users\user\Desktop\my1f1yw0.exe
[2011/05/22 14:58:57 | 000,001,096 | ---- | C] () -- K:\Users\Public\Desktop\Ad-Aware.lnk
[2011/05/21 15:19:28 | 000,001,210 | ---- | C] () -- K:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk
[2011/05/21 15:19:28 | 000,001,198 | ---- | C] () -- K:\Users\Public\Desktop\TeamViewer 6.lnk
[2011/05/18 22:21:30 | 000,004,515 | ---- | C] () -- K:\Users\user\Documents\ChatLog Office Hours 2011_05_18 23_21.rtf
[2011/05/09 20:44:45 | 000,001,126 | ---- | C] () -- K:\Users\Public\Desktop\Corel PaintShop Pro X4.lnk
[2011/04/27 08:57:21 | 000,000,020 | ---- | C] () -- K:\Users\user\AppData\Local\UACBrResultRetrieving.dat
[2011/03/04 17:58:10 | 000,103,936 | ---- | C] () -- K:\Windows\SysWow64\neeviaprtntwt64.dll
[2011/03/04 17:58:10 | 000,073,216 | ---- | C] () -- K:\Windows\SysWow64\neeviaprtntwt.dll
[2011/03/04 17:58:10 | 000,025,600 | ---- | C] () -- K:\Windows\SysWow64\unneeviaprt.exe
[2011/02/26 08:41:31 | 000,001,682 | -HS- | C] () -- K:\ProgramData\KGyGaAvL.sys
[2011/02/26 08:41:31 | 000,000,008 | RHS- | C] () -- K:\ProgramData\C649AF1A58.sys
[2011/02/11 23:27:32 | 000,000,000 | ---- | C] () -- K:\Windows\nsreg.dat
[2011/01/31 21:00:44 | 000,722,382 | ---- | C] () -- K:\Windows\SysWow64\PerfStringBackup.INI
[2011/01/15 22:49:52 | 000,000,056 | -H-- | C] () -- K:\ProgramData\ezsidmv.dat
[2011/01/09 16:05:01 | 000,002,930 | -HS- | C] () -- K:\Windows\SysWow64\KGyGaAvL.sys
[2010/12/14 20:40:32 | 000,000,036 | ---- | C] () -- K:\Users\user\AppData\Local\housecall.guid.cache
[2010/11/27 10:16:11 | 001,127,408 | ---- | C] () -- K:\Windows\goober Messenger Uninstaller.exe
[2010/08/31 11:25:23 | 000,000,326 | ---- | C] () -- K:\Users\user\AppData\Roaming\wklnhst.dat
[2010/06/27 09:46:49 | 000,001,536 | ---- | C] () -- K:\Windows\EyeCand3.INI
[2010/06/20 00:11:26 | 000,004,295 | ---- | C] () -- K:\Windows\jmgb_n16.ini
[2010/06/20 00:11:26 | 000,001,439 | ---- | C] () -- K:\Windows\ckcd-n24.ini
[2010/05/30 22:22:33 | 000,000,020 | ---- | C] () -- K:\Windows\TemplateWizard.INI
[2010/04/24 09:07:36 | 000,012,288 | ---- | C] () -- K:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/18 18:53:14 | 000,000,168 | RHS- | C] () -- K:\Windows\SysWow64\4158E6E4CB.sys
[2010/03/28 16:12:43 | 000,000,230 | ---- | C] () -- K:\Windows\wininit.ini
[2010/03/28 11:34:55 | 000,016,384 | ---- | C] () -- K:\Windows\SysWow64\FileOps.exe
[2010/03/19 11:33:11 | 000,000,376 | ---- | C] () -- K:\Windows\ODBC.INI
[2010/03/19 11:17:45 | 000,165,376 | ---- | C] () -- K:\Windows\SysWow64\unrar.dll
[2010/03/19 11:17:44 | 000,000,038 | ---- | C] () -- K:\Windows\avisplitter.ini
[2010/03/19 11:17:42 | 000,881,664 | ---- | C] () -- K:\Windows\SysWow64\xvidcore.dll
[2010/03/19 11:17:42 | 000,205,824 | ---- | C] () -- K:\Windows\SysWow64\xvidvfw.dll
[2010/03/19 11:17:41 | 000,085,504 | ---- | C] () -- K:\Windows\SysWow64\ff_vfw.dll
[2010/03/19 11:16:58 | 000,001,041 | ---- | C] () -- K:\Users\user\AppData\Roaming\vso_ts_preview.xml
[2010/03/19 11:15:39 | 000,007,859 | ---- | C] () -- K:\Users\user\AppData\Roaming\pcouffin.cat
[2010/03/19 11:15:39 | 000,001,167 | ---- | C] () -- K:\Users\user\AppData\Roaming\pcouffin.inf
[2010/03/19 11:14:52 | 000,000,043 | -HS- | C] () -- K:\ProgramData\.zreglib
[2009/12/01 18:14:22 | 000,874,032 | ---- | C] () -- K:\Windows\SysWow64\igkrng575.bin
[2009/12/01 18:14:22 | 000,208,896 | ---- | C] () -- K:\Windows\SysWow64\iglhsip32.dll
[2009/12/01 18:14:22 | 000,147,456 | ---- | C] () -- K:\Windows\SysWow64\iglhcp32.dll
[2009/12/01 18:14:20 | 000,049,712 | ---- | C] () -- K:\Windows\SysWow64\igfcg575m.bin
[2009/12/01 18:14:19 | 000,127,896 | ---- | C] () -- K:\Windows\SysWow64\igcompkrng575.bin
[2009/07/30 21:58:42 | 000,000,326 | ---- | C] () -- K:\Windows\primopdf.ini
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- K:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- K:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- K:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- K:\Windows\mib.bin
[2009/07/13 20:02:54 | 000,245,248 | ---- | C] () -- K:\Windows\SysWow64\DShowRdpFilter.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- K:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- K:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- K:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- K:\Windows\SysWow64\mlang.dat
[2007/06/05 12:20:32 | 000,177,704 | ---- | C] () -- K:\Windows\SysWow64\PSIService.exe
[2003/01/07 12:05:08 | 000,002,695 | ---- | C] () -- K:\Windows\SysWow64\OUTLPERF.INI
========== LOP Check ==========
[2011/06/02 19:55:33 | 000,000,000 | ---D | M] -- K:\ProgramData\!SASCORE
[2009/12/01 18:46:16 | 000,000,000 | ---D | M] -- K:\ProgramData\Acer
[2010/09/23 05:14:06 | 000,000,000 | ---D | M] -- K:\ProgramData\Acronis
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- K:\ProgramData\Application Data
[2011/05/03 22:04:18 | 000,000,000 | ---D | M] -- K:\ProgramData\Aviosoft
[2009/12/01 18:38:45 | 000,000,000 | ---D | M] -- K:\ProgramData\BackupManager
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- K:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- K:\ProgramData\Documents
[2009/12/01 19:04:02 | 000,000,000 | ---D | M] -- K:\ProgramData\EgisTec
[2009/12/01 19:02:07 | 000,000,000 | ---D | M] -- K:\ProgramData\eSobi
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- K:\ProgramData\Favorites
[2010/03/25 23:03:18 | 000,000,000 | ---D | M] -- K:\ProgramData\InterVideo
[2010/03/19 10:37:06 | 000,000,000 | ---D | M] -- K:\ProgramData\McQcModifier-5c47-a7b0
[2010/03/19 06:20:19 | 000,000,000 | ---D | M] -- K:\ProgramData\OEM
[2011/04/04 19:59:26 | 000,000,000 | ---D | M] -- K:\ProgramData\Panda Security
[2010/04/14 09:16:16 | 000,000,000 | ---D | M] -- K:\ProgramData\Partner
[2010/12/13 20:03:26 | 000,000,000 | ---D | M] -- K:\ProgramData\PearlMountainSoft
[2011/03/04 17:58:23 | 000,000,000 | ---D | M] -- K:\ProgramData\Program Files (x86)
[2011/03/08 20:31:28 | 000,000,000 | ---D | M] -- K:\ProgramData\regid.1986-12.com.adobe
[2010/03/19 11:14:01 | 000,000,000 | ---D | M] -- K:\ProgramData\SlySoft
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- K:\ProgramData\Start Menu
[2010/04/18 10:42:59 | 000,000,000 | ---D | M] -- K:\ProgramData\TechSmith
[2009/12/24 01:51:05 | 000,000,000 | ---D | M] -- K:\ProgramData\Temp
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- K:\ProgramData\Templates
[2010/04/05 10:23:51 | 000,000,000 | ---D | M] -- K:\ProgramData\Ulead Systems
[2010/03/27 21:04:04 | 000,000,000 | ---D | M] -- K:\ProgramData\WildTangent
[2011/05/28 09:21:02 | 000,000,000 | ---D | M] -- K:\ProgramData\Wondershare
[2010/10/31 16:48:48 | 000,000,000 | ---D | M] -- K:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010/03/19 11:38:42 | 000,000,000 | -H-D | M] -- K:\ProgramData\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
[2011/02/10 00:30:10 | 000,032,536 | ---- | M] () -- K:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
I see nothing malicious there, so....
In this forum, we make sure, your computer is free of malware and your computer is clean :)
Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
You'll get more attention.
Good luck!
So, although my computer is slow.. it is cleanly slow?
Oh, and any suggestions as how to revert to the pre- reatogo state? Just change the BIOS again?
You don't have to change anything.
Remove the CD and restart computer.
OK, thanks.
Sure thing :)