Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Slow running laptop. Freezes in high video games. In process mgr, many

Started by karonita , Jul 05 2011 09:49 PM

  • This topic is locked This topic is locked

#1
karonita
Posted 05 July 2011 - 09:49 PM

karonita

    Member

  • Member
  • PipPip
  • 50 posts
Slow running laptop. Freezes in high video games. In process mgr, many moving objects. Have used a few things to try and verify infection but unsure.One scan said Infected copy of c:\windows\system32\Version.dll was found and disinfected One scan found Infected copy of c:\windows\system32\userinit.exe was found and disinfected . Here is my report.


OTL logfile created on: 7/5/2011 23:20:37 - Run 2
OTL by OldTimer - Version 3.2.26.0 Folder = C:\Users\karoni\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.62 Mb Total Physical Memory | 69.24 Mb Available Physical Memory | 13.53% Memory free
2.94 Gb Paging File | 1.72 Gb Available in Paging File | 58.43% Paging File free
Paging file location(s): c:\pagefile.sys 2500 2500 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 87.62 Gb Total Space | 65.86 Gb Free Space | 75.17% Space Free | Partition Type: NTFS
Drive D: | 5.54 Gb Total Space | 1.05 Gb Free Space | 18.92% Space Free | Partition Type: NTFS
Drive F: | 29.91 Gb Total Space | 25.91 Gb Free Space | 86.62% Space Free | Partition Type: FAT32

Computer Name: KARONI-PC | User Name: karoni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/05 23:04:45 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\karoni\Downloads\OTL.exe
PRC - [2011/05/25 21:24:16 | 001,306,216 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2011/05/25 21:23:42 | 000,780,392 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcupdate.exe
PRC - [2011/05/25 21:23:38 | 001,191,368 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\MSC\mcupdmgr.exe
PRC - [2011/05/11 15:10:44 | 000,167,040 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2011/05/10 22:28:30 | 003,769,048 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2011/05/10 22:21:12 | 003,834,456 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDMonSvc.exe
PRC - [2011/05/10 22:18:34 | 003,585,696 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFWSvc.exe
PRC - [2011/05/10 22:18:08 | 003,515,656 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2011/03/13 11:45:14 | 000,148,520 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2011/03/13 11:41:50 | 000,159,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
PRC - [2011/03/13 11:41:36 | 000,165,000 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
PRC - [2010/11/20 08:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/20 08:17:00 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2006/10/10 20:44:20 | 000,034,520 | ---- | M] (Hewlett Packard) -- C:\Program Files\Compaq Connections\3572475\Program\Compaq Connections.exe


========== Modules (SafeList) ==========

MOD - [2011/07/05 23:04:45 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\karoni\Downloads\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/11/20 07:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/06/29 17:43:25 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_e477fed.dll -- (Akamai)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/11 15:10:44 | 000,167,040 | ---- | M] (Safer-Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe -- (SDWSCService)
SRV - [2011/05/10 22:28:30 | 003,769,048 | ---- | M] (Safer-Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe -- (SDUpdateService)
SRV - [2011/05/10 22:21:12 | 003,834,456 | ---- | M] (Safer-Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy 2\SDMonSvc.exe -- (SDMonitorService)
SRV - [2011/05/10 22:18:34 | 003,585,696 | ---- | M] (Safer-Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy 2\SDFWSvc.exe -- (SDFirewallService)
SRV - [2011/05/10 22:18:08 | 003,515,656 | ---- | M] (Safer-Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe -- (SDScannerService)
SRV - [2011/03/17 16:38:42 | 000,361,712 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2011/03/13 11:45:14 | 000,148,520 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2011/03/13 11:41:50 | 000,159,832 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2011/03/13 11:41:36 | 000,165,000 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/04/25 10:57:16 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/04/13 21:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2006/06/26 13:50:08 | 000,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr)
SRV - [2004/10/22 07:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [Disabled | Stopped] -- C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2011/03/13 11:20:10 | 000,459,728 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/03/13 11:20:10 | 000,337,912 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/03/13 11:20:10 | 000,179,248 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/03/13 11:20:10 | 000,163,400 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2011/03/13 11:20:10 | 000,118,784 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/03/13 11:20:10 | 000,085,984 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/03/13 11:20:10 | 000,064,648 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2011/03/13 11:20:10 | 000,059,288 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/03/13 11:20:10 | 000,057,432 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/04/13 21:10:22 | 000,054,776 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\MOBK.sys -- (MOBKFilter)
DRV - [2010/02/25 00:02:30 | 000,015,544 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2009/11/04 16:54:12 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/11/04 16:53:40 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2008/07/22 07:42:58 | 000,051,200 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/03/04 02:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007/07/10 06:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/02 10:43:50 | 000,145,920 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2006/06/28 13:57:00 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...SARIO&pf=laptop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.facebook.com/login
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\karoni\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\karoni\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/03/23 21:24:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/03/23 21:24:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/05/24 18:41:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Google\Web Accelerator\firefox [2011/06/23 18:39:43 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/03/23 21:24:27 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/03/23 21:24:28 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/05/24 18:41:36 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Google\Web Accelerator\firefox [2011/06/23 18:39:43 | 000,000,000 | ---D | M]

[2010/04/24 18:41:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\karoni\AppData\Roaming\Mozilla\Extensions
[2010/04/16 21:33:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\karoni\AppData\Roaming\Mozilla\Extensions\[email protected]

O1 HOSTS File: ([2011/07/04 18:31:28 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - File not found
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (&Google Web Accelerator Helper) - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\Mcafee\SystemCore\ScriptSn.20110616185531.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Google Web Accelerator) - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O15 - HKCU\..Trusted Domains: combofix.exe ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: infospyware.net ([www] http in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O24 - Desktop WallPaper: C:\Users\karoni\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\karoni\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 11:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O32 - AutoRun File - [2010/05/05 16:20:58 | 000,000,103 | ---- | M] () - F:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/05 18:04:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/07/04 18:29:40 | 000,289,144 | ---- | C] (S!Ri) -- C:\Windows\System32\VCCLSID.exe
[2011/07/04 18:29:40 | 000,288,417 | ---- | C] (S!Ri) -- C:\Windows\System32\SrchSTS.exe
[2011/07/04 18:29:40 | 000,135,168 | ---- | C] (SteelWerX) -- C:\Windows\System32\swreg.exe
[2011/07/04 18:29:40 | 000,087,552 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\VACFix.exe
[2011/07/04 18:29:40 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\IEDFix.exe
[2011/07/04 18:29:40 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\IEDFix.C.exe
[2011/07/04 18:29:40 | 000,082,432 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\404Fix.exe
[2011/07/04 18:29:40 | 000,080,384 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\o4Patch.exe
[2011/07/04 18:29:40 | 000,079,360 | ---- | C] (SteelWerX) -- C:\Windows\System32\swxcacls.exe
[2011/07/04 18:29:40 | 000,078,336 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\Agent.OMZ.Fix.exe
[2011/07/04 18:29:40 | 000,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\Windows\System32\Process.exe
[2011/07/04 12:30:29 | 000,056,400 | ---- | C] (trend_company_name) -- C:\Windows\System32\drivers\tmrkb.sys
[2011/07/04 12:30:28 | 000,190,032 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys
[2011/07/04 11:59:19 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/07/04 11:49:02 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/07/04 11:02:11 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/07/03 12:48:48 | 000,000,000 | ---D | C] -- C:\Users\karoni\FrostWire
[2011/07/03 11:06:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup (Disabled by AnVir)
[2011/07/03 10:39:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnVir Task Manager Free
[2011/07/03 10:39:02 | 000,000,000 | ---D | C] -- C:\Program Files\AnVir Task Manager Free
[2011/07/03 10:38:01 | 000,000,000 | ---D | C] -- C:\Users\karoni\AppData\Local\AnVir
[2011/06/28 19:28:12 | 000,000,000 | ---D | C] -- C:\Users\karoni\Desktop\log
[2011/06/28 18:42:42 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/06/28 18:42:39 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/06/28 18:42:38 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/06/24 18:14:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2011/06/24 18:14:13 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\Windows\System32\sdnclean.exe
[2011/06/24 18:08:52 | 000,000,000 | ---D | C] -- C:\Users\karoni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire
[2011/06/23 18:39:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Web Accelerator
[2011/06/23 18:28:00 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2011/06/23 18:23:35 | 000,000,000 | ---D | C] -- C:\Users\karoni\AppData\Roaming\SUPERAntiSpyware.com
[2011/06/23 18:23:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/06/23 18:23:10 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/06/23 18:19:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/06/23 18:18:37 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/06/20 20:34:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/06/20 20:34:37 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011/06/17 18:05:50 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2010/10/13 19:17:07 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\karoni\AppData\Roaming\pcouffin.sys
[2010/09/03 22:07:39 | 003,063,561 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\MobileTV.exe
[2010/09/03 22:07:39 | 002,989,660 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\DVD.exe
[2010/09/03 22:07:38 | 002,864,396 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\MPV.exe
[2010/09/03 22:07:38 | 002,331,174 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\Karaoke.exe
[2010/09/03 22:07:37 | 002,231,606 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\Games.exe

========== Files - Modified Within 30 Days ==========

[2011/07/05 22:44:01 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1643368254-1818270169-1135579119-1000UA.job
[2011/07/05 21:26:00 | 000,001,041 | ---- | M] () -- C:\Users\karoni\AppData\Roaming\vso_ts_preview.xml
[2011/07/05 18:44:14 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1643368254-1818270169-1135579119-1000Core.job
[2011/07/05 18:18:07 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/05 18:18:07 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/05 18:01:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/05 18:01:52 | 402,350,080 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/04 18:31:34 | 000,000,691 | ---- | M] () -- C:\Users\karoni\AppData\Roaming\GetValue.vbs
[2011/07/04 18:31:34 | 000,000,035 | ---- | M] () -- C:\Users\karoni\AppData\Roaming\SetValue.bat
[2011/07/04 18:31:33 | 000,000,366 | ---- | M] () -- C:\Windows\System32\tmp.reg
[2011/07/04 18:31:28 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/07/04 18:00:13 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2011/07/04 12:30:29 | 000,056,400 | ---- | M] (trend_company_name) -- C:\Windows\System32\drivers\tmrkb.sys
[2011/07/04 12:30:28 | 000,190,032 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys
[2011/07/04 12:05:45 | 000,624,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/07/04 12:05:45 | 000,106,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/07/03 12:29:01 | 152,537,712 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/07/03 10:39:04 | 000,000,997 | ---- | M] () -- C:\Users\karoni\Application Data\Microsoft\Internet Explorer\Quick Launch\AnVir Task Manager Free.lnk
[2011/07/03 10:39:03 | 000,001,039 | ---- | M] () -- C:\Users\Public\Desktop\AnVir Task Manager Free.lnk
[2011/07/02 17:35:22 | 000,389,408 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/06/30 17:54:24 | 000,012,660 | ---- | M] () -- C:\Users\karoni\Documents\cc_20110630_175401.reg
[2011/06/26 12:34:12 | 000,000,000 | ---- | M] () -- C:\Users\karoni\AppData\Roaming\.googlewebacchosts
[2011/06/26 02:45:56 | 000,256,000 | ---- | M] () -- C:\Windows\PEV.exe
[2011/06/24 18:14:15 | 000,002,123 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2011/06/24 18:08:53 | 000,001,203 | ---- | M] () -- C:\Users\karoni\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 4.21.8.lnk
[2011/06/24 18:08:52 | 000,001,179 | ---- | M] () -- C:\Users\karoni\Desktop\FrostWire 4.21.8.lnk
[2011/06/23 18:39:44 | 000,001,181 | ---- | M] () -- C:\Users\karoni\Desktop\Google Web Accelerator.lnk
[2011/06/23 18:23:27 | 000,001,965 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/06/20 20:35:20 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/06/11 09:41:51 | 000,001,411 | ---- | M] () -- C:\Users\karoni\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

========== Files Created - No Company Name ==========

[2011/07/04 18:31:34 | 000,000,035 | ---- | C] () -- C:\Users\karoni\AppData\Roaming\SetValue.bat
[2011/07/04 18:31:33 | 000,000,691 | ---- | C] () -- C:\Users\karoni\AppData\Roaming\GetValue.vbs
[2011/07/04 18:29:50 | 000,000,366 | ---- | C] () -- C:\Windows\System32\tmp.reg
[2011/07/04 18:29:40 | 000,075,776 | ---- | C] () -- C:\Windows\System32\WS2Fix.exe
[2011/07/04 18:29:40 | 000,051,200 | ---- | C] () -- C:\Windows\System32\dumphive.exe
[2011/07/04 18:29:40 | 000,040,960 | ---- | C] () -- C:\Windows\System32\swsc.exe
[2011/07/03 10:39:04 | 000,000,997 | ---- | C] () -- C:\Users\karoni\Application Data\Microsoft\Internet Explorer\Quick Launch\AnVir Task Manager Free.lnk
[2011/07/03 10:39:02 | 000,001,039 | ---- | C] () -- C:\Users\Public\Desktop\AnVir Task Manager Free.lnk
[2011/06/30 17:54:17 | 000,012,660 | ---- | C] () -- C:\Users\karoni\Documents\cc_20110630_175401.reg
[2011/06/28 18:42:42 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/06/28 18:42:39 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/06/28 18:42:39 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/06/28 18:42:38 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/06/28 18:42:38 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/06/24 18:14:15 | 000,002,135 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2011/06/24 18:14:15 | 000,002,123 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2011/06/24 18:08:53 | 000,001,203 | ---- | C] () -- C:\Users\karoni\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 4.21.8.lnk
[2011/06/24 18:08:52 | 000,001,179 | ---- | C] () -- C:\Users\karoni\Desktop\FrostWire 4.21.8.lnk
[2011/06/23 18:45:14 | 000,000,000 | ---- | C] () -- C:\Users\karoni\AppData\Roaming\.googlewebacchosts
[2011/06/23 18:39:44 | 000,001,181 | ---- | C] () -- C:\Users\karoni\Desktop\Google Web Accelerator.lnk
[2011/06/23 18:23:27 | 000,001,965 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/06/20 20:35:19 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/06/20 20:35:19 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/06/11 09:41:51 | 000,001,417 | ---- | C] () -- C:\Users\karoni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/03/20 13:42:53 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2010/12/22 21:22:02 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/11/09 21:50:41 | 000,000,017 | ---- | C] () -- C:\Users\karoni\AppData\Local\resmon.resmoncfg
[2010/10/13 19:17:07 | 000,007,887 | ---- | C] () -- C:\Users\karoni\AppData\Roaming\pcouffin.cat
[2010/10/13 19:17:07 | 000,001,144 | ---- | C] () -- C:\Users\karoni\AppData\Roaming\pcouffin.inf
[2010/10/10 18:19:03 | 000,001,041 | ---- | C] () -- C:\Users\karoni\AppData\Roaming\vso_ts_preview.xml
[2010/10/10 11:22:41 | 000,000,039 | ---- | C] () -- C:\Windows\WININIT.INI
[2010/10/10 10:30:01 | 000,000,000 | ---- | C] () -- C:\Users\karoni\AppData\Roaming\wklnhst.dat
[2010/04/24 19:18:07 | 000,000,279 | ---- | C] () -- C:\ProgramData\hpqp.ini
[2010/04/24 18:48:38 | 000,021,316 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2010/04/17 17:01:27 | 000,000,000 | ---- | C] () -- C:\Windows\setup32.INI
[2010/02/12 23:21:31 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,389,408 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,624,178 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,106,522 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/06 07:02:10 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1114.dll
[2006/09/19 03:02:40 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/19 03:02:40 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/03/09 16:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2004/09/16 16:24:26 | 003,375,104 | ---- | C] () -- C:\Windows\System32\qt-mt331.dll

========== LOP Check ==========

[2010/11/11 14:47:24 | 000,000,000 | ---D | M] -- C:\Users\karoni\AppData\Roaming\.minecraft
[2011/03/20 13:12:35 | 000,000,000 | ---D | M] -- C:\Users\karoni\AppData\Roaming\DriverCure
[2011/05/14 14:41:35 | 000,000,000 | ---D | M] -- C:\Users\karoni\AppData\Roaming\f-secure
[2011/07/05 21:27:10 | 000,000,000 | ---D | M] -- C:\Users\karoni\AppData\Roaming\FrostWire
[2010/10/10 17:55:20 | 000,000,000 | ---D | M] -- C:\Users\karoni\AppData\Roaming\ImgBurn
[2011/03/20 13:12:35 | 000,000,000 | ---D | M] -- C:\Users\karoni\AppData\Roaming\ParetoLogic
[2011/01/01 15:08:50 | 000,000,000 | ---D | M] -- C:\Users\karoni\AppData\Roaming\PhotoScape
[2010/10/13 19:55:37 | 000,000,000 | ---D | M] -- C:\Users\karoni\AppData\Roaming\playitall
[2010/10/11 18:34:22 | 000,000,000 | ---D | M] -- C:\Users\karoni\AppData\Roaming\Unity
[2011/07/05 21:26:02 | 000,000,000 | ---D | M] -- C:\Users\karoni\AppData\Roaming\Vso
[2011/07/04 18:00:13 | 000,000,446 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job
[2011/03/20 13:56:20 | 000,000,420 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version3.job
[2011/03/20 13:56:20 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\PC Health Advisor Defrag.job
[2011/03/20 13:56:20 | 000,000,360 | ---- | M] () -- C:\Windows\Tasks\PC Health Advisor.job
[2011/05/02 18:40:17 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
Ready for a fix. Thanks in advance.

Attached Files

  • Attached File  OTL.Txt   70.09KB   63 downloads

  • 0

Advertisements

#2
michaelg9
Posted 12 July 2011 - 07:19 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Helped here
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP