Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I need help removing Google Redirect Virus

Started by smatt00000 , May 21 2011 03:37 PM

  • Please log in to reply

#1
smatt00000
Posted 21 May 2011 - 03:37 PM

smatt00000

    New Member

  • Member
  • Pip
  • 7 posts
I've had the Google redirect virus for a while. I've tried to get rid of it using anti-virus and malware, but nothing has worked. I'm an Adsense member, so I am constantly on Google and enough is enough! I need help getting rid of this very annoying virus. I have included an OTL quick scan.


OTL logfile created on: 5/21/2011 5:28:40 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\matt\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 363.28 Gb Total Space | 82.22 Gb Free Space | 22.63% Space Free | Partition Type: NTFS
Drive D: | 9.33 Gb Total Space | 1.27 Gb Free Space | 13.64% Space Free | Partition Type: NTFS
Drive L: | 6.62 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: NEWCOMP | User Name: matt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/21 17:28:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\matt\Desktop\OTL.exe
PRC - [2011/04/29 17:09:14 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/04/14 18:16:14 | 000,490,112 | ---- | M] (RealNetworks, Inc.) -- c:\Program Files\real\realplayer\realplay.exe
PRC - [2011/04/14 18:16:10 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2011/03/11 01:36:10 | 000,724,152 | ---- | M] (iolo technologies, LLC) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2009/09/24 05:46:08 | 001,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
PRC - [2008/07/03 11:27:12 | 006,266,880 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/01/20 22:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/08/31 12:49:50 | 000,243,064 | ---- | M] (Symantec Corporation) -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/04/18 11:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2006/12/11 11:12:06 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxcrcoms.exe


========== Modules (SafeList) ==========

MOD - [2011/05/21 17:28:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\matt\Desktop\OTL.exe
MOD - [2010/08/31 11:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/03/11 01:36:10 | 000,724,152 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/11 01:36:10 | 000,724,152 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/11/10 06:29:15 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/09/24 05:46:08 | 001,251,720 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/08/31 12:49:50 | 000,243,064 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/23 02:35:00 | 003,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/08/21 13:21:00 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2006/12/11 11:12:06 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxcrcoms.exe -- (lxcr_device)


========== Driver Services (SafeList) ==========

DRV - [2009/10/22 23:07:25 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/10/01 11:44:21 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/09/17 09:51:04 | 001,323,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20091015.050\NAVEX15.SYS -- (NAVEX15)
DRV - [2009/09/17 09:51:04 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/09/17 09:51:04 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/09/17 09:51:04 | 000,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20091015.050\NAVENG.SYS -- (NAVENG)
DRV - [2009/08/26 20:26:38 | 000,272,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20090923.001\IDSvix86.sys -- (IDSvix86)
DRV - [2009/03/17 12:56:58 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2009/02/24 19:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009/02/19 13:31:42 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2009/02/19 13:31:18 | 000,041,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2009/02/19 13:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 13:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 13:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 13:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2008/12/09 10:59:30 | 000,020,392 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElRawDsk.sys -- (ElRawDisk)
DRV - [2008/08/01 20:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/07/30 18:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008/05/22 14:49:00 | 007,465,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/05/08 06:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 06:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2007/12/07 11:28:10 | 000,131,616 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007/12/07 11:28:08 | 000,140,320 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007/11/30 23:57:12 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/11/30 23:57:12 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/11/30 23:57:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/10/18 08:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/10/12 11:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/08/08 05:39:00 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2005/12/12 12:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...lion&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...lion&pf=desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...lion&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/...007&form=ZGAPHP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://ie.redirect.h...lion&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.selectedEngineURL: "http://flvtubesearch...={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.search.usedbfororder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:3.2.5.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: {70df8d13-bdd3-448e-944c-efde21b77161}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3
FF - prefs.js..extensions.enabledItems: {AAA46C78-D425-4A1D-8F71-B87748C37071}:1.9.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://www.google.co...lient&hl=en&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/04/14 18:16:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/29 17:09:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/29 17:09:15 | 000,000,000 | ---D | M]

[2009/09/24 06:19:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\matt\AppData\Roaming\Mozilla\Extensions
[2011/05/20 20:43:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\matt\AppData\Roaming\Mozilla\Firefox\Profiles\m3l18iy2.default\extensions
[2010/07/23 21:31:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\matt\AppData\Roaming\Mozilla\Firefox\Profiles\m3l18iy2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/01 06:34:34 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\matt\AppData\Roaming\Mozilla\Firefox\Profiles\m3l18iy2.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/12/16 12:26:30 | 000,000,000 | ---D | M] (ClixSense.com Community Toolbar) -- C:\Users\matt\AppData\Roaming\Mozilla\Firefox\Profiles\m3l18iy2.default\extensions\{70df8d13-bdd3-448e-944c-efde21b77161}
[2010/12/16 12:26:31 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\matt\AppData\Roaming\Mozilla\Firefox\Profiles\m3l18iy2.default\extensions\[email protected]
[2011/01/05 18:21:26 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\matt\AppData\Roaming\Mozilla\Firefox\Profiles\m3l18iy2.default\extensions\[email protected]
[2010/08/02 13:58:18 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Users\matt\AppData\Roaming\Mozilla\Firefox\Profiles\m3l18iy2.default\extensions\[email protected]
[2009/10/14 04:10:56 | 000,004,554 | ---- | M] () -- C:\Users\matt\AppData\Roaming\Mozilla\Firefox\Profiles\m3l18iy2.default\searchplugins\aim-search.xml
[2010/12/20 16:51:43 | 000,002,568 | ---- | M] () -- C:\Users\matt\AppData\Roaming\Mozilla\Firefox\Profiles\m3l18iy2.default\searchplugins\askcom.xml
[2011/01/14 02:29:56 | 000,001,919 | ---- | M] () -- C:\Users\matt\AppData\Roaming\Mozilla\Firefox\Profiles\m3l18iy2.default\searchplugins\bing-zugo.xml
[2011/03/13 02:34:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/28 01:57:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/28 05:08:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/02/15 11:14:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/13 02:34:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/04/14 18:16:37 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2010/06/09 20:35:14 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\MATT\APPDATA\LOCAL\{AAA46C78-D425-4A1D-8F71-B87748C37071}
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/07/25 17:43:47 | 000,001,469 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\WebSearchober216825805.xml
[2009/04/07 13:59:38 | 000,000,872 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Yahooober126335147.gif
[2010/05/21 00:29:13 | 000,000,196 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Yahooober126335147.src

O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (no name) - {75ED56AF-4DC9-4243-A30C-4EF4DD0CA28F} - No CLSID value found.
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [HP Health Check Scheduler] File not found
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SMRequiresRestart] File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../pcpitstop2.dll (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\clouds.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\clouds.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/18 10:35:31 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/10/10 10:56:20 | 000,447,752 | R--- | M] (Electronic Arts, Inc.) - L:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2008/10/10 10:56:17 | 000,000,000 | R--D | M] - L:\Autorun -- [ UDF ]
O32 - AutoRun File - [2008/10/10 10:56:22 | 004,108,288 | R--- | M] () - L:\autorun.dat -- [ UDF ]
O32 - AutoRun File - [2008/10/10 10:56:15 | 000,000,137 | R--- | M] () - L:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{23072c0b-d99b-11de-b075-001e901df623}\Shell - "" = AutoRun
O33 - MountPoints2\{23072c0b-d99b-11de-b075-001e901df623}\Shell\AutoRun\command - "" = O:\setup.exe
O33 - MountPoints2\{ca3201f7-cf63-11de-b48d-001e901df623}\Shell - "" = AutoRun
O33 - MountPoints2\{ca3201f7-cf63-11de-b48d-001e901df623}\Shell\AutoRun\command - "" = M:\autorun.exe
O33 - MountPoints2\{df1c0a29-c391-11de-988e-001e901df623}\Shell - "" = AutoRun
O33 - MountPoints2\{df1c0a29-c391-11de-988e-001e901df623}\Shell\AutoRun\command - "" = L:\AutoRun.exe -- [2008/10/10 10:56:20 | 000,447,752 | R--- | M] (Electronic Arts, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/21 17:28:26 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\matt\Desktop\OTL.exe
[2011/05/21 05:34:06 | 000,000,000 | ---D | C] -- C:\Users\matt\Desktop\bejeweled blitz
[2011/05/21 05:32:58 | 000,000,000 | ---D | C] -- C:\Users\matt\Desktop\farkle
[2011/05/20 12:12:08 | 000,000,000 | ---D | C] -- C:\Users\matt\Desktop\gardens of time
[2011/05/19 13:16:42 | 000,000,000 | -H-D | C] -- C:\Windows\System32\CanonIJ Uninstaller Information
[2011/05/19 13:16:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP1700
[2011/05/19 13:16:16 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2011/05/19 06:32:30 | 000,000,000 | ---D | C] -- C:\Windows\en
[2011/05/19 06:31:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2011/05/19 06:31:21 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011/05/19 06:30:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011/05/19 06:29:20 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/05/19 06:28:57 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011/05/19 06:05:42 | 000,000,000 | ---D | C] -- C:\Users\matt\AppData\Local\Windows Live
[2011/05/19 06:05:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2011/05/19 04:57:22 | 000,000,000 | ---D | C] -- C:\Users\matt\Desktop\mafia wars
[2011/05/13 20:35:52 | 000,000,000 | ---D | C] -- C:\Users\matt\Desktop\New Folder (2)
[2011/05/10 05:41:49 | 000,000,000 | ---D | C] -- C:\Users\matt\Desktop\monster galaxy
[2011/05/10 03:36:05 | 000,000,000 | ---D | C] -- C:\Users\matt\Desktop\crime city
[2011/05/10 01:32:21 | 000,000,000 | ---D | C] -- C:\Users\matt\Desktop\slot city
[2011/05/08 06:14:41 | 000,000,000 | ---D | C] -- C:\Users\matt\Desktop\csi
[2011/05/07 18:19:34 | 000,000,000 | ---D | C] -- C:\Users\matt\Desktop\casino city
[2011/05/05 19:49:33 | 000,000,000 | ---D | C] -- C:\Users\matt\Desktop\college basketball
[2011/04/24 14:51:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org
[2011/04/24 14:51:11 | 000,000,000 | ---D | C] -- C:\Program Files\Xiph.Org
[2010/08/05 12:07:55 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\matt\AppData\Roaming\pcouffin.sys
[2010/06/02 18:48:24 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxcrserv.dll
[2010/06/02 18:48:24 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxcrusb1.dll
[2010/06/02 18:48:24 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxcrpmui.dll
[2010/06/02 18:48:24 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxcrlmpm.dll
[2010/06/02 18:48:24 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxcrinpa.dll
[2010/06/02 18:48:24 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcriesc.dll
[2010/06/02 18:48:24 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxcrih.exe
[2010/06/02 18:48:24 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCRhcp.dll
[2010/06/02 18:48:24 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxcrprox.dll
[2010/06/02 18:48:24 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxcrpplc.dll
[2010/06/02 18:48:23 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomc.dll
[2010/06/02 18:48:23 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxcrcoms.exe
[2010/06/02 18:48:23 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomm.dll

========== Files - Modified Within 30 Days ==========

[2011/05/21 17:28:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\matt\Desktop\OTL.exe
[2011/05/21 16:34:43 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/21 16:34:43 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/20 10:39:17 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/20 10:39:17 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/20 10:34:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/19 13:16:06 | 004,495,960 | ---- | M] () -- C:\Users\matt\Desktop\ip1700vst200ej.exe
[2011/05/19 06:39:01 | 000,000,905 | ---- | M] () -- C:\Users\matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/19 06:37:29 | 000,961,912 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/05/19 06:02:58 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011/05/19 06:02:58 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011/05/19 06:02:51 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011/05/17 03:29:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At1.job
[2011/05/16 20:00:15 | 000,000,544 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - matt.job
[2011/05/13 19:14:50 | 000,119,296 | ---- | M] () -- C:\Users\matt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/11 14:46:45 | 000,043,293 | ---- | M] () -- C:\Users\matt\Desktop\sign1.jpg
[2011/05/03 15:15:17 | 000,050,230 | ---- | M] () -- C:\Users\matt\Documents\Wazzamba Prize Winner Information Form-1.pdf
[2011/04/30 10:00:17 | 000,000,680 | ---- | M] () -- C:\Users\matt\AppData\Local\d3d9caps.dat

========== Files Created - No Company Name ==========

[2011/05/19 13:16:00 | 004,495,960 | ---- | C] () -- C:\Users\matt\Desktop\ip1700vst200ej.exe
[2011/05/19 06:31:07 | 000,001,120 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2011/05/19 06:30:45 | 000,001,189 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2011/05/19 06:30:14 | 000,000,999 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011/05/19 06:29:52 | 000,001,987 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/05/19 06:02:51 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/05/10 21:26:33 | 000,043,293 | ---- | C] () -- C:\Users\matt\Desktop\sign1.jpg
[2011/05/03 15:15:17 | 000,050,230 | ---- | C] () -- C:\Users\matt\Documents\Wazzamba Prize Winner Information Form-1.pdf
[2011/04/14 14:50:00 | 000,000,269 | ---- | C] () -- C:\Windows\SysMech.INI
[2011/04/12 20:03:38 | 000,088,576 | R--- | C] () -- C:\Windows\rauninst.exe
[2011/03/10 03:08:52 | 000,000,000 | ---- | C] () -- C:\Users\matt\AppData\Roaming\wklnhst.dat
[2011/03/08 19:55:35 | 000,074,703 | ---- | C] () -- C:\Windows\System32\mfc45.dll
[2011/03/08 19:55:13 | 000,000,404 | ---- | C] () -- C:\Windows\COOK'N5.INI
[2011/03/08 19:52:59 | 000,000,067 | ---- | C] () -- C:\Windows\Cook'n99.ini
[2010/12/15 12:18:39 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2010/11/10 20:36:44 | 000,000,190 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010/11/09 18:41:56 | 000,004,984 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2010/08/05 12:08:57 | 000,000,668 | ---- | C] () -- C:\Users\matt\AppData\Roaming\vso_ts_preview.xml
[2010/08/05 12:07:55 | 000,087,608 | ---- | C] () -- C:\Users\matt\AppData\Roaming\inst.exe
[2010/08/05 12:07:55 | 000,007,887 | ---- | C] () -- C:\Users\matt\AppData\Roaming\pcouffin.cat
[2010/08/05 12:07:55 | 000,001,144 | ---- | C] () -- C:\Users\matt\AppData\Roaming\pcouffin.inf
[2010/08/01 12:25:23 | 000,016,968 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2010/07/20 17:40:49 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat
[2010/06/09 20:35:14 | 000,000,120 | ---- | C] () -- C:\Users\matt\AppData\Local\Rtelacega.dat
[2010/06/09 20:35:14 | 000,000,000 | ---- | C] () -- C:\Users\matt\AppData\Local\Tputubetogu.bin
[2010/06/06 00:15:25 | 000,068,640 | ---- | C] () -- C:\Windows\unTMV.exe
[2010/06/02 18:48:25 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXCRinst.dll
[2010/05/24 21:35:45 | 000,472,576 | ---- | C] () -- C:\Windows\uninstall.exe
[2010/05/24 21:35:45 | 000,069,720 | ---- | C] () -- C:\Windows\uninstall.dat
[2010/04/22 14:24:54 | 000,056,320 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
[2010/03/02 20:00:00 | 001,449,935 | ---- | C] () -- C:\Windows\System32\ffmpegmt.dll
[2010/02/28 11:00:14 | 000,000,680 | ---- | C] () -- C:\Users\matt\AppData\Local\d3d9caps.dat
[2009/10/08 00:19:02 | 000,119,296 | ---- | C] () -- C:\Users\matt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/27 04:27:44 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/27 04:27:43 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/24 05:43:22 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/08/27 15:04:44 | 000,557,003 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2009/08/27 15:04:32 | 000,811,835 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2009/08/27 15:03:52 | 004,456,201 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2009/08/25 14:07:36 | 000,328,334 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll
[2009/08/25 13:38:04 | 000,425,040 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2009/08/25 12:56:56 | 000,829,781 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/08/25 12:37:02 | 000,146,098 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2009/08/11 16:21:26 | 000,087,552 | ---- | C] () -- C:\Windows\System32\ac3config.exe
[2009/08/03 00:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2009/06/02 13:15:44 | 000,113,152 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2009/06/02 13:15:18 | 000,146,944 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll
[2009/06/02 13:15:04 | 000,183,296 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2009/06/02 13:14:56 | 000,178,688 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2009/06/02 13:14:30 | 000,486,400 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2009/06/02 13:13:58 | 000,257,024 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2009/06/02 13:13:50 | 000,142,848 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2009/06/02 13:11:26 | 000,098,304 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2009/06/02 13:11:16 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/01/10 18:17:32 | 000,163,840 | ---- | C] () -- C:\Windows\System32\ts.dll
[2009/01/10 18:16:56 | 000,148,480 | ---- | C] () -- C:\Windows\System32\mkx.dll
[2009/01/10 18:16:50 | 000,108,032 | ---- | C] () -- C:\Windows\System32\avi.dll
[2009/01/10 18:16:14 | 000,141,312 | ---- | C] () -- C:\Windows\System32\mp4.dll
[2009/01/10 18:16:04 | 000,335,872 | ---- | C] () -- C:\Windows\System32\gdsmux.exe
[2009/01/10 18:15:54 | 000,120,832 | ---- | C] () -- C:\Windows\System32\ogm.dll
[2009/01/10 18:15:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\mmfinfo.dll
[2009/01/10 18:15:36 | 000,103,424 | ---- | C] () -- C:\Windows\System32\dsmux.exe
[2009/01/10 18:15:32 | 000,102,400 | ---- | C] () -- C:\Windows\System32\avss.dll
[2009/01/10 18:15:28 | 000,246,784 | ---- | C] () -- C:\Windows\System32\dxr.dll
[2009/01/10 18:15:12 | 000,097,280 | ---- | C] () -- C:\Windows\System32\avs.dll
[2009/01/10 18:15:06 | 000,135,168 | ---- | C] () -- C:\Windows\System32\mkv2vfr.exe
[2009/01/10 18:14:08 | 000,079,360 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
[2009/01/10 18:14:06 | 000,023,552 | ---- | C] () -- C:\Windows\System32\mkunicode.dll
[2008/12/03 18:11:50 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/11/06 12:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/04/18 10:35:44 | 000,000,060 | ---- | C] () -- C:\Windows\System32\HP_Demo.ini
[2008/04/18 10:27:44 | 000,102,451 | ---- | C] () -- C:\Windows\hpqins13.dat
[2008/04/18 10:23:28 | 000,061,440 | ---- | C] () -- C:\Windows\System32\OsdRemove.exe
[2008/04/18 10:21:04 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2008/04/18 10:21:04 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2007/10/13 05:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\System32\Registration.ini
[2006/11/30 11:32:52 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxcrcoin.dll
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,961,912 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,604,264 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,103,964 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/08/14 16:01:48 | 000,065,536 | ---- | C] () -- C:\Windows\System32\lxcrcaps.dll
[2006/08/08 14:58:04 | 000,692,224 | ---- | C] () -- C:\Windows\System32\lxcrdrs.dll
[2006/03/23 03:33:20 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxcrvs.dll
[2005/12/20 11:54:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxcrcnv4.dll
[2005/10/15 15:25:20 | 000,028,672 | ---- | C] () -- C:\Windows\System32\myodbc3i.exe
[2005/10/15 15:25:20 | 000,011,776 | ---- | C] () -- C:\Windows\System32\myodbc3m.exe

========== LOP Check ==========

[2009/10/13 05:28:30 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\Absolute Poker
[2009/10/14 04:10:27 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\acccore
[2010/08/08 04:28:25 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\Ashtons. Family Resort
[2009/10/31 22:13:50 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\CasualForge
[2009/10/22 23:13:04 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\DAEMON Tools Lite
[2009/11/06 01:16:01 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\DivoGames
[2010/05/16 07:55:19 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\Facebook
[2010/08/01 02:27:11 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\Flood Light Games
[2010/08/01 22:15:33 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\Floodlight Games
[2011/03/13 02:25:59 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\Free Download Manager
[2009/11/14 15:58:59 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\Got Game Entertainment
[2010/05/23 07:04:27 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\GrabPro
[2010/08/10 04:20:45 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\gtk-2.0
[2011/03/09 00:31:13 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\iolo
[2011/03/13 03:59:29 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\IrfanView
[2010/12/02 02:34:15 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\Lionhead Studios
[2010/07/25 17:43:39 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\Oberon Media
[2011/03/10 03:33:52 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\OpenOffice.org
[2011/03/13 02:14:19 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\Orbit
[2010/05/19 06:56:48 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\PlayFirst
[2010/06/06 20:19:59 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\Pogo
[2011/04/21 14:37:28 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\Red Alert 3
[2011/03/21 17:42:16 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\Smilebox
[2009/09/24 00:56:54 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\Snapfish
[2011/03/10 03:08:54 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\Template
[2010/10/25 12:31:41 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\Ubisoft
[2011/05/20 00:19:14 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\uTorrent
[2010/05/23 08:29:15 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\ValuSoft
[2010/12/23 18:43:57 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\Vso
[2009/09/25 19:19:37 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\WinBatch
[2010/07/31 00:42:55 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\YoudaGames
[2010/12/16 12:16:57 | 000,000,000 | ---D | M] -- C:\Users\matt\AppData\Roaming\YouDataAIR.CDA5CEB063BC2A22C44BAA035F25F65FCCDA2208.1
[2011/05/17 03:29:00 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2011/05/20 10:33:23 | 000,032,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:F1DEA771
@Alternate Data Stream - 185 bytes -> C:\ProgramData\TEMP:A26AFC00
@Alternate Data Stream - 181 bytes -> C:\ProgramData\TEMP:80AC2AE7
@Alternate Data Stream - 161 bytes -> C:\ProgramData\TEMP:9026FFAC
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:1C6D843F
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:9AB56A06
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:417B6FAC

< End of report >
  • 0

Advertisements

#2
smatt00000
Posted 21 May 2011 - 03:38 PM

smatt00000

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Here's the extras logfile that OTL created with the other scan.



OTL Extras logfile created on: 5/21/2011 5:28:40 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\matt\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 363.28 Gb Total Space | 82.22 Gb Free Space | 22.63% Space Free | Partition Type: NTFS
Drive D: | 9.33 Gb Total Space | 1.27 Gb Free Space | 13.64% Space Free | Partition Type: NTFS
Drive L: | 6.62 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: NEWCOMP | User Name: matt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{781997CB-0EF5-41DE-AC16-5327EA343965}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{852C82D6-9645-4DF9-AD5E-A88D36EAAB3D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{072A4BBE-B60E-46B6-A63A-28017A53B8D5}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{1A00D1AD-416C-4FFD-AC63-D7B97A3CFF6D}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{22910822-EBBD-4B1A-98A1-11EB41B953EF}" = protocol=17 | dir=in | app=c:\program files\lexmark 2400 series\lxcraiox.exe |
"{48A2C23C-0C46-4920-8DC9-82ED9E69C268}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{536E9133-3A88-41D6-84A2-0D3EB70D0F68}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{5648E94A-57B3-4845-82A0-53BDC5356D39}" = protocol=17 | dir=in | app=c:\program files\unreal tournament 3\binaries\ut3.exe |
"{597875EB-5D77-4A8F-B118-517017D97AED}" = protocol=6 | dir=in | app=c:\program files\lexmark 2400 series\lxcraiox.exe |
"{5DBBCF84-9833-4B67-856A-D1271733BADD}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{62A5FF7E-2B6C-499B-9FF1-5C4FEC15C9AF}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{6C61836B-7724-4D57-A7EC-4ADFFB45B3FA}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{7D2AD6A0-0B43-4BD8-9DBF-1057771F59CD}" = protocol=6 | dir=in | app=c:\program files\lexmark 2400 series\lxcrmon.exe |
"{7D5CF7E4-69CF-4895-A9F1-E8978D920DE9}" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold legends\strongholdlegends.exe |
"{86C7039D-E8CA-4BD9-AC1A-80063246214D}" = protocol=17 | dir=in | app=c:\windows\system32\lxcrcoms.exe |
"{91CBD87D-F34B-4519-87F8-02E48F889EBE}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{9B8D0531-D171-49CF-A2A8-81E584292E06}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{A3EC5442-EE66-47F0-8EEC-D6E31E5D22CF}" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe |
"{B0890304-CD75-4A2D-9F4F-3724E4215F47}" = protocol=6 | dir=in | app=c:\program files\unreal tournament 3\binaries\ut3.exe |
"{BA28B4A5-CFA2-4327-9D67-63014B11727D}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{BAAAC54D-DF72-490D-A035-2BB8F6287C46}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{C5F32E2E-EA16-4328-A350-642591682945}" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold legends\strongholdlegends.exe |
"{C61FE529-4B32-4338-BC41-1AD0A1D1F1AE}" = protocol=6 | dir=in | app=c:\windows\system32\lxcrcoms.exe |
"{D610DADB-66AD-4F59-BDBA-35793250686F}" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold 2\stronghold2.exe |
"{E01ABCFA-65C0-4ECC-8970-E942195ED75B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{E0CB0E56-A0BA-4B49-B664-EB0236DF0AEC}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{E95A968E-E099-421F-83C3-42791ED98507}" = protocol=6 | dir=in | app=c:\users\matt\appdata\local\temp\~osa87.tmp\opnsqr.exe |
"{EC1BC4BD-9913-4C39-8A41-498F017375F6}" = protocol=17 | dir=in | app=c:\program files\lexmark 2400 series\lxcrmon.exe |
"{ECEA9265-A7D8-4F27-BA36-7E8BF627BB8C}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"TCP Query User{3B469D6F-5C8D-49D8-8ABC-ADFDE2DC44DF}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{85E7BD35-3779-434E-9B9F-74A3DDCBB62C}C:\program files\unreal tournament 3\binaries\ut3.exe" = protocol=6 | dir=in | app=c:\program files\unreal tournament 3\binaries\ut3.exe |
"TCP Query User{884315AB-F5F8-4414-B799-595425124074}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{A6D07C97-5C90-4E8C-84BC-200219D98935}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{B02696DB-D0DE-436C-B0B3-69BF29609331}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{B5A85500-246C-41BF-AC6B-191CC8D4589E}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{BD842BFA-710A-4C70-8999-867F2724A4F1}C:\program files\oil tycoon 2\game.exe" = protocol=6 | dir=in | app=c:\program files\oil tycoon 2\game.exe |
"TCP Query User{FCF61D70-416C-43B0-B951-7B14C5CEECBF}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{03918663-C1F6-4C27-89A8-67967C733A2E}C:\program files\unreal tournament 3\binaries\ut3.exe" = protocol=17 | dir=in | app=c:\program files\unreal tournament 3\binaries\ut3.exe |
"UDP Query User{07B3EE24-CEC0-4AA3-A3A0-5F5C164FDDD1}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{158BB034-95AE-4BFE-82BA-85F12F790FF8}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{189E9EA5-9E3E-48FC-A17E-C5369E3AAFCC}C:\program files\oil tycoon 2\game.exe" = protocol=17 | dir=in | app=c:\program files\oil tycoon 2\game.exe |
"UDP Query User{3195D4B9-126C-44E3-A43C-F91D36ED71EF}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{525E24B5-4605-4275-8CF1-15F6E15008A6}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{812CF776-90A9-48B9-B832-A836172592C5}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{E43AE910-2644-4C33-BCA6-936634CC2169}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
"{029B5901-1F27-4347-9923-E8ACC8F54E15}" = Snapfish Picture Mover
"{0556F885-2415-4666-B53E-33727E46AEA1}" = The Movies™
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CB3C535-1171-4A20-B549-E2CB5DEB9723}" = MySQL Connector/ODBC 3.51
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP1700" = Canon iP1700
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BCE2581-B7CA-4BB4-BDFB-D113506AA38B}" = HP Easy Setup - Frontend
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java™ 6 Update 22
"{284CF4B8-4055-4D2E-BC04-5ADD7AA10E3D}" = The Movies™ 1.1 Patch
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3
"{2981C989-5C50-4BC4-91A0-9BFBAB0997F9}" = VEGA$ Tycoon
"{305D4B08-5807-4475-B1C8-D54685534864}" = LightScribeTemplateLabeler
"{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3672B097-EA69-4BFE-B92F-29AE6D9D2B34}" = Norton Internet Security
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{48413BF3-5934-4ED3-8F1B-49D250BBF5AC}" = Prison Tycoon 4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{5115C036-C0D5-4E1B-81C9-542CA967478A}" = muvee autoProducer 6.1
"{53E4CE64-629E-4590-AB43-1D8C85A6E621}" = The Print Shop 2.0 Deluxe
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core
"{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1" = iolo technologies' System Mechanic
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{612F4E20-3661-4D44-AD79-823F1B613FB3}" = HP Update
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{62120008-8E1E-4807-860D-A8B48F8552DB}" = Norton Protection Center
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}" = Command & Conquer The First Decade
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A43E42-3658-4DD9-8551-FACDA3632538}" = HP Advisor
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.0.0.9
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}" = Norton AntiVirus
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7C0EE80A-E301-4480-BE56-8C10E307967A}" = SymNet
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112208390}" = Fairy Godmother Tycoon
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A379E7A-22ED-44FF-9293-E393D704505D}" = HP Demo
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A3BC5D37-30F9-4CF7-BD5C-0DFF063E4B6D}" = 2Wire Wireless Client
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.6
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1A5F607-19D1-1C1E-5873-A69255443101}" = YouData 5-Stack
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{B6AA2F31-F5F8-4AD3-B9A3-6DFE671CCCE8}" = Symantec Real Time Storage Protection Component
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C06A7DAC-1708-417C-B694-28C84DFE2DF9}" = The Movies™ Stunts & Effects
"{C17F3696-8EE5-46B0-ADD7-7F5ED6208879}" = Music Oasis
"{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8D47273-7A1A-4614-A3D8-263632D8A5ED}" = HP Customer Experience Enhancements
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D064F16E-88DA-4E8F-BBAE-0E2AA9A6AE61}" = VP6 Decoder
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton AntiVirus Help
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC8282AB-48DD-91D2-7387-01CD6E100A5D}" = Adobe Photoshop.com Inspiration Browser
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F9657EF6-C156-4CE9-A0A2-562CD3E94842}" = Beach Life
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agatha Christie Evil Under the Sun 1.00" = Agatha Christie Evil Under the Sun 1.00
"Age of Castles" = Age of Castles
"Alarm Clock_is1" = Alarm Clock v1.0
"AutoHotkey" = AutoHotkey 1.0.48.05
"Avi Previewer DEMO_is1" = Avi Previewer 2.31 DEMO
"Belarc Advisor" = Belarc Advisor 8.1
"Build a Lot 5 Elizabethan Era1.0" = Build a Lot 5 Elizabethan Era
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP
"Cook'n Deluxe" = Cook'n Deluxe
"DinerTown Tycoon_is1" = DinerTown Tycoon
"D-i-v-X - AVI Codec Pack Pro" = D-i-v-X AVI Codec Pack Pro 2.4.0
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"FLV Player X" = FLV Player X
"GamesBar" = GamesBar 2.0.1.53
"GIF Animator" = Microsoft GIF Animator
"Hoyle Casino Empire" = Hoyle Casino Empire (remove only)
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"Indeo® Software" = Indeo® Software
"InstallShield_{0556F885-2415-4666-B53E-33727E46AEA1}" = The Movies™ Stunts & Effects
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Kali II" = Kali II
"Lexmark 2400 Series" = Lexmark 2400 Series
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Media Player - Codec Pack" = Media Player Codec Pack 3.9.5
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Moon Tycoon" = Moon Tycoon
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"NVIDIA Drivers" = NVIDIA Drivers
"OfficeTrial" = Microsoft Office Home and Student 60 day trial
"Open Codecs" = Xiph.Org Open Codecs 0.85.17777
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"PokerStars" = PokerStars
"RA+ V3.03_is1" = FullRA Plus V3.03
"RealPlayer 12.0" = RealPlayer
"Search Toolbar" = Search Toolbar
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security (Symantec Corporation)
"TextMaker Viewer" = TextMaker Viewer
"Ultimate Reference Suite" = Ultimate Reference Suite
"WebSite Downloader" = WebSite Downloader 1.1
"Website Ripper Copier" = Website Ripper Copier
"WildTangent hp Master Uninstall" = My HP Games
"Windows Essentials Media Codec Pack" = Windows Essentials Media Codec Pack 2.3d
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.43-9C
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"YouDataAIR.CDA5CEB063BC2A22C44BAA035F25F65FCCDA2208.1" = YouData 5-Stack
"ZenKEY" = ZenKEY

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Inquisit 3 Web Edition" = Inquisit 3 Web Edition
"Smilebox" = Smilebox

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/21/2011 3:02:13 PM | Computer Name = NEWCOMP | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Informasjonsnivå: error Initialization of the COM subsystem failed.
Error code: 0x80004005.

Error - 5/21/2011 3:21:05 PM | Computer Name = NEWCOMP | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Informasjonsnivå: error Initialization of the COM subsystem failed.
Error code: 0x80004005.

Error - 5/21/2011 3:39:10 PM | Computer Name = NEWCOMP | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Informasjonsnivå: error Initialization of the COM subsystem failed.
Error code: 0x80004005.

Error - 5/21/2011 3:58:44 PM | Computer Name = NEWCOMP | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Informasjonsnivå: error Initialization of the COM subsystem failed.
Error code: 0x80004005.

Error - 5/21/2011 4:16:24 PM | Computer Name = NEWCOMP | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Informasjonsnivå: error Initialization of the COM subsystem failed.
Error code: 0x80004005.

Error - 5/21/2011 4:33:52 PM | Computer Name = NEWCOMP | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Informasjonsnivå: error Initialization of the COM subsystem failed.
Error code: 0x80004005.

Error - 5/21/2011 4:49:11 PM | Computer Name = NEWCOMP | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Informasjonsnivå: error Initialization of the COM subsystem failed.
Error code: 0x80004005.

Error - 5/21/2011 5:04:53 PM | Computer Name = NEWCOMP | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Informasjonsnivå: error Initialization of the COM subsystem failed.
Error code: 0x80004005.

Error - 5/21/2011 5:19:09 PM | Computer Name = NEWCOMP | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Informasjonsnivå: error Initialization of the COM subsystem failed.
Error code: 0x80004005.

Error - 5/21/2011 5:31:28 PM | Computer Name = NEWCOMP | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Informasjonsnivå: error Initialization of the COM subsystem failed.
Error code: 0x80004005.

[ System Events ]
Error - 5/19/2011 6:28:29 AM | Computer Name = NEWCOMP | Source = DCOM | ID = 10010
Description =

Error - 5/19/2011 8:16:48 PM | Computer Name = NEWCOMP | Source = DCOM | ID = 10005
Description =

Error - 5/19/2011 8:17:28 PM | Computer Name = NEWCOMP | Source = Service Control Manager | ID = 7024
Description =

Error - 5/19/2011 8:17:28 PM | Computer Name = NEWCOMP | Source = Service Control Manager | ID = 7031
Description =

Error - 5/19/2011 8:17:28 PM | Computer Name = NEWCOMP | Source = Service Control Manager | ID = 7009
Description =

Error - 5/19/2011 8:17:28 PM | Computer Name = NEWCOMP | Source = Service Control Manager | ID = 7000
Description =

Error - 5/20/2011 12:45:20 AM | Computer Name = NEWCOMP | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 5/20/2011 10:36:13 AM | Computer Name = NEWCOMP | Source = Service Control Manager | ID = 7024
Description =

Error - 5/20/2011 10:36:13 AM | Computer Name = NEWCOMP | Source = Service Control Manager | ID = 7031
Description =

Error - 5/21/2011 1:21:37 PM | Computer Name = NEWCOMP | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.


< End of report >
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP