Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Can't See Directories or Files on Drive Partition


  • This topic is locked This topic is locked

#1
Gameman007

Gameman007

    Member

  • Member
  • PipPip
  • 22 posts
My E: drive shows 38 gig free of 101 gig total in properties. However if I click on the drive in Windows Explorer in Windows 7 it says drive empty. Could I have some sort of weird malware here affecting the C: drive which could cause this problem?. I've run TrendMicro Housecall, TDSS Killer and Malwarebytes none of which found anything. When I open up the E: drive in Windows Explorer I find this file, $UpgDrv$. If I delete it it says "this folder is empty:. I also have a program Treesize Professional which shows file size and amount of space files take up on a drive. On the E: drive all directories and drives show up so I know the directories and files are still there just not showing in windows Explorer when I open up drive .
Here is my OTL file:

[email protected] logfile created on: 6/16/2011 10:50:28 AM - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Bill\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 66.89% Memory free
4.00 Gb Paging File | 2.83 Gb Available in Paging File | 70.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148.95 Gb Total Space | 81.98 Gb Free Space | 55.04% Space Free | Partition Type: NTFS
Drive D: | 101.44 Gb Total Space | 22.95 Gb Free Space | 22.62% Space Free | Partition Type: NTFS
Drive E: | 101.44 Gb Total Space | 38.05 Gb Free Space | 37.51% Space Free | Partition Type: NTFS
Drive I: | 30.01 Gb Total Space | 15.20 Gb Free Space | 50.65% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: BILLB | User Name: Bill | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/16 10:48:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTL.exe
PRC - [2011/06/12 14:11:19 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- D:\APPS\UTORRENT\uTorrent.exe
PRC - [2011/05/29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- D:\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- D:\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/05/29 08:29:30 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- D:\APPS\real player sp\Update\realsched.exe
PRC - [2011/04/14 14:08:02 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
PRC - [2011/04/14 14:08:02 | 000,171,168 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe
PRC - [2011/04/14 14:08:02 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfevtps.exe
PRC - [2011/02/23 01:39:24 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2010/12/16 09:11:52 | 001,195,920 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/12/16 02:12:28 | 002,840,112 | ---- | M] (Trend Media Corporation Limited) -- D:\APPS\Flashget\Flashget3.exe
PRC - [2010/04/08 03:47:42 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
PRC - [2010/03/08 03:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\aol\1281295862\ee\aolupdates.exe
PRC - [2010/03/08 03:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\aol\1281295862\ee\aolsoftware.exe
PRC - [2010/01/11 13:10:42 | 000,689,392 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\Verizon\VSP\ServicepointService.exe
PRC - [2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/13 21:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2007/12/17 03:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
PRC - [2007/05/28 12:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- D:\APPS\Alcohol 52\StarWind\StarWindServiceAE.exe
PRC - [2007/01/11 03:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
PRC - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe


========== Modules (SafeList) ==========

MOD - [2011/06/16 10:48:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/06/15 23:48:53 | 000,000,088 | -H-- | M] () [Auto | Stopped] -- C:\Users\Bill\AppData\Roaming\Plug.bat -- (Plug Manager)
SRV - [2011/06/15 23:48:17 | 000,000,085 | -H-- | M] () [Auto | Stopped] -- C:\Users\Bill\AppData\Roaming\MouseDriver.bat -- (MouseDriver)
SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/04/14 14:08:02 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2011/04/14 14:08:02 | 000,171,168 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/04/14 14:08:02 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\Mcafee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2010/10/20 15:29:51 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/04/14 17:47:40 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/04/08 03:47:42 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2010/04/08 03:47:42 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/04/08 03:47:42 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV - [2010/04/08 03:47:42 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/04/08 03:47:42 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/04/08 03:47:42 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2010/04/08 03:47:42 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2010/04/08 03:47:42 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/01/11 13:10:42 | 000,689,392 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files\Verizon\VSP\ServicepointService.exe -- (ServicepointService)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2007/12/17 03:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007/05/28 12:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- D:\APPS\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2007/01/11 03:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
SRV - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
SRV - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - [2011/06/16 03:32:49 | 000,229,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VMM.sys -- (vmm)
DRV - [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/04/14 14:08:02 | 000,387,480 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/04/14 14:08:02 | 000,314,088 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/04/14 14:08:02 | 000,165,032 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2011/04/14 14:08:02 | 000,153,280 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/04/14 14:08:02 | 000,095,824 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/04/14 14:08:02 | 000,084,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/04/14 14:08:02 | 000,064,584 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2011/04/14 14:08:02 | 000,056,064 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2011/04/14 14:08:02 | 000,052,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/04/09 14:14:37 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011/02/23 02:57:00 | 010,468,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/09/14 09:16:06 | 000,108,480 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010/08/12 13:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2010/05/10 14:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/03/17 16:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 16:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/02/24 06:22:10 | 000,185,472 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2010/02/17 14:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/12/30 13:21:16 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/10/22 13:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\50759292.sys -- (50759292)
DRV - [2009/10/22 13:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\32006462.sys -- (32006462)
DRV - [2009/10/09 23:31:02 | 000,311,312 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\5075929.sys -- (setup_9.0.0.722_11.04.2011_01-02drv)
DRV - [2009/09/25 17:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\50759291.sys -- (50759291)
DRV - [2009/09/25 17:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\32006461.sys -- (32006461)
DRV - [2009/07/13 21:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 21:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 21:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 19:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 19:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/13 18:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2008/07/08 13:54:02 | 000,148,496 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\64265123.sys -- (is-NFNKGdrv)
DRV - [2008/07/08 13:54:02 | 000,148,496 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\45580319.sys -- (is-4BCTNdrv)
DRV - [2008/02/05 01:50:44 | 000,059,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2007/09/19 21:37:48 | 000,041,456 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- D:\APPS\PowerDVD\000.fcl -- ({95808DC4-FA4A-4C74-92FE-5B863F82066B})
DRV - [2007/02/15 20:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2006/11/29 18:24:57 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {37483b40-c254-4a72-bda4-22ee90182c1e} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Bill\Desktop\The Adjustment Bureau
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 89 85 FE 83 F7 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/05/24 18:57:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/05/29 08:30:01 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2011/06/15 23:48:26 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\Mcafee\SystemCore\ScriptSn.20110510133449.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Bill\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - File not found
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers\YontooIEClient.dll (Yontoo Technology, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O4 - HKLM..\Run: [Flashget] File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [oeqvxfh] C:\Users\Bill\AppData\Roaming\s5sf.exe ()
O4 - HKLM..\Run: [TkBellExe] D:\APPS\real player sp\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Artisan 810(Network)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFRA.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [EPSON Artisan 810 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFRA.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [FlashGet 3] D:\APPS\Flashget\Flashget3.exe (Trend Media Corporation Limited)
O4 - HKCU..\Run: [uTorrent] D:\APPS\UTORRENT\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O4 - HKLM..\RunOnceEx: [Title] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Download All By FlashGet3 - C:\Users\Bill\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download By FlashGet3 - C:\Users\Bill\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\APPS\MS Office 2003 All in One\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\APPS\MS Office 2003 All in One\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - File not found
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - File not found
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.237.161.12
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{ab948413-62d5-11e0-b1a3-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{ab948413-62d5-11e0-b1a3-00038a000015}\Shell\AutoRun\command - "" = J:\StartUp.exe
O34 - HKLM BootExecute: (chkvdisk) - C:\Windows\System32\chkvdisk.exe (Windows ® 2000 DDK provider)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/16 10:48:40 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTL.exe
[2011/06/16 10:30:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
[2011/06/16 04:33:26 | 000,000,000 | ---D | C] -- C:\$WINDOWS.~LS
[2011/06/16 04:31:12 | 000,000,000 | ---D | C] -- C:\$UPGRADE.~OS
[2011/06/16 04:30:20 | 000,000,000 | ---D | C] -- C:\$WINDOWS.~BT
[2011/06/15 23:54:24 | 000,000,000 | ---D | C] -- C:\Users\Bill\Desktop\Music
[2011/06/15 19:56:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
[2011/06/15 19:48:21 | 000,000,000 | ---D | C] -- C:\Users\Bill\Calibre Library
[2011/06/15 19:48:08 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Roaming\calibre
[2011/06/12 14:09:44 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Roaming\uTorrent
[2011/06/12 14:09:26 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo Layers
[2011/06/12 14:09:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2011/06/11 11:27:16 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
[2011/05/29 20:31:18 | 000,000,000 | ---D | C] -- C:\Program Files\Shield
[2011/05/29 08:30:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2011/05/29 08:29:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[2011/05/23 17:44:57 | 000,000,000 | ---D | C] -- C:\Users\Bill\Documents\My Virtual Machines
[2011/05/23 17:41:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Virtual PC
[2011/05/20 18:38:08 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Roaming\Auslogics
[2011/05/20 18:38:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[2011/05/15 12:51:08 | 026,641,904 | ---- | C] (RealNetworks, Inc.) -- C:\Users\Bill\AppData\Roaming\RealPlayerSPGold.exe
[2010/08/08 17:34:00 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Bill\AppData\Roaming\pcouffin.sys
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2099/01/01 12:00:00 | 000,210,944 | ---- | M] () -- C:\Windows\System32\MSVCRT10.DLL
[2011/06/16 10:51:51 | 227,479,584 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.dat
[2011/06/16 10:48:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTL.exe
[2011/06/16 10:28:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/16 07:06:36 | 002,665,424 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.idx
[2011/06/16 04:37:28 | 000,002,724 | ---- | M] () -- C:\Windows\diagerr.xml
[2011/06/16 04:37:28 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011/06/16 04:33:26 | 000,000,002 | ---- | M] () -- C:\$UpgDrv$
[2011/06/16 03:45:12 | 000,625,616 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/16 03:45:12 | 000,107,032 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/15 23:49:01 | 000,001,122 | -H-- | M] () -- C:\Users\Bill\AppData\Roaming\mlog
[2011/06/15 23:48:53 | 000,000,088 | -H-- | M] () -- C:\Users\Bill\AppData\Roaming\Plug.bat
[2011/06/15 23:48:17 | 000,000,085 | -H-- | M] () -- C:\Users\Bill\AppData\Roaming\MouseDriver.bat
[2011/06/15 23:48:15 | 000,062,464 | ---- | M] () -- C:\Users\Bill\AppData\Roaming\s5sf.exe
[2011/06/12 15:44:34 | 000,001,175 | ---- | M] () -- C:\Users\Bill\AppData\Roaming\vso_ts_preview.xml
[2011/06/12 14:11:04 | 000,000,603 | ---- | M] () -- C:\Users\Bill\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/06/12 12:26:03 | 000,000,126 | -HS- | M] () -- C:\ProgramData\.zreglib
[2011/06/11 11:27:17 | 000,002,009 | ---- | M] () -- C:\Users\Bill\Desktop\Kindle.lnk
[2011/06/09 17:59:17 | 000,000,071 | ---- | M] () -- C:\Windows\PrintCD.INI
[2011/06/07 23:59:00 | 000,053,303 | ---- | M] () -- C:\Users\Bill\Documents\Amelia&EasterBunny2.jpg
[2011/06/05 17:57:37 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/05 17:57:37 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/01 13:23:47 | 000,366,992 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/05/29 18:30:40 | 000,000,891 | ---- | M] () -- C:\Windows\System32\secushr.dat
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/28 22:37:22 | 004,669,482 | ---- | M] () -- C:\Users\Bill\Documents\STRIPPER.wmv
[2011/05/19 19:18:01 | 008,973,948 | ---- | M] () -- C:\Users\Bill\Documents\HappyENDING.wmv
[2011/05/17 21:05:19 | 002,018,304 | ---- | M] () -- C:\Users\Bill\Documents\Invasion_of_Chinese_Products.pps
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/16 03:11:17 | 000,000,002 | ---- | C] () -- C:\$UpgDrv$
[2011/06/15 23:49:01 | 000,001,122 | -H-- | C] () -- C:\Users\Bill\AppData\Roaming\mlog
[2011/06/15 23:48:53 | 000,000,088 | -H-- | C] () -- C:\Users\Bill\AppData\Roaming\Plug.bat
[2011/06/15 23:48:17 | 000,000,085 | -H-- | C] () -- C:\Users\Bill\AppData\Roaming\MouseDriver.bat
[2011/06/15 23:48:16 | 000,062,464 | ---- | C] () -- C:\Users\Bill\AppData\Roaming\s5sf.exe
[2011/06/12 14:11:04 | 000,000,603 | ---- | C] () -- C:\Users\Bill\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/06/11 11:27:17 | 000,002,009 | ---- | C] () -- C:\Users\Bill\Desktop\Kindle.lnk
[2011/06/07 23:58:59 | 000,053,303 | ---- | C] () -- C:\Users\Bill\Documents\Amelia&EasterBunny2.jpg
[2011/05/28 22:36:19 | 004,669,482 | ---- | C] () -- C:\Users\Bill\Documents\STRIPPER.wmv
[2011/05/23 17:41:13 | 000,001,847 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Virtual PC.lnk
[2011/05/19 19:17:49 | 008,973,948 | ---- | C] () -- C:\Users\Bill\Documents\HappyENDING.wmv
[2011/05/17 21:05:15 | 002,018,304 | ---- | C] () -- C:\Users\Bill\Documents\Invasion_of_Chinese_Products.pps
[2011/05/15 14:34:30 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2011/05/14 12:27:07 | 000,000,035 | ---- | C] () -- C:\Windows\FULCRUM.INI
[2011/05/14 12:27:06 | 000,000,075 | ---- | C] () -- C:\Windows\CDHOME.INI
[2011/05/14 12:26:02 | 000,009,216 | ---- | C] () -- C:\Windows\System32\FTEH006W.DLL
[2011/05/14 12:26:02 | 000,007,168 | ---- | C] () -- C:\Windows\System32\FTEH006N.DLL
[2011/05/14 12:24:59 | 000,000,000 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/05/14 12:05:13 | 000,210,944 | ---- | C] () -- C:\Windows\System32\MSVCRT10.DLL
[2011/05/01 10:44:23 | 000,000,891 | ---- | C] () -- C:\Windows\System32\secushr.dat
[2011/04/10 13:39:25 | 227,434,528 | -HS- | C] () -- C:\Windows\System32\drivers\fidbox.dat
[2011/04/09 17:19:41 | 000,102,400 | ---- | C] () -- C:\Windows\RegBootClean.exe
[2011/04/09 17:09:37 | 000,000,036 | ---- | C] () -- C:\Users\Bill\AppData\Local\housecall.guid.cache
[2011/02/15 21:45:59 | 000,004,096 | -H-- | C] () -- C:\Users\Bill\AppData\Local\keyfile3.drm
[2011/01/02 18:45:50 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2011/01/01 18:23:13 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/01/01 18:23:13 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/12/28 21:38:29 | 000,000,000 | ---- | C] () -- C:\Windows\System32\dvdtest10024.dat
[2010/11/29 02:32:12 | 000,153,600 | ---- | C] () -- C:\Windows\System32\IS_ContextMenu.dll
[2010/11/28 18:53:27 | 000,000,380 | ---- | C] () -- C:\Windows\System32\secustat.dat
[2010/11/28 12:12:09 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010/11/17 13:42:03 | 000,000,126 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010/10/28 14:16:22 | 000,000,071 | ---- | C] () -- C:\Windows\PrintCD.INI
[2010/10/27 18:53:52 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2010/10/21 16:33:08 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/10/20 16:05:49 | 000,073,220 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010/10/20 16:05:49 | 000,015,670 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010/10/20 16:05:49 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010/10/20 16:05:49 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010/10/20 16:05:49 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010/10/20 16:05:49 | 000,001,137 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010/10/20 16:05:49 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010/10/20 16:05:49 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010/10/20 16:05:49 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010/10/20 16:05:49 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010/10/20 16:05:48 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010/10/20 16:05:48 | 000,029,114 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010/10/20 16:05:48 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010/10/20 16:05:48 | 000,021,021 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010/10/20 16:05:48 | 000,013,280 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010/10/20 16:05:48 | 000,010,673 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010/08/08 17:34:43 | 000,001,175 | ---- | C] () -- C:\Users\Bill\AppData\Roaming\vso_ts_preview.xml
[2010/08/08 17:34:00 | 000,087,608 | ---- | C] () -- C:\Users\Bill\AppData\Roaming\inst.exe
[2010/08/08 17:34:00 | 000,007,887 | ---- | C] () -- C:\Users\Bill\AppData\Roaming\pcouffin.cat
[2010/08/08 17:34:00 | 000,001,144 | ---- | C] () -- C:\Users\Bill\AppData\Roaming\pcouffin.inf
[2010/08/08 17:14:20 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/08/08 15:29:04 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,366,992 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,625,616 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,107,032 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 20:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2002/10/15 18:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll

========== LOP Check ==========

[2010/11/22 00:34:22 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\7art
[2011/02/03 23:25:00 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Amazon
[2011/05/20 18:38:08 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Auslogics
[2011/06/16 03:40:49 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\BITS
[2010/10/26 16:17:12 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Broken Sword 2.5
[2011/06/15 21:25:45 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\calibre
[2011/04/09 17:22:48 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\DAEMON Tools Lite
[2010/12/28 21:38:31 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\DVD-Cloner
[2010/11/08 00:43:08 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Epson
[2010/11/28 12:11:56 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\FlashGet
[2010/11/28 12:11:49 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\FlashGetBHO
[2011/04/05 15:00:53 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Fronoh
[2010/08/08 15:11:07 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Icons and Cursors
[2010/09/04 21:05:43 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\JAM Software
[2011/01/06 22:24:40 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\NCH Swift Sound
[2011/04/09 14:35:33 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\ProtectDISC
[2011/06/16 10:48:49 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\uTorrent
[2010/08/22 22:27:33 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\VitySoft
[2011/06/12 15:44:34 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Vso
[2010/11/22 15:53:24 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Webshots
[2011/06/08 11:39:53 | 000,032,636 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

I also found an OTL log report titles Extras. Not sure if you need it or not but here it is just in case.

OTL Extras logfile created on: 6/16/2011 10:50:28 AM - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Bill\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 66.89% Memory free
4.00 Gb Paging File | 2.83 Gb Available in Paging File | 70.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148.95 Gb Total Space | 81.98 Gb Free Space | 55.04% Space Free | Partition Type: NTFS
Drive D: | 101.44 Gb Total Space | 22.95 Gb Free Space | 22.62% Space Free | Partition Type: NTFS
Drive E: | 101.44 Gb Total Space | 38.05 Gb Free Space | 37.51% Space Free | Partition Type: NTFS
Drive I: | 30.01 Gb Total Space | 15.20 Gb Free Space | 50.65% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: BILLB | User Name: Bill | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\APPS\MS Office 2003 All in One\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\APPS\MS Office 2003 All in One\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\APPS\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\APPS\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\APPS\FlashGet\FlashGet3.exe" = D:\APPS\FlashGet\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)
"C:\Users\Bill\AppData\Roaming\s5sf.exe" = C:\Users\Bill\AppData\Roaming\s5sf.exe:*:Enabled:s5sf.exe -- ()
"C:\Users\Bill\AppData\Roaming\manager.exe" = C:\Users\Bill\AppData\Roaming\manager.exe:*:Enabled:manager.exe


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00F93853-D9D3-4795-A89E-84CCBA0205C9}" = Microsoft IntelliPoint 8.0
"{05DFD5AC-95C5-4391-8CCE-ECDD3D947EC3}" = calibre
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 21
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{47609E69-4C5E-48B1-A889-24C6B82B5C04}" = Vista Shortcut Manager
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager
"{4908C75E-E5E2-43F7-B1DF-023CBA831033}" = Nero 7 Ultra Edition
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{625386A4-B6B6-4911-A6E8-23189C3F2D15}" = Microsoft .NET Compact Framework 2.0 SP1
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.2.3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{705B639E-FAAF-40D7-AD58-C445321C7C3F}" = LightScribe System Software
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7BDD6642-76D6-49F7-9157-6100E5C75B97}" = Vz In Home Agent
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8679D366-D73F-4303-92F7-853B13C1F424}" = Microangelo On Display
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers 1.10.01
"{8F1A20DC-251D-47B0-91B7-DCA2523EE6C9}" = McAfee Virtual Technician
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A53BEB85-A538-4F93-BF0C-2D9770532D10}" = Lost Horizon
"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 267.24
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 267.24
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D16A31F9-276D-4968-A753-FFEAC56995D0}" = Epson Print CD
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.6.316
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{F99520C7-7EE6-472E-8DD8-E60003A9292F}" = WOT for Internet Explorer
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFFAE01B-466F-4C07-9821-A94FD753BDDA}" = EpsonNet Setup
"7-Zip" = 7-Zip 4.58 beta
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Amazon Kindle" = Amazon Kindle
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Art of Murder 3/EN-English_is1" = Art of Murder: Cards of Destiny
"Black Mirror 2_is1" = Black Mirror 2
"Broken Sword 2.5_is1" = Broken Sword 2.5
"Broken Sword: Shadow of the Templar's Directors Cut_is1" = Broken Sword: Shadow of the Templar's Directors Cut
"Browserhijackertubby Removal Tool_is1" = Browserhijackertubby Removal Tool
"CCleaner" = CCleaner (remove only)
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"conduitEngine" = Conduit Engine
"CSI - Fatal Conspiracy" = CSI - Fatal Conspiracy
"DirectVobSub" = DirectVobSub (remove only)
"DVD-Cloner 8_is1" = DVD-Cloner V8.00 Build 1001
"EPSON Artisan 810 Series" = EPSON Artisan 810 Series Printer Uninstall
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"Exterminate It!" = Exterminate It!
"FlashGet" = FlashGet 1.9.6.1073
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Gray Matter_is1" = Gray Matter
"HijackThis" = HijackThis 2.0.2
"InstallShield_{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD Ultra
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MSC" = Verizon Internet Security Suite
"NCH_EN Toolbar" = NCH EN Toolbar
"nfsFishWave New Free Screensaver_is1" = NewFreeScreensaver nfsFishWave
"NVIDIA Drivers" = NVIDIA Drivers
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Quick AVI MPEG Joiner v2.0_is1" = Quick AVI MPEG Joiner v2.0
"RadialpointClientGateway_is1" = Verizon Servicepoint 3.5.14
"RealPlayer 12.0" = RealPlayer
"RUNAWAY: A TWIST OF FATE (en)" = RUNAWAY: A TWIST OF FATE (English)
"SpywareBlaster_is1" = SpywareBlaster 4.4
"SubtitleWorkshop" = Subtitle Workshop 2.51
"Switch" = Switch Sound File Converter
"TreeSize Professional_is1" = TreeSize Professional 5.2.3
"uTorrent" = µTorrent
"Verizon Help and Support" = Verizon Help and Support Tool
"ViewpointMediaPlayer" = Viewpoint Media Player
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.5
"VobSub" = VobSub v2.23 (Remove Only)
"WinRAR archiver" = WinRAR archiver
"Xvid_is1" = Xvid 1.2.2 final uninstall

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

Error: Unable to start EventLog service!

< End of report >



Thanks in advance.

Help!!!!.

Bill

Edited by Gameman007, 16 June 2011 - 09:45 AM.

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hmm an intriguing case - OK lets remove the malware and see what a fresh OTL scan says

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    SRV - [2011/06/15 23:48:53 | 000,000,088 | -H-- | M] () [Auto | Stopped] -- C:\Users\Bill\AppData\Roaming\Plug.bat -- (Plug Manager)
    SRV - [2011/06/15 23:48:17 | 000,000,085 | -H-- | M] () [Auto | Stopped] -- C:\Users\Bill\AppData\Roaming\MouseDriver.bat -- (MouseDriver)
    O4 - HKLM..\Run: [oeqvxfh] C:\Users\Bill\AppData\Roaming\s5sf.exe ()
    O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
    O4 - HKLM..\RunOnceEx: [Title] File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
    [2011/06/15 23:49:01 | 000,001,122 | -H-- | M] () -- C:\Users\Bill\AppData\Roaming\mlog
    [2011/06/15 23:48:53 | 000,000,088 | -H-- | M] () -- C:\Users\Bill\AppData\Roaming\Plug.bat
    [2011/06/15 23:48:17 | 000,000,085 | -H-- | M] () -- C:\Users\Bill\AppData\Roaming\MouseDriver.bat
    [2011/06/15 23:48:15 | 000,062,464 | ---- | M] () -- C:\Users\Bill\AppData\Roaming\s5sf.exe

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN


  • Run OTL.
  • Select All Users
  • Under the Custom Scan box paste this in

    netsvcs
    %SYSTEMDRIVE%\*.exe
    %USERPROFILE%\..|smtmp;true;true;true /FP
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    %systemroot%\*. /mp /s
    hklm\software\clients\startmenuinternet|command /rs
    CREATERESTOREPOINT

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • Post both logs

FINALLY

Download aswMBR.exe ( 567KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image
  • 0

#3
Gameman007

Gameman007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Thanks Essexboy, I can see all the E: drive files and directories in Windows Explorer now. OTL after fix

OTL logfile created on: 6/16/2011 2:16:10 PM - Run 2
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Bill\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.24 Gb Available Physical Memory | 62.00% Memory free
4.00 Gb Paging File | 2.91 Gb Available in Paging File | 72.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148.95 Gb Total Space | 81.99 Gb Free Space | 55.05% Space Free | Partition Type: NTFS
Drive D: | 101.44 Gb Total Space | 22.95 Gb Free Space | 22.62% Space Free | Partition Type: NTFS
Drive E: | 101.44 Gb Total Space | 38.05 Gb Free Space | 37.51% Space Free | Partition Type: NTFS
Drive I: | 30.01 Gb Total Space | 15.20 Gb Free Space | 50.65% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: BILLB | User Name: Bill | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Bill\Desktop\OTL.exe (OldTimer Tools)
PRC - D:\APPS\UTORRENT\uTorrent.exe (BitTorrent, Inc.)
PRC - D:\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - D:\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - D:\APPS\real player sp\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\Mcafee\SystemCore\mfevtps.exe (McAfee, Inc.)
PRC - C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation)
PRC - C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - D:\APPS\Flashget\Flashget3.exe (Trend Media Corporation Limited)
PRC - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Program Files\Verizon\VSP\ServicepointService.exe (Radialpoint Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION)
PRC - D:\APPS\Alcohol 52\StarWind\StarWindServiceAE.exe (Rocket Division Software)
PRC - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe (SEIKO EPSON CORPORATION)


========== Modules (SafeList) ==========

MOD - C:\Users\Bill\Desktop\OTL.exe (OldTimer Tools)
MOD - c:\Program Files\McAfee\SiteAdvisor\sahook.dll (McAfee, Inc.)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (MBAMService) -- D:\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (mfevtp) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfevtps.exe (McAfee, Inc.)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McOobeSv) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (ServicepointService) -- C:\Program Files\Verizon\VSP\ServicepointService.exe (Radialpoint Inc.)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (EPSON_EB_RPCV4_01) EPSON V5 Service4(01) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION)
SRV - (StarWindServiceAE) -- D:\APPS\Alcohol 52\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
SRV - (EpsonBidirectionalService) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe (SEIKO EPSON CORPORATION)
SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC)


========== Driver Services (SafeList) ==========

DRV - (vmm) -- C:\Windows\System32\drivers\VMM.sys (Microsoft Corporation)
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (mfehidk) -- C:\Windows\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfewfpk) -- C:\Windows\system32\drivers\mfewfpk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\Windows\System32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfenlfk) -- C:\Windows\System32\drivers\mfenlfk.sys (McAfee, Inc.)
DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (NVNET) -- C:\Windows\System32\drivers\nvmf6232.sys (NVIDIA Corporation)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (MREMP50) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (Revoflt) -- C:\Windows\System32\drivers\revoflt.sys (VS Revo Group)
DRV - (50759292) -- C:\Windows\system32\DRIVERS\50759292.sys (Kaspersky Lab)
DRV - (32006462) -- C:\Windows\system32\DRIVERS\32006462.sys (Kaspersky Lab)
DRV - (setup_9.0.0.722_11.04.2011_01-02drv) -- C:\Windows\System32\drivers\5075929.sys (Kaspersky Lab)
DRV - (50759291) -- C:\Windows\System32\drivers\50759291.sys (Kaspersky Lab)
DRV - (32006461) -- C:\Windows\System32\drivers\32006461.sys (Kaspersky Lab)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (is-NFNKGdrv) -- C:\Windows\System32\drivers\64265123.sys (Kaspersky Lab)
DRV - (is-4BCTNdrv) -- C:\Windows\System32\drivers\45580319.sys (Kaspersky Lab)
DRV - (VPCNetS2) -- C:\Windows\System32\drivers\VMNetSrv.sys (Microsoft Corporation)
DRV - ({95808DC4-FA4A-4C74-92FE-5B863F82066B}) -- D:\APPS\PowerDVD\000.fcl (Cyberlink Corp.)
DRV - (ElbyCDFL) -- C:\Windows\System32\drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (wanatw) WAN Miniport (ATW) -- C:\Windows\System32\drivers\wanatw4.sys (America Online, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {37483b40-c254-4a72-bda4-22ee90182c1e} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Bill\Desktop\The Adjustment Bureau
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 89 85 FE 83 F7 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/05/24 18:57:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/05/29 08:30:01 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2011/06/16 14:11:03 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\Mcafee\SystemCore\ScriptSn.20110510133449.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Bill\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - File not found
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers\YontooIEClient.dll (Yontoo Technology, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O4 - HKLM..\Run: [Flashget] File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [TkBellExe] D:\APPS\real player sp\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Artisan 810(Network)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFRA.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [EPSON Artisan 810 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFRA.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [FlashGet 3] D:\APPS\Flashget\Flashget3.exe (Trend Media Corporation Limited)
O4 - HKCU..\Run: [uTorrent] D:\APPS\UTORRENT\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Download All By FlashGet3 - C:\Users\Bill\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download By FlashGet3 - C:\Users\Bill\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\APPS\MS Office 2003 All in One\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\APPS\MS Office 2003 All in One\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - File not found
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - File not found
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.237.161.12
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{ab948413-62d5-11e0-b1a3-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{ab948413-62d5-11e0-b1a3-00038a000015}\Shell\AutoRun\command - "" = J:\StartUp.exe
O34 - HKLM BootExecute: (chkvdisk) - C:\Windows\System32\chkvdisk.exe (Windows ® 2000 DDK provider)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/16 14:14:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
[2011/06/16 14:11:02 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/16 11:35:38 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTL.exe
[2011/06/16 04:33:26 | 000,000,000 | ---D | C] -- C:\$WINDOWS.~LS
[2011/06/16 04:31:12 | 000,000,000 | ---D | C] -- C:\$UPGRADE.~OS
[2011/06/16 04:30:20 | 000,000,000 | ---D | C] -- C:\$WINDOWS.~BT
[2011/06/15 23:54:24 | 000,000,000 | ---D | C] -- C:\Users\Bill\Desktop\Music
[2011/06/15 19:56:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
[2011/06/15 19:48:21 | 000,000,000 | ---D | C] -- C:\Users\Bill\Calibre Library
[2011/06/15 19:48:08 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Roaming\calibre
[2011/06/12 14:09:44 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Roaming\uTorrent
[2011/06/12 14:09:26 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo Layers
[2011/06/12 14:09:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2011/06/11 11:27:16 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
[2011/05/29 20:31:18 | 000,000,000 | ---D | C] -- C:\Program Files\Shield
[2011/05/29 08:30:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2011/05/29 08:29:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[2011/05/23 17:44:57 | 000,000,000 | ---D | C] -- C:\Users\Bill\Documents\My Virtual Machines
[2011/05/23 17:41:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Virtual PC
[2011/05/20 18:38:08 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Roaming\Auslogics
[2011/05/20 18:38:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[2011/05/15 12:51:08 | 026,641,904 | ---- | C] (RealNetworks, Inc.) -- C:\Users\Bill\AppData\Roaming\RealPlayerSPGold.exe
[2010/08/08 17:34:00 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Bill\AppData\Roaming\pcouffin.sys
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2099/01/01 12:00:00 | 000,210,944 | ---- | M] () -- C:\Windows\System32\MSVCRT10.DLL
[2011/06/16 14:19:14 | 228,169,760 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.dat
[2011/06/16 14:12:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/16 14:11:57 | 002,676,392 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.idx
[2011/06/16 14:11:03 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/06/16 11:35:38 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTL.exe
[2011/06/16 04:37:28 | 000,002,724 | ---- | M] () -- C:\Windows\diagerr.xml
[2011/06/16 04:37:28 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011/06/16 04:33:26 | 000,000,002 | ---- | M] () -- C:\$UpgDrv$
[2011/06/16 03:45:12 | 000,625,616 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/16 03:45:12 | 000,107,032 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/12 15:44:34 | 000,001,175 | ---- | M] () -- C:\Users\Bill\AppData\Roaming\vso_ts_preview.xml
[2011/06/12 14:11:04 | 000,000,603 | ---- | M] () -- C:\Users\Bill\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/06/12 12:26:03 | 000,000,126 | -HS- | M] () -- C:\ProgramData\.zreglib
[2011/06/11 11:27:17 | 000,002,009 | ---- | M] () -- C:\Users\Bill\Desktop\Kindle.lnk
[2011/06/09 17:59:17 | 000,000,071 | ---- | M] () -- C:\Windows\PrintCD.INI
[2011/06/07 23:59:00 | 000,053,303 | ---- | M] () -- C:\Users\Bill\Documents\Amelia&EasterBunny2.jpg
[2011/06/05 17:57:37 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/05 17:57:37 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/01 13:23:47 | 000,366,992 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/05/29 18:30:40 | 000,000,891 | ---- | M] () -- C:\Windows\System32\secushr.dat
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/28 22:37:22 | 004,669,482 | ---- | M] () -- C:\Users\Bill\Documents\STRIPPER.wmv
[2011/05/19 19:18:01 | 008,973,948 | ---- | M] () -- C:\Users\Bill\Documents\HappyENDING.wmv
[2011/05/17 21:05:19 | 002,018,304 | ---- | M] () -- C:\Users\Bill\Documents\Invasion_of_Chinese_Products.pps
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/16 03:11:17 | 000,000,002 | ---- | C] () -- C:\$UpgDrv$
[2011/06/12 14:11:04 | 000,000,603 | ---- | C] () -- C:\Users\Bill\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/06/11 11:27:17 | 000,002,009 | ---- | C] () -- C:\Users\Bill\Desktop\Kindle.lnk
[2011/06/07 23:58:59 | 000,053,303 | ---- | C] () -- C:\Users\Bill\Documents\Amelia&EasterBunny2.jpg
[2011/05/28 22:36:19 | 004,669,482 | ---- | C] () -- C:\Users\Bill\Documents\STRIPPER.wmv
[2011/05/23 17:41:13 | 000,001,847 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Virtual PC.lnk
[2011/05/19 19:17:49 | 008,973,948 | ---- | C] () -- C:\Users\Bill\Documents\HappyENDING.wmv
[2011/05/17 21:05:15 | 002,018,304 | ---- | C] () -- C:\Users\Bill\Documents\Invasion_of_Chinese_Products.pps
[2011/05/15 14:34:30 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2011/05/14 12:27:07 | 000,000,035 | ---- | C] () -- C:\Windows\FULCRUM.INI
[2011/05/14 12:27:06 | 000,000,075 | ---- | C] () -- C:\Windows\CDHOME.INI
[2011/05/14 12:26:02 | 000,009,216 | ---- | C] () -- C:\Windows\System32\FTEH006W.DLL
[2011/05/14 12:26:02 | 000,007,168 | ---- | C] () -- C:\Windows\System32\FTEH006N.DLL
[2011/05/14 12:24:59 | 000,000,000 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/05/14 12:05:13 | 000,210,944 | ---- | C] () -- C:\Windows\System32\MSVCRT10.DLL
[2011/05/01 10:44:23 | 000,000,891 | ---- | C] () -- C:\Windows\System32\secushr.dat
[2011/04/10 13:39:25 | 228,151,328 | -HS- | C] () -- C:\Windows\System32\drivers\fidbox.dat
[2011/04/09 17:19:41 | 000,102,400 | ---- | C] () -- C:\Windows\RegBootClean.exe
[2011/04/09 17:09:37 | 000,000,036 | ---- | C] () -- C:\Users\Bill\AppData\Local\housecall.guid.cache
[2011/02/15 21:45:59 | 000,004,096 | -H-- | C] () -- C:\Users\Bill\AppData\Local\keyfile3.drm
[2011/01/02 18:45:50 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2011/01/01 18:23:13 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/01/01 18:23:13 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/12/28 21:38:29 | 000,000,000 | ---- | C] () -- C:\Windows\System32\dvdtest10024.dat
[2010/11/29 02:32:12 | 000,153,600 | ---- | C] () -- C:\Windows\System32\IS_ContextMenu.dll
[2010/11/28 18:53:27 | 000,000,380 | ---- | C] () -- C:\Windows\System32\secustat.dat
[2010/11/28 12:12:09 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010/11/17 13:42:03 | 000,000,126 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010/10/28 14:16:22 | 000,000,071 | ---- | C] () -- C:\Windows\PrintCD.INI
[2010/10/27 18:53:52 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2010/10/21 16:33:08 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/10/20 16:05:49 | 000,073,220 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010/10/20 16:05:49 | 000,015,670 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010/10/20 16:05:49 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010/10/20 16:05:49 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010/10/20 16:05:49 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010/10/20 16:05:49 | 000,001,137 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010/10/20 16:05:49 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010/10/20 16:05:49 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010/10/20 16:05:49 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010/10/20 16:05:49 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010/10/20 16:05:48 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010/10/20 16:05:48 | 000,029,114 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010/10/20 16:05:48 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010/10/20 16:05:48 | 000,021,021 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010/10/20 16:05:48 | 000,013,280 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010/10/20 16:05:48 | 000,010,673 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010/08/08 17:34:43 | 000,001,175 | ---- | C] () -- C:\Users\Bill\AppData\Roaming\vso_ts_preview.xml
[2010/08/08 17:34:00 | 000,087,608 | ---- | C] () -- C:\Users\Bill\AppData\Roaming\inst.exe
[2010/08/08 17:34:00 | 000,007,887 | ---- | C] () -- C:\Users\Bill\AppData\Roaming\pcouffin.cat
[2010/08/08 17:34:00 | 000,001,144 | ---- | C] () -- C:\Users\Bill\AppData\Roaming\pcouffin.inf
[2010/08/08 17:14:20 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/08/08 15:29:04 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,366,992 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,625,616 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,107,032 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 20:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2002/10/15 18:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll

========== LOP Check ==========

[2010/11/22 00:34:22 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\7art
[2011/02/03 23:25:00 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Amazon
[2011/05/20 18:38:08 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Auslogics
[2011/06/16 03:40:49 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\BITS
[2010/10/26 16:17:12 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Broken Sword 2.5
[2011/06/15 21:25:45 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\calibre
[2011/04/09 17:22:48 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\DAEMON Tools Lite
[2010/12/28 21:38:31 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\DVD-Cloner
[2010/11/08 00:43:08 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Epson
[2010/11/28 12:11:56 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\FlashGet
[2010/11/28 12:11:49 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\FlashGetBHO
[2011/04/05 15:00:53 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Fronoh
[2010/08/08 15:11:07 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Icons and Cursors
[2010/09/04 21:05:43 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\JAM Software
[2011/01/06 22:24:40 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\NCH Swift Sound
[2011/04/09 14:35:33 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\ProtectDISC
[2011/06/16 14:12:51 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\uTorrent
[2010/08/22 22:27:33 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\VitySoft
[2011/06/12 15:44:34 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Vso
[2010/11/22 15:53:24 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Webshots
[2011/06/08 11:39:53 | 000,032,636 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >
  • 0

#4
Gameman007

Gameman007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
That second all user OTL is taking forever to run
  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How many users on your system ?
  • 0

#6
Gameman007

Gameman007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
3, myself, systm and admin (all actually me but it's set as separate users, System, BillB and admin
  • 0

#7
Gameman007

Gameman007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
It's doing a manual scan of all users application data
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK that was in case the malware had hidden your files in the temporary folders

%USERPROFILE%\..|smtmp;true;true;true /FP

This is the script element. If you wish you can stop OTL seeing as the files and folders have returned after the first run.


Then let me know what the current problems are :)
  • 0

#9
Gameman007

Gameman007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
The thing stopped and I didn't gt a log file. As I see everything for the E:drive in Windows Explorer do you think it's necessary to do anything else?
  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Do you have any other problems ?

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
  • 0

Advertisements


#11
Gameman007

Gameman007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
No the only probllem I had was the E: drive one. I ran Malwarebyts before I posted here and it found nothing so is it necesssary to run and post it? If not thanks for all your help and solving this mess for me.

Regards,

Bill

P.S. Just out of curiosity what was it that caused this problem?

Edited by Gameman007, 16 June 2011 - 03:23 PM.

  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
The malware name is unknown at the moment but I believe it to be related to the hard drive failure malware family, but it did not get a good grip on your system

Subject to no further problems :yes:

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :)

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version

SPRING CLEAN

To manually create a new Restore Point

  • Go to Control Panel and select System
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

Now we can purge the infected ones

  • GoStart > All programs > Accessories > system tools
  • Right click Disc cleanup an select run as administrator
  • Select Your main drive and accept the warning if you get one
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Posted Image Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?
Keep safe :unsure:
  • 0

#13
Gameman007

Gameman007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Thanks for all your help Essexboy. I don't use System Restore. I have a program I got a while back RollbackRX. The advantages of this program are as follows: With System Restore if you can't boot into Windows due to Malware you're kind of dead, but with Rollback this is not the case as it comes up right at the start of the boot process before Windows actually starts loading and you can then access your restore points and send the computer back to an earlier time (like System Restore but better as you don't need to be in Windows to use it. It's saved me a few times with sluggish system problems, popup problems, etc. Thanks again.

Regards,

Bill
  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hmm just had a look at that and I think I will investigate further :)
  • 0

#15
Gameman007

Gameman007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Hi Essexboy

I think it would be a great investment. It's one of the best system restore programs there is and the customer service is great (can call 24/7 and also speak with a live rep on the computer also). The only drawback is it has a tendency to use huge amounts of drive space. However if you don't have any specific problems you can uninstall and then reinstall and the drive will read the space it really has. If you have a problem then just select a restore point point to go back to and after it sets the computer to the pont you told it to go to then do the uninstall and reinstall. It also has a 30 day trial if you want to try it out. When I had the problem you helped me with I had uninstalled it and then got the virus or whatever it was before I had a chance to reinstall it, thus the problem otherwise I could have gone baackwards and had it solved by Rollback. So far the comput is working great and faster ten it was before the problem. Thanks again,

Regards,

Bill

Edited by Gameman007, 17 June 2011 - 06:44 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP