Help!

View previous topic View next topic Go down

Help!

Post by BlackCube on Thu Nov 04, 2010 12:21 pm

I am a complete noob at this so please pardon me if I don't get some stuff right =|
Running on windows xp

Erm so...... my situation right now is that
- windows(normally game ads w/ audio & those 'lucky draw/lottery/you win!' ads) open up for no apparent reason
-volume settings go down for no reason....(not master volume but erm.. the wave setting)
-2 iexplorer.exe processes always appear even though I don't have IE on. When I try to end iexplorer.exe, it just restarts itself (smth along those lines)

Started happening about roughly 1 week back

Here's my log:
OTL.txt
OTL logfile created on: 11/4/2010 7:46:42 PM - Run 1
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Documents and Settings\Default\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

702.00 Mb Total Physical Memory | 303.00 Mb Available Physical Memory | 43.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 55.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 20.19 Gb Free Space | 27.09% Space Free | Partition Type: NTFS

Computer Name: FABIAN | User Name: Default | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/04 19:41:32 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Default\Desktop\OTL.com
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/07/06 22:01:16 | 002,634,048 | ---- | M] (Veoh Networks) -- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
PRC - [2010/03/22 08:35:18 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/01/15 20:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/11/25 07:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Avast\ashDisp.exe
PRC - [2009/11/25 07:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Avast\ashServ.exe
PRC - [2009/11/25 07:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Avast\ashWebSv.exe
PRC - [2009/11/25 07:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Avast\aswUpdSv.exe
PRC - [2009/08/22 18:31:06 | 005,148,672 | ---- | M] () -- C:\Program Files\Rainlendar2\Rainlendar2.exe
PRC - [2009/04/28 11:33:12 | 002,374,464 | ---- | M] (Agnitum Ltd.) -- C:\Program Files\Outpost Firewall\op_mon.exe
PRC - [2009/04/28 10:06:06 | 001,195,008 | ---- | M] (Agnitum Ltd.) -- C:\Program Files\Outpost Firewall\acs.exe
PRC - [2008/04/14 08:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/25 16:33:22 | 000,563,984 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
PRC - [2007/10/25 16:32:58 | 000,407,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2007/10/19 13:19:22 | 000,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2007/10/19 13:17:28 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVCOMSER\LVComSer.exe
PRC - [2005/10/08 16:27:48 | 000,155,648 | ---- | M] () -- C:\Program Files\Razer\Copperhead\razerhid.exe
PRC - [2005/07/22 15:02:46 | 000,159,744 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\Copperhead\razerofa.exe
PRC - [2005/04/30 10:50:46 | 000,278,528 | ---- | M] (InterVideo Inc.) -- C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
PRC - [2005/04/07 07:03:28 | 000,110,592 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
PRC - [2005/01/28 10:16:58 | 000,856,064 | ---- | M] (Nero AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe
PRC - [2005/01/28 00:17:31 | 001,381,376 | ---- | M] (Nero AG) -- C:\Program Files\Ahead\InCD\InCD.exe


========== Modules (SafeList) ==========

MOD - [2010/11/04 19:41:32 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Default\Desktop\OTL.com
MOD - [2009/04/28 10:05:56 | 000,715,264 | ---- | M] (Agnitum Ltd.) -- c:\Program Files\Outpost Firewall\wl_hook.dll
MOD - [2007/10/19 13:19:10 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcInj.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\qmgr.dll -- (BITS)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/09/30 16:53:39 | 000,015,224 | ---- | M] (PIPI) [Auto | Stopped] -- C:\Program Files\pipi\PIPIStartSvr.exe -- (PIPIStartSvr)
SRV - [2010/09/01 15:52:56 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/01/15 20:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/11/25 07:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Avast\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/25 07:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Avast\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/25 07:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Avast\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/25 07:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Avast\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/11/13 01:08:00 | 003,403,420 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009/04/28 10:06:06 | 001,195,008 | ---- | M] (Agnitum Ltd.) [Auto | Running] -- C:\Program Files\Outpost Firewall\acs.exe -- (acssrv)
SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/10/19 13:21:16 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\logishrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007/10/19 13:19:22 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007/10/19 13:17:28 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2005/04/07 07:03:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service)
SRV - [2005/01/28 10:16:58 | 000,856,064 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrvR) InCD Helper (read only)
SRV - [2005/01/28 10:16:58 | 000,856,064 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Default\My Documents\Fabian\Maple Story\zenos\zenos\zenos.sys -- (zenos1)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XTrapD12.sys -- (XTrapD12)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Default\My Documents\Fabian\Maple Story\xpengine\xpengine\xp.sys -- (xp1)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva332.sys -- (XDva332)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva202.sys -- (XDva202)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva132.sys -- (XDva132)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva121.sys -- (XDva121)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva104.sys -- (XDva104)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva039.sys -- (XDva039)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva037.sys -- (XDva037)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva033.sys -- (XDva033)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva030.sys -- (XDva030)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva028.sys -- (XDva028)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva011.sys -- (XDva011)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\WIZET\MapleStory\npkcusb.sys -- (npkcusb)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\WIZET\MapleStory\npkcrypt.sys -- (npkcrypt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\neokdss.sys -- (neokdss)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena\plugins\UI\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Default\My Documents\Fabian\Maple Story\Buffy Engine 2\Buffy Engine\nvid888.sys -- (geebers12)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Cheat Engine\dbk32.sys -- (CEDRIVER53)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Default\My Documents\Fabian\Maple Story\Maple- bagayengine\bagayengine\6\ba.sys -- (ba1)
DRV - [2010/09/11 18:17:49 | 000,025,616 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Default\Local Settings\Temp\QWB9F.tmp -- (GarenaPEngine)
DRV - [2010/04/19 20:29:20 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2009/11/25 07:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/11/25 07:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/11/25 07:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/11/25 07:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/11/25 07:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/11/25 07:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/10/13 17:50:00 | 000,133,632 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Mkd2kfNT.sys -- (Mkd2kfNt)
DRV - [2009/09/23 10:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/07/13 17:37:00 | 000,079,360 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
DRV - [2009/06/22 19:38:18 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/06/22 19:24:48 | 000,100,480 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009/04/07 09:39:44 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/04/06 11:37:12 | 000,704,384 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SandBox.sys -- (SandBox)
DRV - [2009/02/18 17:30:56 | 000,031,128 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afw.sys -- (afw)
DRV - [2009/02/10 16:15:42 | 000,257,432 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afwcore.sys -- (afwcore)
DRV - [2008/04/14 00:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/01/16 02:44:00 | 000,109,568 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrmdmc.sys -- (zebrmdmc) Sony Ericsson mRouter Port (WDM)
DRV - [2008/01/16 02:44:00 | 000,109,568 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrmdm.sys -- (zebrmdm) Sony Ericsson Port (WDM)
DRV - [2008/01/16 02:44:00 | 000,083,200 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrbus.sys -- (zebrbus)
DRV - [2008/01/16 02:44:00 | 000,014,848 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrmdfl.sys -- (zebrmdfl)
DRV - [2008/01/14 18:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2007/10/19 13:16:30 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2007/10/12 17:00:44 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/10/12 09:56:20 | 000,490,776 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - [2007/10/11 18:59:24 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007/10/11 18:59:02 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/07/03 16:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007/07/03 16:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007/07/03 16:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2006/02/21 08:59:36 | 000,083,344 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810obex.sys -- (w810obex)
DRV - [2006/02/21 08:59:34 | 000,094,064 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810mdm.sys -- (w810mdm)
DRV - [2006/02/21 08:59:34 | 000,085,408 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810mgmt.sys -- (w810mgmt) Sony Ericsson W810 USB WMC Device Management Drivers (WDM)
DRV - [2006/02/21 08:59:32 | 000,008,336 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810mdfl.sys -- (w810mdfl)
DRV - [2006/02/21 08:59:28 | 000,058,288 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810bus.sys -- (w810bus) Sony Ericsson W810 Driver driver (WDM)
DRV - [2005/10/19 05:15:42 | 004,034,048 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/08/31 13:42:36 | 001,333,760 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/08/25 04:56:28 | 000,074,752 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005/08/12 10:11:10 | 000,019,020 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Razerlow.sys -- (Razerlow)
DRV - [2005/07/15 21:50:40 | 000,085,952 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w550obex.sys -- (w550obex)
DRV - [2005/07/15 21:48:40 | 000,096,672 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w550mdm.sys -- (w550mdm)
DRV - [2005/07/15 21:48:34 | 000,008,336 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w550mdfl.sys -- (w550mdfl)
DRV - [2005/07/15 21:47:30 | 000,060,928 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w550bus.sys -- (w550bus) Sony Ericsson W550 driver (WDM)
DRV - [2005/06/01 06:40:20 | 000,020,480 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2005/06/01 00:42:28 | 000,023,000 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2005/05/01 05:50:20 | 000,011,860 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2005/05/01 05:50:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2005/05/01 05:48:58 | 000,010,804 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT)
DRV - [2005/03/26 08:18:48 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2005/01/28 10:08:02 | 000,099,200 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2005/01/28 10:07:34 | 000,028,928 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2005/01/28 00:07:28 | 000,027,776 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)
DRV - [2005/01/13 11:28:04 | 000,116,224 | ---- | M] (InterVideo) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IviUdf.sys -- (iviudf)
DRV - [2005/01/12 21:29:28 | 000,038,784 | ---- | M] (InterVideo) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ivicd.sys -- (ivicd)
DRV - [2004/12/17 07:32:54 | 000,013,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BTNetFilter.sys -- (BTNetFilter)
DRV - [2004/10/20 04:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
DRV - [2004/08/04 06:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/05/13 02:07:38 | 000,036,484 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SMBios.sys -- (SMBios) Intel (R)
DRV - [2003/12/27 00:48:14 | 000,010,752 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi)
DRV - [2003/09/19 16:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0.0.07103010
FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:3.5
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.5
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9
FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=megaup&p="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/04 01:53:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/04 19:34:26 | 000,000,000 | ---D | M]

[2008/09/22 14:29:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default\Application Data\Mozilla\Extensions
[2010/11/04 19:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default\Application Data\Mozilla\Firefox\Profiles\fhxegpvm.default\extensions
[2010/10/03 19:19:51 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\Default\Application Data\Mozilla\Firefox\Profiles\fhxegpvm.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2010/10/07 00:20:38 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\Default\Application Data\Mozilla\Firefox\Profiles\fhxegpvm.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2010/09/07 23:01:59 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Documents and Settings\Default\Application Data\Mozilla\Firefox\Profiles\fhxegpvm.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2010/11/04 19:39:36 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Default\Application Data\Mozilla\Firefox\Profiles\fhxegpvm.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/02/10 10:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default\Application Data\Mozilla\Firefox\Profiles\fhxegpvm.default\extensions\moveplayer@movenetworks.com
[2010/09/07 23:01:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default\Application Data\Mozilla\Firefox\Profiles\fhxegpvm.default\extensions\YoutubeDownloader@PeterOlayev.com
[2010/11/04 19:39:40 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/04 19:34:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/08/24 17:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010/11/04 19:34:11 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2007/11/23 01:50:49 | 001,193,952 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files\Mozilla Firefox\plugins\NpFv41629.dll
[2008/11/22 17:44:21 | 001,271,760 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files\Mozilla Firefox\plugins\NpFv501.dll
[2009/07/03 00:34:44 | 000,083,376 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
[2008/09/10 15:39:42 | 000,075,184 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
[2008/01/11 02:26:06 | 000,131,072 | ---- | M] (MGame) -- C:\Program Files\Mozilla Firefox\plugins\NPMFireLauncher.dll
[2010/03/28 22:23:01 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
[2010/08/01 00:45:31 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/08/01 00:45:31 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/08/01 00:45:31 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/08/01 00:45:31 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

Hosts file not found
O2 - BHO: (Yahoo! Companion BHO) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PIPI Link Helper) - {1A3440C6-F123-4CAB-84EE-C814E1AE0D8F} - C:\Program Files\pipi\JfCheck.dll (PIPI Tech.)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.8.11.dll (BitComet)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Avast\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Outpost Firewall\feedback.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [OutpostMonitor] C:\Program Files\Outpost Firewall\op_mon.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe ()
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (Sony Ericsson Mobile Communications AB)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKLM..\Run: [WINCINEMAMGR] C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
O4 - HKCU..\Run: [ooVoo.exe] C:\Program Files\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe ()
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe File not found
O4 - HKCU..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - HKCU..\Run: [Vidalia] C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe File not found
O4 - HKLM..\RunOnce: [Uninstall Adobe Download Manager] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Imation Flash Detect.lnk = C:\Documents and Settings\Default\Local Settings\Application Data\Imation\IFM\Imation Flash Detect.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\Default\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe ([You must be registered and logged in to see this link.]
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe ([You must be registered and logged in to see this link.]
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.8.11.dll (BitComet)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [You must be registered and logged in to see this link.] (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} [You must be registered and logged in to see this link.] (Shockwave ActiveX Control)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} [You must be registered and logged in to see this link.] (Checkers Class)
O16 - DPF: {36E5F486-B4EF-4D21-85E0-C58EBAA81A30} [You must be registered and logged in to see this link.] (WebCtl Class)
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} [You must be registered and logged in to see this link.] (EGamesPlugin Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} [You must be registered and logged in to see this link.] (UnoCtrl Class)
O16 - DPF: {7C5D062A-7A1E-4A46-A02B-A928084CBD66} [You must be registered and logged in to see this link.] (MLauncherNew Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_22)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} [You must be registered and logged in to see this link.] (MessengerStatsClient Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} [You must be registered and logged in to see this link.] (Crucial cpcScan)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} [You must be registered and logged in to see this link.] (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_22)
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {CEAF43B1-E8C1-426D-A63C-92C71212E6E5} [You must be registered and logged in to see this link.] (PlayerCue Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} [You must be registered and logged in to see this link.] (Logout Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (get_atlcom Class)
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F557} [You must be registered and logged in to see this link.] (Flatcast Viewer 5.0)
O16 - DPF: {F0320816-41D9-49DD-B2F3-8E7B0AE32796} [You must be registered and logged in to see this link.] (AFCStarter Control)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} [You must be registered and logged in to see this link.] (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~1\outpos~1\wl_hook.dll) - c:\Program Files\Outpost Firewall\wl_hook.dll (Agnitum Ltd.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Default\Desktop\SICA.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Default\Desktop\SICA.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/07/24 10:29:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/08/13 22:22:10 | 000,000,000 | RHSD | M] - C:\AutoProtect -- [ NTFS ]
O33 - MountPoints2\{1693f325-2361-11db-a892-0016767082b1}\Shell\AutoRun\command - "" = E:\AutoRun\AutoStart.exe -- File not found
O33 - MountPoints2\{1693f325-2361-11db-a892-0016767082b1}\Shell\Explore\Command - "" = E:\AutoRun\AutoStart.exe -- File not found
O33 - MountPoints2\{1693f325-2361-11db-a892-0016767082b1}\Shell\Open\Command - "" = E:\AutoRun\AutoStart.exe -- File not found
O33 - MountPoints2\{a12cbc56-9194-11db-a982-0016767082b1}\Shell\AutoRun\command - "" = E:\AutoRun\AutoStart.exe -- File not found
O33 - MountPoints2\{a12cbc56-9194-11db-a982-0016767082b1}\Shell\Explore\Command - "" = E:\AutoRun\AutoStart.exe -- File not found
O33 - MountPoints2\{a12cbc56-9194-11db-a982-0016767082b1}\Shell\Open\Command - "" = E:\AutoRun\AutoStart.exe -- File not found
O33 - MountPoints2\{da174c88-a83d-11de-af4d-0016767082b1}\Shell - "" = AutoRun
O33 - MountPoints2\{da174c88-a83d-11de-af4d-0016767082b1}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{da174c88-a83d-11de-af4d-0016767082b1}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O33 - MountPoints2\{da174c8b-a83d-11de-af4d-0016767082b1}\Shell - "" = AutoRun
O33 - MountPoints2\{da174c8b-a83d-11de-af4d-0016767082b1}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{da174c8b-a83d-11de-af4d-0016767082b1}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: BITS - C:\WINDOWS\System32\qmgr.dll File not found


SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - Microsoft .NET Framework 1.1 Hotfix (KB928366)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CB86EC62-CEA7-4C82-9EBA-B7A5E410E54C} - Reg Error: Value error.
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {DB061CCA-F22B-183C-A2C0-CE1EE6D6E3D8} - NetShow
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\Program Files\WIZET\MapleStory\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: VIDC.CSCD - C:\WINDOWS\System32\camcodec.dll (RenderSoft Software)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll ([You must be registered and logged in to see this link.]

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (34072082933350400)

========== Files/Folders - Created Within 30 Days ==========

[2015/07/26 07:02:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2015/07/26 02:33:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems
[2015/07/26 02:20:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Default\Local Settings\Application Data\Adobe
[2015/07/26 02:18:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Adobe PDF
[2015/07/26 02:17:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe Systems Shared
[2015/07/26 02:17:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/11/04 19:41:29 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Default\Desktop\OTL.com
[2010/11/04 19:40:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/11/04 19:40:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2010/11/04 19:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2010/11/04 19:39:39 | 000,000,000 | ---D | C] -- C:\Program Files\NOS
[2010/11/04 19:39:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2010/11/04 19:34:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/11/04 19:34:26 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/11/04 19:34:25 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/11/04 19:34:25 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/11/04 19:34:25 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/11/04 19:34:25 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/10/25 19:19:36 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/10/25 19:19:21 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/10/25 19:03:22 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/10/25 18:57:26 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/10/08 21:31:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Default\Application Data\IObit
[2010/10/08 19:04:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Default\Application Data\Downloaded Installations
[2010/10/07 03:23:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Default\Local Settings\Application Data\groups.im
[2010/10/07 03:23:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Default\My Documents\MSNPlus
[2010/10/07 03:22:11 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\detoured.dll
[2010/10/07 03:22:11 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Messenger
[2010/10/07 03:22:11 | 000,000,000 | ---D | C] -- C:\Program Files\groups.im
[2010/10/07 01:17:13 | 000,000,000 | ---D | C] -- C:\Program Files\Daum
[2010/10/07 00:20:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Default\Application Data\BitComet
[2010/10/06 17:29:02 | 118,350,484 | ---- | C] (Jan Kolarik & Ondrej Vaverka) -- C:\WINDOWS\System32\Daum Screensaver_High.scr
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/04 19:41:32 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Default\Desktop\OTL.com
[2010/11/04 19:40:04 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010/11/04 19:34:08 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/11/04 19:34:08 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/11/04 19:34:08 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/11/04 19:34:08 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/11/04 19:34:07 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/11/04 16:59:34 | 000,013,740 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/04 16:58:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/03 21:09:28 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/11/02 23:22:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\multbp.cfg
[2010/11/01 21:15:38 | 000,002,414 | ---- | M] () -- C:\WINDOWS\miniMBC.INI
[2010/10/30 22:46:42 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\Default\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/30 01:25:07 | 001,120,054 | ---- | M] () -- C:\Documents and Settings\Default\Desktop\23rd October.BMP
[2010/10/30 00:04:55 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/10/25 16:08:22 | 001,028,584 | ---- | M] () -- C:\Documents and Settings\Default\Desktop\1287974473_201010251141132590764301_0.jpg
[2010/10/25 16:06:01 | 000,343,206 | ---- | M] () -- C:\Documents and Settings\Default\Desktop\IMG_9307.jpg
[2010/10/25 02:48:10 | 000,090,721 | ---- | M] () -- C:\Documents and Settings\Default\Desktop\Picture 285.jpg
[2010/10/23 12:56:23 | 000,002,300 | ---- | M] () -- C:\Documents and Settings\Default\Desktop\Google Chrome.lnk
[2010/10/23 12:56:23 | 000,002,278 | ---- | M] () -- C:\Documents and Settings\Default\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/10/15 00:05:04 | 009,042,705 | ---- | M] () -- C:\Documents and Settings\Default\Desktop\Fany - Ring.mp3
[2010/10/08 21:31:32 | 000,000,745 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Switch to Gaming Mode.lnk
[2010/10/07 03:22:11 | 000,020,541 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\detoured.dll
[2010/10/06 17:29:02 | 118,350,484 | ---- | M] (Jan Kolarik & Ondrej Vaverka) -- C:\WINDOWS\System32\Daum Screensaver_High.scr
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/04 19:40:04 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010/10/30 01:25:07 | 001,120,054 | ---- | C] () -- C:\Documents and Settings\Default\Desktop\23rd October.BMP
[2010/10/25 19:21:00 | 000,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/10/25 16:08:20 | 001,028,584 | ---- | C] () -- C:\Documents and Settings\Default\Desktop\1287974473_201010251141132590764301_0.jpg
[2010/10/25 16:05:52 | 000,343,206 | ---- | C] () -- C:\Documents and Settings\Default\Desktop\IMG_9307.jpg
[2010/10/25 02:48:10 | 000,090,721 | ---- | C] () -- C:\Documents and Settings\Default\Desktop\Picture 285.jpg
[2010/10/15 00:01:30 | 009,042,705 | ---- | C] () -- C:\Documents and Settings\Default\Desktop\Fany - Ring.mp3
[2010/10/08 21:31:32 | 000,000,745 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Switch to Gaming Mode.lnk
[2010/06/29 23:01:04 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Default\Application Data\setup_ldm.iss
[2010/05/29 20:13:57 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/05/29 20:13:55 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/05/29 20:13:52 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/05/29 20:13:52 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/05/29 20:13:51 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010/05/29 20:13:49 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/03/03 23:59:47 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2009/09/17 21:19:32 | 000,002,414 | ---- | C] () -- C:\WINDOWS\miniMBC.INI
[2009/09/06 21:16:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009/09/06 21:16:38 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009/09/06 21:16:26 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Default\Application Data\$_hpcst$.hpc
[2009/06/28 17:40:27 | 000,000,028 | ---- | C] () -- C:\WINDOWS\funshionplugin2.INI
[2008/12/31 16:22:11 | 004,762,112 | ---- | C] () -- C:\WINDOWS\System32\NCMedia.dll
[2008/12/31 16:22:11 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2008/11/15 09:51:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2008/11/13 15:49:15 | 000,000,255 | ---- | C] () -- C:\WINDOWS\Mp3rj.ini
[2008/11/13 15:45:21 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2008/07/09 18:18:36 | 000,001,164 | ---- | C] () -- C:\WINDOWS\System32\funshion.ini
[2008/06/12 21:03:48 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/04/09 12:39:47 | 001,073,152 | ---- | C] () -- C:\WINDOWS\System32\libmysql_c.dll
[2008/03/13 07:11:10 | 000,059,056 | ---- | C] () -- C:\WINDOWS\System32\wbload.dll
[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/10/12 16:11:58 | 000,059,500 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007/10/11 18:59:24 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2007/04/16 14:29:05 | 000,000,031 | ---- | C] () -- C:\WINDOWS\bluevoda.ini
[2007/04/07 18:32:28 | 000,000,053 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI
[2006/10/26 13:37:43 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/09/13 10:34:32 | 000,036,864 | ---- | C] () -- C:\Documents and Settings\Default\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/09/08 06:10:36 | 000,013,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys
[2006/09/08 06:10:36 | 000,011,860 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbtenum.sys
[2006/08/31 13:20:43 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/08/21 06:55:14 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/08/21 06:43:08 | 000,000,190 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/08/11 05:55:16 | 000,000,339 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/07/28 07:45:39 | 000,000,152 | ---- | C] () -- C:\WINDOWS\option.ini
[2006/07/26 08:39:53 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\EGameEncrypt.dll
[2006/07/24 10:56:24 | 000,000,056 | ---- | C] () -- C:\Program Files\Common Files\appop.log
[2006/07/24 10:56:15 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/07/24 10:56:15 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/07/24 10:56:15 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/07/24 10:56:15 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/07/24 10:56:15 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/07/24 10:56:15 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/07/24 10:55:44 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\udffsrec.sys
[2006/07/24 10:45:30 | 000,157,184 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006/07/24 03:11:00 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/01/08 06:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Custom Scans ==========


< %systemroot%*. /mp /s >

< %systemroot%system32*.dll /lockedfiles >

< %systemroot%system32*.exe /lockedfiles >

< %systemroot%Tasks*.job /lockedfiles >

< %systemroot%system32drivers*.sys /lockedfiles >

< %systemroot%System32config*.sav >

< %systemroot%system32*.sys >

< %systemroot%system32drivers*.dll >

< %systemroot%system32drivers*.ini >

< %systemroot%system32drivers*.exe >

< %SYSTEMDRIVE%*.* >
[2006/07/24 10:29:04 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2006/07/24 10:23:29 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2006/07/24 10:29:04 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2006/07/24 10:29:04 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/11/04 19:36:09 | 000,019,628 | ---- | M] () -- C:\JavaRa.log
[2006/07/24 10:29:04 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 20:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/02/23 07:16:21 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/11/04 16:58:16 | 704,643,072 | -HS- | M] () -- C:\pagefile.sys
[2007/01/03 15:16:11 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2007/01/05 16:56:37 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2007/01/18 16:03:47 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2007/01/23 15:13:12 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
[2007/01/31 14:43:28 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2007/02/18 11:22:14 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
[2007/02/26 11:48:43 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm
[2007/03/19 05:50:26 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2007/03/20 03:06:55 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm
[2007/03/20 18:02:29 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
[2007/04/09 16:09:39 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
[2007/12/28 06:08:21 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2008/03/08 16:08:49 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2006/11/28 07:26:15 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
[2006/11/28 07:33:33 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
[2006/11/28 16:59:37 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2006/12/04 16:08:31 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
[2006/12/06 16:24:40 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
[2006/12/15 17:00:37 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2006/12/17 18:04:33 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm
[2007/01/03 15:16:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2007/01/05 16:56:37 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2007/01/18 16:03:47 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2007/01/23 15:13:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2007/01/31 14:43:28 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2007/02/18 11:22:14 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2007/02/26 11:48:43 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2007/03/19 05:50:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2007/03/20 03:06:55 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2007/03/20 18:02:29 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2007/04/09 16:09:39 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2007/12/28 06:08:21 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2008/03/08 16:08:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2006/11/28 07:26:15 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2006/11/28 07:33:33 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2006/11/28 16:59:37 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2006/12/04 16:08:31 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2006/12/06 16:24:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2006/12/15 17:00:37 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2006/12/17 18:04:33 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2008/02/17 15:54:54 | 000,045,636 | ---- | M] () -- C:\sysinfo.txt


Last edited by BlackCube on Thu Nov 04, 2010 12:28 pm; edited 2 times in total

BlackCube
Novice
Novice

Posts Posts : 11
Joined Joined : 2010-01-02
OS OS : Windows XP
Points Points : 25421
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help!

Post by BlackCube on Thu Nov 04, 2010 12:22 pm

< %PROGRAMFILES%*. >
[2008/12/07 17:33:15 | 000,000,000 | ---D | M] -- C:\Program Files\Abyss Web Server
[2010/03/03 23:59:39 | 000,000,000 | ---D | M] -- C:\Program Files\Acro Software
[2010/11/04 19:41:03 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/03/03 18:58:52 | 000,000,000 | ---D | M] -- C:\Program Files\Aegisub
[2009/10/25 23:34:00 | 000,000,000 | ---D | M] -- C:\Program Files\afreeca
[2006/07/25 13:07:40 | 000,000,000 | ---D | M] -- C:\Program Files\Ahead
[2010/06/05 02:25:31 | 000,000,000 | ---D | M] -- C:\Program Files\AhnLab
[2008/12/23 08:42:22 | 000,000,000 | ---D | M] -- C:\Program Files\Apache Software Foundation
[2010/06/27 21:34:46 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2010/06/17 10:34:56 | 000,000,000 | ---D | M] -- C:\Program Files\Avast
[2010/10/07 01:02:28 | 000,000,000 | ---D | M] -- C:\Program Files\BitComet
[2010/10/25 18:57:29 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2010/08/27 00:21:35 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010/07/03 00:03:16 | 000,000,000 | ---D | M] -- C:\Program Files\Counter-Strike 1.6 V40
[2010/10/07 01:17:13 | 000,000,000 | ---D | M] -- C:\Program Files\Daum
[2009/09/06 21:17:29 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2008/02/17 15:45:10 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2006/08/12 13:31:03 | 000,000,000 | ---D | M] -- C:\Program Files\DQ
[2009/02/23 15:18:42 | 000,000,000 | ---D | M] -- C:\Program Files\DVDVideoSoft
[2008/02/17 15:45:11 | 000,000,000 | ---D | M] -- C:\Program Files\Free Download Manager
[2010/07/14 00:28:29 | 000,000,000 | ---D | M] -- C:\Program Files\Funshion Online
[2010/10/07 21:51:46 | 000,000,000 | ---D | M] -- C:\Program Files\Garena
[2008/03/16 03:54:18 | 000,000,000 | ---D | M] -- C:\Program Files\GOA
[2010/07/07 23:57:09 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010/03/04 00:04:12 | 000,000,000 | ---D | M] -- C:\Program Files\GPLGS
[2009/12/16 18:59:58 | 000,000,000 | ---D | M] -- C:\Program Files\GRETECH
[2010/10/07 03:22:11 | 000,000,000 | ---D | M] -- C:\Program Files\groups.im
[2010/01/14 16:25:25 | 000,000,000 | ---D | M] -- C:\Program Files\Hamachi
[2008/07/27 14:53:01 | 000,000,000 | ---D | M] -- C:\Program Files\HELP
[2009/11/17 01:08:22 | 000,000,000 | ---D | M] -- C:\Program Files\ijji
[2010/11/01 21:15:22 | 000,000,000 | ---D | M] -- C:\Program Files\iMBC
[2010/09/25 18:21:08 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/02/18 19:40:04 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2006/07/24 10:56:25 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo
[2009/11/28 19:08:29 | 000,000,000 | ---D | M] -- C:\Program Files\IObit
[2010/10/25 19:19:36 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2010/10/25 19:20:56 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2006/09/08 06:10:35 | 000,000,000 | ---D | M] -- C:\Program Files\IVT Corporation
[2010/01/03 02:41:50 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/03/30 00:36:54 | 000,000,000 | ---D | M] -- C:\Program Files\JDownloader
[2010/05/29 20:13:52 | 000,000,000 | ---D | M] -- C:\Program Files\K-Lite Codec Pack
[2006/08/06 14:37:20 | 000,000,000 | ---D | M] -- C:\Program Files\KSIGN
[2007/03/04 10:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2010/05/29 18:02:57 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech
[2010/01/03 04:06:57 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/05/29 22:56:15 | 000,000,000 | ---D | M] -- C:\Program Files\ManyCam 2.4
[2010/11/04 19:40:01 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee Security Scan
[2009/02/23 07:35:11 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2009/11/06 16:39:06 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger Plus! Live
[2009/11/06 16:21:22 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2006/10/26 13:36:00 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2008/11/10 19:09:18 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2007/10/19 14:29:59 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft DirectX SDK (August 2007)
[2006/07/24 10:29:19 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2010/07/11 22:59:39 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2006/10/26 13:36:05 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2009/08/01 00:22:46 | 000,000,000 | ---D | M] -- C:\Program Files\mIRC
[2009/09/23 20:40:36 | 000,000,000 | ---D | M] -- C:\Program Files\Mobile Partner
[2009/02/23 07:21:13 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/10/29 18:15:54 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2008/11/17 08:22:54 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2010/07/11 22:59:08 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2006/07/24 10:24:45 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2006/07/24 10:25:28 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2010/10/07 03:22:12 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Messenger
[2008/11/17 08:18:12 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2007/04/25 08:06:16 | 000,000,000 | ---D | M] -- C:\Program Files\MTV Networks
[2009/07/20 00:20:11 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2009/05/27 13:16:27 | 000,000,000 | ---D | M] -- C:\Program Files\NJStar Chinese WP
[2010/11/04 19:39:39 | 000,000,000 | ---D | M] -- C:\Program Files\NOS
[2006/07/24 10:27:54 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/05/29 17:47:51 | 000,000,000 | ---D | M] -- C:\Program Files\ooVoo
[2009/10/11 22:11:24 | 000,000,000 | ---D | M] -- C:\Program Files\OpenAL
[2009/02/23 07:18:35 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2010/11/04 17:04:30 | 000,000,000 | ---D | M] -- C:\Program Files\Outpost Firewall
[2009/11/12 14:14:16 | 000,000,000 | ---D | M] -- C:\Program Files\Pando Networks
[2010/03/06 18:00:56 | 000,000,000 | ---D | M] -- C:\Program Files\PC Connectivity Solution
[2010/10/28 16:19:22 | 000,000,000 | ---D | M] -- C:\Program Files\pipi
[2010/10/25 19:04:35 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2009/09/20 17:28:37 | 000,000,000 | ---D | M] -- C:\Program Files\Rainlendar2
[2009/12/10 10:02:02 | 000,000,000 | ---D | M] -- C:\Program Files\Rainmeter
[2010/03/12 23:27:06 | 000,000,000 | ---D | M] -- C:\Program Files\Razer
[2010/03/22 08:35:56 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2006/07/24 10:44:20 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2008/11/17 08:22:47 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2009/09/06 21:17:36 | 000,000,000 | ---D | M] -- C:\Program Files\Samsung
[2006/09/03 06:57:01 | 000,000,000 | ---D | M] -- C:\Program Files\SigmaTel
[2009/10/29 00:12:20 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2008/12/31 16:22:10 | 000,000,000 | ---D | M] -- C:\Program Files\Smallvideosoft
[2008/12/07 19:44:15 | 000,000,000 | ---D | M] -- C:\Program Files\SmartFTP Client
[2008/11/03 14:38:14 | 000,000,000 | ---D | M] -- C:\Program Files\Sony Ericsson
[2010/01/03 01:55:40 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2009/03/16 16:40:17 | 000,000,000 | ---D | M] -- C:\Program Files\Stardock
[2008/08/14 10:04:06 | 000,000,000 | ---D | M] -- C:\Program Files\Sun
[2006/07/24 10:35:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2008/04/19 06:12:13 | 000,000,000 | ---D | M] -- C:\Program Files\Ventrilo
[2008/10/21 14:52:33 | 000,000,000 | ---D | M] -- C:\Program Files\Veoh Networks
[2008/05/11 11:33:52 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2009/04/06 08:20:06 | 000,000,000 | ---D | M] -- C:\Program Files\Warcraft III backup
[2010/05/22 20:19:34 | 000,000,000 | ---D | M] -- C:\Program Files\Winamp
[2009/11/06 16:20:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2009/11/06 16:21:00 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2007/02/13 15:25:19 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Components
[2007/02/13 15:22:27 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2009/02/23 07:18:36 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009/02/23 07:18:35 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2006/07/24 10:27:58 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2006/07/26 01:58:21 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2006/08/28 05:01:49 | 000,000,000 | ---D | M] -- C:\Program Files\WinZip
[2010/09/25 18:21:09 | 000,000,000 | ---D | M] -- C:\Program Files\WIZET
[2006/07/24 10:29:19 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2006/07/24 10:55:15 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2010/05/09 13:35:27 | 000,000,000 | ---D | M] -- C:\Program Files\Youtube Downloader HD
[2008/08/17 17:04:49 | 000,000,000 | ---D | M] -- C:\Program Files\ZincPlay

< %appdata%*.* >
[2009/09/06 21:16:26 | 000,002,528 | ---- | M] () -- C:\Documents and Settings\Default\Application Data\$_hpcst$.hpc
[2006/07/24 03:10:30 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Default\Application Data\desktop.ini
[2010/06/29 23:01:04 | 000,000,760 | ---- | M] () -- C:\Documents and Settings\Default\Application Data\setup_ldm.iss


< MD5 for: AGP440.SYS >
[2004/08/04 20:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009/02/23 07:12:07 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009/02/23 07:12:07 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/14 02:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/14 02:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 20:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/02/23 07:12:07 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009/02/23 07:12:07 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/14 02:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/14 02:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 13:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/04 20:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/04 20:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2009/02/23 07:12:07 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2009/02/23 07:12:07 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/04 20:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/14 02:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/14 02:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/14 08:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 08:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 20:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/14 08:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 08:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 20:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 20:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 08:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 08:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: USBSTOR.SYS >
[2004/08/04 20:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbstor.sys
[2009/02/23 07:12:07 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbstor.sys
[2009/02/23 07:12:07 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbstor.sys
[2004/08/04 15:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\WINDOWS\$NtServicePackUninstall$\usbstor.sys
[2004/08/04 14:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\USBSTOR.SYS
[2008/04/14 02:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\ServicePackFiles\i386\usbstor.sys
[2008/04/14 02:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\usbstor.sys

< HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall|LastSuccessTime /rs >

========== Files - Unicode (All) ==========
[2010/09/08 01:33:52 | 009,346,696 | ---- | M] ()(C:\Documents and Settings\Default\Desktop\???? - GENIE2.mp3) -- C:\Documents and Settings\Default\Desktop\少女時代 - GENIE2.mp3
[2010/09/07 20:53:40 | 005,392,045 | ---- | M] ()(C:\Documents and Settings\Default\Desktop\???? - Genie.mp3) -- C:\Documents and Settings\Default\Desktop\少女時代 - Genie.mp3
[2010/09/03 19:52:55 | 009,346,696 | ---- | C] ()(C:\Documents and Settings\Default\Desktop\???? - GENIE2.mp3) -- C:\Documents and Settings\Default\Desktop\少女時代 - GENIE2.mp3
[2010/09/03 19:52:55 | 005,392,045 | ---- | C] ()(C:\Documents and Settings\Default\Desktop\???? - Genie.mp3) -- C:\Documents and Settings\Default\Desktop\少女時代 - Genie.mp3

========== Alternate Data Streams ==========

@Alternate Data Stream - 369 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A73B0434

< End of report >

Extras.txt

OTL Extras logfile created on: 11/4/2010 7:46:42 PM - Run 1
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Documents and Settings\Default\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

702.00 Mb Total Physical Memory | 303.00 Mb Available Physical Memory | 43.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 55.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 20.19 Gb Free Space | 27.09% Space Free | Partition Type: NTFS

Computer Name: FABIAN | User Name: Default | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"10637:TCP" = 10637:TCP:*:Enabled:BitComet 10637 TCP
"10637:UDP" = 10637:UDP:*:Enabled:BitComet 10637 UDP
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"58047:TCP" = 58047:TCP:*:Enabled:Pando Media Booster
"58047:UDP" = 58047:UDP:*:Enabled:Pando Media Booster
"56641:TCP" = 56641:TCP:*:Enabled:Pando Media Booster
"56641:UDP" = 56641:UDP:*:Enabled:Pando Media Booster
"443:TCP" = 443:TCP:*:Disabled:ooVoo TCP port 443
"443:UDP" = 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP" = 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP" = 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP" = 37675:UDP:*:Disabled:ooVoo UDP port 37675

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Nexon\Combat Arms\CombatArms.exe" = C:\Program Files\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- File not found
"C:\Program Files\Nexon\Combat Arms\Engine.exe" = C:\Program Files\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- File not found
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- File not found
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- File not found
"C:\Program Files\Combat Arms\CombatArms.exe" = C:\Program Files\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- File not found
"C:\Program Files\Combat Arms\Engine.exe" = C:\Program Files\Combat Arms\Engine.exe:*Enabled:Engine.exe -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- File not found
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- File not found
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation)
"C:\Program Files\DAUM\PotPlayer\daumvsvr.exe" = C:\Program Files\DAUM\PotPlayer\daumvsvr.exe:*:Enabled:VideoPot -- File not found
"C:\Program Files\DAUM\PotPlayer\PotPlayer.exe" = C:\Program Files\DAUM\PotPlayer\PotPlayer.exe:*:Enabled:?? ????? -- File not found
"C:\Program Files\DAUM\PotPlayer\PotPlayerMini.exe" = C:\Program Files\DAUM\PotPlayer\PotPlayerMini.exe:*:Enabled:?? ????? -- File not found
"C:\Program Files\BlackShot\Blackshot\system\BlackShot.exe" = C:\Program Files\BlackShot\Blackshot\system\BlackShot.exe:*:Enabled:BlackShot -- File not found
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Program Files\Funshion Online\Funshion\FunshionService.exe" = C:\Program Files\Funshion Online\Funshion\FunshionService.exe:*:Enabled:FunshionService -- (Funshion Online Technologies Ltd.)
"C:\Program Files\Funshion Online\Funshion\FunshionUpgrade.exe" = C:\Program Files\Funshion Online\Funshion\FunshionUpgrade.exe:*:Enabled:FunshionUpgrade -- (Funshion Online Technologies Ltd.)
"C:\Program Files\pipi\jfCacheMgr.exe" = C:\Program Files\pipi\jfCacheMgr.exe:*:Enabled:PIPI CacheMgr -- (皮皮科技)
"C:\Program Files\pipi\PIPIPlayer.exe" = C:\Program Files\pipi\PIPIPlayer.exe:*:Enabled:PIPIPlayer -- (皮皮科技)
"C:\Program Files\pipi\KmLiveUpdate.exe" = C:\Program Files\pipi\KmLiveUpdate.exe:*:Enabled:PIPI LiveUpdate -- (皮皮科技)
"C:\Program Files\pipi\HttpDownLoad.exe" = C:\Program Files\pipi\HttpDownLoad.exe:*:Enabled:HttpDownLoad -- ()
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player -- (Veoh Networks)
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe -- ([You must be registered and logged in to see this link.]
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0E56FBDB-28F6-49E5-829F-E42FE3616743}" = mini
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1" = Aegisub 2.1.8
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{32A3A4F4-B792-11D6-A78A-00B0D0160100}" = Java(TM) SE Development Kit 6 Update 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{6102D63A-9387-4FC8-98E4-181121F8C0BA}" = MPlugin
"{62C81505-65E8-BBFF-5A9B-23958770F694}" = BannedStory
"{6F23C1A3-9F62-470C-BD12-B83F04E67865}" = SmartFTP Client
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747}" = Ad-Aware SE Personal
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{80EAC1F5-3067-4E57-A09F-3AF728C59FE5}" = MapleStory
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{89C89156-A70F-4C6D-9CAE-2EA71F1396FE}" = Garena
"{8AEEE6D6-C95D-465A-B8D3-B7AE2FA7B8B4}" = InterVideo MediaOne
"{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}" = URGE
"{8E240C1C-25D0-4248-BC6C-ACC3472E35CE}" = SigmaTel MSCN Audio Player
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = ijji REACTOR
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}" = Logitech QuickCam
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{998D6972-F58E-479D-9248-8F179E55AE38}" = Java DB 10.4.1.3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9AD608C8-0EDF-4D55-A349-EE01B0B35B24}" = Sylvanas RO Small Installer
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}" = BlueSoleil
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C5ADA65A-7828-4D85-B071-ECC52B51F794}" = Sony Ericsson PC Suite 1.20.173
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype 4.2
"{D6D5CFB3-7095-4073-B6B7-B7E909838C57}" = Razer Copperhead
"{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}" = SAMSUNG SYMBIAN USB Download Driver
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DBC02424-BB58-4244-83A8-24B2709408EB}" = RO English Edition
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E63241F0-B658-4B38-AF2F-CD14108B0467}" = GameGuard
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0A4913F-46A5-48F2-BC73-EE41A6C81EB3}" = Microsoft DirectX SDK (August 2007)
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player
"advanced afreeca player" = afreeca player
"Agnitum Outpost Firewall_is1" = Outpost Firewall 2009
"AhnLab Online Security" = AhnLab Online Security
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"BBbroadcast4mini" = BBbroadcast4mini 3.0.10.7347
"BitComet" = BitComet 1.23
"bs.BannedStory.B138736892407FF2891DACB3EC40AB4373DCB810.1" = BannedStory 3.0
"camcodec" = CamStudio Lossless Codec
"Counter-Strike 1.6 V40.1" = Counter-Strike 1.6 V40.1
"CutePDF Writer Installation" = CutePDF Writer 2.8
"Daum Screensaver High" = Daum ũ̹ ȭ
"ffdshow_is1" = ffdshow v1.1.3529 [2010-08-11]
"Flatcast_is1" = Flatcast 4.16 RC1
"Fraps" = Fraps (remove only)
"Free Download Manager_is1" = Free Download Manager 2.1
"Free YouTube Download_is1" = Free YouTube Download 2.2
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"Freez FLV to MP3 Converter V1.2_is1" = Freez FLV to MP3 Converter
"Funshion" = Funshion
"Game Booster_is1" = Game Booster
"GomTVAX" = TV ActiveX ÷̾
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InfatuationRO 3" = InfatuationRO 3
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.6 (Full)
"KSignAccessToolkit" = KSignAccessToolkit v1.0
"lvdrivers_11.50" = Logitech QuickCam Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"ManyCam" = ManyCam 2.4 (remove only)
"McAfee Security Scan" = McAfee Security Scan Plus
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mobile Partner" = Mobile Partner
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNPlus" = MSNPlus
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NJStar Chinese Word Processor" = NJStar Chinese Word Processor
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OpenAL" = OpenAL
"PIPI_is1" = PIPI 2.7.0.1
"Rainlendar2" = Rainlendar2 (remove only)
"Rainmeter" = Rainmeter (remove only)
"RealPlayer 12.0" = RealPlayer
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"save2pc Pro Demo_is1" = save2pc Pro Demo 3.37
"save2pc_is1" = save2pc 4.05
"Veoh Web Player Beta" = Veoh Web Player
"VLC media player" = VideoLAN VLC media player 0.8.4a
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGTK-2_is1" = GTK+ 2.10.6-1 runtime environment
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Anti-Spy" = Yahoo! Anti-Spy
"Yahoo! Companion" = Yahoo! Toolbar with Anti-Spy
"Yawle_0.3b" = YAWLE 0.5b
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 1.9

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"ijji FireFox Launcher" = ijji FireFox Launcher 1.0
"Neoteris_Host_Checker" = Juniper Networks Host Checker
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 8/12/2010 12:47:56 PM | Computer Name = FABIAN | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
F:\MapleSEA_MSSetup100526.exe failed, 0000A420.

Error - 8/12/2010 12:58:07 PM | Computer Name = FABIAN | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
F:\MapleSEA_MSSetup100526.exe failed, 0000A420.

[ Application Events ]
Error - 10/23/2010 2:47:36 PM | Computer Name = FABIAN | Source = Application Hang | ID = 1002
Description = Hanging application mplayerc.exe, version 6.4.9.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 10/24/2010 2:56:07 PM | Computer Name = FABIAN | Source = Application Error | ID = 1000
Description = Faulting application mplayerc.exe, version 6.4.9.1, faulting module
qdvd.dll, version 6.5.2600.5512, fault address 0x000189ad.

Error - 10/25/2010 6:50:46 AM | Computer Name = FABIAN | Source = Bonjour Service | ID = 100
Description = 388: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 10/25/2010 6:50:46 AM | Computer Name = FABIAN | Source = Bonjour Service | ID = 100
Description = 408: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 10/25/2010 6:50:48 AM | Computer Name = FABIAN | Source = Bonjour Service | ID = 100
Description = 228: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 10/25/2010 6:50:48 AM | Computer Name = FABIAN | Source = Bonjour Service | ID = 100
Description = 396: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 10/25/2010 6:50:48 AM | Computer Name = FABIAN | Source = Bonjour Service | ID = 100
Description = 224: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 10/28/2010 7:45:26 AM | Computer Name = FABIAN | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.3937, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x0000100b.

Error - 10/29/2010 11:46:47 AM | Computer Name = FABIAN | Source = Bonjour Service | ID = 100
Description = 244: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 10/30/2010 10:19:59 AM | Computer Name = FABIAN | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module mpcvideodec.ax, version 1.3.1644.0, fault address 0x000ff9ac.

[ System Events ]
Error - 11/4/2010 7:38:33 AM | Computer Name = FABIAN | Source = Service Control Manager | ID = 7023
Description = The Background Intelligent Transfer Service service terminated with
the following error: %%126

Error - 11/4/2010 7:39:03 AM | Computer Name = FABIAN | Source = DCOM | ID = 10010
Description = The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register
with DCOM within the required timeout.

Error - 11/4/2010 7:39:03 AM | Computer Name = FABIAN | Source = Service Control Manager | ID = 7023
Description = The Background Intelligent Transfer Service service terminated with
the following error: %%126

Error - 11/4/2010 7:39:33 AM | Computer Name = FABIAN | Source = DCOM | ID = 10010
Description = The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register
with DCOM within the required timeout.

Error - 11/4/2010 7:39:35 AM | Computer Name = FABIAN | Source = Service Control Manager | ID = 7023
Description = The Background Intelligent Transfer Service service terminated with
the following error: %%126

Error - 11/4/2010 7:40:05 AM | Computer Name = FABIAN | Source = DCOM | ID = 10010
Description = The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register
with DCOM within the required timeout.

Error - 11/4/2010 7:40:06 AM | Computer Name = FABIAN | Source = Service Control Manager | ID = 7023
Description = The Background Intelligent Transfer Service service terminated with
the following error: %%126

Error - 11/4/2010 7:40:36 AM | Computer Name = FABIAN | Source = DCOM | ID = 10010
Description = The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register
with DCOM within the required timeout.

Error - 11/4/2010 7:40:38 AM | Computer Name = FABIAN | Source = Service Control Manager | ID = 7023
Description = The Background Intelligent Transfer Service service terminated with
the following error: %%126

Error - 11/4/2010 7:41:08 AM | Computer Name = FABIAN | Source = DCOM | ID = 10010
Description = The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register
with DCOM within the required timeout.


< End of report >

Thank you in advance n__n

BlackCube
Novice
Novice

Posts Posts : 11
Joined Joined : 2010-01-02
OS OS : Windows XP
Points Points : 25421
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help!

Post by Sneakyone on Thu Nov 04, 2010 4:41 pm

Hi,

Welcome to GeekPolice.net!

Please download ComboFix from [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found [You must be registered and logged in to see this link.]
  • Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console


Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


  • Click on Yes, to continue scanning for malware.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56064
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help!

Post by BlackCube on Thu Nov 04, 2010 6:16 pm

I found combofix.txt in C:\commy\ ... does that make a difference?

ComboFix 10-11-03.04 - Default 11/05/2010 1:59:08.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.702.228 [GMT 8:00]
Running from: C:\Documents and Settings\Default\desktop\commy.exe
Command switches used :: /stepdel
AV: avast! antivirus 4.8.1368 [VPS 101104-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Outpost Firewall *enabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
.

I'm not sure if this is what you want... I ran it twice to make sure but it just gave the same results x=

BlackCube
Novice
Novice

Posts Posts : 11
Joined Joined : 2010-01-02
OS OS : Windows XP
Points Points : 25421
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help!

Post by Sneakyone on Thu Nov 04, 2010 9:00 pm

Hi,

Are you letting ComboFix run without running anything else after it reboots?


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56064
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help!

Post by BlackCube on Fri Nov 05, 2010 7:28 am

Erm, don't quite get what you mean but... I think so?

I didn't run anything else besides ComboFix and waited for it to finish producing the log before starting to use the computer again..

BlackCube
Novice
Novice

Posts Posts : 11
Joined Joined : 2010-01-02
OS OS : Windows XP
Points Points : 25421
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help!

Post by Sneakyone on Fri Nov 05, 2010 10:56 pm

Hi,

The correct log should be on the C:\ drive; is it not there?


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56064
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help!

Post by BlackCube on Sat Nov 06, 2010 7:19 am

Nope, I can't find it in the C:\

On a side note, the problems seem to be gone..

BlackCube
Novice
Novice

Posts Posts : 11
Joined Joined : 2010-01-02
OS OS : Windows XP
Points Points : 25421
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help!

Post by Sneakyone on Sat Nov 06, 2010 3:06 pm

Hi,

Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.].


Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56064
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help!

Post by BlackCube on Sat Nov 06, 2010 6:09 pm

Malwarebytes' Anti-Malware 1.46
[You must be registered and logged in to see this link.]

Database version: 5062

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/7/2010 2:09:00 AM
mbam-log-2010-11-07 (02-09-00).txt

Scan type: Quick scan
Objects scanned: 142404
Time elapsed: 10 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 19
Files Infected: 251

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{e2745192-8f50-4acc-aa27-2ac0b85a875f} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a74bf134-5213-46b5-af36-ce1888315dc7} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\funshion (Adware.Funshion) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\fsp (Adware.Funshion) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Funshion Task (Adware.Funshion) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\Funshion Online (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\XPSP2Patch (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Funshion (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\Baiduflash (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\Baiduflash\subflash (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\Cacheflash (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\flash (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\flashNew (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\flashStamp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\control (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\historyTorrent (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\ini (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\Seed (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\update (Adware.Funshion) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\pipi\PIPIWebPlayer.ocx (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\cook.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\coreavc.ax (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\CrashReport.exe (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\dbghelp.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\detector.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\drvc.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\Dump.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\Encrypt.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\fpsrv.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\fptassrv.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\Funshion-install.ico (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\Funshion.exe (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\funshion.ini (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\FunshionGame2.ico (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\funshionplugin2.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\FunshionService.exe (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\FunshionUpgrade.exe (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\Funshop2.ico (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\GetMACAddress.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\LangResEnAmerican.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\nicdescr.dat (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\pncrt.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\pndx5032.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\quality.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\rmoc3260.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\RouterSetting.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\Thumbs.db (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\Uninstall.exe (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\upnp.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1279038752_18524595_1277463527_524.dat (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1279038752_18524595_1277463527_524.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1279120954_6634280_1275892018_859.dat (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1279120954_6634280_1275892018_859.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1280927794_2332025_1279534302_98.dat (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1280927794_2332025_1279534302_98.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\Buffering.gif (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\CaptionBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\CaptionCloseBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\CaptionMaxBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\CaptionMenuBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\CaptionMenuBtnEn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\CaptionMinBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\CaptionNormalBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\CaptionText.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\CaptionTextEn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\CheckBox_Box.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\CheckBox_Check.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\DiskWarnning.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\DragCorner.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\IeToolBarBack.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\IeToolBarBackEn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\IeToolBarBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\IeToolBarForward.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\IeToolBarForwardEn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\IeToolBarHomePage.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\IeToolBarHomePageEn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\IeToolBarRefresh.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\IeToolBarRefreshEn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ListHeaderBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ListHeaderSplid.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\MainNcFrameBtm.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\MainNcFrameLeft.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\MainNcFrameRight.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\MainNcFrameTop.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\MainNcLeftBtmCorner.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\MainNcLeftTopCorner.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\MainNcRightBtmCorner.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\MainNcRightTopCorner.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PauseAdCloseBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PauseFlickerBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayBarSplidRgn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayBarVolumeBarBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayBarVolumeBarBkgndRight.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayBarVolumeBarBkgndRightSmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayBarVolumeBarBkgndSmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayBarVolumeBarThumb.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayBarVolumeBarThumbSmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayBufferInfoWndBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayBufferInfoWndLeft.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayBufferInfoWndRight.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnFullView.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnMute.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnMuteSmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnNext.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnNextSmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnNonTop.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnNormal.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnPause.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnPauseSmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnPlay.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnPlayList.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnPlaySmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnPre.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnPreSmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnSetting.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnSimple.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnStop.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnTop.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnVolume.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnVolumeSmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarSplid.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerHideBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerTipCloseBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayFlickerBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayInfoBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayInfoBkgndSel.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayInfoBtmBar.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayInfoBtnMenu.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayInfoCurPlay.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayInfoHeaderBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayInfoTitleBk.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayListAddBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayListRemove.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlaySplidBarBefore.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlaySplidBarBeforeSmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlaySplidBarBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlaySplidBarBkgndSmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlaySplidBarDownload.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlaySplidBarDownloadSmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlaySplidBarHead.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlaySplidBarHeadSmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlaySplidBarThumb.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlaySplidBarThumbSmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlaySplidBarTrail.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlaySplidBarTrailSmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\RadioBtnBox.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\RadioBtnPt.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\RpcLoading.gif (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\RpcStartDlgBk.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarDownArrow.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarDownArrowRound.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarUpArrow.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarUpArrowRound.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarVerBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarVerWidgetBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarVerWidgetBkgndHover.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarVerWidgetHead.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarVerWidgetHeadHover.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarVerWidgetMid.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarVerWidgetMidHover.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarVerWidgetTrail.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarVerWidgetTrailHover.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollLinkBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollLinkFrm.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\SettingDlgIcon.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\SplidBarBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\SplidBarMark.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\StatusBarBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\StatusBarLeft.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\StatusBarRight.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\StatusBarSplid.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskBarBtnIcon.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskBarBtnMenu.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskBarBtnOpenLcl.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskBarBtnShowPlayer.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskBarTipDownArrow.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\taskdown.ico (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskListStatIcons.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskListStatSelIcon.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskManagerCloseBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskManagerCloseTxtBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskMgnBarBk.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskMgnBarItem.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskMgnBarList.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskMgnBarLScrollBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskMgnBarRScrollBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskMgnTitleBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskMgnTitleLeft.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskMgnTitleRight.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\taskpause.ico (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\taskplaying.ico (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\taskstop.ico (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskTabBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskToolBarBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskToolBarDelete.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskToolBarDeleteEn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskToolBarDownload.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskToolBarDownloadEn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskToolBarPlay.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskToolBarRestore.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskToolBarRestoreEn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskToolBarStop.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskToolBarStopEn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\taskupload.ico (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TextBtnBk.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\Thumbs.db (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TipBottomArrow.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TipRightArrow.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TipTopArrow.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\UpdateBtmBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\UpdateBtmCloseBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\UpdateBtmIgoreBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\UpdateBtmUpdateBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\UpdateCapBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\UpdateCapCloseBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\UpdateCaption.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\UpdateIconFail.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\UpdateIconInit.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\UpdateIconSuc.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\WebCloseBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\WebCloseBtnRgn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\XPSP2Patch\evid4226-vc80-mt.exe (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Funshion\FunPromo Shop Corpora.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Funshion\Funshion Use Help.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Funshion\Funshion.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Funshion\Pop Game.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Funshion\Uninstall Funshion.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Funshion\Update History.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\FABIAN_info.ini (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\flash-1.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\fsdxdiag.txt (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\fstracert.txt (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\install.ini (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\Baiduflash\fxPlayer2.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\Cacheflash\blankFs.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\Cacheflash\donghuanew_18.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\flash\FunshionAD20100531.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\flashNew\1C833C3E_B4D3_CAAA_8B5A_543681CB4E49.date1279038579.flv (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\flashNew\343DE780_A288_7674_21B4_CA7ADACCEE96.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\flashNew\3EA08E78_B01A_5E37_39F4_14EAD5E8B710.date1279038579.flv (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\flashNew\40931B43_81A1_D499_AF89_8AED9251DE70.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\flashNew\709FBADE_B26D_2071_BB94_8D416B2C5970.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\flashNew\7EB9CA4B_0B34_9624_BD05_DE45706912A8.date1279038579.flv (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\flashNew\B9C8481B_9E3E_EF71_276B_DB34CA4A7358.date1279038579.flv (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\flashNew\D0CFB9E6_2285_8301_E3FD_AB2A9D1E9A5E.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\flashNew\D2711C8E_1D40_3961_C61B_AAA1E8E84789.date1279038579.flv (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\flashNew\D32B0A68_1469_334B_A267_E196A117372F.date1279038579.flv (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\flashNew\DDEC9249_8E64_D12E_3F47_AFF7392260AF.date1279038579.flv (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\flashNew\F8C3BF31_E83A_5D7D_125F_D3691B53670F.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\flashNew\shouji.date1279038579.flv (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\cache\flashNew\xiayidao.date1279038579.flv (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\control\1246182039_funhidden_FunshionInstall1.5.3.11Beta.exe.torrent (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\control\1246182039_funhidden_FunshionInstall1.5.3.11Beta.exe.torrent-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\control\1246182039_funhidden_FunshionInstall1.5.3.11Beta.exe.torrent-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\control\1246182039_funhidden_FunshionInstall1.5.3.11Beta.exe.torrent_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\control\task.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\Funshion\historyTorrent\????TS?.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\ini\httpfile.ini (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\ini\temp_config.ini (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\update\AdLinkParamFile.fax (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\update\ad_define.fai (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\update\flashParam.txt (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\update\FunshionInstall1.5.3.11Beta.exe.fc! (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\update\FunshionInstall1.5.3.11Beta.exe.torrent (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\funshion\update\Kj.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Desktop\Funshion.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\Default\Application Data\Microsoft\Internet Explorer\Quick Launch\Funshion.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Funshion.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\funshion.ini (Adware.Funshion) -> Quarantined and deleted successfully.

BlackCube
Novice
Novice

Posts Posts : 11
Joined Joined : 2010-01-02
OS OS : Windows XP
Points Points : 25421
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help!

Post by Sneakyone on Sat Nov 06, 2010 11:35 pm

Hi,

Please run a free online scan with the [You must be registered and logged in to see this link.]
Note: You will need to use Internet Explorer for this scan

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56064
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help!

Post by BlackCube on Sun Nov 07, 2010 8:16 am

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=d57785b1ccb47643b4ecaa44e2c30325
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-11-07 08:06:48
# local_time=2010-11-07 04:06:48 (+0800, Malay Peninsula Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=769 16775125 100 98 0 225397124 0 0
# compatibility_mode=6912 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=133158
# found=4
# cleaned=4
# scan_time=4847
C:\Documents and Settings\Default\Application Data\Sun\Java\Deployment\cache\6.0\10\35ace28a-753dce60 probably a variant of Win32/Agent.LMMBFXF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Default\Application Data\Sun\Java\Deployment\cache\6.0\60\e8267fc-7cea55bd probably a variant of Win32/Agent.LMMBFXF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Garena\plugins\FixedUpdatePlugin.dll probably a variant of Win32/TrojanDownloader.Agent.JOPAUPF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{965EA501-9F7D-46DB-B62D-C4976174AF14}\RP873\A0314221.dll probably a variant of Win32/TrojanDownloader.Agent.JOPAUPF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

BlackCube
Novice
Novice

Posts Posts : 11
Joined Joined : 2010-01-02
OS OS : Windows XP
Points Points : 25421
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help!

Post by Sneakyone on Sun Nov 07, 2010 5:27 pm

Hi,

How is your computer running now?


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56064
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help!

Post by BlackCube on Wed Nov 10, 2010 12:58 pm

Hmmm it looks good now. Smile

Thankyou!

BlackCube
Novice
Novice

Posts Posts : 11
Joined Joined : 2010-01-02
OS OS : Windows XP
Points Points : 25421
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Help!

Post by Sneakyone on Wed Nov 10, 2010 5:41 pm

Hi,

Your computer is now clean. Now, time to remove the tools used, and update your computer to prevent vulnerability.

Updating System Restore
Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:
  • Select Start > All Programs > Accessories > System tools > System Restore.
  • On the dialogue box that appears select Create a Restore Point
  • Click NEXT
  • Enter a name e.g. Clean
  • Click CREATE.


You now have a clean restore point.

To get rid of the bad ones:
  • Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  • In the Drop down box that appears select your main drive e.g. C
  • Click OK
  • The System will do a calculation of temporary/old files, and then display a dialogue box.
  • Select the More Options Tab.
  • At the bottom will be a System Restore box with a CLEANUP button click this
  • Accept the Warning and select OK again, the program will close and you are done.


========

Removing the tools
Now, to remove all of the tools we used and the files and folders they created, please do the following:

Download [You must be registered and logged in to see this link.] by OldTimer:
  • Save it to your Desktop.
  • Double click OTC.exe.
  • Click the CleanUp! button.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.
    Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.


============

Service Pack upgrade
Please consider upgrading to Windows XP SP3, because it includes all previously released updates. It also includes a small number of new functionalities. Some of the updates that Service Pack 3 provides, you may not have. It is now available via Windows Update.

More info about SP3: [You must be registered and logged in to see this link.]

=====

Update Programs
Please download the newest version of Adobe Acrobat Reader from [You must be registered and logged in to see this link.]

Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs.
Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them.

Once old versions are gone, please install the newest version.



Please download the newest version of Java from [You must be registered and logged in to see this link.].

Before installing: it is important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs.
Search in the list for all previous installed versions of Java (J2SE Runtime Environment). Please uninstall/remove each of them.

Once old versions are gone, please install the newest version.

===============

Here are some prevention tips I have provided:

1. Don't download files from untrusted websites or websites that seem suspious.

2. Don't use torrents they are a good way to get lots of malware.

3. Don't download and use cracks/warez/keygens they are illegal and are another good way to contract malware.

4. Disable autorun [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.]

5. Always make sure you have the latest Windows updates. windowsupdate.microsoft.com

6. Don't ever click on the links inside of a popup.

7. Make sure you know what you install you can make sure it is not know for being a virus by just simply searching about it on google.

8. Use a Site Advisor so you don't go to sites that will infect you. [You must be registered and logged in to see this link.]

9. Also there are many holes and flaws in Internet Explorer I recommend using [You must be registered and logged in to see this link.] to keep you more safe.

10. Always keep your [You must be registered and logged in to see this link.] and Adobe updated.

11. Don't fall for the Scareware. What is Scareware? it is a website made to download a rogue Antivirus on your system that will scare you into buying their fake software due to false detections.

12. Always have a Firewall and a Antivirus.

Thanks for choosing GeekPolice, see [You must be registered and logged in to see this link.] if you would like to leave feedback or contribute to our site. Do you have any more questions?

For more information please visit [You must be registered and logged in to see this link.]


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56064
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum