Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

iexplorer.exe virus

Started by small_love , Jul 12 2010 02:07 AM

  • This topic is locked This topic is locked

#16
small_love
Posted 25 July 2010 - 02:06 AM

small_love

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts
My dad will be using my computer for the next few days, so I won't be able to access it yet. I'm sorry for the trouble! Please don't close the thread or think that I've disappeared without replying. Thank you!
  • 0

Advertisements

#17
hammerman
Posted 25 July 2010 - 02:11 AM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
No problem. Thanks for letting me know :)
  • 0

#18
small_love
Posted 28 July 2010 - 09:10 PM

small_love

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts
Thanks for waiting!
The Kaspersky WebScanner took half a day to scan and didn't provide a log...?

~~

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4364

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/28/2010 7:06:52 PM
mbam-log-2010-07-28 (19-06-52).txt

Scan type: Quick scan
Objects scanned: 130076
Time elapsed: 16 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 39
Files Infected: 282

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\funshion (Adware.Funshion) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\fsp (Adware.Funshion) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Funshion Task (Adware.Funshion) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\Funshion Online (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\XPSP2Patch (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\XPSP2Patch\bmps (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Funshion (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion (Adware.Funshion) -> Delete on reboot.
C:\Documents and Settings\TSE\funshion\cache (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\cache\Baiduflash (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\cache\Baiduflash\subflash (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\cache\cacheflash (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\cache\flash (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\cache\flashNew (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\historyTorrent (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\ini (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\ini\ini (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\ini\ini\ini (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\media (Adware.Funshion) -> Delete on reboot.
C:\Documents and Settings\TSE\Funshion\media\??????? 04-06 (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\Funshion\media\??????? 07-09 (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\Funshion\media\??????? 13-15 (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\Funshion\media\??????? 16-18 (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\Funshion\media\??????? 19-21 (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\Funshion\media\??????? 01-03 (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\Funshion\media\???????-013 (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\Funshion\media\????7? 22-24 (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\Funshion\media\????????-011 (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\Funshion\media\????????-012 (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\Funshion\media\?????1?-002 (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\Funshion\media\???????-001 (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\Funshion\media\????????-001 (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\Funshion\media\????????-002 (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\Funshion\media\????????-003 (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\Funshion\media\????????-004 (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\Seed (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\update (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\update\FunshionInstall2.1.0.26Beta (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\update\FunshionInstall2.1.0.28 (Adware.Funshion) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\Funshion Online\Funshion\cook.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\CrashReport.exe (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\dbghelp.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\drvc.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\Funshion-install.ico (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\Funshion.exe (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\funshion.ini (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\FunshionGame.ico (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\FunshionHelp.url (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\FunshionImg.jpg (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\funshionplugin2.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\GetMACAddress.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\LangResEnAmerican.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\pncrt.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\pndx5016.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\pndx5032.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\quality.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\rmoc3260.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\RouterSetting.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\Uninstall.exe (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\UpdateHistory.url (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\xmllite.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1257397437_14669960_1254186338_2.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1257397437_14669960_1254186338_2.fsp-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1257397437_14669960_1254186338_2.fsp-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1257397437_14669960_1254186338_2.fsp_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260147947_7014043_1234420471_607.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260147947_7014043_1234420471_607.fsp-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260147947_7014043_1234420471_607.fsp-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260147947_7014043_1234420471_607.fsp_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260147951_7014043_1234420487_922.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260147951_7014043_1234420487_922.fsp-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260147951_7014043_1234420487_922.fsp-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260147951_7014043_1234420487_922.fsp_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260340246_14669960_1254186360_591.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260340246_14669960_1254186360_591.fsp-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260340246_14669960_1254186360_591.fsp-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260340246_14669960_1254186360_591.fsp_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260340258_14669960_1254186388_124.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260340258_14669960_1254186388_124.fsp-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260340258_14669960_1254186388_124.fsp-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260340258_14669960_1254186388_124.fsp_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260682541_14669960_1254186401_380.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260682541_14669960_1254186401_380.fsp-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260682541_14669960_1254186401_380.fsp-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260682541_14669960_1254186401_380.fsp_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260682548_14669960_1254186477_575.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260682548_14669960_1254186477_575.fsp-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260682548_14669960_1254186477_575.fsp-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260682548_14669960_1254186477_575.fsp_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260682553_14669960_1254186492_418.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260682553_14669960_1254186492_418.fsp-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260682553_14669960_1254186492_418.fsp-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260682553_14669960_1254186492_418.fsp_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260682569_14669960_1254186653_803.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260682569_14669960_1254186653_803.fsp-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260682569_14669960_1254186653_803.fsp-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1260682569_14669960_1254186653_803.fsp_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264128005_5372255_1214552610_108.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264128005_5372255_1214552610_108.fsp-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264128005_5372255_1214552610_108.fsp-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264128005_5372255_1214552610_108.fsp_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264128072_13416434_1264053789_589.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264128072_13416434_1264053789_589.fsp-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264128072_13416434_1264053789_589.fsp-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264128072_13416434_1264053789_589.fsp_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264130795_14669960_1248165949_669.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264130795_14669960_1248165949_669.fsp-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264130795_14669960_1248165949_669.fsp-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264130795_14669960_1248165949_669.fsp_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264147274_4629932_1198114717_791.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264147274_4629932_1198114717_791.fsp-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264147274_4629932_1198114717_791.fsp-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264147274_4629932_1198114717_791.fsp_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264225430_5881262_1228116503_644.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264225430_5881262_1228116503_644.fsp-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264225430_5881262_1228116503_644.fsp-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264225430_5881262_1228116503_644.fsp_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264318502_5881262_1231225079_164.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264318502_5881262_1231225079_164.fsp-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264318502_5881262_1231225079_164.fsp-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1264318502_5881262_1231225079_164.fsp_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1266831111_4125403_1265442439_337.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1266831111_4125403_1265442439_337.fsp-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1266831111_4125403_1265442439_337.fsp-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1266831111_4125403_1265442439_337.fsp_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1266997364_1451101_1252810391_373.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1266997364_1451101_1252810391_373.fsp-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1266997364_1451101_1252810391_373.fsp-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1266997364_1451101_1252810391_373.fsp_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1266997371_1451101_1253415253_801.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1266997371_1451101_1253415253_801.fsp-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1266997371_1451101_1253415253_801.fsp-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1266997371_1451101_1253415253_801.fsp_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1267002319_14669960_1254014562_344.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1267002319_14669960_1254014562_344.fsp-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1267002319_14669960_1254014562_344.fsp-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1267002319_14669960_1254014562_344.fsp_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1267002336_5881262_1254704488_372.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1267002336_5881262_1254704488_372.fsp-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1267002336_5881262_1254704488_372.fsp-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1267002336_5881262_1254704488_372.fsp_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1276920772_18524595_1276062456_41.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1276920772_18524595_1276062456_41.fsp-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1276920772_18524595_1276062456_41.fsp-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1276920772_18524595_1276062456_41.fsp_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1276920780_18524595_1276757459_319.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1276920780_18524595_1276757459_319.fsp-150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1276920780_18524595_1276757459_319.fsp-m150.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\1276920780_18524595_1276757459_319.fsp_120.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\control\task.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\CaptionBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\CaptionCloseBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\CaptionMaxBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\CaptionMenuBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\CaptionMinBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\CaptionNormalBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\CaptionText.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\CaptionTextEn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\DiskWarnning.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\IeToolBarBack.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\IeToolBarBackEn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\IeToolBarBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\IeToolBarForward.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\IeToolBarForwardEn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\IeToolBarHomePage.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\IeToolBarHomePageEn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\IeToolBarRefresh.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\IeToolBarRefreshEn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ListHeaderBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ListHeaderSplid.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\MainNcFrameBtm.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\MainNcFrameLeft.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\MainNcFrameRight.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\MainNcFrameTop.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\MainNcLeftBtmCorner.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\MainNcLeftTopCorner.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\MainNcRightBtmCorner.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\MainNcRightTopCorner.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PauseAdCloseBtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayBarSplidRgn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayBarVolumeBarBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayBarVolumeBarBkgndRight.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayBarVolumeBarThumb.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayBarVolumeBarThumbHover.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayBufferInfoWndBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayBufferInfoWndLeft.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayBufferInfoWndRight.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnFullView.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnListHide.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnListShow.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnMute.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnNext.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnNormal.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnPause.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnPlay.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnPre.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnSetting.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnStop.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarBtnVolume.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayerBarSplid.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayInfoBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayInfoBkgndSel.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayInfoBtnAdd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayInfoBtnDel.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayInfoBtnMenu.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayInfoCurPlay.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlayInfoHeaderBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlaySplidBarBefore.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlaySplidBarBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlaySplidBarDownload.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlaySplidBarThumb.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlaySplidBarThumbDisable.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\PlaySplidBarThumbHover.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarDownArrow.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarDownArrowRound.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarUpArrow.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarUpArrowRound.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarVerBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarVerWidgetBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarVerWidgetBkgndHover.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarVerWidgetHead.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarVerWidgetHeadHover.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarVerWidgetMid.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarVerWidgetMidHover.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarVerWidgetTrail.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollBarVerWidgetTrailHover.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollLinkBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\ScrollLinkFrm.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\SettingDlgIcon.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\SplidBarBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\SplidBarMark.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\StatusBarBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\StatusBarLeft.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\StatusBarRight.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\StatusBarSplid.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskListRightLine.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskListStatIcons.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskListStatSelIcon.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskTabBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskTabBtnAll.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskTabBtnCycle.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskTabBtnDownload.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskTabBtnUpload.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskToolBarBkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskToolBarDelete.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskToolBarDeleteEn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskToolBarDownload.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskToolBarDownloadEn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskToolBarRestore.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskToolBarRestoreEn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskToolBarStop.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\TaskToolBarStopEn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\Thumbs.db (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\vodPlay.gif (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\vodPlayEn.gif (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\vodWeb.gif (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\skin\vodWebEn.gif (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\XPSP2Patch\evid4226-vc80-mt.exe (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\XPSP2Patch\FunshionInstall.exe (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\XPSP2Patch\install.ini (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\XPSP2Patch\InstallLangAm.dll (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\XPSP2Patch\bmps\3.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\XPSP2Patch\bmps\4.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\XPSP2Patch\bmps\5.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\XPSP2Patch\bmps\ch_fin.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\XPSP2Patch\bmps\ch_rcmd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\XPSP2Patch\bmps\Dialog.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\XPSP2Patch\bmps\en_fin.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Program Files\Funshion Online\Funshion\XPSP2Patch\bmps\en_rcmd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Funshion\Funshion Use Help.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Funshion\Funshion.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Funshion\Uninstall Funshion.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Funshion\Update History.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\DAPHNE_info.ini (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\flash-1.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\fsdxdiag.txt (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\fstracert.txt (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\install.ini (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\cache\Baiduflash\fxPlayer2.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\cache\cacheflash\blankFs.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\cache\cacheflash\donghua1_16.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\cache\cacheflash\donghua3_18.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\cache\flash\FunshionAD20100531.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\cache\flashNew\29B0CDD9_7DE9_35FE_B9A6_ACB5D9C5110A.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\cache\flashNew\2C1FDA59_859F_42AE_3293_1C8D9C787E00.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\cache\flashNew\2DE1E2A8_1154_B930_A17D_E2D9A592D8D4.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\cache\flashNew\30B3ED57_9FB7_6557_CF1A_45EDAC670475.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\cache\flashNew\343DE780_A288_7674_21B4_CA7ADACCEE96.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\cache\flashNew\40931B43_81A1_D499_AF89_8AED9251DE70.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\cache\flashNew\5EBCF96E_C789_5481_7281_53F249ED2D14.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\cache\flashNew\6AB03DE1_709E_2E56_3203_A5B7D5879727.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\cache\flashNew\6EFDAE2F_BC00_1CD6_C1E0_6FD528756920.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\cache\flashNew\8E32BF2E_0985_8A04_662B_5B6705FC4FB7.swf (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\historyTorrent\FunshionInstall2.1.0.28.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\Funshion\historyTorrent\????????-011.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\Funshion\historyTorrent\????????-012.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\Funshion\historyTorrent\???????-001.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\ini\httpfile.ini (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\ini\temp_config.ini (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\ini\ini\httpfile.ini (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\ini\ini\temp_config.ini (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\ini\ini\ini\httpfile.ini (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\ini\ini\ini\temp_config.ini (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\Seed\12694173_1242623862_690.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\Seed\14669960_1254186690_354.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\Seed\14669960_1254186702_771.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\update\AdLinkParamFile.fax (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\update\ad_define.fai (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\update\ad_material.fax (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\update\flashParam.txt (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\update\FunshionInstall2.0.0.29Beta.exe (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\update\FunshionInstall2.0.0.29Beta.exe.torrent (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\update\FunshionInstall2.1.0.26Beta.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\update\FunshionInstall2.1.0.28.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\update\Kj.xml (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\update\localad.fax (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\funshion\update\FunshionInstall2.1.0.28\FunshionInstall2.1.0.28.exe (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\TSE\Application Data\Microsoft\Internet Explorer\Quick Launch\Funshion.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Funshion.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\funshion.ini (Adware.Funshion) -> Quarantined and deleted successfully.
  • 0

#19
hammerman
Posted 29 July 2010 - 12:21 AM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,

Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic

  • 0

#20
small_love
Posted 31 July 2010 - 06:35 AM

small_love

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts
I finished the scan after 2 hours, and there are no threats found. I could not find the log.

My computer has been running fine but my Windows Live Messenger always encounters a problem when I try to open it. I've tried uninstalling+reinstalling but it still doesn't work. Is it related to Malware problems?
  • 0

#21
hammerman
Posted 31 July 2010 - 03:20 PM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,

Can you give me some details about what happens when you try to open Windows Live Messenger. Any error messages?

Run Malwarebytes' Anti-Malware.

  • Select the Update tab and then click Check for Updates. If an update is found, it will download and install the latest version.
  • Select the Scanner tab, select "Perform Quick Scan", then click Scan
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
  • 0

#22
small_love
Posted 01 August 2010 - 12:15 AM

small_love

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts
It tells me that MSN messenger has encountered a problem and needs to close. I just checked my email, and apparently someone is using my hotmail to send spam to other people I've never even heard of. I only knew this after I got an email like this...

~~~

This is an automatically generated Delivery Status Notification.

Delivery to the following recipients failed.

list of hotmail.com e-mail addresses

--Forwarded Message Attachment--
From: <name>@hotmail.com
Subject: hi
Date: Sat, 31 Jul 2010 05:58:12 -0700

how are you ?
Just received my iphone 3gs 32gb from this website: ( www.iinternetrade.com ) much cheaper than others and genuine . if you would like to get one,you can check it out,
all the best for
Regards,
MSN: hotmail.com e-mail address
E-mail: 188.com e-mail address

~~

Did they manage to get a hold of my password during the time I had the virus? ):

~~

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4376

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/31/2010 10:51:36 PM
mbam-log-2010-07-31 (22-51-36).txt

Scan type: Quick scan
Objects scanned: 131334
Time elapsed: 16 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Edited by hammerman, 01 August 2010 - 08:45 AM.

  • 0

#23
hammerman
Posted 01 August 2010 - 09:31 AM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,

I suggest you change your password.

Run OTL
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Custom Scans/Fixes box paste this in the following.


    netsvcs
    drivers32
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\*.wt
    %systemroot%\system32\*.ruy
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\Fonts\*.ini
    %systemroot%\Fonts\*.ini2
    %systemroot%\Fonts\*.exe
    %systemroot%\system32\spool\prtprocs\w32x86\*.*
    %systemroot%\REPAIR\*.bak1
    %systemroot%\REPAIR\*.ini
    %systemroot%\system32\*.jpg
    %systemroot%\*.jpg
    %systemroot%\*.png
    %systemroot%\*.scr
    %systemroot%\*._sy
    %APPDATA%\Adobe\Update\*.*
    %ALLUSERSPROFILE%\Favorites\*.*
    %APPDATA%\Microsoft\*.*
    %PROGRAMFILES%\*.*
    %APPDATA%\Update\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

  • Under Extra Registry select Use Safelist
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.

  • 0

#24
small_love
Posted 01 August 2010 - 07:31 PM

small_love

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts
OTL logfile created on: 8/1/2010 6:01:15 PM - Run 4
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\TSE\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 96.00 Mb Available Physical Memory | 19.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 54.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 66.56 Gb Total Space | 38.33 Gb Free Space | 57.59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DAPHNE
Current User Name: TSE
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\TSE\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\RocketDock\RocketDock.exe ()
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\AirLink101\AWLL3025V2\ZDWlan.exe ()
PRC - C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe (Acronis)
PRC - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\TSE\My Documents\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\Program Files\RocketDock\RocketDock.dll ()


========== Win32 Services (SafeList) ==========

SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\rswin_3725.dll ()
SRV - (TuneUp.Defrag) -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (AcrSch2Svc) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)


========== Driver Services (SafeList) ==========

DRV - (SysProtDrv.sys) -- C:\Documents and Settings\TSE\Desktop\SysProt\SysProtDrv.sys File not found
DRV - (PID_0920) Logitech QuickCam Express(PID_0920) -- C:\WINDOWS\System32\DRIVERS\LV532AV.SYS File not found
DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found
DRV - (catchme) -- C:\DOCUME~1\TSE\LOCALS~1\Temp\catchme.sys File not found
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (MpFilter) -- C:\WINDOWS\system32\drivers\MpFilter.sys (Microsoft Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (timounter) -- C:\WINDOWS\system32\DRIVERS\timntr.sys (Acronis)
DRV - (tifsfilter) -- C:\WINDOWS\system32\drivers\tifsfilt.sys (Acronis)
DRV - (snapman) -- C:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation)
DRV - (ZD1211U(ZyDAS)) ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS) -- C:\WINDOWS\system32\drivers\ZD1211U.sys (ZyDAS Technology Corporation)
DRV - (ZDPSp50) -- C:\WINDOWS\system32\drivers\ZDPSp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (SISAGP) -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys (Silicon Integrated Systems Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2535290
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E6 9C 32 34 E2 08 CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Messenger Plus Live CA-EN Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.5
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {DAD0F81A-CF67-4eed-98D6-26F6E47274CA}:1.4.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:3.6.5
FF - prefs.js..extensions.enabledItems: {d650973c-0444-4ac7-9d00-19e3613c83b9}:3.6.7
FF - prefs.js..network.proxy.http: "208.43.128.233"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/26 19:03:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/28 19:23:25 | 000,000,000 | ---D | M]

[2009/07/31 16:07:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TSE\Application Data\Mozilla\Extensions
[2010/07/31 22:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TSE\Application Data\Mozilla\Firefox\Profiles\yheurwen.default\extensions
[2010/03/26 22:50:19 | 000,000,000 | ---D | M] (Screengrab) -- C:\Documents and Settings\TSE\Application Data\Mozilla\Firefox\Profiles\yheurwen.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010/06/26 14:08:45 | 000,000,000 | ---D | M] (Full Flat) -- C:\Documents and Settings\TSE\Application Data\Mozilla\Firefox\Profiles\yheurwen.default\extensions\{6E1A2A2E-AE2A-4A26-A812-46F54288379E}(2)
[2010/07/14 19:53:13 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\TSE\Application Data\Mozilla\Firefox\Profiles\yheurwen.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/07/14 19:53:12 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\TSE\Application Data\Mozilla\Firefox\Profiles\yheurwen.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/06/26 19:12:54 | 000,000,000 | ---D | M] (Whitehart) -- C:\Documents and Settings\TSE\Application Data\Mozilla\Firefox\Profiles\yheurwen.default\extensions\{d650973c-0444-4ac7-9d00-19e3613c83b9}
[2010/06/26 14:08:46 | 000,000,000 | ---D | M] (Whitehart) -- C:\Documents and Settings\TSE\Application Data\Mozilla\Firefox\Profiles\yheurwen.default\extensions\{d650973c-0444-4ac7-9d00-19e3613c83b9}(2)
[2010/01/27 20:17:06 | 000,000,000 | ---D | M] (Tweak Network) -- C:\Documents and Settings\TSE\Application Data\Mozilla\Firefox\Profiles\yheurwen.default\extensions\{DAD0F81A-CF67-4eed-98D6-26F6E47274CA}
[2010/03/26 22:49:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TSE\Application Data\Mozilla\Firefox\Profiles\yheurwen.default\extensions\[email protected]
[2010/03/26 22:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TSE\Application Data\Mozilla\Firefox\Profiles\yheurwen.default\extensions\[email protected]
[2010/03/06 14:24:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TSE\Application Data\Mozilla\Firefox\Profiles\yheurwen.default\extensions\[email protected]
[2010/07/31 22:33:33 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/28 19:23:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/28 19:23:07 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/02/22 18:00:35 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll

O1 HOSTS File: ([2010/03/15 19:47:09 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No CLSID value found.
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O4 - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe (Acronis)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\IEEE 802.11g USB Wireless LAN Utility.lnk = C:\Program Files\AirLink101\AWLL3025V2\ZDWlan.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1248057170125 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\TSE\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\TSE\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/19 17:44:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /k:D *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17183584330711040)

========== Files/Folders - Created Within 30 Days ==========

[2010/07/31 03:11:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/07/31 02:46:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/07/28 20:06:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/07/28 20:06:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/07/28 19:23:25 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/07/28 19:23:25 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/07/28 19:23:25 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/07/28 19:23:25 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/07/28 19:23:25 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/07/28 19:18:54 | 016,062,240 | ---- | C] (Sun Microsystems, Inc.) -- C:\Documents and Settings\TSE\Desktop\jre-6u21-windows-i586.exe
[2010/07/21 04:22:18 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/07/19 04:55:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TSE\Local Settings\Application Data\Adobe
[2010/07/19 04:55:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/07/19 04:55:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TSE\Application Data\Adobe
[2010/07/18 13:27:26 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010/07/16 20:31:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\TSE\Recent
[2010/07/11 23:12:58 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2010/07/11 23:07:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/07/11 22:42:47 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/07/11 21:05:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/07/11 20:57:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Messenger_Plus_Live_CA-EN
[2010/07/11 02:44:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/07/11 02:22:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\AskToolbar
[2010/07/07 17:43:08 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/07/07 17:42:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TSE\Application Data\DAEMON Tools Lite
[2010/07/07 17:42:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/07/07 15:29:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TSE\Application Data\uTorrent

========== Files - Modified Within 30 Days ==========

[2010/08/01 17:37:38 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/08/01 17:30:43 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/01 17:30:21 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010/08/01 17:30:15 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/01 17:30:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/01 06:44:30 | 007,077,888 | ---- | M] () -- C:\Documents and Settings\TSE\ntuser.dat
[2010/08/01 06:43:40 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\TSE\ntuser.ini
[2010/07/31 18:48:21 | 030,346,068 | -H-- | M] () -- C:\Documents and Settings\TSE\Local Settings\Application Data\IconCache.db
[2010/07/31 15:46:44 | 001,618,792 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/07/31 03:13:41 | 000,001,839 | ---- | M] () -- C:\Documents and Settings\TSE\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk
[2010/07/31 01:15:13 | 000,084,760 | ---- | M] () -- C:\Documents and Settings\TSE\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/07/28 19:23:05 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/07/28 19:23:05 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/07/28 19:23:05 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/07/28 19:23:05 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/07/28 19:23:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/07/28 19:21:32 | 000,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/07/28 19:19:05 | 016,062,240 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\TSE\Desktop\jre-6u21-windows-i586.exe
[2010/07/26 06:11:04 | 000,000,607 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/22 18:15:45 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/07/20 17:28:42 | 000,000,435 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/18 19:26:08 | 000,492,248 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/07/18 19:26:08 | 000,435,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/07/18 19:26:08 | 000,068,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/07/18 14:47:32 | 000,000,020 | ---- | M] () -- C:\Documents and Settings\TSE\defogger_reenable
[2010/07/11 23:07:53 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk
[2010/07/11 22:48:12 | 000,000,708 | ---- | M] () -- C:\Documents and Settings\TSE\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/11 21:37:52 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\TSE\Local Settings\Application Data\prvlcl.dat
[2010/07/07 17:43:09 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys

========== Files Created - No Company Name ==========

[2010/07/31 03:13:41 | 000,001,839 | ---- | C] () -- C:\Documents and Settings\TSE\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk
[2010/07/28 18:48:53 | 000,000,708 | ---- | C] () -- C:\Documents and Settings\TSE\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/18 19:14:10 | 000,001,917 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/07/18 14:47:10 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\TSE\defogger_reenable
[2010/07/11 23:13:12 | 000,000,408 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/07/11 23:07:53 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk
[2010/07/08 21:56:32 | 007,077,888 | ---- | C] () -- C:\Documents and Settings\TSE\ntuser.dat
[2009/11/01 21:41:21 | 000,000,028 | ---- | C] () -- C:\WINDOWS\funshionplugin2.INI
[2009/08/19 02:35:50 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/07/20 14:16:09 | 000,000,504 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2009/07/19 17:56:58 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2009/07/19 17:56:58 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL
[2009/07/19 17:52:39 | 000,000,033 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2009/07/19 17:51:44 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2009/07/19 17:51:44 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2009/07/19 17:51:43 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2009/07/19 17:51:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2009/07/19 17:51:42 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2009/07/19 17:50:58 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL
[2008/09/15 17:14:24 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/09/15 17:12:02 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/09/15 17:12:02 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/09/15 17:11:10 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[1999/01/27 13:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 07:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009/07/19 19:15:55 | 000,001,024 | ---- | M] () -- C:\.rnd
[2009/07/19 17:44:00 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/02/15 18:20:29 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/03/15 19:22:47 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2009/07/19 17:44:00 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/07/19 17:44:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/07/19 17:44:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/14 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 05:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/08/01 17:30:07 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/07/19 17:43:27 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 05:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006/10/26 20:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008/07/06 03:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2009/07/19 19:21:21 | 000,001,634 | -H-- | M] () -- C:\Documents and Settings\TSE\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2009/07/19 10:03:59 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/07/19 10:03:59 | 001,089,536 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/07/19 10:03:59 | 000,888,832 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-07-19 02:40:04
< End of report >

OTL Extras logfile created on: 8/1/2010 6:01:15 PM - Run 4
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\TSE\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 96.00 Mb Available Physical Memory | 19.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 54.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 66.56 Gb Total Space | 38.33 Gb Free Space | 57.59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DAPHNE
Current User Name: TSE
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"57080:TCP" = 57080:TCP:*:Enabled:Pando Media Booster
"57080:UDP" = 57080:UDP:*:Enabled:Pando Media Booster
"1052:TCP" = 1052:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{11E94FDB-C895-45F1-B756-1C9B8C36C8F1}" = Microsoft IntelliType Pro 7.1
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 21
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{581CE7EA-A30D-0000-1211-088635773309}" = IEEE 802.11g USB Wireless LAN Adapter
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AAB93551-3FFE-42B2-8315-96252BBC1033}" = Nero 7 Essentials
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CA83357B-931E-44DC-AD43-9996FEEB8116}" = Acronis True Image
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"ATI Display Driver" = ATI Display Driver
"CAL" = Canon Camera Access Library
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"CCleaner" = CCleaner
"C-Media Audio" = C-Media 3D Audio
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"ie8" = Windows Internet Explorer 8
"Mabinogi" = Mabinogi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Essentials" = Microsoft Security Essentials
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"RealPlayer 6.0" = RealPlayer
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"RocketDock_is1" = RocketDock 1.3.5
"TeamViewer 5" = TeamViewer 5
"TuneUp Utilities" = TuneUp Utilities
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/31/2010 6:13:11 AM | Computer Name = DAPHNE | Source = Windows Live Messenger | ID = 1000
Description =

Error - 7/31/2010 6:15:10 AM | Computer Name = DAPHNE | Source = Windows Live Messenger | ID = 1000
Description =

Error - 7/31/2010 6:25:38 AM | Computer Name = DAPHNE | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 7/31/2010 6:25:38 AM | Computer Name = DAPHNE | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 7/31/2010 6:48:28 PM | Computer Name = DAPHNE | Source = Windows Live Messenger | ID = 1000
Description =

Error - 8/1/2010 1:22:16 AM | Computer Name = DAPHNE | Source = Windows Live Messenger | ID = 1000
Description =

Error - 8/1/2010 4:55:05 AM | Computer Name = DAPHNE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 8/1/2010 4:58:02 AM | Computer Name = DAPHNE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 8/1/2010 5:00:30 AM | Computer Name = DAPHNE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 8/1/2010 8:31:40 PM | Computer Name = DAPHNE | Source = Windows Live Messenger | ID = 1000
Description =


< End of report >
  • 0

#25
small_love
Posted 01 August 2010 - 07:31 PM

small_love

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts
OTL logfile created on: 8/1/2010 6:01:15 PM - Run 4
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\TSE\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 96.00 Mb Available Physical Memory | 19.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 54.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 66.56 Gb Total Space | 38.33 Gb Free Space | 57.59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DAPHNE
Current User Name: TSE
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\TSE\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\RocketDock\RocketDock.exe ()
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\AirLink101\AWLL3025V2\ZDWlan.exe ()
PRC - C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe (Acronis)
PRC - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\TSE\My Documents\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\Program Files\RocketDock\RocketDock.dll ()


========== Win32 Services (SafeList) ==========

SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\rswin_3725.dll ()
SRV - (TuneUp.Defrag) -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (AcrSch2Svc) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)


========== Driver Services (SafeList) ==========

DRV - (SysProtDrv.sys) -- C:\Documents and Settings\TSE\Desktop\SysProt\SysProtDrv.sys File not found
DRV - (PID_0920) Logitech QuickCam Express(PID_0920) -- C:\WINDOWS\System32\DRIVERS\LV532AV.SYS File not found
DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found
DRV - (catchme) -- C:\DOCUME~1\TSE\LOCALS~1\Temp\catchme.sys File not found
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (MpFilter) -- C:\WINDOWS\system32\drivers\MpFilter.sys (Microsoft Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (timounter) -- C:\WINDOWS\system32\DRIVERS\timntr.sys (Acronis)
DRV - (tifsfilter) -- C:\WINDOWS\system32\drivers\tifsfilt.sys (Acronis)
DRV - (snapman) -- C:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation)
DRV - (ZD1211U(ZyDAS)) ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS) -- C:\WINDOWS\system32\drivers\ZD1211U.sys (ZyDAS Technology Corporation)
DRV - (ZDPSp50) -- C:\WINDOWS\system32\drivers\ZDPSp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (SISAGP) -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys (Silicon Integrated Systems Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2535290
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E6 9C 32 34 E2 08 CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Messenger Plus Live CA-EN Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.5
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {DAD0F81A-CF67-4eed-98D6-26F6E47274CA}:1.4.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:3.6.5
FF - prefs.js..extensions.enabledItems: {d650973c-0444-4ac7-9d00-19e3613c83b9}:3.6.7
FF - prefs.js..network.proxy.http: "208.43.128.233"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/26 19:03:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/28 19:23:25 | 000,000,000 | ---D | M]

[2009/07/31 16:07:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TSE\Application Data\Mozilla\Extensions
[2010/07/31 22:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TSE\Application Data\Mozilla\Firefox\Profiles\yheurwen.default\extensions
[2010/03/26 22:50:19 | 000,000,000 | ---D | M] (Screengrab) -- C:\Documents and Settings\TSE\Application Data\Mozilla\Firefox\Profiles\yheurwen.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010/06/26 14:08:45 | 000,000,000 | ---D | M] (Full Flat) -- C:\Documents and Settings\TSE\Application Data\Mozilla\Firefox\Profiles\yheurwen.default\extensions\{6E1A2A2E-AE2A-4A26-A812-46F54288379E}(2)
[2010/07/14 19:53:13 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\TSE\Application Data\Mozilla\Firefox\Profiles\yheurwen.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/07/14 19:53:12 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\TSE\Application Data\Mozilla\Firefox\Profiles\yheurwen.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/06/26 19:12:54 | 000,000,000 | ---D | M] (Whitehart) -- C:\Documents and Settings\TSE\Application Data\Mozilla\Firefox\Profiles\yheurwen.default\extensions\{d650973c-0444-4ac7-9d00-19e3613c83b9}
[2010/06/26 14:08:46 | 000,000,000 | ---D | M] (Whitehart) -- C:\Documents and Settings\TSE\Application Data\Mozilla\Firefox\Profiles\yheurwen.default\extensions\{d650973c-0444-4ac7-9d00-19e3613c83b9}(2)
[2010/01/27 20:17:06 | 000,000,000 | ---D | M] (Tweak Network) -- C:\Documents and Settings\TSE\Application Data\Mozilla\Firefox\Profiles\yheurwen.default\extensions\{DAD0F81A-CF67-4eed-98D6-26F6E47274CA}
[2010/03/26 22:49:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TSE\Application Data\Mozilla\Firefox\Profiles\yheurwen.default\extensions\[email protected]
[2010/03/26 22:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TSE\Application Data\Mozilla\Firefox\Profiles\yheurwen.default\extensions\[email protected]
[2010/03/06 14:24:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TSE\Application Data\Mozilla\Firefox\Profiles\yheurwen.default\extensions\[email protected]
[2010/07/31 22:33:33 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/28 19:23:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/28 19:23:07 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/02/22 18:00:35 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll

O1 HOSTS File: ([2010/03/15 19:47:09 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No CLSID value found.
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O4 - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe (Acronis)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\IEEE 802.11g USB Wireless LAN Utility.lnk = C:\Program Files\AirLink101\AWLL3025V2\ZDWlan.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1248057170125 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\TSE\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\TSE\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/19 17:44:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /k:D *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17183584330711040)

========== Files/Folders - Created Within 30 Days ==========

[2010/07/31 03:11:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/07/31 02:46:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/07/28 20:06:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/07/28 20:06:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/07/28 19:23:25 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/07/28 19:23:25 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/07/28 19:23:25 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/07/28 19:23:25 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/07/28 19:23:25 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/07/28 19:18:54 | 016,062,240 | ---- | C] (Sun Microsystems, Inc.) -- C:\Documents and Settings\TSE\Desktop\jre-6u21-windows-i586.exe
[2010/07/21 04:22:18 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/07/19 04:55:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TSE\Local Settings\Application Data\Adobe
[2010/07/19 04:55:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/07/19 04:55:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TSE\Application Data\Adobe
[2010/07/18 13:27:26 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010/07/16 20:31:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\TSE\Recent
[2010/07/11 23:12:58 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2010/07/11 23:07:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/07/11 22:42:47 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/07/11 21:05:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/07/11 20:57:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Messenger_Plus_Live_CA-EN
[2010/07/11 02:44:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/07/11 02:22:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\AskToolbar
[2010/07/07 17:43:08 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/07/07 17:42:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TSE\Application Data\DAEMON Tools Lite
[2010/07/07 17:42:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/07/07 15:29:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TSE\Application Data\uTorrent

========== Files - Modified Within 30 Days ==========

[2010/08/01 17:37:38 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/08/01 17:30:43 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/01 17:30:21 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010/08/01 17:30:15 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/01 17:30:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/01 06:44:30 | 007,077,888 | ---- | M] () -- C:\Documents and Settings\TSE\ntuser.dat
[2010/08/01 06:43:40 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\TSE\ntuser.ini
[2010/07/31 18:48:21 | 030,346,068 | -H-- | M] () -- C:\Documents and Settings\TSE\Local Settings\Application Data\IconCache.db
[2010/07/31 15:46:44 | 001,618,792 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/07/31 03:13:41 | 000,001,839 | ---- | M] () -- C:\Documents and Settings\TSE\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk
[2010/07/31 01:15:13 | 000,084,760 | ---- | M] () -- C:\Documents and Settings\TSE\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/07/28 19:23:05 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/07/28 19:23:05 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/07/28 19:23:05 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/07/28 19:23:05 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/07/28 19:23:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/07/28 19:21:32 | 000,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/07/28 19:19:05 | 016,062,240 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\TSE\Desktop\jre-6u21-windows-i586.exe
[2010/07/26 06:11:04 | 000,000,607 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/22 18:15:45 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/07/20 17:28:42 | 000,000,435 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/18 19:26:08 | 000,492,248 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/07/18 19:26:08 | 000,435,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/07/18 19:26:08 | 000,068,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/07/18 14:47:32 | 000,000,020 | ---- | M] () -- C:\Documents and Settings\TSE\defogger_reenable
[2010/07/11 23:07:53 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk
[2010/07/11 22:48:12 | 000,000,708 | ---- | M] () -- C:\Documents and Settings\TSE\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/11 21:37:52 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\TSE\Local Settings\Application Data\prvlcl.dat
[2010/07/07 17:43:09 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys

========== Files Created - No Company Name ==========

[2010/07/31 03:13:41 | 000,001,839 | ---- | C] () -- C:\Documents and Settings\TSE\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk
[2010/07/28 18:48:53 | 000,000,708 | ---- | C] () -- C:\Documents and Settings\TSE\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/18 19:14:10 | 000,001,917 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/07/18 14:47:10 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\TSE\defogger_reenable
[2010/07/11 23:13:12 | 000,000,408 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/07/11 23:07:53 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk
[2010/07/08 21:56:32 | 007,077,888 | ---- | C] () -- C:\Documents and Settings\TSE\ntuser.dat
[2009/11/01 21:41:21 | 000,000,028 | ---- | C] () -- C:\WINDOWS\funshionplugin2.INI
[2009/08/19 02:35:50 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/07/20 14:16:09 | 000,000,504 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2009/07/19 17:56:58 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2009/07/19 17:56:58 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL
[2009/07/19 17:52:39 | 000,000,033 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2009/07/19 17:51:44 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2009/07/19 17:51:44 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2009/07/19 17:51:43 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2009/07/19 17:51:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2009/07/19 17:51:42 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2009/07/19 17:50:58 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL
[2008/09/15 17:14:24 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/09/15 17:12:02 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/09/15 17:12:02 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/09/15 17:11:10 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[1999/01/27 13:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 07:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009/07/19 19:15:55 | 000,001,024 | ---- | M] () -- C:\.rnd
[2009/07/19 17:44:00 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/02/15 18:20:29 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/03/15 19:22:47 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2009/07/19 17:44:00 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/07/19 17:44:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/07/19 17:44:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/14 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 05:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/08/01 17:30:07 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/07/19 17:43:27 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 05:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006/10/26 20:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008/07/06 03:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2009/07/19 19:21:21 | 000,001,634 | -H-- | M] () -- C:\Documents and Settings\TSE\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2009/07/19 10:03:59 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/07/19 10:03:59 | 001,089,536 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/07/19 10:03:59 | 000,888,832 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-07-19 02:40:04
< End of report >

OTL Extras logfile created on: 8/1/2010 6:01:15 PM - Run 4
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\TSE\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 96.00 Mb Available Physical Memory | 19.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 54.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 66.56 Gb Total Space | 38.33 Gb Free Space | 57.59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DAPHNE
Current User Name: TSE
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"57080:TCP" = 57080:TCP:*:Enabled:Pando Media Booster
"57080:UDP" = 57080:UDP:*:Enabled:Pando Media Booster
"1052:TCP" = 1052:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{11E94FDB-C895-45F1-B756-1C9B8C36C8F1}" = Microsoft IntelliType Pro 7.1
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 21
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{581CE7EA-A30D-0000-1211-088635773309}" = IEEE 802.11g USB Wireless LAN Adapter
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AAB93551-3FFE-42B2-8315-96252BBC1033}" = Nero 7 Essentials
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CA83357B-931E-44DC-AD43-9996FEEB8116}" = Acronis True Image
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"ATI Display Driver" = ATI Display Driver
"CAL" = Canon Camera Access Library
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"CCleaner" = CCleaner
"C-Media Audio" = C-Media 3D Audio
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"ie8" = Windows Internet Explorer 8
"Mabinogi" = Mabinogi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Essentials" = Microsoft Security Essentials
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"RealPlayer 6.0" = RealPlayer
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"RocketDock_is1" = RocketDock 1.3.5
"TeamViewer 5" = TeamViewer 5
"TuneUp Utilities" = TuneUp Utilities
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/31/2010 6:13:11 AM | Computer Name = DAPHNE | Source = Windows Live Messenger | ID = 1000
Description =

Error - 7/31/2010 6:15:10 AM | Computer Name = DAPHNE | Source = Windows Live Messenger | ID = 1000
Description =

Error - 7/31/2010 6:25:38 AM | Computer Name = DAPHNE | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 7/31/2010 6:25:38 AM | Computer Name = DAPHNE | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 7/31/2010 6:48:28 PM | Computer Name = DAPHNE | Source = Windows Live Messenger | ID = 1000
Description =

Error - 8/1/2010 1:22:16 AM | Computer Name = DAPHNE | Source = Windows Live Messenger | ID = 1000
Description =

Error - 8/1/2010 4:55:05 AM | Computer Name = DAPHNE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 8/1/2010 4:58:02 AM | Computer Name = DAPHNE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 8/1/2010 5:00:30 AM | Computer Name = DAPHNE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6004.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 8/1/2010 8:31:40 PM | Computer Name = DAPHNE | Source = Windows Live Messenger | ID = 1000
Description =


< End of report >
  • 0

Advertisements

#26
hammerman
Posted 02 August 2010 - 02:52 PM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,

Congratulations, your computer appears clean :)

Let's remove the tools we've been using.

Please follow these steps.

-- Step 1 --

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
DRV - (SysProtDrv.sys) -- C:\Documents and Settings\TSE\Desktop\SysProt\SysProtDrv.sys File not found
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.

:Files
ipconfig /flushdns /c

:Commands
[purity]
[emptytemp]
[emptyflash]
[start explorer]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • This fix will produce a report. Please add this to your reply.

-- Step 2 --

Follow these steps to uninstall Combofix and tools used in the removal of malware
  • Click START then RUN
  • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    Posted Image
-- Step 3 --
  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

There is some information here on how to carry out a clean install of Windows Live Messenger. If you have any more problems with this, post a new topic on the XP forum here. Please add a link to this topic so the tech experts know what we've done.

Here are some measures you can take to ensure that your computer remains clean.

1. Updates

Windows Updates

It is essential that you regularly check and install the latest Windows Updates. Vulnerabilities within Windows can leave your computer open to infection. Regular updates are released to fix these security vulnerabilities. It is recommended that you set Windows to check, download and install your updates automatically.

  • Click Start
  • Select Control Panel
  • Click on Automatic (recommended)
  • Set the day and time for the update check. Set this to a time when your computer will normally be on and connected to the internet.
  • Click Apply then OK.

Java Updates

As with Windows, Java also needs to be regularly updated to fix security vulnerabilites. You can download the latest version of the Java Runtime Environment (JRE) from here. Download, install and reboot your computer. You also need to uininstall older versions of Java.

  • Click Start
  • Select Control Panel
  • Select Add or Remove Programs
  • Remove all Java updates except the latest one you have just installed.

Adobe Updates

You should ensure you use the latest Adobe Acrobat Reader and install any security updates that are released. You can download the latest reader and updates from here.

Other Updates

Regularly check for updates for all your security programs including firewall, antivirus, antispyware etc

2. Security Programs

Here is a list of security programs that I would recommend.

Firewall

A firewall is essential to stop hackers infiltrating your computer. The following firewalls are free for personal use. Do not install more than one firewall.

Zone Alarm is an excellent free basic firewall which is very easy to use.
Online-Armor Free is a more advanced firewall which includes a Host Intrusion Protection System (HIPS). This ensures that unrecognised programs will not run unless you give permission.

Antivirus

An antivirus program is essential. The following antivirus programs are free for personal use. Do not use more than one antivirus and always update virus definitions regularly.

AVG
Avira Free
Avast

Anti-Malware

Malwarebytes Anti-Malware MBAM is an excellent anti-malware tool that should be updated and a Quick Scan performed regularly. A Full Scan does not have to be carried out on such a regular basis as the developers aim to detect the vast majority of malware with the Quick Scan. The scanner is free for on-demand scans only.

Ad-Aware, Spybot, SuperAntispyware and A-Squared Free are also very good anti-malware programs that are free for on-demand scans. Spybot has a real-time protection feature called TeaTimer.

Prevention

SpywareBlaster is an excellent free tool for preventing the installation of spyware.
SpywareGuard offers real-time protection so that spyware is detected and blocked before it can do any harm.

Cleaner

ATF Cleaner removes temporary Internet Explorer, Firefox and Windows files.

Browser

Firefox is an alternative browser to Internet Explorer and is more secure.
NoScript is an add-on for Firefox and prevents execution of malicious scripts.
MVPS is a HOSTS file to replace your existing file. This prevents you connecting to a list of well-known ad sites.
  • 0

#27
small_love
Posted 02 August 2010 - 10:03 PM

small_love

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts
Thank you so much for helping me remove the virus : )
A quick question, is AVG still recommended? I used it beforehand but saw the list of anti viruses recommended and I installed Microsoft Security Essentials instead. Should I reinstall AVG?

~~
All processes killed
========== OTL ==========
Service SysProtDrv.sys stopped successfully!
Service SysProtDrv.sys deleted successfully!
File C:\Documents and Settings\TSE\Desktop\SysProt\SysProtDrv.sys File not found not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\TSE\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\TSE\My Documents\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 25444 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: TSE
->Temp folder emptied: 58944193 bytes
->Temporary Internet Files folder emptied: 9934673 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 57891287 bytes
->Flash cache emptied: 9131 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1117755 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 105426 bytes

Total Files Cleaned = 122.00 mb


[EMPTYFLASH]

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService

User: TSE
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.9.0 log created on 08022010_205244

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_6f0.dat not found!

Registry entries deleted on Reboot...
  • 0

#28
hammerman
Posted 03 August 2010 - 12:29 AM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,

My preference at the moment is for Avast but MSE will do fine. Don't install AVG.
  • 0

#29
small_love
Posted 03 August 2010 - 05:14 AM

small_love

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts
MSN works fine now too~ 고마워 ^^
  • 0

#30
hammerman
Posted 03 August 2010 - 03:03 PM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
You're welcome. Stay safe :)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP