Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Corrupted ci.dll file


  • This topic is locked This topic is locked
13 replies to this topic

#1 Jtkw

Jtkw

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:56 AM

Posted 10 June 2011 - 09:21 AM

Hi guys,
I have a problem with my computer, it fails to boot up due to a corrupted ci.dll file. So I am stuck at the repair page of my computer. I have read several threads with similar issues, thus I have run Farbar Recovery Scan Tool and here is the log.
Thanks in advance for the help.


Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.0.8
Ran by SYSTEM at 2011-06-10 22:09:21
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry ==========================

HKLM\...\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [112512 2010-03-12] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [249064 2010-10-28] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-09] (Adobe Systems Incorporated)
HKU\Default\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [1475072 2009-07-13] (Microsoft Corporation)
HKU\Default\...\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\Default User\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [1475072 2009-07-13] (Microsoft Corporation)
HKU\Default User\...\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\Jevontkw\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [3872080 2010-04-16] (Microsoft Corporation)
HKU\Jevontkw\...\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" [399736 2011-04-09] (BitTorrent, Inc.)
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2009-07-13] (Microsoft Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [30208 2009-07-13] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] userinit.exe [30208 2009-07-13] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] explorer.exe [2870272 2011-02-25] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [2870272 2011-02-25] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1


==================== Services ====================

3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-13] (Microsoft Corporation)
3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-13] (Microsoft Corporation)
2 AMD External Events Utility; C:\Windows\System32\atiesrxx.exe [202752 2010-04-26] (AMD)
3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-13] (Microsoft Corporation)
3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2009-07-13] (Microsoft Corporation)
2 Apple Mobile Device; "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [37664 2010-10-15] (Apple Inc.)
3 aspnet_state; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [44376 2010-03-18] (Microsoft Corporation)
2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [676864 2009-07-13] (Microsoft Corporation)
2 AudioSrv; C:\Windows\System32\Audiosrv.dll [676864 2009-07-13] (Microsoft Corporation)
3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2009-07-13] (Microsoft Corporation)
3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-13] (Microsoft Corporation)
2 BFE; C:\Windows\System32\bfe.dll [703488 2009-07-13] (Microsoft Corporation)
3 BITS; C:\Windows\System32\qmgr.dll [848384 2009-07-13] (Microsoft Corporation)
2 Bonjour Service; "C:\Program Files (x86)\Bonjour\mDNSResponder.exe" [345376 2010-10-06] (Apple Inc.)
3 Browser; C:\Windows\System32\browser.dll [136192 2009-07-13] (Microsoft Corporation)
3 bthserv; C:\Windows\System32\bthserv.dll [83968 2009-07-13] (Microsoft Corporation)
3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2009-07-13] (Microsoft Corporation)
2 cfWiMAXService; "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe" [249200 2010-01-28] (TOSHIBA CORPORATION)
4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66384 2009-06-10] (Microsoft Corporation)
4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation)
2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-17] (Microsoft Corporation)
2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [138576 2010-03-17] (Microsoft Corporation)
3 COMSysApp; C:\Windows\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [9728 2009-07-13] (Microsoft Corporation)
2 ConfigFree Service; "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe" [46448 2009-03-10] (TOSHIBA CORPORATION)
3 CryptSvc; C:\Windows\System32\cryptsvc.dll [175104 2009-07-13] (Microsoft Corporation)
2 DcomLaunch; C:\Windows\System32\rpcss.dll [509440 2009-07-13] (Microsoft Corporation)
3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-13] (Microsoft Corporation)
2 Dhcp; C:\Windows\System32\dhcpcore.dll [314368 2009-07-13] (Microsoft Corporation)
2 Dnscache; C:\Windows\System32\dnsrslvr.dll [182272 2011-03-02] (Microsoft Corporation)
3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2009-07-13] (Microsoft Corporation)
2 DPS; C:\Windows\System32\dps.dll [162816 2009-07-13] (Microsoft Corporation)
3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-13] (Microsoft Corporation)
3 EFS; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696320 2010-08-03] (Microsoft Corporation)
3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-13] (Microsoft Corporation)
2 eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
2 EventSystem; C:\Windows\System32\es.dll [402944 2009-07-13] (Microsoft Corporation)
3 Fax; C:\Windows\System32\fxssvc.exe [689152 2009-07-13] (Microsoft Corporation)
3 fdPHost; C:\Windows\System32\fdPHost.dll [16384 2009-07-13] (Microsoft Corporation)
3 FDResPub; C:\Windows\System32\fdrespub.dll [34816 2009-07-13] (Microsoft Corporation)
2 FontCache; C:\Windows\System32\FntCache.dll [1135104 2011-02-18] (Microsoft Corporation)
3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42840 2009-06-10] (Microsoft Corporation)
3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [206072 2010-10-12] (WildTangent, Inc.)
2 gpsvc; C:\Windows\System32\gpsvc.dll [776192 2009-07-13] (Microsoft Corporation)
2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc [136176 2010-12-06] (Google Inc.)
3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc [136176 2010-12-06] (Google Inc.)
3 hidserv; C:\Windows\System32\hidserv.dll [38912 2009-07-13] (Microsoft Corporation)
3 hkmsvc; C:\Windows\System32\kmsvc.dll [90624 2009-07-13] (Microsoft Corporation)
3 HomeGroupListener; C:\Windows\System32\ListSvc.dll [231936 2009-07-13] (Microsoft Corporation)
3 HomeGroupProvider; C:\Windows\System32\provsvc.dll [187904 2009-07-13] (Microsoft Corporation)
3 idsvc; "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe" [856384 2009-06-10] (Microsoft Corporation)
2 IKEEXT; C:\Windows\System32\ikeext.dll [845824 2009-07-13] (Microsoft Corporation)
3 IPBusEnum; C:\Windows\System32\ipbusenum.dll [101888 2009-07-13] (Microsoft Corporation)
2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [565760 2009-07-13] (Microsoft Corporation)
3 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [932640 2010-11-17] (Apple Inc.)
3 KeyIso; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 KtmRm; C:\Windows\System32\msdtckrm.dll [368640 2009-07-13] (Microsoft Corporation)
2 LanmanServer; C:\Windows\System32\srvsvc.dll [236032 2010-08-26] (Microsoft Corporation)
2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2009-07-13] (Microsoft Corporation)
2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2151128 2011-05-16] (Lavasoft Limited)
3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-13] (Microsoft Corporation)
2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-13] (Microsoft Corporation)
2 LMS; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [268824 2010-03-03] (Intel Corporation)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
4 Mcx2Svc; C:\Windows\System32\Mcx2Svc.dll [84480 2009-07-13] (Microsoft Corporation)
2 MMCSS; C:\Windows\System32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
2 MpsSvc; C:\Windows\System32\mpssvc.dll [824832 2009-07-13] (Microsoft Corporation)
3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-13] (Microsoft Corporation)
3 MSiSCSI; C:\Windows\System32\iscsiexe.dll [156672 2009-07-13] (Microsoft Corporation)
3 msiserver; C:\Windows\System32\msiexec.exe /V [127488 2009-07-13] (Microsoft Corporation)
3 napagent; C:\Windows\System32\qagentRT.dll [475648 2009-07-13] (Microsoft Corporation)
3 Netlogon; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-13] (Microsoft Corporation)
4 NetMsmqActivator; "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator [124240 2010-03-17] (Microsoft Corporation)
4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [124240 2010-03-17] (Microsoft Corporation)
3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-13] (Microsoft Corporation)
4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [124240 2010-03-17] (Microsoft Corporation)
4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [124240 2010-03-17] (Microsoft Corporation)
2 NlaSvc; C:\Windows\System32\nlasvc.dll [302080 2009-07-13] (Microsoft Corporation)
2 nsi; C:\Windows\System32\nsisvc.dll [25600 2009-07-13] (Microsoft Corporation)
3 ose64; "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [174440 2010-01-09] (Microsoft Corporation)
3 osppsvc; "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" [4925184 2010-01-09] (Microsoft Corporation)
3 p2pimsvc; C:\Windows\System32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
3 p2psvc; C:\Windows\System32\p2psvc.dll [438784 2009-07-13] (Microsoft Corporation)
2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-13] (Microsoft Corporation)
3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-13] (Microsoft Corporation)
3 pla; C:\Windows\System32\pla.dll [1390080 2009-07-13] (Microsoft Corporation)
2 PlugPlay; C:\Windows\System32\umpnpmgr.dll [404480 2009-07-13] (Microsoft Corporation)
3 PNRPAutoReg; C:\Windows\System32\pnrpauto.dll [25088 2009-07-13] (Microsoft Corporation)
3 PNRPsvc; C:\Windows\System32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [500224 2009-07-13] (Microsoft Corporation)
2 Power; C:\Windows\System32\umpo.dll [163840 2009-07-13] (Microsoft Corporation)
2 ProfSvc; C:\Windows\System32\profsvc.dll [208384 2009-07-13] (Microsoft Corporation)
3 ProtectedStorage; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-13] (Microsoft Corporation)
3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-13] (Microsoft Corporation)
3 RasMan; C:\Windows\System32\rasmans.dll [343552 2009-07-13] (Microsoft Corporation)
4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-13] (Microsoft Corporation)
3 RemoteRegistry; C:\Windows\System32\regsvc.dll [159232 2009-07-13] (Microsoft Corporation)
2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-13] (Microsoft Corporation)
3 RpcLocator; C:\Windows\System32\locator.exe [10240 2009-07-13] (Microsoft Corporation)
2 RpcSs; C:\Windows\System32\rpcss.dll [509440 2009-07-13] (Microsoft Corporation)
2 SamSs; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-25] (Safer Networking Ltd.)
3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-13] (Microsoft Corporation)
2 Schedule; C:\Windows\System32\schedsvc.dll [1114624 2010-11-01] (Microsoft Corporation)
3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2009-07-13] (Microsoft Corporation)
3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2009-07-13] (Microsoft Corporation)
2 SeaPort; "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" [249136 2010-05-13] (Microsoft Corporation)
3 seclogon; C:\Windows\system32\seclogon.dll [30720 2009-07-13] (Microsoft Corporation)
2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-13] (Microsoft Corporation)
3 SensrSvc; C:\Windows\System32\sensrsvc.dll [29184 2009-07-13] (Microsoft Corporation)
3 SessionEnv; C:\Windows\System32\sessenv.dll [104960 2009-07-13] (Microsoft Corporation)
2 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-13] (Microsoft Corporation)
2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [369664 2009-07-13] (Microsoft Corporation)
3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-13] (Microsoft Corporation)
2 Spooler; C:\Windows\System32\spoolsv.exe [558592 2010-08-20] (Microsoft Corporation)
2 sppsvc; C:\Windows\System32\sppsvc.exe [3524608 2009-07-13] (Microsoft Corporation)
3 sppuinotify; C:\Windows\System32\sppuinotify.dll [65536 2009-07-13] (Microsoft Corporation)
3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-13] (Microsoft Corporation)
3 SstpSvc; C:\Windows\System32\sstpsvc.dll [75264 2009-07-13] (Microsoft Corporation)
3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService [403240 2011-04-21] (Valve Corporation)
2 stisvc; C:\Windows\System32\wiaservc.dll [578560 2009-07-13] (Microsoft Corporation)
3 SwitchBoard; "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [517096 2010-02-18] (Adobe Systems Incorporated)
3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-13] (Microsoft Corporation)
2 SysMain; C:\Windows\System32\sysmain.dll [1780736 2009-07-13] (Microsoft Corporation)
3 TabletInputService; C:\Windows\System32\TabSvc.dll [93184 2009-07-13] (Microsoft Corporation)
3 TapiSrv; C:\Windows\System32\tapisrv.dll [316416 2009-07-13] (Microsoft Corporation)
3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-13] (Microsoft Corporation)
2 TeamViewer6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2228008 2010-12-07] (TeamViewer GmbH)
3 TemproMonitoringService; "C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe" [124368 2010-02-10] (Toshiba Europe GmbH)
3 TermService; C:\Windows\System32\termsrv.dll [706560 2009-07-13] (Microsoft Corporation)
2 Themes; C:\Windows\System32\themeservice.dll [44544 2009-07-13] (Microsoft Corporation)
3 THREADORDER; C:\Windows\System32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
3 TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [51512 2009-10-06] (TOSHIBA Corporation)
2 TODDSrv; C:\Windows\system32\TODDSrv.exe [140632 2009-07-28] (TOSHIBA Corporation)
2 TosCoSrv; "C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe" [489312 2009-11-05] (TOSHIBA Corporation)
2 TOSHIBA eco Utility Service; "C:\Program Files\TOSHIBA\TECO\TecoService.exe" [258928 2010-03-17] (TOSHIBA Corporation)
3 TOSHIBA HDD SSD Alert Service; "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe" [137560 2010-02-05] (TOSHIBA Corporation)
3 TPCHSrv; "C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe" [835952 2010-02-23] (TOSHIBA Corporation)
2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-13] (Microsoft Corporation)
3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2009-07-13] (Microsoft Corporation)
3 UI0Detect; C:\Windows\System32\UI0Detect.exe [40960 2009-07-13] (Microsoft Corporation)
2 UNS; "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" [2320920 2010-03-03] (Intel Corporation)
3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-13] (Microsoft Corporation)
2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-13] (Microsoft Corporation)
3 VaultSvc; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 vds; C:\Windows\System32\vds.exe [532480 2009-07-13] (Microsoft Corporation)
3 VSS; C:\Windows\System32\vssvc.exe [1598976 2009-07-13] (Microsoft Corporation)
3 W32Time; C:\Windows\System32\w32time.dll [381952 2009-07-13] (Microsoft Corporation)
3 WatAdminSvc; C:\Windows\System32\Wat\WatAdminSvc.exe [1255736 2010-12-08] (Microsoft Corporation)
3 wbengine; "C:\Windows\system32\wbengine.exe" [1503744 2009-07-13] (Microsoft Corporation)
3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-13] (Microsoft Corporation)
3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-09-13] (Microsoft Corporation)
3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-13] (Microsoft Corporation)
3 WdiServiceHost; C:\Windows\System32\wdi.dll [90624 2009-07-13] (Microsoft Corporation)
3 WdiSystemHost; C:\Windows\System32\wdi.dll [90624 2009-07-13] (Microsoft Corporation)
3 WebClient; C:\Windows\System32\webclnt.dll [258048 2010-12-20] (Microsoft Corporation)
3 Wecsvc; C:\Windows\System32\wecsvc.dll [237568 2009-07-13] (Microsoft Corporation)
3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-13] (Microsoft Corporation)
3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-13] (Microsoft Corporation)
2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
3 WinHttpAutoProxySvc; winhttp.dll [442880 2010-12-20] (Microsoft Corporation)
2 Winmgmt; C:\Windows\System32\wbem\WMIsvc.dll [242688 2009-07-13] (Microsoft Corporation)
3 WinRM; C:\Windows\System32\WsmSvc.dll [2018816 2009-07-13] (Microsoft Corporation)
2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-13] (Microsoft Corporation)
2 wlidsvc; "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [2291568 2009-08-18] (Microsoft Corporation)
3 wmiApSrv; C:\Windows\System32\wbem\WmiApSrv.exe [203264 2009-07-13] (Microsoft Corporation)
2 WMPNetworkSvc; "C:\Program Files\Windows Media Player\wmpnetwk.exe" [1525248 2009-07-13] (Microsoft Corporation)
3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-13] (Microsoft Corporation)
3 WPDBusEnum; C:\Windows\System32\wpdbusenum.dll [116736 2009-07-13] (Microsoft Corporation)
2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2010-12-20] (Microsoft Corporation)
2 WSearch; C:\Windows\System32\SearchIndexer.exe /Embedding [593408 2009-07-13] (Microsoft Corporation)
2 wuauserv; C:\Windows\System32\wuaueng.dll [2418176 2009-07-13] (Microsoft Corporation)
2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [75264 2009-07-13] (Microsoft Corporation)
3 WwanSvc; C:\Windows\System32\wwansvc.dll [229888 2009-07-13] (Microsoft Corporation)
2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe [x]
2 Nero BackItUp Scheduler 4.0; c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [x]

==================== Drivers ====================

3 1394ohci; C:\Windows\System32\DRIVERS\1394ohci.sys [227840 2009-07-13] (Microsoft Corporation)
0 ACPI; C:\Windows\System32\DRIVERS\ACPI.sys [334416 2009-07-13] (Microsoft Corporation)
3 AcpiPmi; C:\Windows\System32\DRIVERS\acpipmi.sys [12288 2009-07-13] (Microsoft Corporation)
3 adp94xx; C:\Windows\System32\DRIVERS\adp94xx.sys [491088 2009-07-13] (Adaptec, Inc.)
3 adpahci; C:\Windows\System32\DRIVERS\adpahci.sys [339536 2009-07-13] (Adaptec, Inc.)
3 adpu320; C:\Windows\System32\DRIVERS\adpu320.sys [182864 2009-07-13] (Adaptec, Inc.)
1 AFD; C:\Windows\System32\drivers\afd.sys [500224 2009-07-13] (Microsoft Corporation)
3 AgereSoftModem; C:\Windows\System32\DRIVERS\agrsm64.sys [1146880 2009-06-10] (LSI Corp)
3 agp440; C:\Windows\System32\DRIVERS\agp440.sys [61008 2009-07-13] (Microsoft Corporation)
3 aliide; C:\Windows\System32\DRIVERS\aliide.sys [15440 2009-07-13] (Acer Laboratories Inc.)
3 amdide; C:\Windows\System32\DRIVERS\amdide.sys [15440 2009-07-13] (Microsoft Corporation)
3 AmdK8; C:\Windows\System32\DRIVERS\amdk8.sys [64512 2009-07-13] (Microsoft Corporation)
3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6659072 2010-04-26] (ATI Technologies Inc.)
3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [195584 2010-04-26] (Advanced Micro Devices, Inc.)
3 AmdPPM; C:\Windows\System32\DRIVERS\amdppm.sys [60928 2009-07-13] (Microsoft Corporation)
3 amdsata; C:\Windows\System32\drivers\amdsata.sys [107904 2011-03-10] (Advanced Micro Devices)
3 amdsbs; C:\Windows\System32\DRIVERS\amdsbs.sys [194128 2009-07-13] (AMD Technologies Inc.)
0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-10] (Advanced Micro Devices)
3 AppID; C:\Windows\System32\drivers\appid.sys [61440 2009-07-13] (Microsoft Corporation)
3 arc; C:\Windows\System32\DRIVERS\arc.sys [87632 2009-07-13] (Adaptec, Inc.)
3 arcsas; C:\Windows\System32\DRIVERS\arcsas.sys [97856 2009-07-13] (Adaptec, Inc.)
3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-13] (Microsoft Corporation)
0 atapi; C:\Windows\System32\DRIVERS\atapi.sys [24128 2009-07-13] (Microsoft Corporation)
3 athr; C:\Windows\System32\DRIVERS\athrx.sys [1394688 2009-06-19] (Atheros Communications, Inc.)
3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6659072 2010-04-26] (ATI Technologies Inc.)
3 b06bdrv; C:\Windows\System32\DRIVERS\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation)
3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation)
1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-13] (Microsoft Corporation)
1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-13] (Microsoft Corporation)
3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-22] (Microsoft Corporation)
3 BrFiltLo; C:\Windows\System32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.)
3 BrFiltUp; C:\Windows\System32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.)
3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-13] (Brother Industries Ltd.)
3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.)
3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.)
3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.)
3 BTHMODEM; C:\Windows\System32\DRIVERS\bthmodem.sys [72192 2009-07-13] (Microsoft Corporation)
4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-13] (Microsoft Corporation)
1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2009-07-13] (Microsoft Corporation)
3 circlass; C:\Windows\System32\DRIVERS\circlass.sys [45568 2009-07-13] (Microsoft Corporation)
0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-13] (Microsoft Corporation)
3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [17664 2009-07-13] (Microsoft Corporation)
3 cmdide; C:\Windows\System32\DRIVERS\cmdide.sys [17488 2009-07-13] (CMD Technology, Inc.)
0 CNG; C:\Windows\System32\Drivers\cng.sys [460504 2009-07-13] (Microsoft Corporation)
3 CnxtHdAudService; C:\Windows\System32\drivers\CHDRT64.sys [724536 2010-03-31] (Conexant Systems Inc.)
3 CnxtHdmiAudService; C:\Windows\System32\drivers\CHDMI64.sys [720952 2010-03-05] (Conexant Systems Inc.)
0 Compbatt; C:\Windows\System32\DRIVERS\compbatt.sys [21584 2009-07-13] (Microsoft Corporation)
3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2009-07-13] (Microsoft Corporation)
4 crcdisk; C:\Windows\System32\DRIVERS\crcdisk.sys [24144 2009-07-13] (Microsoft Corporation)
1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2009-07-13] (Microsoft Corporation)
1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-13] (Microsoft Corporation)
0 Disk; C:\Windows\System32\DRIVERS\disk.sys [73280 2009-07-13] (Microsoft Corporation)
3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-13] (Microsoft Corporation)
3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [982912 2011-01-25] (Microsoft Corporation)
3 ebdrv; C:\Windows\System32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
3 elxstor; C:\Windows\System32\DRIVERS\elxstor.sys [530496 2009-07-13] (Emulex)
3 ErrDev; C:\Windows\System32\DRIVERS\errdev.sys [9728 2009-07-13] (Microsoft Corporation)
3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-13] (Microsoft Corporation)
3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-13] (Microsoft Corporation)
3 fdc; C:\Windows\System32\DRIVERS\fdc.sys [29696 2009-07-13] (Microsoft Corporation)
0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-13] (Microsoft Corporation)
3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-13] (Microsoft Corporation)
3 flpydisk; C:\Windows\System32\DRIVERS\flpydisk.sys [24576 2009-07-13] (Microsoft Corporation)
0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [290368 2009-07-13] (Microsoft Corporation)
3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-13] (Microsoft Corporation)
0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23104 2009-07-13] (Microsoft Corporation)
0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223448 2009-09-25] (Microsoft Corporation)
3 FwLnk; C:\Windows\System32\DRIVERS\FwLnk.sys [9216 2009-07-06] (TOSHIBA Corporation)
3 gagp30kx; C:\Windows\System32\DRIVERS\gagp30kx.sys [65088 2009-07-13] (Microsoft Corporation)
3 GEARAspiWDM; C:\Windows\System32\DRIVERS\GEARAspiWDM.sys [34152 2009-05-17] (GEAR Software Inc.)
3 hcw85cir; C:\Windows\System32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.)
3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2009-07-13] (Microsoft Corporation)
3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2009-07-13] (Microsoft Corporation)
3 HECIx64; C:\Windows\System32\DRIVERS\HECIx64.sys [56344 2009-09-17] (Intel Corporation)
3 HidBatt; C:\Windows\System32\DRIVERS\HidBatt.sys [26624 2009-07-13] (Microsoft Corporation)
3 HidBth; C:\Windows\System32\DRIVERS\hidbth.sys [100864 2009-07-13] (Microsoft Corporation)
3 HidIr; C:\Windows\System32\DRIVERS\hidir.sys [46592 2009-07-13] (Microsoft Corporation)
2 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2009-07-13] (Microsoft Corporation)
3 HpSAMD; C:\Windows\System32\DRIVERS\HpSAMD.sys [77888 2009-07-13] (Hewlett-Packard Company)
3 HTTP; C:\Windows\System32\drivers\HTTP.sys [751616 2009-07-13] (Microsoft Corporation)
0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14416 2009-07-13] (Microsoft Corporation)
3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [105472 2009-07-13] (Microsoft Corporation)
0 iaStor; C:\Windows\System32\DRIVERS\iaStor.sys [538136 2010-01-15] (Intel Corporation)
3 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [410496 2011-03-10] (Intel Corporation)
3 iirsp; C:\Windows\System32\DRIVERS\iirsp.sys [44112 2009-07-13] (Intel Corp./ICP vortex GmbH)
3 intelide; C:\Windows\System32\DRIVERS\intelide.sys [16960 2009-07-13] (Microsoft Corporation)
3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-13] (Microsoft Corporation)
3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2009-07-13] (Microsoft Corporation)
3 IPMIDRV; C:\Windows\System32\DRIVERS\IPMIDrv.sys [78848 2009-07-13] (Microsoft Corporation)
3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-13] (Microsoft Corporation)
3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-13] (Microsoft Corporation)
3 isapnp; C:\Windows\System32\DRIVERS\isapnp.sys [20544 2009-07-13] (Microsoft Corporation)
3 iScsiPrt; C:\Windows\System32\DRIVERS\msiscsi.sys [224832 2009-07-13] (Microsoft Corporation)
3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-13] (Microsoft Corporation)
3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2009-07-13] (Microsoft Corporation)
0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95312 2009-07-13] (Microsoft Corporation)
0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [153160 2009-12-11] (Microsoft Corporation)
3 ksthunk; C:\Windows\System32\drivers\ksthunk.sys [20992 2009-07-13] (Microsoft Corporation)
3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [75304 2010-02-22] (Atheros Communications, Inc.)
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-02-04] ()
0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69152 2010-12-03] (Lavasoft AB)
2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-13] (Microsoft Corporation)
3 LSI_FC; C:\Windows\System32\DRIVERS\lsi_fc.sys [114752 2009-07-13] (LSI Corporation)
3 LSI_SAS; C:\Windows\System32\DRIVERS\lsi_sas.sys [106560 2009-07-13] (LSI Corporation)
3 LSI_SAS2; C:\Windows\System32\DRIVERS\lsi_sas2.sys [65600 2009-07-13] (LSI Corporation)
3 LSI_SCSI; C:\Windows\System32\DRIVERS\lsi_scsi.sys [115776 2009-07-13] (LSI Corporation)
2 luafv; C:\Windows\System32\drivers\luafv.sys [113152 2009-07-13] (Microsoft Corporation)
3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [255552 2009-02-24] (MagicISO, Inc.)
3 megasas; C:\Windows\System32\DRIVERS\megasas.sys [35392 2009-07-13] (LSI Corporation)
3 MegaSR; C:\Windows\System32\DRIVERS\MegaSR.sys [284736 2009-07-13] (LSI Corporation, Inc.)
3 Mkd2Nadr; C:\Windows\System32\drivers\Mkd2Nadr.sys [106040 2009-03-11] (AhnLab, Inc.)
3 Mkd3kfNt; C:\Windows\System32\drivers\Mkd3kfNt.sys [180280 2009-08-17] (AhnLab, Inc.)
3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-13] (Microsoft Corporation)
3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-13] (Microsoft Corporation)
3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-13] (Microsoft Corporation)
3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-13] (Microsoft Corporation)
0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94784 2009-07-13] (Microsoft Corporation)
3 mpio; C:\Windows\System32\DRIVERS\mpio.sys [155216 2009-07-13] (Microsoft Corporation)
3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-13] (Microsoft Corporation)
3 MRxDAV; C:\Windows\System32\drivers\mrxdav.sys [140800 2009-07-13] (Microsoft Corporation)
3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [157696 2011-02-22] (Microsoft Corporation)
3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [286720 2011-02-22] (Microsoft Corporation)
3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [126464 2011-02-22] (Microsoft Corporation)
0 msahci; C:\Windows\System32\DRIVERS\msahci.sys [30272 2009-07-13] (Microsoft Corporation)
3 msdsm; C:\Windows\System32\DRIVERS\msdsm.sys [140352 2009-07-13] (Microsoft Corporation)
1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-13] (Microsoft Corporation)
3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-13] (Microsoft Corporation)
0 msisadrv; C:\Windows\System32\DRIVERS\msisadrv.sys [15424 2009-07-13] (Microsoft Corporation)
3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-13] (Microsoft Corporation)
3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-13] (Microsoft Corporation)
3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-13] (Microsoft Corporation)
3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [367168 2009-07-13] (Microsoft Corporation)
1 mssmbios; C:\Windows\System32\DRIVERS\mssmbios.sys [32320 2009-07-13] (Microsoft Corporation)
3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-13] (Microsoft Corporation)
3 MTConfig; C:\Windows\System32\DRIVERS\MTConfig.sys [15360 2009-07-13] (Microsoft Corporation)
0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-13] (Microsoft Corporation)
3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-13] (Microsoft Corporation)
0 NDIS; C:\Windows\System32\drivers\ndis.sys [947776 2009-07-13] (Microsoft Corporation)
3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-13] (Microsoft Corporation)
3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-13] (Microsoft Corporation)
3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56320 2009-07-13] (Microsoft Corporation)
3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2009-07-13] (Microsoft Corporation)
3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2009-07-13] (Microsoft Corporation)
3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2010-04-19] (Apple Inc.)
1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-13] (Microsoft Corporation)
1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [259072 2009-07-13] (Microsoft Corporation)
3 nfrd960; C:\Windows\System32\DRIVERS\nfrd960.sys [51264 2009-07-13] (IBM Corporation)
1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-13] (Microsoft Corporation)
1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-13] (Microsoft Corporation)
3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1657216 2011-03-10] (Microsoft Corporation)
1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-13] (Microsoft Corporation)
3 nvraid; C:\Windows\System32\drivers\nvraid.sys [148352 2011-03-10] (NVIDIA Corporation)
3 nvstor; C:\Windows\System32\drivers\nvstor.sys [166272 2011-03-10] (NVIDIA Corporation)
3 nv_agp; C:\Windows\System32\DRIVERS\nv_agp.sys [122960 2009-07-13] (Microsoft Corporation)
3 ohci1394; C:\Windows\System32\DRIVERS\ohci1394.sys [72832 2009-07-13] (Microsoft Corporation)
3 Parport; C:\Windows\System32\DRIVERS\parport.sys [97280 2009-07-13] (Microsoft Corporation)
0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75840 2009-07-13] (Microsoft Corporation)
0 pci; C:\Windows\System32\DRIVERS\pci.sys [183872 2009-07-13] (Microsoft Corporation)
0 pciide; C:\Windows\System32\DRIVERS\pciide.sys [12352 2009-07-13] (Microsoft Corporation)
3 pcmcia; C:\Windows\System32\DRIVERS\pcmcia.sys [220752 2009-07-13] (Microsoft Corporation)
0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-13] (Microsoft Corporation)
2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-13] (Microsoft Corporation)
3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [35008 2009-06-22] (TOSHIBA Corporation)
3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111616 2009-07-13] (Microsoft Corporation)
3 Processor; C:\Windows\System32\DRIVERS\processr.sys [60416 2009-07-13] (Microsoft Corporation)
1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2009-07-13] (Microsoft Corporation)
3 ql2300; C:\Windows\System32\DRIVERS\ql2300.sys [1524816 2009-07-13] (QLogic Corporation)
3 ql40xx; C:\Windows\System32\DRIVERS\ql40xx.sys [128592 2009-07-13] (QLogic Corporation)
3 QWAVEdrv; C:\Windows\System32\drivers\qwavedrv.sys [46592 2009-07-13] (Microsoft Corporation)
3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-13] (Microsoft Corporation)
3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-13] (Microsoft Corporation)
3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [130048 2009-07-13] (Microsoft Corporation)
3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-13] (Microsoft Corporation)
3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-13] (Microsoft Corporation)
3 Razerlow; C:\Windows\System32\drivers\Razerlow.sys [21120 2005-11-06] (Razer (Asia-Pacific) Pte Ltd)
1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2009-07-13] (Microsoft Corporation)
3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-13] (Microsoft Corporation)
1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-13] (Microsoft Corporation)
1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-13] (Microsoft Corporation)
1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-13] (Microsoft Corporation)
3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [204800 2009-07-13] (Microsoft Corporation)
0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [214096 2009-07-13] (Microsoft Corporation)
2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-13] (Microsoft Corporation)
3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [232992 2010-02-01] (Realtek Semiconductor Corp.)
3 rtl8192se; C:\Windows\System32\DRIVERS\rtl8192se.sys [1103904 2010-04-26] (Realtek Semiconductor Corporation )
3 sbp2port; C:\Windows\System32\DRIVERS\sbp2port.sys [104016 2009-07-13] (Microsoft Corporation)
3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2009-07-13] (Microsoft Corporation)
2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [23552 2009-07-13] (Microsoft Corporation)
3 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Microsoft Corporation)
3 sermouse; C:\Windows\System32\DRIVERS\sermouse.sys [26624 2009-07-13] (Microsoft Corporation)
3 sffdisk; C:\Windows\System32\DRIVERS\sffdisk.sys [14336 2009-07-13] (Microsoft Corporation)
3 sffp_mmc; C:\Windows\System32\DRIVERS\sffp_mmc.sys [13824 2009-07-13] (Microsoft Corporation)
3 sffp_sd; C:\Windows\System32\DRIVERS\sffp_sd.sys [14336 2009-10-09] (Microsoft Corporation)
3 sfloppy; C:\Windows\System32\DRIVERS\sfloppy.sys [16896 2009-07-13] (Microsoft Corporation)
3 SiSRaid2; C:\Windows\System32\DRIVERS\SiSRaid2.sys [43584 2009-07-13] (Silicon Integrated Systems Corp.)
3 SiSRaid4; C:\Windows\System32\DRIVERS\sisraid4.sys [80464 2009-07-13] (Silicon Integrated Systems)
3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-13] (Microsoft Corporation)
0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-13] (Microsoft Corporation)
3 srv; C:\Windows\System32\DRIVERS\srv.sys [461312 2011-02-22] (Microsoft Corporation)
3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [401920 2011-02-22] (Microsoft Corporation)
3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [161792 2011-02-22] (Microsoft Corporation)
3 stexstor; C:\Windows\System32\DRIVERS\stexstor.sys [24656 2009-07-13] (Promise Technology)
3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [12496 2009-07-13] (Microsoft Corporation)
3 SynTP; C:\Windows\System32\DRIVERS\SynTP.sys [316464 2010-03-10] (Synaptics Incorporated)
0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1896832 2010-06-13] (Microsoft Corporation)
3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1896832 2010-06-13] (Microsoft Corporation)
2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [44544 2009-07-13] (Microsoft Corporation)
3 tdcmdpst; C:\Windows\System32\DRIVERS\tdcmdpst.sys [27784 2009-07-30] (TOSHIBA Corporation.)
3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-13] (Microsoft Corporation)
3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2009-07-13] (Microsoft Corporation)
1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [99840 2009-07-13] (Microsoft Corporation)
1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [62544 2009-07-13] (Microsoft Corporation)
3 TIEHDUSB; C:\Windows\System32\DRIVERS\tiehdusb.sys [128512 2009-09-03] (Texas Instruments)
3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [38400 2009-07-13] (Microsoft Corporation)
3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2009-07-13] (Microsoft Corporation)
0 TVALZ; C:\Windows\System32\DRIVERS\TVALZ_O.SYS [26840 2009-07-14] (TOSHIBA Corporation)
2 TVALZFL; C:\Windows\System32\DRIVERS\TVALZFL.sys [14472 2009-06-19] (TOSHIBA Corporation)
3 uagp35; C:\Windows\System32\DRIVERS\uagp35.sys [64080 2009-07-13] (Microsoft Corporation)
4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [327168 2009-07-13] (Microsoft Corporation)
3 uliagpkx; C:\Windows\System32\DRIVERS\uliagpkx.sys [64592 2009-07-13] (Microsoft Corporation)
3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2009-07-13] (Microsoft Corporation)
3 UmPass; C:\Windows\System32\DRIVERS\umpass.sys [9728 2009-07-13] (Microsoft Corporation)
3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [51712 2010-09-27] (Apple, Inc.)
3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2009-07-13] (Microsoft Corporation)
3 usbcir; C:\Windows\System32\DRIVERS\usbcir.sys [100352 2009-07-13] (Microsoft Corporation)
3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [51712 2009-12-03] (Microsoft Corporation)
3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2009-12-03] (Microsoft Corporation)
3 usbohci; C:\Windows\System32\DRIVERS\usbohci.sys [25600 2009-07-13] (Microsoft Corporation)
3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-13] (Microsoft Corporation)
3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91136 2011-03-10] (Microsoft Corporation)
3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [30720 2009-07-13] (Microsoft Corporation)
3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [184832 2010-03-03] (Microsoft Corporation)
0 vdrvroot; C:\Windows\System32\DRIVERS\vdrvroot.sys [36432 2009-07-13] (Microsoft Corporation)
3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-13] (Microsoft Corporation)
1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-13] (Microsoft Corporation)
3 vhdmp; C:\Windows\System32\DRIVERS\vhdmp.sys [217680 2009-07-13] (Microsoft Corporation)
3 viaide; C:\Windows\System32\DRIVERS\viaide.sys [17488 2009-07-13] (VIA Technologies, Inc.)
0 volmgr; C:\Windows\System32\DRIVERS\volmgr.sys [71760 2009-07-13] (Microsoft Corporation)
0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363584 2009-07-13] (Microsoft Corporation)
0 volsnap; C:\Windows\System32\DRIVERS\volsnap.sys [294992 2009-07-13] (Microsoft Corporation)
3 vsmraid; C:\Windows\System32\DRIVERS\vsmraid.sys [161872 2009-07-13] (VIA Technologies Inc.,Ltd)
3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-13] (Microsoft Corporation)
1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-13] (Microsoft Corporation)
3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [17920 2009-07-13] (Microsoft Corporation)
3 WacomPen; C:\Windows\System32\DRIVERS\wacompen.sys [27776 2009-07-13] (Microsoft Corporation)
3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-13] (Microsoft Corporation)
1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-13] (Microsoft Corporation)
0 Wd; C:\Windows\System32\DRIVERS\wd.sys [21056 2009-07-13] (Microsoft Corporation)
0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [654928 2009-07-13] (Microsoft Corporation)
1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-13] (Microsoft Corporation)
3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-13] (Microsoft Corporation)
3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [40448 2009-07-13] (Microsoft Corporation)
3 WmiAcpi; C:\Windows\System32\DRIVERS\wmiacpi.sys [14336 2009-07-13] (Microsoft Corporation)
4 ws2ifsl; C:\Windows\System32\drivers\ws2ifsl.sys [21504 2009-07-13] (Microsoft Corporation)
3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [112128 2009-07-13] (Microsoft Corporation)
3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [172544 2009-07-13] (Microsoft Corporation)

========================= NetSvcs ============================

============ One Month Created Files and folders =============

2011-06-10 22:09 - 2011-06-10 22:09 - 0000000 ____D C:\FRST
2011-06-09 23:50 - 2011-06-09 23:50 - 0000000 __SHD C:\Users\All Users\DSS
2011-06-09 23:50 - 2011-06-09 23:50 - 0000000 __SHD C:\ProgramData\DSS
2011-06-09 23:39 - 2011-06-09 23:39 - 0000000 ____D C:\Users\Jevontkw\AppData\Roaming\Lionhead Studios
2011-06-09 22:57 - 2011-06-09 22:57 - 0001480 ____A C:\Users\Public\Desktop\Fable III.lnk
2011-06-09 22:14 - 2011-06-09 22:14 - 0000621 ____A C:\Windows\SysWOW64\msexcr.ini
2011-06-09 01:10 - 2011-06-09 01:10 - 3994417 ____A C:\Users\Jevontkw\Desktop\GrassSoftware Macro Expert Enterprise v2.9.rar
2011-06-08 22:10 - 2011-06-10 21:00 - 0000000 ____D C:\Users\Jevontkw\AppData\Local\CheatEngine_Forum_-_Krypt
2011-06-08 22:09 - 2011-06-10 21:00 - 0000000 ____D C:\Users\Jevontkw\Desktop\HaRepacker
2011-06-08 21:59 - 2011-06-10 21:00 - 0000000 ____D C:\Users\Jevontkw\Desktop\HaRepacker 3.3
2011-06-08 21:06 - 2011-06-10 21:00 - 0000000 ____D C:\Users\Jevontkw\Desktop\Lethargy Trainer
2011-06-08 01:18 - 2009-08-17 23:20 - 0180280 ____A (AhnLab, Inc.) C:\Windows\System32\Drivers\mkd3kfnt.sys
2011-06-08 01:18 - 2009-03-11 22:37 - 0106040 ____A (AhnLab, Inc.) C:\Windows\System32\Drivers\Mkd2Nadr.sys
2011-06-08 01:16 - 2011-06-08 01:16 - 0000000 ____D C:\Program Files (x86)\AhnLab
2011-06-08 01:02 - 2011-06-08 01:02 - 0000000 ____D C:\Program Files (x86)\WIZET
2011-06-04 07:27 - 2011-06-06 17:54 - 0000000 ____D C:\Users\Jevontkw\Downloads\The.Sims.3.Generations
2011-06-04 07:23 - 2011-06-10 21:00 - 0000000 ____D C:\Users\Jevontkw\Downloads\Fable.III
2011-06-02 03:00 - 2011-06-09 03:00 - 0071527 __ASH (SenseLog LLC) C:\Windows\digtss.exe
2011-06-02 03:00 - 2011-06-09 03:00 - 0071527 __ASH (SenseLog LLC) C:\Windows\cpdat.exe
2011-06-02 03:00 - 2011-06-09 03:00 - 0071526 __ASH (SenseLog LLC) C:\Windows\ptw32.exe
2011-06-02 03:00 - 2011-06-09 03:00 - 0065894 __ASH (SenseLog LLC) C:\Windows\pfbstar.exe
2011-06-01 03:07 - 2011-06-01 03:10 - 0000000 ____D C:\Users\Jevontkw\Documents\Scores
2011-06-01 03:07 - 2011-06-01 03:07 - 0002056 ____A C:\Users\Public\Desktop\Sibelius 6.lnk
2011-06-01 03:06 - 2011-06-01 03:07 - 0000464 ____A C:\Users\All Users\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}_WiseFW.ini
2011-06-01 03:06 - 2011-06-01 03:07 - 0000464 ____A C:\ProgramData\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}_WiseFW.ini
2011-06-01 03:05 - 2011-06-09 04:20 - 0000326 ____A C:\Windows\Tasks\At15.job
2011-06-01 03:05 - 2011-06-09 04:20 - 0000326 ____A C:\Windows\Tasks\At10.job
2011-06-01 03:05 - 2011-06-09 04:15 - 0000328 ____A C:\Windows\Tasks\At9.job
2011-06-01 03:05 - 2011-06-09 04:15 - 0000328 ____A C:\Windows\Tasks\At14.job
2011-06-01 03:05 - 2011-06-09 04:10 - 0000330 ____A C:\Windows\Tasks\At8.job
2011-06-01 03:05 - 2011-06-09 04:10 - 0000330 ____A C:\Windows\Tasks\At13.job
2011-06-01 03:05 - 2011-06-09 04:05 - 0000326 ____A C:\Windows\Tasks\At7.job
2011-06-01 03:05 - 2011-06-09 04:05 - 0000326 ____A C:\Windows\Tasks\At12.job
2011-06-01 03:05 - 2011-06-09 03:00 - 0000332 ____A C:\Windows\Tasks\At6.job
2011-06-01 03:05 - 2011-06-09 03:00 - 0000332 ____A C:\Windows\Tasks\At11.job
2011-06-01 03:01 - 2011-06-01 03:01 - 0000754 ____A C:\Windows\KB893803v2.log
2011-06-01 02:56 - 2011-06-09 04:20 - 0000326 ____A C:\Windows\Tasks\At5.job
2011-06-01 02:56 - 2011-06-09 04:15 - 0000328 ____A C:\Windows\Tasks\At4.job
2011-06-01 02:56 - 2011-06-09 04:10 - 0000330 ____A C:\Windows\Tasks\At3.job
2011-06-01 02:56 - 2011-06-09 04:05 - 0000326 ____A C:\Windows\Tasks\At2.job
2011-06-01 02:56 - 2011-06-09 03:00 - 0000332 ____A C:\Windows\Tasks\At1.job
2011-06-01 02:50 - 2011-06-01 03:10 - 0000000 ____D C:\Users\Jevontkw\AppData\Roaming\Sibelius Software
2011-06-01 02:50 - 2011-06-01 02:50 - 0000604 ___AH C:\Program Files (x86)\STLL Notifier
2011-06-01 02:50 - 2011-06-01 02:50 - 0000000 ____D C:\Users\All Users\Sibelius Software
2011-06-01 02:50 - 2011-06-01 02:50 - 0000000 ____D C:\ProgramData\Sibelius Software
2011-06-01 02:45 - 2011-06-01 03:06 - 0000000 ____D C:\Program Files (x86)\Sibelius Software
2011-06-01 02:44 - 2011-04-10 18:57 - 0000000 ____D C:\Users\Jevontkw\Desktop\Sibelius.v6.0.0.54-NoPE
2011-05-31 04:32 - 2011-05-31 04:32 - 0000000 ____D C:\Users\Jevontkw\AppData\Roaming\MusE
2011-05-31 04:32 - 2011-05-31 04:32 - 0000000 ____D C:\Users\Jevontkw\AppData\Local\MusE
2011-05-31 04:32 - 2011-05-31 04:32 - 0000000 ____D C:\Program Files (x86)\MuseScore
2011-05-31 04:22 - 2011-06-01 02:43 - 377563586 ____A C:\Users\Jevontkw\Downloads\Sibelius.v6.0.0.54-NoPE.rar
2011-05-28 01:21 - 2011-05-28 01:21 - 0257024 ____A (KryptoDEV) C:\Users\Jevontkw\Desktop\TerrariaInvEdit.24.exe
2011-05-27 04:48 - 2011-06-03 17:53 - 0000000 ____D C:\Users\Jevontkw\Desktop\FishingJoyiPhone
2011-05-25 03:31 - 2011-04-22 12:18 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-05-23 00:49 - 2011-05-23 00:49 - 0000000 ____D C:\Users\Jevontkw\Desktop\Games
2011-05-20 03:28 - 2011-05-20 03:35 - 13879919 ____A C:\Users\Jevontkw\Downloads\terrariaretail.zip
2011-05-17 06:39 - 2011-04-08 22:58 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-05-17 06:39 - 2011-04-08 21:56 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-05-11 03:30 - 2011-05-24 04:59 - 0000000 ____D C:\Users\All Users\Skype Extras
2011-05-11 03:30 - 2011-05-24 04:59 - 0000000 ____D C:\ProgramData\Skype Extras
2011-05-11 03:30 - 2011-05-24 04:49 - 0000000 ____D C:\Users\Jevontkw\AppData\Roaming\skypePM
2011-05-11 03:30 - 2011-05-11 03:30 - 0000056 ___AH C:\Users\All Users\ezsidmv.dat
2011-05-11 03:30 - 2011-05-11 03:30 - 0000056 ___AH C:\ProgramData\ezsidmv.dat
2011-05-11 03:29 - 2011-05-24 06:28 - 0000000 ____D C:\Users\Jevontkw\AppData\Roaming\Skype
2011-05-11 02:25 - 2011-04-08 22:45 - 5509504 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2011-05-11 02:25 - 2011-04-08 22:13 - 3957632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2011-05-11 02:25 - 2011-04-08 22:13 - 3901824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2011-05-10 05:12 - 2011-05-10 05:12 - 0001986 ____A C:\Users\Public\Desktop\Adobe Reader X.lnk
2011-05-10 05:10 - 2011-06-10 21:00 - 0000000 ____D C:\Users\All Users\McAfee Security Scan
2011-05-10 05:10 - 2011-06-10 21:00 - 0000000 ____D C:\ProgramData\McAfee Security Scan
2011-05-10 05:10 - 2011-05-16 05:10 - 0001864 ____A C:\Users\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
2011-05-10 05:10 - 2011-05-16 05:10 - 0000000 ____D C:\Program Files (x86)\McAfee Security Scan

============ 3 Months Modified Files and folders =============

2011-06-10 22:09 - 2011-06-10 22:09 - 0000000 ____D C:\FRST
2011-06-10 21:00 - 2011-06-08 22:10 - 0000000 ____D C:\Users\Jevontkw\AppData\Local\CheatEngine_Forum_-_Krypt
2011-06-10 21:00 - 2011-06-08 22:09 - 0000000 ____D C:\Users\Jevontkw\Desktop\HaRepacker
2011-06-10 21:00 - 2011-06-08 21:59 - 0000000 ____D C:\Users\Jevontkw\Desktop\HaRepacker 3.3
2011-06-10 21:00 - 2011-06-08 21:06 - 0000000 ____D C:\Users\Jevontkw\Desktop\Lethargy Trainer
2011-06-10 21:00 - 2011-06-04 07:23 - 0000000 ____D C:\Users\Jevontkw\Downloads\Fable.III
2011-06-10 21:00 - 2011-05-10 05:10 - 0000000 ____D C:\Users\All Users\McAfee Security Scan
2011-06-10 21:00 - 2011-05-10 05:10 - 0000000 ____D C:\ProgramData\McAfee Security Scan
2011-06-10 21:00 - 2011-01-19 05:03 - 0000000 ____D C:\Users\Jevontkw\funshion
2011-06-10 21:00 - 2010-12-06 16:56 - 0000000 ____D C:\Users\Jevontkw\AppData\Roaming\uTorrent
2011-06-10 21:00 - 2010-12-06 13:03 - 0000000 ____D C:\users\Jevontkw
2011-06-10 21:00 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\wfp
2011-06-10 21:00 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\wbem
2011-06-10 21:00 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\DriverStore
2011-06-10 21:00 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration
2011-06-10 21:00 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Microsoft.NET
2011-06-10 21:00 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\AppCompat
2011-06-10 20:57 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files (x86)
2011-06-10 20:05 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\LogFiles
2011-06-10 01:21 - 2011-02-03 18:13 - 0000000 ____D C:\Users\Jevontkw\Tracing
2011-06-09 23:50 - 2011-06-09 23:50 - 0000000 __SHD C:\Users\All Users\DSS
2011-06-09 23:50 - 2011-06-09 23:50 - 0000000 __SHD C:\ProgramData\DSS
2011-06-09 23:39 - 2011-06-09 23:39 - 0000000 ____D C:\Users\Jevontkw\AppData\Roaming\Lionhead Studios
2011-06-09 23:37 - 2011-01-13 17:16 - 0000000 ____D C:\Users\Jevontkw\Desktop\JC
2011-06-09 22:57 - 2011-06-09 22:57 - 0001480 ____A C:\Users\Public\Desktop\Fable III.lnk
2011-06-09 22:43 - 2010-08-25 02:28 - 0002440 ____A C:\Users\Jevontkw\funshion.ini
2011-06-09 22:26 - 2010-12-08 07:33 - 0000129 ____A C:\Users\Jevontkw\jagex_runescape_preferences2.dat
2011-06-09 22:24 - 2010-12-08 07:31 - 0000034 ____A C:\Users\Jevontkw\jagex_runescape_preferences.dat
2011-06-09 22:14 - 2011-06-09 22:14 - 0000621 ____A C:\Windows\SysWOW64\msexcr.ini
2011-06-09 22:12 - 2010-12-06 16:46 - 0000902 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2011-06-09 18:12 - 2010-12-06 16:46 - 0000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2011-06-09 17:35 - 2009-07-13 20:45 - 0016304 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2011-06-09 17:35 - 2009-07-13 20:45 - 0016304 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2011-06-09 17:34 - 2009-07-13 21:13 - 0779266 ____A C:\Windows\System32\PerfStringBackup.INI
2011-06-09 17:34 - 2009-07-13 18:36 - 0664992 ____A C:\Windows\System32\perfh009.dat
2011-06-09 17:34 - 2009-07-13 18:36 - 0125696 ____A C:\Windows\System32\perfc009.dat
2011-06-09 17:32 - 2010-09-06 21:14 - 1959780 ____A C:\Windows\WindowsUpdate.log
2011-06-09 17:28 - 2011-03-25 21:17 - 0023126 ____A C:\Windows\PFRO.log
2011-06-09 17:28 - 2011-03-13 19:11 - 0010340 ____A C:\Windows\setupact.log
2011-06-09 17:28 - 2010-09-06 21:11 - 3113361408 __ASH C:\hiberfil.sys
2011-06-09 17:28 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-06-09 08:20 - 2010-12-07 09:16 - 6228653 ___AH C:\Users\Jevontkw\AppData\Local\IconCache.db
2011-06-09 06:40 - 2011-04-25 06:39 - 0000064 ____A C:\Windows\SysWOW64\rp_stats.dat
2011-06-09 06:40 - 2011-04-25 06:39 - 0000044 ____A C:\Windows\SysWOW64\rp_rules.dat
2011-06-09 04:20 - 2011-06-01 03:05 - 0000326 ____A C:\Windows\Tasks\At15.job
2011-06-09 04:20 - 2011-06-01 03:05 - 0000326 ____A C:\Windows\Tasks\At10.job
2011-06-09 04:20 - 2011-06-01 02:56 - 0000326 ____A C:\Windows\Tasks\At5.job
2011-06-09 04:15 - 2011-06-01 03:05 - 0000328 ____A C:\Windows\Tasks\At9.job
2011-06-09 04:15 - 2011-06-01 03:05 - 0000328 ____A C:\Windows\Tasks\At14.job
2011-06-09 04:15 - 2011-06-01 02:56 - 0000328 ____A C:\Windows\Tasks\At4.job
2011-06-09 04:10 - 2011-06-01 03:05 - 0000330 ____A C:\Windows\Tasks\At8.job
2011-06-09 04:10 - 2011-06-01 03:05 - 0000330 ____A C:\Windows\Tasks\At13.job
2011-06-09 04:10 - 2011-06-01 02:56 - 0000330 ____A C:\Windows\Tasks\At3.job
2011-06-09 04:05 - 2011-06-01 03:05 - 0000326 ____A C:\Windows\Tasks\At7.job
2011-06-09 04:05 - 2011-06-01 03:05 - 0000326 ____A C:\Windows\Tasks\At12.job
2011-06-09 04:05 - 2011-06-01 02:56 - 0000326 ____A C:\Windows\Tasks\At2.job
2011-06-09 03:00 - 2011-06-02 03:00 - 0071527 __ASH (SenseLog LLC) C:\Windows\digtss.exe
2011-06-09 03:00 - 2011-06-02 03:00 - 0071527 __ASH (SenseLog LLC) C:\Windows\cpdat.exe
2011-06-09 03:00 - 2011-06-02 03:00 - 0071526 __ASH (SenseLog LLC) C:\Windows\ptw32.exe
2011-06-09 03:00 - 2011-06-02 03:00 - 0065894 __ASH (SenseLog LLC) C:\Windows\pfbstar.exe
2011-06-09 03:00 - 2011-06-01 03:05 - 0000332 ____A C:\Windows\Tasks\At6.job
2011-06-09 03:00 - 2011-06-01 03:05 - 0000332 ____A C:\Windows\Tasks\At11.job
2011-06-09 03:00 - 2011-06-01 02:56 - 0000332 ____A C:\Windows\Tasks\At1.job
2011-06-09 01:10 - 2011-06-09 01:10 - 3994417 ____A C:\Users\Jevontkw\Desktop\GrassSoftware Macro Expert Enterprise v2.9.rar
2011-06-08 22:23 - 2011-02-09 23:42 - 0765178 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2011-06-08 21:11 - 2010-12-14 07:55 - 0000000 ____D C:\Users\Jevontkw\Documents\My Received Files
2011-06-08 19:45 - 2010-05-06 03:10 - 0000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2011-06-08 19:43 - 2010-12-12 14:35 - 0000000 ____D C:\Users\All Users\Electronic Arts
2011-06-08 19:43 - 2010-12-12 14:35 - 0000000 ____D C:\ProgramData\Electronic Arts
2011-06-08 19:42 - 2011-01-15 01:42 - 0000000 ____D C:\Program Files (x86)\Steam
2011-06-08 19:13 - 2010-12-06 16:47 - 0002347 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2011-06-08 01:16 - 2011-06-08 01:16 - 0000000 ____D C:\Program Files (x86)\AhnLab
2011-06-08 01:16 - 2010-12-06 13:03 - 0000000 ____D C:\Users\Jevontkw\AppData\LocalLow
2011-06-08 01:02 - 2011-06-08 01:02 - 0000000 ____D C:\Program Files (x86)\WIZET
2011-06-06 17:54 - 2011-06-04 07:27 - 0000000 ____D C:\Users\Jevontkw\Downloads\The.Sims.3.Generations
2011-06-06 02:19 - 2011-01-17 06:15 - 0000000 ____D C:\Users\All Users\Spybot - Search & Destroy
2011-06-06 02:19 - 2011-01-17 06:15 - 0000000 ____D C:\ProgramData\Spybot - Search & Destroy
2011-06-06 02:15 - 2011-03-25 21:57 - 0000000 ____D C:\Users\Jevontkw\Desktop\Iphone
2011-06-03 17:53 - 2011-05-27 04:48 - 0000000 ____D C:\Users\Jevontkw\Desktop\FishingJoyiPhone
2011-06-03 05:38 - 2010-12-15 18:13 - 0000000 ____D C:\Users\Jevontkw\AppData\Roaming\vlc
2011-06-01 18:49 - 2009-07-13 20:45 - 4894064 ____A C:\Windows\System32\FNTCACHE.DAT
2011-06-01 03:10 - 2011-06-01 03:07 - 0000000 ____D C:\Users\Jevontkw\Documents\Scores
2011-06-01 03:10 - 2011-06-01 02:50 - 0000000 ____D C:\Users\Jevontkw\AppData\Roaming\Sibelius Software
2011-06-01 03:10 - 2010-12-06 13:07 - 0082800 ____A C:\Users\Jevontkw\AppData\Local\GDIPFONTCACHEV1.DAT
2011-06-01 03:07 - 2011-06-01 03:07 - 0002056 ____A C:\Users\Public\Desktop\Sibelius 6.lnk
2011-06-01 03:07 - 2011-06-01 03:06 - 0000464 ____A C:\Users\All Users\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}_WiseFW.ini
2011-06-01 03:07 - 2011-06-01 03:06 - 0000464 ____A C:\ProgramData\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}_WiseFW.ini
2011-06-01 03:06 - 2011-06-01 02:45 - 0000000 ____D C:\Program Files (x86)\Sibelius Software
2011-06-01 03:01 - 2011-06-01 03:01 - 0000754 ____A C:\Windows\KB893803v2.log
2011-06-01 02:50 - 2011-06-01 02:50 - 0000604 ___AH C:\Program Files (x86)\STLL Notifier
2011-06-01 02:50 - 2011-06-01 02:50 - 0000000 ____D C:\Users\All Users\Sibelius Software
2011-06-01 02:50 - 2011-06-01 02:50 - 0000000 ____D C:\ProgramData\Sibelius Software
2011-06-01 02:43 - 2011-05-31 04:22 - 377563586 ____A C:\Users\Jevontkw\Downloads\Sibelius.v6.0.0.54-NoPE.rar
2011-05-31 04:32 - 2011-05-31 04:32 - 0000000 ____D C:\Users\Jevontkw\AppData\Roaming\MusE
2011-05-31 04:32 - 2011-05-31 04:32 - 0000000 ____D C:\Users\Jevontkw\AppData\Local\MusE
2011-05-31 04:32 - 2011-05-31 04:32 - 0000000 ____D C:\Program Files (x86)\MuseScore
2011-05-28 06:09 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\NDF
2011-05-28 01:21 - 2011-05-28 01:21 - 0257024 ____A (KryptoDEV) C:\Users\Jevontkw\Desktop\TerrariaInvEdit.24.exe
2011-05-24 06:28 - 2011-05-11 03:29 - 0000000 ____D C:\Users\Jevontkw\AppData\Roaming\Skype
2011-05-24 04:59 - 2011-05-11 03:30 - 0000000 ____D C:\Users\All Users\Skype Extras
2011-05-24 04:59 - 2011-05-11 03:30 - 0000000 ____D C:\ProgramData\Skype Extras
2011-05-24 04:49 - 2011-05-11 03:30 - 0000000 ____D C:\Users\Jevontkw\AppData\Roaming\skypePM
2011-05-23 00:49 - 2011-05-23 00:49 - 0000000 ____D C:\Users\Jevontkw\Desktop\Games
2011-05-20 03:54 - 2010-12-07 06:12 - 0000000 ____D C:\Users\Jevontkw\Documents\My Games
2011-05-20 03:35 - 2011-05-20 03:28 - 13879919 ____A C:\Users\Jevontkw\Downloads\terrariaretail.zip
2011-05-16 20:22 - 2010-12-06 16:53 - 0000600 ____A C:\Users\Jevontkw\AppData\Roaming\winscp.rnd
2011-05-16 05:10 - 2011-05-10 05:10 - 0001864 ____A C:\Users\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
2011-05-16 05:10 - 2011-05-10 05:10 - 0000000 ____D C:\Program Files (x86)\McAfee Security Scan
2011-05-13 18:30 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\Microsoft Shared
2011-05-13 18:29 - 2010-05-06 03:18 - 0000000 ____D C:\Users\All Users\Adobe
2011-05-13 18:29 - 2010-05-06 03:18 - 0000000 ____D C:\ProgramData\Adobe
2011-05-11 03:30 - 2011-05-11 03:30 - 0000056 ___AH C:\Users\All Users\ezsidmv.dat
2011-05-11 03:30 - 2011-05-11 03:30 - 0000056 ___AH C:\ProgramData\ezsidmv.dat
2011-05-11 03:29 - 2010-05-06 03:31 - 0002515 ____A C:\Users\Public\Desktop\Skype.lnk
2011-05-11 03:29 - 2010-05-06 03:31 - 0000000 ___RD C:\Program Files (x86)\Skype
2011-05-11 03:29 - 2010-05-06 03:31 - 0000000 ____D C:\Users\All Users\Skype
2011-05-11 03:29 - 2010-05-06 03:31 - 0000000 ____D C:\ProgramData\Skype
2011-05-10 05:13 - 2010-12-06 13:24 - 0000000 ____D C:\Users\Jevontkw\AppData\Roaming\Adobe
2011-05-10 05:12 - 2011-05-10 05:12 - 0001986 ____A C:\Users\Public\Desktop\Adobe Reader X.lnk
2011-05-10 05:12 - 2010-12-08 05:12 - 0000000 ____D C:\Program Files (x86)\Adobe
2011-05-10 05:12 - 2010-12-07 01:29 - 0000000 ____D C:\Users\Jevontkw\AppData\Local\Adobe
2011-05-06 16:09 - 2010-12-08 08:21 - 0000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2011-05-02 02:15 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\rescache
2011-04-29 22:37 - 2010-12-06 16:44 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2011-04-23 05:04 - 2011-04-23 04:39 - 0000000 ____D C:\Users\Jevontkw\Downloads\John Mayer's Greatest Hits (2009 Ed.)
2011-04-23 04:46 - 2011-04-23 04:40 - 0000000 ____D C:\Users\Jevontkw\Downloads\McFly - Above the Noise
2011-04-23 04:40 - 2011-04-23 04:38 - 0000000 ____D C:\Users\Jevontkw\Downloads\Maroon 5 - Song About Jane & It Won't Be Soon Before Long
2011-04-23 04:37 - 2011-04-23 04:34 - 0000000 ____D C:\Users\Jevontkw\Downloads\Mayday Parade - A Lesson In Romantics [Mp3-vrb-2007]
2011-04-23 04:32 - 2011-04-23 04:31 - 0000000 ____D C:\Users\Jevontkw\Downloads\Kings Of Leon
2011-04-22 12:18 - 2011-05-25 03:31 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-04-21 18:42 - 2010-05-06 03:28 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2011-04-19 05:01 - 2011-04-19 05:01 - 0000259 ____A C:\Users\Jevontkw\Documents\code.txt
2011-04-19 03:27 - 2011-02-24 04:32 - 0000000 ____D C:\Users\All Users\Microsoft Help
2011-04-19 03:27 - 2011-02-24 04:32 - 0000000 ____D C:\ProgramData\Microsoft Help
2011-04-16 02:14 - 2011-04-16 02:14 - 0000000 ____D C:\Program Files\Microsoft Analysis Services
2011-04-16 02:14 - 2011-04-16 02:14 - 0000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2011-04-16 02:14 - 2009-07-13 23:45 - 0000000 ____D C:\Windows\ShellNew
2011-04-14 06:41 - 2011-04-14 06:41 - 0060051 ___SH (Sun Micro Systems Inc.) C:\Windows\java_is1.exe
2011-04-10 18:57 - 2011-06-01 02:44 - 0000000 ____D C:\Users\Jevontkw\Desktop\Sibelius.v6.0.0.54-NoPE
2011-04-10 05:47 - 2011-04-10 05:46 - 0000000 ____D C:\Users\Jevontkw\AppData\Roaming\.minecraft
2011-04-10 05:41 - 2011-04-10 05:40 - 0000000 ____D C:\Users\Jevontkw\Downloads\Minecraft 1.4
2011-04-09 19:55 - 2011-04-09 19:53 - 0000000 ____D C:\Users\Jevontkw\Downloads\Chris Brown-Yeah 3x.mp3 george.ortha@ferialaw.com
2011-04-09 19:54 - 2011-04-09 19:46 - 0000000 ____D C:\Users\Jevontkw\Downloads\Taylor Swift - Speak Now 2011 (Deluxe Edition 8 Bonus Tracks)
2011-04-09 19:52 - 2011-04-09 19:47 - 0000000 ____D C:\Users\Jevontkw\Downloads\Train - Save Me San Francisco [2009]
2011-04-09 19:52 - 2011-04-09 19:46 - 0000000 ____D C:\Users\Jevontkw\Downloads\The_Script-Science_And_Faith-2010-CaHeSo
2011-04-09 19:49 - 2011-04-09 19:44 - 0000000 ____D C:\Users\Jevontkw\Downloads\My Chemical Romance-The Black Parade
2011-04-09 19:42 - 2011-04-09 19:35 - 0000000 ____D C:\Users\Jevontkw\Downloads\Ke$ha (Kesha) - Animal
2011-04-09 19:41 - 2011-04-09 19:37 - 8808704 ____A C:\Users\Jevontkw\Downloads\03 - Pink - Raise Your Glass.mp3
2011-04-09 19:41 - 2011-04-09 19:36 - 0000000 ____D C:\Users\Jevontkw\Downloads\Pink-bleep_Perfect-2011
2011-04-09 19:33 - 2011-04-09 19:33 - 0000000 ____D C:\Users\Jevontkw\Downloads\Rihanna - Loud (Deluxe Edition) (2010) DutchReleaseTeam
2011-04-09 19:33 - 2011-04-09 19:32 - 8455441 ____A C:\Users\Jevontkw\Downloads\Far East Movement - Rocketeer (Feat. Ryan Tedder).mp3
2011-04-09 02:55 - 2011-04-09 02:55 - 15453336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xlive.dll
2011-04-09 02:55 - 2011-04-09 02:55 - 13642904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xlivefnt.dll
2011-04-09 02:55 - 2011-04-09 02:55 - 0179261 ____A C:\Windows\SysWOW64\xlive.dll.cat
2011-04-08 22:58 - 2011-05-17 06:39 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-04-08 22:45 - 2011-05-11 02:25 - 5509504 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2011-04-08 22:13 - 2011-05-11 02:25 - 3957632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2011-04-08 22:13 - 2011-05-11 02:25 - 3901824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2011-04-08 21:56 - 2011-05-17 06:39 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-04-08 21:40 - 2011-04-08 21:40 - 0001796 ____A C:\Users\Public\Desktop\Opera.lnk
2011-04-08 21:40 - 2010-12-10 14:35 - 0000000 ____D C:\Program Files (x86)\Opera
2011-03-25 02:04 - 2011-03-25 02:03 - 0000000 ____D C:\Users\Jevontkw\.shsh
2011-03-24 13:05 - 2011-03-24 13:05 - 0000000 ____D C:\Users\Jevontkw\AppData\Local\Macroplant
2011-03-24 13:04 - 2011-03-24 13:04 - 0001058 ____A C:\Users\Public\Desktop\iPhone Explorer.lnk
2011-03-24 13:04 - 2011-03-24 13:04 - 0000000 ____D C:\Program Files (x86)\iPhone Explorer
2011-03-24 04:37 - 2010-12-07 04:39 - 0000000 ____D C:\Users\Jevontkw\AppData\Local\Apple Computer
2011-03-23 05:13 - 2011-02-09 23:41 - 0000000 ____D C:\Users\Jevontkw\AppData\Roaming\TP
2011-03-21 10:44 - 2011-04-02 22:25 - 6210048 ____A (i-Funbox.com) C:\Users\Jevontkw\Desktop\iFunBox.exe
2011-03-17 23:18 - 2011-03-17 20:07 - 0000000 ____D C:\Users\Jevontkw\AppData\Local\Oblivion
2011-03-17 22:16 - 2009-07-13 19:20 - 0000000 ___RD C:\users\Public
2011-03-17 20:17 - 2011-03-17 20:17 - 0002131 ____A C:\Users\Public\Desktop\Oblivion.lnk
2011-03-17 20:10 - 2011-03-17 20:09 - 0028533 ____A C:\Windows\DirectX.log
2011-03-17 20:09 - 2010-12-07 05:22 - 0000000 ____D C:\Program Files (x86)\Bethesda Softworks
2011-03-17 20:08 - 2011-03-17 20:08 - 0178800 ____A (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2011-03-17 20:08 - 2011-03-17 20:08 - 0000000 __RHD C:\Users\Jevontkw\AppData\Roaming\SecuROM
2011-03-13 19:11 - 2011-03-13 19:11 - 0000000 ____A C:\Windows\setuperr.log
2011-03-13 06:25 - 2011-03-13 04:21 - 0000000 ____D C:\Users\Jevontkw\Downloads\The.Elder.Scrolls.IV.Oblivion.Game.of.the.Year_Edition-.Bethesda_Softworks.-2007
2011-03-13 02:09 - 2011-03-13 02:09 - 0000000 ____D C:\Users\Jevontkw\Downloads\The Click Five - 2 Albums [CHANNEL NEO]
2011-03-13 01:46 - 2011-03-13 01:46 - 0000000 ____D C:\Users\All Users\Sun
2011-03-13 01:46 - 2011-03-13 01:46 - 0000000 ____D C:\ProgramData\Sun
2011-03-13 01:45 - 2011-03-13 01:45 - 0006346 ____A C:\Windows\SysWOW64\jupdate-1.6.0_24-b07.log
2011-03-13 01:45 - 2010-05-06 03:08 - 0000000 ____D C:\Program Files (x86)\Java
2011-03-12 04:03 - 2011-04-27 03:33 - 0662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-03-12 03:31 - 2011-04-27 03:33 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2011-03-10 22:23 - 2011-04-27 03:32 - 1657216 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2011-03-10 22:23 - 2011-04-27 03:32 - 0410496 ____A (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys
2011-03-10 22:23 - 2011-04-27 03:32 - 0187264 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2011-03-10 22:23 - 2011-04-27 03:32 - 0166272 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys
2011-03-10 22:23 - 2011-04-27 03:32 - 0148352 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys
2011-03-10 22:22 - 2011-04-27 03:32 - 0107904 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys
2011-03-10 22:22 - 2011-04-27 03:32 - 0027008 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys
2011-03-10 22:19 - 2011-04-15 03:06 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2011-03-10 22:19 - 2011-04-15 03:06 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-03-10 22:18 - 2011-04-27 03:32 - 2566144 ____A (Microsoft Corporation) C:\Windows\System32\esent.dll
2011-03-10 22:15 - 2011-04-27 03:32 - 0096768 ____A (Microsoft Corporation) C:\Windows\System32\fsutil.exe
2011-03-10 21:40 - 2011-04-15 03:06 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2011-03-10 21:40 - 2011-04-15 03:06 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2011-03-10 21:39 - 2011-04-27 03:32 - 1686016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2011-03-10 21:37 - 2011-04-27 03:32 - 0074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2011-03-10 20:31 - 2011-04-27 03:32 - 0091136 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2011-03-10 06:14 - 2011-03-10 06:14 - 0000000 ____D C:\Users\Jevontkw\Downloads\Katy Perry
2011-03-10 06:11 - 2011-03-10 06:10 - 0000000 ____D C:\Users\Jevontkw\Downloads\Bruno Mars - Doo-Wops & Hooligans (2010)

========================= Known DLLs =========================

[2009-07-13 16:41] - [2009-07-13 17:40] - 0877056 ____A (Microsoft Corporation) C:\Windows\System32\advapi32.dll
[2009-07-13 16:20] - [2009-07-13 17:14] - 0640000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
[2009-07-13 16:00] - [2009-07-13 17:40] - 0607744 ____A (Microsoft Corporation) C:\Windows\System32\clbcatq.dll
[2009-07-13 15:44] - [2009-07-13 17:15] - 0522240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\clbcatq.dll
[2009-07-13 15:55] - [2009-07-13 17:40] - 0595456 ____A (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
[2009-07-13 15:39] - [2009-07-13 17:15] - 0486912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.dll
[2009-07-13 15:39] - [2009-07-13 17:40] - 0404480 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
[2009-07-13 15:25] - [2009-07-13 17:11] - 0310784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
[2011-04-15 03:06] - [2011-02-23 22:24] - 2447872 ____A (Microsoft Corporation) C:\Windows\System32\IERTUTIL.dll
[2011-04-15 03:06] - [2011-02-23 21:29] - 2063360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IERTUTIL.dll
[2009-07-13 16:13] - [2009-07-13 17:41] - 0076288 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
[2009-07-13 15:57] - [2009-07-13 17:15] - 0154624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMAGEHLP.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0167424 ____A (Microsoft Corporation) C:\Windows\System32\IMM32.dll
[2009-07-13 15:25] - [2009-07-13 17:11] - 0119808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMM32.dll
[2009-07-13 15:28] - [2009-07-13 17:41] - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
[2009-07-13 15:16] - [2009-07-13 17:11] - 0836608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0041984 ____A (Microsoft Corporation) C:\Windows\System32\LPK.dll
[2009-07-13 15:25] - [2009-07-13 17:11] - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\LPK.dll
[2009-07-13 15:40] - [2009-07-13 17:41] - 1067008 ____A (Microsoft Corporation) C:\Windows\System32\MSCTF.dll
[2009-07-13 15:28] - [2009-07-13 17:15] - 0828928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCTF.dll
[2009-07-13 15:19] - [2009-07-13 17:41] - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\MSVCRT.dll
[2009-07-13 15:12] - [2009-07-13 17:15] - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSVCRT.dll
[2009-07-13 15:26] - [2009-07-13 17:31] - 0002560 ____A (Microsoft Corporation) C:\Windows\System32\NORMALIZ.dll
[2009-07-13 15:15] - [2009-07-13 17:09] - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NORMALIZ.dll
[2009-07-13 15:21] - [2009-07-13 17:41] - 0013824 ____A (Microsoft Corporation) C:\Windows\System32\NSI.dll
[2009-07-13 15:12] - [2009-07-13 17:16] - 0008704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NSI.dll
[2010-12-07 15:14] - [2010-06-28 21:39] - 2085376 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
[2010-12-07 15:14] - [2010-06-28 21:02] - 1413632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
[2010-12-07 15:13] - [2010-04-06 23:37] - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
[2010-12-07 15:13] - [2010-04-06 23:10] - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
[2009-07-13 15:26] - [2009-07-13 17:41] - 0009216 ____A (Microsoft Corporation) C:\Windows\System32\PSAPI.dll
[2009-07-13 15:15] - [2009-07-13 17:16] - 0006144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PSAPI.dll
[2009-07-13 15:23] - [2009-07-13 17:41] - 1221632 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
[2009-07-13 15:12] - [2009-07-13 17:11] - 0662528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
[2009-07-13 15:20] - [2009-07-13 17:41] - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\sechost.dll
[2009-07-13 15:11] - [2009-07-13 17:16] - 0092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
[2009-07-13 15:27] - [2009-07-13 17:41] - 1899520 ____A (Microsoft Corporation) C:\Windows\System32\Setupapi.dll
[2009-07-13 15:16] - [2009-07-13 17:16] - 1668608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Setupapi.dll
[2010-12-07 15:14] - [2010-07-27 06:59] - 14162944 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
[2010-12-07 15:14] - [2010-07-27 06:03] - 12867584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
[2009-07-13 15:55] - [2009-07-13 17:41] - 0449536 ____A (Microsoft Corporation) C:\Windows\System32\SHLWAPI.dll
[2009-07-13 15:39] - [2009-07-13 17:16] - 0350208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHLWAPI.dll
[2011-04-15 03:06] - [2011-02-23 22:28] - 1499136 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
[2011-04-15 03:06] - [2011-02-23 21:32] - 1228800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 1008640 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
[2009-07-13 15:24] - [2009-07-13 17:11] - 0833024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0801280 ____A (Microsoft Corporation) C:\Windows\System32\USP10.dll
[2009-07-13 15:25] - [2009-07-13 17:16] - 0627200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\USP10.dll
[2009-07-13 15:57] - [2009-07-13 17:41] - 0029184 ____A (Microsoft Corporation) C:\Windows\System32\version.dll
[2009-07-13 15:41] - [2009-07-13 17:16] - 0021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\version.dll
[2011-04-15 03:06] - [2011-02-23 22:29] - 1197056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
[2011-04-15 03:06] - [2011-02-23 21:32] - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
[2009-07-13 15:54] - [2009-07-13 17:41] - 0311808 ____A (Microsoft Corporation) C:\Windows\System32\wldap32.dll
[2009-07-13 15:38] - [2009-07-13 17:16] - 0268800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wldap32.dll
[2009-07-13 15:21] - [2009-07-13 17:41] - 0296448 ____A (Microsoft Corporation) C:\Windows\System32\WS2_32.dll
[2009-07-13 15:12] - [2009-07-13 17:16] - 0206336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WS2_32.dll

======================= Bamital Check ========================

C:\Windows\System32\winlogon.exe
[2010-05-06 02:58] - [2009-10-27 22:24] - 0389632 ____A (Microsoft Corporation) DA3E2A6FA9660CC75B471530CE88453A

C:\Windows\System32\wininit.exe
[2009-07-13 15:52] - [2009-07-13 17:39] - 0129024 ____A (Microsoft Corporation) 94355C28C1970635A31B3FE52EB7CEBA

C:\Windows\explorer.exe
[2011-04-27 03:33] - [2011-02-25 22:23] - 2870272 ____A (Microsoft Corporation) 0862495E0C825893DB75EF44FAEA8E93


========================= Memory info ========================

Percentage of memory in use: 14%
Total physical RAM: 3958.85 MB
Available physical RAM: 3402.01 MB
Total Pagefile: 3957 MB
Available Pagefile: 3385.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions ===========================

1 Drive c: (WINDOWS) (Fixed) (Total:232.65 GB) (Free:14.67 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:232.72 GB) (Free:188.12 GB) NTFS
3 Drive e: (SYSTEM) (Fixed) (Total:0.39 GB) (Free:0.19 GB) NTFS
5 Drive g: (RAYY) (Removable) (Total:7.47 GB) (Free:4.98 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS



BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:56 PM

Posted 10 June 2011 - 12:09 PM

Hi Jtkw,

Welcome to Bleeping computer. I will be assisting you.

Your log(s) show that you are using so called peer-to-peer or file-sharing programs. These programs allow to share files between users as the name(s) suggest. In today's world the cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."


Removal Instructions

Open notepad. Please copy the contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

2011-06-01 03:05 - 2011-06-09 04:20 - 0000326 ____A C:\Windows\Tasks\At15.job
2011-06-01 03:05 - 2011-06-09 04:20 - 0000326 ____A C:\Windows\Tasks\At10.job
2011-06-01 03:05 - 2011-06-09 04:15 - 0000328 ____A C:\Windows\Tasks\At9.job
2011-06-01 03:05 - 2011-06-09 04:15 - 0000328 ____A C:\Windows\Tasks\At14.job
2011-06-01 03:05 - 2011-06-09 04:10 - 0000330 ____A C:\Windows\Tasks\At8.job
2011-06-01 03:05 - 2011-06-09 04:10 - 0000330 ____A C:\Windows\Tasks\At13.job
2011-06-01 03:05 - 2011-06-09 04:05 - 0000326 ____A C:\Windows\Tasks\At7.job
2011-06-01 03:05 - 2011-06-09 04:05 - 0000326 ____A C:\Windows\Tasks\At12.job
2011-06-01 03:05 - 2011-06-09 03:00 - 0000332 ____A C:\Windows\Tasks\At6.job
2011-06-01 03:05 - 2011-06-09 03:00 - 0000332 ____A C:\Windows\Tasks\At11.job
2011-06-01 02:56 - 2011-06-09 04:20 - 0000326 ____A C:\Windows\Tasks\At5.job
2011-06-01 02:56 - 2011-06-09 04:15 - 0000328 ____A C:\Windows\Tasks\At4.job
2011-06-01 02:56 - 2011-06-09 04:10 - 0000330 ____A C:\Windows\Tasks\At3.job
2011-06-01 02:56 - 2011-06-09 04:05 - 0000326 ____A C:\Windows\Tasks\At2.job
2011-06-01 02:56 - 2011-06-09 03:00 - 0000332 ____A C:\Windows\Tasks\At1.job
2011-06-09 03:00 - 2011-06-02 03:00 - 0071527 __ASH (SenseLog LLC) C:\Windows\digtss.exe
2011-06-09 03:00 - 2011-06-02 03:00 - 0071527 __ASH (SenseLog LLC) C:\Windows\cpdat.exe
2011-06-09 03:00 - 2011-06-02 03:00 - 0071526 __ASH (SenseLog LLC) C:\Windows\ptw32.exe
2011-06-09 03:00 - 2011-06-02 03:00 - 0065894 __ASH (SenseLog LLC) C:\Windows\pfbstar.exe
cmd: bootrec /FixMbr
cmd: bcdedit /set {default} winpe no



NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options.
Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Also reboot and tell me how it went.

#3 Jtkw

Jtkw
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:56 AM

Posted 10 June 2011 - 08:29 PM

Hi Farbar,
Thanks for the help. I have followed your instructions and now my computer is working again. Here is the log from fixlog.txt

Fix result of Farbars's Recovery Tool (FRST written by farbar version 2.0.8)
Ran by SYSTEM at 2011-06-11 09:25:34 R:1
Running from G:\

==============================================

C:\Windows\Tasks\At15.job moved successfully.
C:\Windows\Tasks\At10.job moved successfully.
C:\Windows\Tasks\At9.job moved successfully.
C:\Windows\Tasks\At14.job moved successfully.
C:\Windows\Tasks\At8.job moved successfully.
C:\Windows\Tasks\At13.job moved successfully.
C:\Windows\Tasks\At7.job moved successfully.
C:\Windows\Tasks\At12.job moved successfully.
C:\Windows\Tasks\At6.job moved successfully.
C:\Windows\Tasks\At11.job moved successfully.
C:\Windows\Tasks\At5.job moved successfully.
C:\Windows\Tasks\At4.job moved successfully.
C:\Windows\Tasks\At3.job moved successfully.
C:\Windows\Tasks\At2.job moved successfully.
C:\Windows\Tasks\At1.job moved successfully.
C:\Windows\digtss.exe moved successfully.
C:\Windows\cpdat.exe moved successfully.
C:\Windows\ptw32.exe moved successfully.
C:\Windows\pfbstar.exe moved successfully.

========= bootrec /FixMbr =========

˙žT h e o p e r a t i o n c o m p l e t e d s u c c e s s f u l l y .

========= End of CMD: =========


========= bcdedit /set {default} winpe no =========

The operation completed successfully.

========= End of CMD: =========



#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:56 PM

Posted 11 June 2011 - 01:54 AM

Great. :thumbsup:

  • Please download Malwarebytes' Anti-Malware from one of these locations:
    malwarebytes.org
    majorgeeks.com
    • Double Click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Quick Scan", then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the MBAM log.

    Extra Note:
    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

  • Please download OTL by OldTimer.
    • Save it to your desktop.
    • Double click on the OTL icon on your desktop.
    • Check the "Scan All Users" checkbox.
    • Check the "Standard Output".
    • Click Run Scan button.
    • Two reports will open, copy and paste OTL.txt and attacht Extra.txt to your reply:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized


#5 Jtkw

Jtkw
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:56 AM

Posted 11 June 2011 - 07:49 AM

Hi farbar,
Thanks for the assistance. Sorry the logs are quite large.

MBAM Log

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6834

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

11/6/2011 8:33:18 PM
mbam-log-2011-06-11 (20-33-18).txt

Scan type: Quick scan
Objects scanned: 172226
Time elapsed: 5 minute(s), 52 second(s)

Memory Processes Infected: 2
Memory Modules Infected: 10
Registry Keys Infected: 4
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 17
Files Infected: 594

Memory Processes Infected:
c:\program files (x86)\funshion online\Funshion\Funshion.exe (Adware.Funshion) -> 2960 -> Unloaded process successfully.
c:\program files (x86)\funshion online\Funshion\funshionservice.exe (Adware.Funshion) -> 2484 -> Unloaded process successfully.

Memory Modules Infected:
c:\program files (x86)\funshion online\Funshion\dbghelp.dll (Adware.Funshion) -> Delete on reboot.
c:\program files (x86)\funshion online\Funshion\Dump.dll (Adware.Funshion) -> Delete on reboot.
c:\program files (x86)\funshion online\Funshion\Encrypt.dll (Adware.Funshion) -> Delete on reboot.
c:\program files (x86)\funshion online\Funshion\fpsrv.dll (Adware.Funshion) -> Delete on reboot.
c:\program files (x86)\funshion online\Funshion\fptassrv.dll (Adware.Funshion) -> Delete on reboot.
c:\program files (x86)\funshion online\Funshion\funshionplugin2.dll (Adware.Funshion) -> Delete on reboot.
c:\program files (x86)\funshion online\Funshion\getmacaddress.dll (Adware.Funshion) -> Delete on reboot.
c:\program files (x86)\funshion online\Funshion\langresenamerican.dll (Adware.Funshion) -> Delete on reboot.
c:\program files (x86)\funshion online\Funshion\quality.dll (Adware.Funshion) -> Delete on reboot.
c:\program files (x86)\funshion online\Funshion\upnp.dll (Adware.Funshion) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\fsp (Adware.Funshion) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Funshion Task (Adware.Funshion) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\DC3_FEXEC (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Funshion (Adware.Funshion) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\program files (x86)\funshion online (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin (Adware.Funshion) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\Funshion (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\baiduflash (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\baiduflash\subflash (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\cacheflash (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flash (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashstamp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\historytorrent (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\ini (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\Seed (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\update (Adware.Funshion) -> Quarantined and deleted successfully.

Files Infected:
c:\Users\Jevontkw\AppData\Roaming\logon.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\$RECYCLE.BIN\s-1-5-21-1990256883-851623998-2167587353-1000\$RY93APW.exe (Trojan.Dropper.Gen) -> Quarantined and deleted successfully.
c:\Windows\Temp\15DD.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Windows\Temp\D93.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Windows\java_is1.exe (Trojan.Downloader.Gen) -> Quarantined and deleted successfully.
c:\Users\Public\Desktop\Funshion.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\AppData\Roaming\microsoft\internet explorer\quick launch\Funshion.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Funshion.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Windows\System32\funshion.ini (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Windows\SysWOW64\funshion.ini (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Windows\setups.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\cook.dll (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\CoreAAC.ax (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\coreavc.ax (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\crashreport.exe (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\dbghelp.dll (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\drvc.dll (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\Dump.dll (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\Encrypt.dll (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\fpsrv.dll (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\fptassrv.dll (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\funshion-install.ico (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\Funshion.exe (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\funshion.ini (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\funshiongame2.ico (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\funshionplugin2.dll (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\funshionservice.diagnose (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\funshionservice.exe (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\funshionupgrade.exe (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\Funshop2.ico (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\getmacaddress.dll (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\langresenamerican.dll (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\nicdescr.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\pncrt.dll (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\pndx5032.dll (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\quality.dll (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\rmoc3260.dll (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\routersetting.dll (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\uninstall.exe (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\upnp.dll (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\0.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\1.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\2.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\3.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\4.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\5.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\6.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\7.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\8.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\9.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\buffering.gif (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\captionclosebtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\captionmaxbtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\captionmenubtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\captionmenubtnen.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\captionmenuf.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\captionmenufen.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\captionminbtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\captionnormalbtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\captiontext.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\captiontexten.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\changemodebtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\checkbox_box.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\checkbox_check.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\diskwarnning.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\dragcorner.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\hideplayinfobtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\ierrorreshbtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\ierrorwarning.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\ierrorwndbk.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\ietoolbarback.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\ietoolbarbacken.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\ietoolbarbkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\ietoolbarforward.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\ietoolbarforwarden.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\ietoolbarhomepage.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\ietoolbarhomepageen.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\ietoolbarrefresh.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\ietoolbarrefreshen.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\intergratemodebtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\L.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\optiontext.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\optiontexten.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\p.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\pauseadclosebtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\pauseflickerbtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playbarsplidrgn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playbarvolumebarbkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playbarvolumebarbkgndright.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playbarvolumebarbkgndrightsmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playbarvolumebarbkgndsmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playbarvolumebarthumb.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playbarvolumebarthumbsmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playbufferinfowndbkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playbufferinfowndleft.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playbufferinfowndright.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playerbarbkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playerbarbtnfullview.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playerbarbtnmute.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playerbarbtnmutesmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playerbarbtnnext.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playerbarbtnnextsmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playerbarbtnnontop.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playerbarbtnnormal.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playerbarbtnpause.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playerbarbtnpausesmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playerbarbtnplay.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playerbarbtnplaylist.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playerbarbtnplaysmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playerbarbtnpre.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playerbarbtnpresmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playerbarbtnsimple.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playerbarbtnstop.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playerbarbtntop.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playerbarbtnvolume.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playerbarbtnvolumesmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playerhidebtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playertipclosebtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playflickerbtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playinfobkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playinfobkgndsel.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playinfobtnmenu.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playinfocurplay.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playinfoheaderbkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playinfotitlebk.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playlistaddbtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playlistremove.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playlistversplid.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playlistversplidmark.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playsplidbarbefore.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playsplidbarbeforesmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playsplidbarbkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playsplidbarbkgndsmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playsplidbardownload.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playsplidbardownloadsmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playsplidbarhead.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playsplidbarheadsmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playsplidbarthumb.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playsplidbarthumbsmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playsplidbartrail.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\playsplidbartrailsmall.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\R.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\radiobtnbox.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\radiobtnpt.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\rpcloading.gif (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\rpcstartdlgbk.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\scrollbardownarrow.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\scrollbardownarrowl.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\scrollbaruparrow.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\scrollbaruparrowl.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\scrollbarverbkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\scrollbarverbkgndl.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\scrollbarverwidgetbkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\scrollbarverwidgetbkgndl.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\scrollbarverwidgethead.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\scrollbarverwidgetheadl.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\scrollbarverwidgetmid.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\scrollbarverwidgetmidl.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\scrollbarverwidgettrail.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\scrollbarverwidgettraill.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\scrolllinkbkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\scrolllinkfrm.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\settingdlgicon.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\showplayinfobtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\splidbarbkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\splidbarmark.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\statusbarbkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\statusbarleft.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\statusbarright.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\statusbarsplid.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\tabmodebtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\taskbarbtnicon.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\taskbarbtnmenu.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\taskbarbtnopenlcl.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\taskbarbtnshowplayer.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\taskbartipdownarrow.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\taskdown.ico (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\tasklistbtnhide.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\tasklistbtnshow.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\taskliststaticons.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\taskliststatselicon.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\taskmanagerclosebtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\taskmanagerclosetxtbtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\taskmgnbarbk.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\taskmgnbaritem.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\taskmgnbarlist.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\taskmgnbarlscrollbtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\taskmgnbarrscrollbtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\taskmgntitlebkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\taskmgntitleleft.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\taskmgntitleright.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\taskpause.ico (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\taskplaying.ico (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\taskstop.ico (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\tasktabbkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\TaskText.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\tasktexten.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\tasktoolbarbkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\tasktoolbardelete.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\tasktoolbardeleteen.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\tasktoolbardownload.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\tasktoolbardownloaden.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\tasktoolbarplay.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\tasktoolbarrestore.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\tasktoolbarrestoreen.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\tasktoolbarstop.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\tasktoolbarstopen.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\taskupload.ico (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\textbtnbk.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\tipbottomarrow.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\tiprightarrow.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\tiptoparrow.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\updatebtmbkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\updatebtmclosebtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\updatebtmigorebtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\updatebtmupdatebtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\updatecapbkgnd.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\updatecapclosebtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\updatecaption.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\updateiconfail.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\updateiconinit.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\updateiconsuc.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\vodPlay.gif (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\vodplayen.gif (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\vodWeb.gif (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\vodWebEn.gif (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\webclosebtn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\webclosebtnrgn.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\program files (x86)\funshion online\Funshion\skin\x.bmp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\Funshion\funshion use help.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\Funshion\Funshion.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\Funshion\Pop Game.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\Funshion\shopping sites.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\Funshion\uninstall funshion.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\Funshion\update history.lnk (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\install.ini (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\jevon_info.ini (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\cacheflash\blankFs.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\cacheflash\donghuanew_18.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flash\980ef71b_c41b_511c_2591_1c44d72c2cec.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\0582c6f8_3670_7d16_7b8e_a0afa121608a.date1306583118.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\05ab3df7_96f7_f3c1_c7e4_57c5af04df14.date1305950625.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\060164ce_079b_52b0_b3a7_0f92af1d8d74.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\09bfa07c_9c47_2c78_6f3b_f03378ec4cb6.date1306922939.flv (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\0a549c41_c5a1_b905_7f4c_ade5472837e4.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\10f62396_a8ef_cc31_648e_b257c210b8d7.date1307589036.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\159ebdb8_a8e8_61ae_e265_f9dce2e34e92.date1306827308.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\16e5d77b_86be_f63d_fa05_bea1dcdcc006.date1307102528.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\19037f00_64b6_855b_bcb5_de37f6538f97.date1305287236.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\19e0a898_4a6b_0ac0_f4af_5d012464b2f6.date1306036257.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\1bac7ebe_d7a6_54da_5dc5_933f05b6dd50.date1306140541.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\1e035502_89da_3c1b_2e7d_39cab9fb7307.date1305287236.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\202f3106_3d86_3e00_5b50_9d97a900ba03.date1306583118.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\22ab450a_67fb_7034_b005_68d02ad158b0.date1307589036.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\27eef950_63c1_f602_186e_72d88ab56360.date1306140541.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\35fd07a9_3462_fab1_78f0_85c07123d022.date1307102528.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\3bd9da56_d8a5_d6cf_afbc_c8812cb4cdea.date1305718545.flv (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\3fbf9700_5b84_df58_916d_cc1d809298f0.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\40c07c90_6186_ac75_4abf_8ce291a20704.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\4249d162_f51e_13c7_75a5_e2499caa065c.date1307180267.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\48fac2b0_8dc0_c6e9_cc75_abc16264c818.date1305287236.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\4ec75e06_1cf2_6653_233b_db5b33289591.date1306922939.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\4fb870e3_6a2a_ad04_0e3c_b29ac08d244a.flv (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\5063a532_ed17_a8ea_443d_dbb695e989ff.date1305888604.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\51defd57_8076_ead7_e781_0e00837fe39d.date1306490921.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\563dc959_ec3e_01ff_85ef_90f0c4ae9690.date1305287236.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\577fbbe0_6b57_ae58_740b_4a351c6108dc.date1305718545.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\59cdd6ed_6a9a_b933_aff3_109f2644974f.date1307589036.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\5dc8db1f_9514_8b49_9423_b5200a7f639a.date1306922939.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\5f0875ac_463a_dcd4_c54e_d8bd9c112f4a.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\61510264_071f_a9c7_bd54_7a0509e6f48b.date1307777587.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\6601537d_9ad3_ad5a_abe1_21fdd3fa1126.date1305888604.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\6625e401_5223_60dd_1d48_cf4f2af4bfc9.date1305888604.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\693fe51b_3610_13f5_fa5c_b9d60472deb0.date1307102527.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\69c3b9e1_1f9d_7df3_aa96_1f17c510b7cf.date1307355350.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\69e3fdc8_ee85_245f_185d_1e112d29cdfe.date1306922939.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\6da894eb_ebd3_fd6b_e80a_6a8b038f14b6.date1305888603.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\6e864b03_2de4_7c90_e776_08c18105a454.date1306140539.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\73991fd0_ebda_d973_cb58_c5037dc4b9af.date1306036257.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\75de27e8_d33f_dc61_a715_b944bae4b2dd.date1306400896.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\8355b1e5_1e71_38ab_19db_b78d7cfef3ef.date1305718545.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\84dbf53e_d681_add4_4cc6_f8e1edb8dde7.date1306922939.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\87c09b07_969b_d6d1_2bd5_4f7cb5f703d8.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\8c630f53_d8d5_9038_dcf5_a2535b80c421.date1307102527.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\92d1921f_0618_6f08_780a_2074764e9922.date1305287236.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\95680ccd_205a_c9d9_edaa_da7192f5c3ce.date1307355350.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\9b1f9dfe_2b01_a8ca_1a3e_0c0c37593e04.date1305607765.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\a0ee6889_0a7e_429b_03eb_775619512f74.date1305287236.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\a15d237e_2034_8f86_bade_5c6f73f19321.date1306827305.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\a6f48ba7_5022_151a_5dfb_697ad488d978.date1307777587.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\ac9795f4_46ba_4da7_4c98_69b0eaf029b6.date1305287236.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\ad15c62b_7ba6_b00f_f648_cbb28f0ba14f.date1307777587.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\b2ad7bb2_18b3_7d1b_5b96_5b436f9d7bcb.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\b659ebe6_bb1c_1149_5128_c386fc7b55e7.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\bb79adf3_c2bb_6b1c_d4db_3b3b788c9d77.date1306827304.flv (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\c355c0b8_4929_98d2_4e80_4fc7d20c6503.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\c3691d3a_c235_9ff9_4abb_d967d0efc0b5.date1305287236.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\ca9c71af_d1c2_82b9_d32c_bb434c794b8d.flv (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\cd6c30bc_187d_88ec_b292_97c93d341e11.date1306400895.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\cf6c9342_fff5_1b58_405a_404728bb52eb.date1305888601.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\d0f9a3b9_8bec_7d30_13b6_e61cea6f2f7e.date1306827303.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\d53c1bf6_60b6_6655_f9e7_9d3c850192da.date1306827303.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\db333118_cf35_10fa_b579_fc5ea733989b.date1306400895.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\dbed91bc_c4c2_b10f_c070_3810d72a559c.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\e18dba84_077c_bd07_916f_61be71e6a97b.date1306827303.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\e22429aa_7f06_cd23_5c26_e0a5db396642.date1305950622.flv (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\ede2b6be_33a9_139f_de84_a9981770b2d5.date1306400895.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\ef512dbd_c49f_4f4d_4617_176841d3e079.date1306490914.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\f511ad8d_3fa4_5095_932a_be225b2dc91b.date1306827301.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\f5ff9a31_84e9_f8b5_fb10_8a623b7f4ebb.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\f7cf4be2_0544_936a_ac0a_81d1ec9d2f68.date1306922938.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\fa299f1a_9904_c753_9b6d_7ac3f2663354.date1307777587.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\fa6301e2_6062_90f8_adc0_de03f70bf33f.date1306583118.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\fc1623dd_a473_192b_fe9e_3c7cccbd4799.date1307180267.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashNew\funshionad20100531.date1305537347.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashstamp\11917d95_8c54_4cca_80e3_d00b766321e1.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashstamp\bef6fc6f_547e_92ec_5b03_5f3ff763365f.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashstamp\blank.gif (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\cache\flashstamp\d97435b9_2303_a0fc_768a_0387dac9718a.swf (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295497360_12694173_1253841818_729.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295497360_12694173_1253841818_729.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295503124_12694173_1253841840_662.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295503124_12694173_1253841840_662.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295508297_12694173_1253841850_896.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295508297_12694173_1253841850_896.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295516255_12694173_1253841860_498.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295516255_12694173_1253841860_498.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295519483_12694173_1253841867_684.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295519483_12694173_1253841867_684.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295519487_12694173_1253841875_870.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295519487_12694173_1253841875_870.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295520238_18277256_1291340605_595.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295520238_18277256_1291340605_595.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295585894_12694173_1236159701_8.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295585894_12694173_1236159701_8.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295585903_12694173_1236159767_881.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295585903_12694173_1236159767_881.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295597789_12694173_1236159833_333.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295597789_12694173_1236159833_333.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295597869_12694173_1236159853_271.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295597869_12694173_1236159853_271.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295611120_12694173_1236159784_777.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295611120_12694173_1236159784_777.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295662761_12694173_1236159873_119.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295662761_12694173_1236159873_119.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295664402_12694173_1236836426_988.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295664402_12694173_1236836426_988.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295667708_12694173_1237356814_230.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295667708_12694173_1237356814_230.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295667714_12694173_1238560131_409.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295667714_12694173_1238560131_409.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295669026_12694173_1239772499_485.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295669026_12694173_1239772499_485.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295671415_12694173_1240987292_285.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295671415_12694173_1240987292_285.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295671422_12694173_1241675375_47.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295671422_12694173_1241675375_47.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295673001_12694173_1242195301_947.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295673001_12694173_1242195301_947.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295674814_14669960_1256018847_846.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295674814_14669960_1256018847_846.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295758155_14669960_1256018874_884.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295758155_14669960_1256018874_884.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295758169_14669960_1256018888_334.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295758169_14669960_1256018888_334.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295758181_14669960_1256018901_653.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295758181_14669960_1256018901_653.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295758188_14669960_1256102838_417.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295758188_14669960_1256102838_417.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295866298_14669960_1257313324_158.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295866298_14669960_1257313324_158.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295866305_14669960_1257917864_879.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295866305_14669960_1257917864_879.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295866313_16727680_1258522977_282.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295866313_16727680_1258522977_282.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295866317_14669960_1259126692_791.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295866317_14669960_1259126692_791.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295866320_16727680_1260340181_570.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295866320_16727680_1260340181_570.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295866323_16727680_1260944300_585.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295866323_16727680_1260944300_585.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295876742_17218048_1263362612_421.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295876742_17218048_1263362612_421.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295876744_17218048_1263966076_285.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295876744_17218048_1263966076_285.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295876747_6826766_1265178824_890.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295876747_6826766_1265178824_890.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295876753_17218048_1265783636_285.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295876753_17218048_1265783636_285.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295876756_16727680_1268390165_229.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295876756_16727680_1268390165_229.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295953765_17239948_1268202019_18.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295953765_17239948_1268202019_18.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295953767_16727680_1269412021_793.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295953767_16727680_1269412021_793.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295953770_6634280_1271227043_13.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295953770_6634280_1271227043_13.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295953774_6634280_1273040143_260.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295953774_6634280_1273040143_260.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295953778_18524595_1273644641_912.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295953778_18524595_1273644641_912.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295953781_18524595_1274256556_172.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1295953781_18524595_1274256556_172.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296024382_18524595_1285387546_890.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296024382_18524595_1285387546_890.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296024390_6634280_1286078195_110.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296024390_6634280_1286078195_110.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296024394_18524595_1286592720_236.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296024394_18524595_1286592720_236.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296024401_18524595_1287129186_538.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296024401_18524595_1287129186_538.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296040871_18524595_1287730812_342.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296040871_18524595_1287730812_342.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296040877_18524595_1288944901_467.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296040877_18524595_1288944901_467.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296040885_18524595_1289555259_600.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296040885_18524595_1289555259_600.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296040895_18524595_1288338444_107.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296040895_18524595_1288338444_107.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296046461_18524595_1290157972_221.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296046461_18524595_1290157972_221.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296046469_18524595_1291971176_84.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296046469_18524595_1291971176_84.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296046480_18524595_1292581109_241.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296046480_18524595_1292581109_241.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296046484_6634280_1294394064_129.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296046484_6634280_1294394064_129.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296046491_18277256_1295600589_174.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296046491_18277256_1295600589_174.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296222376_19716789_1294891638_600.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296222376_19716789_1294891638_600.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296309282_18277256_1286973406_392.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296309282_18277256_1286973406_392.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296309295_18277256_1286973407_463.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296309295_18277256_1286973407_463.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296309299_18277256_1286973408_747.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296309299_18277256_1286973408_747.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296309307_18277256_1286973409_818.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296309307_18277256_1286973409_818.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296385324_18277256_1286973410_68.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296385324_18277256_1286973410_68.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296385328_18277256_1286973411_798.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296385328_18277256_1286973411_798.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296385332_18277256_1286973412_312.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296385332_18277256_1286973412_312.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296385338_18277256_1286973413_94.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296385338_18277256_1286973413_94.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296385347_18277256_1286973416_456.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296385347_18277256_1286973416_456.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296385352_18277256_1286973417_813.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296385352_18277256_1286973417_813.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636259_18277256_1286973418_567.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636259_18277256_1286973418_567.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636265_18277256_1286973423_271.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636265_18277256_1286973423_271.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636270_18277256_1286973426_251.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636270_18277256_1286973426_251.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636276_18277256_1286973428_853.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636276_18277256_1286973428_853.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636282_18277256_1286973430_579.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636282_18277256_1286973430_579.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636287_18277256_1286973433_246.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636287_18277256_1286973433_246.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636294_18277256_1286973438_885.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636294_18277256_1286973438_885.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636300_18277256_1286973442_156.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636300_18277256_1286973442_156.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636305_18277256_1286973450_744.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636305_18277256_1286973450_744.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636313_18277256_1286973451_226.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636313_18277256_1286973451_226.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636318_18277256_1286973456_793.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636318_18277256_1286973456_793.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636323_18277256_1286973404_166.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296636323_18277256_1286973404_166.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296827161_18277256_1286972411_280.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296827161_18277256_1286972411_280.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296827168_18277256_1286972412_424.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296827168_18277256_1286972412_424.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296827173_18277256_1286972427_748.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296827173_18277256_1286972427_748.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296827176_18277256_1286972428_849.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296827176_18277256_1286972428_849.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296827179_18277256_1286972429_420.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296827179_18277256_1286972429_420.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296827184_18277256_1286972430_57.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296827184_18277256_1286972430_57.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296827188_18277256_1286972431_622.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296827188_18277256_1286972431_622.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296897316_18277256_1286972434_740.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296897316_18277256_1286972434_740.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296897319_18277256_1286972435_531.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296897319_18277256_1286972435_531.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296897323_18277256_1286972451_312.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296897323_18277256_1286972451_312.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296897327_18277256_1286972452_904.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296897327_18277256_1286972452_904.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296897331_18277256_1286972456_199.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296897331_18277256_1286972456_199.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296897335_18277256_1286972463_626.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296897335_18277256_1286972463_626.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296897340_18277256_1286972464_768.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296897340_18277256_1286972464_768.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296897345_18277256_1286972465_381.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296897345_18277256_1286972465_381.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296902996_18277256_1291017374_709.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296902996_18277256_1291017374_709.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296922545_6634280_1292826365_190.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296922545_6634280_1292826365_190.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296922565_6634280_1291012853_867.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296922565_6634280_1291012853_867.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296990327_18277256_1288864696_802.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1296990327_18277256_1288864696_802.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1297492836_18277256_1290131501_143.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1297492836_18277256_1290131501_143.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1297582310_18277256_1293071002_848.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1297582310_18277256_1293071002_848.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1297582359_6634280_1292844546_709.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1297582359_6634280_1292844546_709.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1297601803_18524595_1286508793_189.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1297601803_18524595_1286508793_189.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1298181981_6634280_1296969559_85.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1298181981_6634280_1296969559_85.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1298181988_6634280_1297419031_357.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1298181988_6634280_1297419031_357.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1298181992_2452211_1298020924_98.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1298181992_2452211_1298020924_98.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1298186121_6634280_1292831001_386.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1298186121_6634280_1292831001_386.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1298681577_18524595_1298624800_135.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1298681577_18524595_1298624800_135.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1298715144_6634280_1292847597_870.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1298715144_6634280_1292847597_870.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1298715234_18277256_1290796216_452.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1298715234_18277256_1290796216_452.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1298715295_4629932_1229157030_639.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1298715295_4629932_1229157030_639.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1298978596_19716789_1298875435_183.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1298978596_19716789_1298875435_183.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1299992957_18524595_1299836831_783.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1299992957_18524595_1299836831_783.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1300459799_6634280_1278898966_957.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1300459799_6634280_1278898966_957.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1300460170_6634280_1280386867_297.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1300460170_6634280_1280386867_297.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1300460352_6634280_1290139662_195.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1300460352_6634280_1290139662_195.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1301803643_18524595_1301653080_365.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1301803643_18524595_1301653080_365.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1302331272_6634280_1302255481_724.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1302331272_6634280_1302255481_724.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1302872042_18277256_1290582384_335.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1302872042_18277256_1290582384_335.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1304170789_18524595_1304067896_229.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1304170789_18524595_1304067896_229.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1304170806_20080446_1304006588_612.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1304170806_20080446_1304006588_612.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1304736823_suduyujiqing1.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1304736823_suduyujiqing1.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1304736874_6634280_1292812591_762.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1304736874_6634280_1292812591_762.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1305027106_18277256_1304671389_352.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1305027106_18277256_1304671389_352.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1305555713_18524595_1305272430_881.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1305555713_18524595_1305272430_881.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1305954157_23811438_1305878024_734.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1305954157_23811438_1305878024_734.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1305971264_5372255_1217830966_143.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1305971264_5372255_1217830966_143.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1307179824_18524595_1292652903_21.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1307179824_18524595_1292652903_21.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1307361214_18524595_1306920550_514.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1307361214_18524595_1306920550_514.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1307443985_gongfu.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1307443985_gongfu.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1307686215_18524595_1303208649_735.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1307686215_18524595_1303208649_735.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1307777675_24272712_1307442960_265.dat (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\control\1307777675_24272712_1307442960_265.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\historytorrent\??-MP4.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\historytorrent\??-MP4.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\historytorrent\?????2.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\historytorrent\????????-?1?.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\historytorrent\????-MP4.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\ini\httpfile.ini (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\ini\temp_config.ini (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\Seed\12694173_1240987292_285.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\Seed\6634280_1291012853_867.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\Seed\gongfu.fsp (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\update\adlinkparamfile.fax (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\update\ad_define.fai (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\update\ad_material.fax (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\update\flashparam.txt (Adware.Funshion) -> Quarantined and deleted successfully.
c:\Users\Jevontkw\funshion\update\localad.fax (Adware.Funshion) -> Quarantined and deleted successfully.


OTL.txt

OTL logfile created on: 11/6/2011 8:37:17 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Jevontkw\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00004809 | Country: Singapore | Language: ENE | Date Format: d/M/yyyy

3.87 Gb Total Physical Memory | 2.27 Gb Available Physical Memory | 58.71% Memory free
7.73 Gb Paging File | 6.18 Gb Available in Paging File | 79.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.65 Gb Total Space | 12.70 Gb Free Space | 5.46% Space Free | Partition Type: NTFS
Drive D: | 232.72 Gb Total Space | 187.75 Gb Free Space | 80.68% Space Free | Partition Type: NTFS
Drive F: | 6.25 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 4.18 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive H: | 7.55 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive I: | 7.19 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive K: | 7.47 Gb Total Space | 4.98 Gb Free Space | 66.56% Space Free | Partition Type: FAT32

Computer Name: JEVON | User Name: Jevontkw | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/11 20:36:32 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Jevontkw\Desktop\OTL.exe
PRC - [2011/05/29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/05/16 20:58:36 | 002,151,128 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/05/13 17:11:03 | 001,191,216 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011/04/30 14:37:40 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/04/10 11:30:37 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2010/12/07 18:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010/12/07 18:31:58 | 007,482,152 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
PRC - [2010/12/07 18:10:24 | 000,099,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\tv_w32.exe
PRC - [2010/03/03 21:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/03 21:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/02/22 20:23:50 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2010/01/15 21:08:38 | 000,935,208 | ---- | M] (Nero AG) -- c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2010/01/15 20:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/07/29 03:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/03/11 01:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe


========== Modules (SafeList) ==========

MOD - [2011/06/11 20:36:32 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Jevontkw\Desktop\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/08/21 13:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/04/27 04:49:36 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/03/17 23:00:44 | 000,258,928 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010/02/24 00:57:42 | 000,835,952 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2010/02/06 00:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/11/06 05:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009/07/28 21:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/05/16 20:58:36 | 002,151,128 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/04/21 20:44:44 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/02/16 15:49:08 | 000,101,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/12/07 18:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010/10/13 01:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 21:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/03/03 21:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/02/11 09:40:12 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2010/01/28 23:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2010/01/15 21:08:38 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2010/01/15 20:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/10/06 16:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/11 01:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/03/11 14:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 14:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/03 17:05:34 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2010/09/28 15:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/04/27 10:56:34 | 006,659,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/04/27 10:56:34 | 006,659,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/04/27 08:23:08 | 001,103,904 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2010/04/27 04:17:26 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/04/19 20:29:18 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2010/03/31 21:50:16 | 000,724,536 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010/03/11 01:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/05 18:11:30 | 000,720,952 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDMI64.sys -- (CnxtHdmiAudService)
DRV:64bit: - [2010/02/23 01:03:42 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/02/01 17:29:48 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/01/15 19:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/09/17 19:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/09/03 16:30:20 | 000,128,512 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tiehdusb.sys -- (TIEHDUSB)
DRV:64bit: - [2009/08/18 15:20:00 | 000,180,280 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mkd3kfnt.sys -- (Mkd3kfNt)
DRV:64bit: - [2009/07/31 02:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 23:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/07 15:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/23 00:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/20 10:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/06/20 02:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/11 05:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/11 04:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/12 14:37:00 | 000,106,040 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
DRV:64bit: - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2005/11/07 14:33:12 | 000,021,120 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Razerlow.sys -- (Razerlow)
DRV - [2011/02/04 22:27:14 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1990256883-851623998-2167587353-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
IE - HKU\S-1-5-21-1990256883-851623998-2167587353-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1990256883-851623998-2167587353-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-1990256883-851623998-2167587353-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "eBay.co.uk"
FF - prefs.js..browser.startup.homepage: "www.yahoo.com"
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.5
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.8
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:7.2.2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {47624dda-b77e-4feb-820a-e4f077d5d4ca}:11.0.0

FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\Firefox [2010/05/06 19:28:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/12/08 09:43:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2010/12/16 07:57:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2010/12/16 07:57:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/05/25 19:30:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/04/30 14:37:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/08 17:16:56 | 000,000,000 | ---D | M]

[2010/12/07 08:44:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jevontkw\AppData\Roaming\Mozilla\Extensions
[2011/06/11 20:29:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jevontkw\AppData\Roaming\Mozilla\Firefox\Profiles\075bh8k4.default\extensions
[2011/03/13 17:55:10 | 000,000,000 | ---D | M] (Boost for Facebook) -- C:\Users\Jevontkw\AppData\Roaming\Mozilla\Firefox\Profiles\075bh8k4.default\extensions\{47624dda-b77e-4feb-820a-e4f077d5d4ca}
[2011/06/05 11:27:23 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Jevontkw\AppData\Roaming\Mozilla\Firefox\Profiles\075bh8k4.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2011/05/25 19:26:57 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Jevontkw\AppData\Roaming\Mozilla\Firefox\Profiles\075bh8k4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/06/03 07:44:32 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Jevontkw\AppData\Roaming\Mozilla\Firefox\Profiles\075bh8k4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/03/13 17:55:10 | 000,000,000 | ---D | M] (Facebook Lightbox Killer) -- C:\Users\Jevontkw\AppData\Roaming\Mozilla\Firefox\Profiles\075bh8k4.default\extensions\LightBoxKiller@syndacate.org
[2011/03/13 17:46:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/03/13 17:46:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/12/16 07:57:28 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2010/12/16 07:57:28 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2011/03/07 16:35:17 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2011/03/07 16:35:17 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2011/03/07 16:35:17 | 000,000,769 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2011/03/07 16:35:18 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2011/06/01 19:05:36 | 000,006,639 | -HS- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 74.208.10.249 gs.apple.com
O1 - Hosts: 67.221.174.30 tagged.com
O1 - Hosts: 204.9.178.11 typepad.com
O1 - Hosts: 74.113.152.32 istockphoto.com
O1 - Hosts: 208.94.0.38 yfrog.com
O1 - Hosts: 63.309.5.102 virustotal.com
O1 - Hosts: 123.125.50.22 126.com
O1 - Hosts: 74.208.73.101 qvc.com
O1 - Hosts: 174.36.28.11 SlideShare.com
O1 - Hosts: 213.238.60.190 xing.com
O1 - Hosts: 59.106.98.139 seesaa.net
O1 - Hosts: 184.72.253.170 hootsuite.com
O1 - Hosts: 211.151.146.16 soku.com
O1 - Hosts: 72.32.120.222 metacafe.com
O1 - Hosts: 9.105.6.98 bitdefender.com
O1 - Hosts: 204.11.109.133 tribalfusion.com
O1 - Hosts: 207.154.14.31tripadvisor.com
O1 - Hosts: 216.52.240.133 ustream.tv
O1 - Hosts: 174.36.244.132 linkwithin.com
O1 - Hosts: 121.67.203.61 scan.novirusthanks.org
O1 - Hosts: 209.172.34.139 imagevenue.com
O1 - Hosts: 91.206.232.220 booking.com
O1 - Hosts: 118.69.251.6 vnexpress.net
O1 - Hosts: 103.67.101.13 trendmicro.com
O1 - Hosts: 208.85.40.80 pandora.com
O1 - Hosts: 178 more lines...
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-18..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1990256883-851623998-2167587353-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Jevontkw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\funshion.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1990256883-851623998-2167587353-1000\..Trusted Domains: pps.tv ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1990256883-851623998-2167587353-1000\..Trusted Domains: ppstream.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1990256883-851623998-2167587353-1000\..Trusted Domains: webscache.com ([]http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 218.186.1.58 202.156.1.48 218.186.1.88
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\KuGoo - No CLSID value found
O18:64bit: - Protocol\Handler\KuGoo3 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\KuGoo - No CLSID value found
O18 - Protocol\Handler\KuGoo3 - No CLSID value found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/19 23:24:59 | 000,000,064 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2005/11/22 01:26:21 | 000,000,057 | R--- | M] () - G:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2011/05/18 03:42:03 | 000,231,518 | R--- | M] () - H:\autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2011/05/18 03:42:03 | 000,000,047 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{248eda62-017d-11e0-9c46-00266c7ee924}\Shell - "" = AutoRun
O33 - MountPoints2\{248eda62-017d-11e0-9c46-00266c7ee924}\Shell\AutoRun\command - "" = F:\Setup.exe -- [2010/10/19 23:24:59 | 000,387,208 | R--- | M] (Bethesda Softworks )
O33 - MountPoints2\{ab9b989c-02c6-11e0-a29f-00266c7ee924}\Shell - "" = AutoRun
O33 - MountPoints2\{ab9b989c-02c6-11e0-a29f-00266c7ee924}\Shell\AutoRun\command - "" = G:\OblivionLauncher.exe -- [2006/02/27 22:33:32 | 001,662,976 | R--- | M] (Bethesda Softworks)
O33 - MountPoints2\{e9bc4e0a-4006-11e0-8dd7-00266c7ee924}\Shell - "" = AutoRun
O33 - MountPoints2\{e9bc4e0a-4006-11e0-8dd7-00266c7ee924}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{f3f0e8dd-062f-11e0-9f57-00266c7ee924}\Shell - "" = AutoRun
O33 - MountPoints2\{f3f0e8dd-062f-11e0-9f57-00266c7ee924}\Shell\AutoRun\command - "" = H:\Setup.exe -- [2011/05/18 03:42:03 | 000,394,016 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/11 20:36:31 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Jevontkw\Desktop\OTL.exe
[2011/06/11 20:21:39 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/06/11 20:21:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/11 20:21:35 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/06/11 20:04:21 | 000,000,000 | ---D | C] -- C:\Users\Jevontkw\AppData\Roaming\Malwarebytes
[2011/06/11 20:04:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/11 20:04:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/06/11 14:09:16 | 000,000,000 | ---D | C] -- C:\FRST
[2011/06/10 15:50:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2011/06/10 15:39:04 | 000,000,000 | ---D | C] -- C:\Users\Jevontkw\AppData\Roaming\Lionhead Studios
[2011/06/09 14:10:15 | 000,000,000 | ---D | C] -- C:\Users\Jevontkw\AppData\Local\CheatEngine_Forum_-_Krypt
[2011/06/09 14:09:34 | 000,000,000 | ---D | C] -- C:\Users\Jevontkw\Desktop\HaRepacker
[2011/06/09 13:59:20 | 000,000,000 | ---D | C] -- C:\Users\Jevontkw\Desktop\HaRepacker 3.3
[2011/06/09 13:06:59 | 000,000,000 | ---D | C] -- C:\Users\Jevontkw\Desktop\Lethargy Trainer
[2011/06/08 17:18:18 | 000,180,280 | ---- | C] (AhnLab, Inc.) -- C:\Windows\SysNative\drivers\mkd3kfnt.sys
[2011/06/08 17:18:18 | 000,106,040 | ---- | C] (AhnLab, Inc.) -- C:\Windows\SysNative\drivers\Mkd2Nadr.sys
[2011/06/08 17:16:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AhnLab
[2011/06/08 17:02:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WIZET
[2011/06/01 19:07:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sibelius Software
[2011/06/01 19:07:00 | 000,000,000 | ---D | C] -- C:\Users\Jevontkw\Documents\Scores
[2011/06/01 19:00:41 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/06/01 18:50:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Sibelius Software
[2011/06/01 18:50:03 | 000,000,000 | ---D | C] -- C:\Users\Jevontkw\AppData\Roaming\Sibelius Software
[2011/06/01 18:45:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sibelius Software
[2011/06/01 18:44:16 | 000,000,000 | ---D | C] -- C:\Users\Jevontkw\Desktop\Sibelius.v6.0.0.54-NoPE
[2011/05/31 20:32:23 | 000,000,000 | ---D | C] -- C:\Users\Jevontkw\AppData\Roaming\MusE
[2011/05/31 20:32:22 | 000,000,000 | ---D | C] -- C:\Users\Jevontkw\AppData\Local\MusE
[2011/05/31 20:32:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore 1.0
[2011/05/31 20:32:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MuseScore
[2011/05/28 17:21:44 | 000,257,024 | ---- | C] (KryptoDEV) -- C:\Users\Jevontkw\Desktop\TerrariaInvEdit.24.exe
[2011/05/27 20:48:42 | 000,000,000 | ---D | C] -- C:\Users\Jevontkw\Desktop\FishingJoyiPhone
[2011/05/25 19:31:45 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2011/05/23 16:49:33 | 000,000,000 | ---D | C] -- C:\Users\Jevontkw\Desktop\Games
[2011/05/17 22:39:20 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011/05/17 22:39:20 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011/05/16 21:10:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/11 20:36:32 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Jevontkw\Desktop\OTL.exe
[2011/06/11 20:35:07 | 000,000,374 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2011/06/11 20:35:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/11 20:34:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/11 20:34:32 | 3113,361,408 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/11 20:25:55 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/11 20:25:55 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/11 20:24:36 | 000,779,266 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/11 20:24:36 | 000,664,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/11 20:24:36 | 000,125,696 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/11 20:21:39 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/11 20:19:16 | 000,002,440 | ---- | M] () -- C:\Users\Jevontkw\funshion.ini
[2011/06/10 14:57:40 | 000,001,480 | ---- | M] () -- C:\Users\Public\Desktop\Fable III.lnk
[2011/06/10 14:26:03 | 000,000,129 | ---- | M] () -- C:\Users\Jevontkw\jagex_runescape_preferences2.dat
[2011/06/10 14:24:03 | 000,000,034 | ---- | M] () -- C:\Users\Jevontkw\jagex_runescape_preferences.dat
[2011/06/10 14:14:55 | 000,000,621 | ---- | M] () -- C:\Windows\SysWow64\msexcr.ini
[2011/06/10 14:12:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/09 22:40:28 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/06/09 22:40:28 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/06/09 17:10:56 | 003,994,417 | ---- | M] () -- C:\Users\Jevontkw\Desktop\GrassSoftware Macro Expert Enterprise v2.9.rar
[2011/06/09 14:23:26 | 000,765,178 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/06/09 11:13:27 | 000,002,347 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/06/02 10:49:23 | 004,894,064 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/01 19:07:45 | 000,000,464 | ---- | M] () -- C:\ProgramData\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}_WiseFW.ini
[2011/06/01 19:07:00 | 000,002,056 | ---- | M] () -- C:\Users\Public\Desktop\Sibelius 6.lnk
[2011/06/01 19:05:36 | 000,006,639 | -HS- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/06/01 18:50:11 | 000,000,604 | -H-- | M] () -- C:\Program Files (x86)\STLL Notifier
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/05/28 17:21:44 | 000,257,024 | ---- | M] (KryptoDEV) -- C:\Users\Jevontkw\Desktop\TerrariaInvEdit.24.exe
[2011/05/17 12:22:33 | 000,000,600 | ---- | M] () -- C:\Users\Jevontkw\AppData\Roaming\winscp.rnd
[2011/05/16 21:10:17 | 000,001,864 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/11 20:21:39 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/10 14:57:40 | 000,001,480 | ---- | C] () -- C:\Users\Public\Desktop\Fable III.lnk
[2011/06/10 14:14:54 | 000,000,621 | ---- | C] () -- C:\Windows\SysWow64\msexcr.ini
[2011/06/09 17:10:36 | 003,994,417 | ---- | C] () -- C:\Users\Jevontkw\Desktop\GrassSoftware Macro Expert Enterprise v2.9.rar
[2011/06/01 19:07:00 | 000,002,056 | ---- | C] () -- C:\Users\Public\Desktop\Sibelius 6.lnk
[2011/06/01 19:06:22 | 000,000,464 | ---- | C] () -- C:\ProgramData\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}_WiseFW.ini
[2011/06/01 18:50:11 | 000,000,604 | -H-- | C] () -- C:\Program Files (x86)\STLL Notifier
[2011/05/11 19:30:09 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/04/25 22:39:42 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/04/25 22:39:42 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/02/10 15:42:23 | 000,765,178 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/01/26 09:05:29 | 000,000,132 | ---- | C] () -- C:\Users\Jevontkw\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010/12/08 23:34:07 | 000,000,232 | ---- | C] () -- C:\Users\Jevontkw\AppData\Roaming\RSBot_Accounts.ini
[2010/12/07 08:53:14 | 000,000,600 | ---- | C] () -- C:\Users\Jevontkw\AppData\Roaming\winscp.rnd
[2010/09/07 13:34:50 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2010/09/07 13:28:48 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2010/06/29 21:04:30 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/06/29 20:02:30 | 000,002,012 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009/07/14 13:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 10:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 10:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 08:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 07:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 05:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 05:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== Files - Unicode (All) ==========
[2011/01/19 21:04:17 | 000,001,092 | ---- | M] ()(C:\Users\Jevontkw\Application Data\Microsoft\Internet Explorer\Quick Launch\????2011.lnk) -- C:\Users\Jevontkw\Application Data\Microsoft\Internet Explorer\Quick Launch\酷狗音乐2011.lnk
[2011/01/19 21:04:17 | 000,001,092 | ---- | C] ()(C:\Users\Jevontkw\Application Data\Microsoft\Internet Explorer\Quick Launch\????2011.lnk) -- C:\Users\Jevontkw\Application Data\Microsoft\Internet Explorer\Quick Launch\酷狗音乐2011.lnk

========== Alternate Data Streams ==========

@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:C8B8CEBD

< End of report >


Extra.txt

OTL Extras logfile created on: 11/6/2011 8:37:17 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Jevontkw\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00004809 | Country: Singapore | Language: ENE | Date Format: d/M/yyyy

3.87 Gb Total Physical Memory | 2.27 Gb Available Physical Memory | 58.71% Memory free
7.73 Gb Paging File | 6.18 Gb Available in Paging File | 79.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.65 Gb Total Space | 12.70 Gb Free Space | 5.46% Space Free | Partition Type: NTFS
Drive D: | 232.72 Gb Total Space | 187.75 Gb Free Space | 80.68% Space Free | Partition Type: NTFS
Drive F: | 6.25 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 4.18 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive H: | 7.55 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive I: | 7.19 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive K: | 7.47 Gb Total Space | 4.98 Gb Free Space | 66.56% Space Free | Partition Type: FAT32

Computer Name: JEVON | User Name: Jevontkw | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1990256883-851623998-2167587353-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java™ 6 Update 23 (64-bit)
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{61D4B846-49F8-2639-A4EB-977875265F37}" = ATI Catalyst Install Manager
"{64A3A4F4-B792-11D6-A78A-00B0D0160230}" = Java™ SE Development Kit 6 Update 23 (64-bit)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89505FE0-A07E-928A-42F4-DA1B2788C01B}" = ccc-utility64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0016-0000-1000-0000000FF1CE}" = Microsoft Office Excel 2010
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0000-1000-0000000FF1CE}" = Microsoft Office PowerPoint 2010
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-001B-0000-1000-0000000FF1CE}" = Microsoft Office Word 2010
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B6EFD9A5-2ECE-4C22-BAEC-D16E73EA2013}" = iTunes
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"7511B29C86C398B4D11A0B0E4176CAD68D1B7057" = Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1)
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_AUDIO_HDA_HDMI" = Conexant Audio Driver For AMD HDMI Codec
"EC3E466026556D3EB760B01C4772277614354E11" = Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Office14.EXCEL" = Microsoft Excel 2010
"Office14.POWERPOINT" = Microsoft PowerPoint 2010
"Office14.WORD" = Microsoft Word 2010
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0420F95C-11FF-4E02-B967-6CC22B188F9F}" = Nero BackItUp
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04B9F1A8-CC3B-CCF8-71B6-1ABFE4E00590}" = CCC Help Korean
"{04DE4606-6C76-A25C-BD13-646479CE1A5C}" = CCC Help Russian
"{058E65E2-AFC2-8974-43A2-1EA5A4A53471}" = ccc-core-static
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{06A81056-303F-A212-191D-35310DE5759F}" = CCC Help English
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{073B89C3-BA88-41B5-965F-B35A88EAE838}" = TOSHIBA Supervisor Password
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0AA381AC-7BBB-5B29-836C-5E13BB91154A}" = CCC Help Hungarian
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0DDCEDBA-8C17-CC50-7448-9131F3EF7517}" = Catalyst Control Center Localization All
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{162E46EB-F7C6-4B01-2384-349980B3F1BF}" = Catalyst Control Center Core Implementation
"{16622EEF-D159-3EB8-0EE3-F01B98317CED}" = CCC Help Swedish
"{1777CCDA-F2F2-4A77-ACF4-0B7341229BBB}" = TOSHIBA ConfigFree
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}" = Sibelius 6
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = Toshiba Assist
"{1C0526C4-478A-9066-F37A-E58F08A21FE9}" = Catalyst Control Center Graphics Full New
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F1E9571-0EA2-7AA3-647B-16698BED9CF4}" = CCC Help Danish
"{1FDB8BA3-9E5F-369F-C2A2-AA4AD06F0640}" = CCC Help French
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2290A680-4083-410A-ADCC-7092C67FC052}" = TOSHIBA Online Product Information
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{24642C6B-1F1F-362F-6A7F-14C75C9EE603}" = CCC Help Turkish
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 24
"{2B000B80-A3FA-4B92-A5FF-D9AD402B6701}" = Toshiba TEMPRO
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{313B4B6B-61B3-5F70-647B-E6285A9D81DF}" = CCC Help Spanish
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3264BE02-6AC0-96B3-A212-392A850D58CA}" = CCC Help German
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{397516AE-7DFE-4F90-84E0-BD616D559434}" = Nero BurnRights
"{3CB58AB7-6750-F510-F055-27FA68D77472}" = CCC Help Dutch
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}" = Nero RescueAgent
"{53007195-C491-23E9-D420-EDAB61E57609}" = CCC Help Polish
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5833EB1F-F1FD-DA8E-B2BA-C23E58BB0C65}" = Catalyst Control Center Graphics Full Existing
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5b82f6b2-a4e0-4182-9fdb-eb008200b6b2}" = Nero 9 Essentials
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{68A8941B-6E97-B11C-1B10-C3370E4CC885}" = Catalyst Control Center Graphics Previews Common
"{6B59A12B-D448-E129-28E9-57D1E2E5F7BB}" = CCC Help Chinese Traditional
"{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}" = Nero Express
"{6CDB6681-B777-4DAD-412E-7933B9296850}" = CCC Help Greek
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba" = WildTangent Games App (Toshiba Games)
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{7B81F6BB-7C9C-E66F-9989-42EEB1076F84}" = Catalyst Control Center InstallProxy
"{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1" = iPhone Explorer 2.101
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85010422-4932-6A9E-C222-A994DA299C81}" = CCC Help Portuguese
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BD785CF-30C7-4182-B250-0D5FCE78D4DD}" = Catalyst Control Center - Branding
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}" = TOSHIBA Hardware Setup
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9A9BE8E5-2263-3EFA-FDD1-11F6E267EEF9}" = CCC Help Norwegian
"{9C6210BC-CF1C-E637-C74D-28612585CAD9}" = CCC Help Chinese Standard
"{9D3D8C60-A55F-4fed-B2B9-173001290E16}" = Realtek WLAN Driver
"{9DA0961E-FCFE-EEF2-04AA-32631F7CEC9E}" = Photo Service - powered by myphotobook
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A74F16FA-1D5B-405B-8D8D-1BC6F9DAED8B}" = Amazon.co.uk
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8B94669-8654-4126-BD28-D0D2412CDED6}" = TI Connect 1.6
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AFE6E077-E0A3-2993-0913-8DEEADF4E2DE}" = CCC Help Italian
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{BA28817B-738A-9284-D3D6-E973982AEF3B}" = Catalyst Control Center Graphics Previews Vista
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C58362EF-CABB-B475-065B-FD07C0D49770}" = CCC Help Czech
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C0}" = WinZip 15.0
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D432AD16-2F8C-0022-E2F1-E27DCB5F6949}" = CCC Help Japanese
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}" = Nero BackItUp and Burn
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E616437B-CE55-B463-ED6B-408E29A073CB}" = CCC Help Finnish
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E718AAF4-CB80-9649-347E-C9A9803BE6D0}" = CCC Help Thai
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F5EB2C27-3F16-01B6-BA56-316BC0F8CA87}" = Catalyst Control Center Graphics Light
"{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FDE58148-57E7-43BF-879A-29CCE818C078}" = eBay
"{FF2609E3-194C-44DB-A34F-20D02103B5F1}" = Bing Bar Platform
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AhnLab Online Security" = AhnLab Online Security
"Any Video Converter_is1" = Any Video Converter 3.1.9
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Setup.divx.com" = DivX Setup
"DPP" = Canon Utilities Digital Photo Professional 3.8
"EOS Utility" = Canon Utilities EOS Utility
"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Photo Service - powered by myphotobook
"Fallout New Vegas_is1" = Fallout New Vegas
"GFWL_{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"GFWL_{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"Google Chrome" = Google Chrome
"HxD Hex Editor_is1" = HxD Hex Editor version 1.7.7.0
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Magicka_is1" = Magicka
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"McAfee Security Scan" = McAfee Security Scan Plus
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"MuseScore" = MuseScore 1.0 MuseScore score typesetter
"Opera 11.01.1190" = Opera 11.01
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"Rainmeter" = Rainmeter
"StarCraft II" = StarCraft II
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 410" = Portal: First Slice
"Steam App 440" = Team Fortress 2
"Steam App 630" = Alien Swarm
"Steam App 73050" = Magicka - Demo
"Steam App 8230" = Sam & Max 104: Abe Lincoln Must Die!
"TeamViewer 6" = TeamViewer 6
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.5
"WFTK" = Canon Utilities WFT Utility
"WildTangent toshiba Master Uninstall" = WildTangent Games
"WinAVI Video Converter" = WinAVI Video Converter
"WinLiveSuite_Wave3" = Windows Live Essentials
"winscp3_is1" = WinSCP 4.2.9
"WT083877" = Chuzzle Deluxe
"WT083890" = Zuma Deluxe
"WT083910" = Jewel Quest II
"WT083916" = Diner Dash 2 Restaurant Rescue
"WT083925" = Plants vs. Zombies
"WT083929" = Bejeweled 2 Deluxe
"WT083945" = FATE
"WT083958" = Penguins!
"WT083959" = Polar Bowler
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >



#6 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:56 PM

Posted 11 June 2011 - 08:10 AM

Well done. :thumbup2:

  • Please delete FRST tool as we don't need it any more. Also go to C:\FRST and delete the entire FRST folder.
  • Run CCleaner (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked). Then click run cleaner.
  • Please open OTL.
  • Copy the text in code box and paste it to Custom Scans/Fixes section:

    :otl
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
    O4 - Startup: C:\Users\Jevontkw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\funshion.lnk = File not found
    :commands
    [resethosts]
    [emptytemp]
    
  • Click Run Fix button.
  • If the fix needed a reboot please do it.
  • After finished a log will open. Copy and paste the log to your reply.


#7 Jtkw

Jtkw
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:56 AM

Posted 11 June 2011 - 08:32 AM

Ok I followed all your instructions and here is the log.

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
C:\Users\Jevontkw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\funshion.lnk moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jevontkw
->Temp folder emptied: 183905789 bytes
->Temporary Internet Files folder emptied: 2097554 bytes
->Java cache emptied: 3778890 bytes
->FireFox cache emptied: 42356872 bytes
->Google Chrome cache emptied: 18933089 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 47235 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 20992 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67840 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 240.00 mb


OTL by OldTimer - Version 3.2.23.0 log created on 06112011_212850

Files\Folders moved on Reboot...
C:\Users\Jevontkw\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...



#8 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:56 PM

Posted 11 June 2011 - 08:48 AM

We are almost there. We remove older Java, install the latest update and run a full system scan to make sure nothing is left behind.

  • Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
    • Please follow these steps to remove older version Java components and update:[list]
    • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
    • Look for "JDK 6 Update 26 (JDK or JRE)".
    • Click the "Download JRE" button to the right.
    • Select your Platform: "Windows".
    • Select your Language: "Multi-language".
    • Read the License Agreement, and then check the box that says: "I agree to the Java SE...License Agreement".
    • Click Continue and the page will refresh.
    • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
    • Close any programs you may have running - especially your web browser.
    Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
    • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
    • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
    • Repeat as many times as necessary to remove each Java versions.
    • Reboot your computer once all Java components are removed.
    • Then from your desktop double-click on jre-6u26-windows-i586.exe to install the newest version.
    • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
    • When the Java Setup - Welcome window opens, click the Install > button.
    • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
    -- Starting with Java 6u10, the uninstaller incorporated in each new release uses Enhanced Auto update to automatically remove the previous version when updating to a later update release. It will not remove older versions, so they will need to be removed manually.
    -- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.


    Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
    To disable the JQS service if you don't want to use it:
    • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
    • Click Ok and reboot your computer.
  • ESET Online Scanner:

    Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

    Vista users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

    • Please go here then click on: Posted Image

      Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
      All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

    • Select the option YES, I accept the Terms of Use then click on: Posted Image
    • When prompted allow the Add-On/Active X to install.
    • Make sure that the option Remove found threats and the option Scan archives are checked.
    • Now click on Advanced Settings and select the following:
    • Enable Anti-Stealth Technology
    • Now click on: Posted Image
    • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
    • When completed the Online Scan will begin automatically.
    • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
    • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
    • Now click on: Posted Image
    • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
    • Copy and paste that log as a reply to this topic.
    Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


#9 Jtkw

Jtkw
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:56 AM

Posted 11 June 2011 - 01:13 PM

Hi farbar,
I followed all the instructions and heres the log. Thanks for the help.

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6427
# api_version=3.0.2
# EOSSerial=6744325379dec54e89b22fb8d76891ce
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-06-11 06:08:30
# local_time=2011-06-12 02:08:30 (+0800, Malay Peninsula Standard Time)
# country="Singapore"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=5893 16776573 100 94 7661 59432472 0 0
# compatibility_mode=8192 67108863 100 0 876 876 0 0
# scanned=240053
# found=6
# cleaned=6
# scan_time=13088
C:\Users\Jevontkw\Desktop\HaRepacker\HaRepacker.exe probably a variant of Win32/Spy.Agent.CWMTECP trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Jevontkw\Desktop\HaRepacker\HaRepacker 3.3\HaRepacker.exe probably a variant of Win32/Agent.BVFBJLC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Jevontkw\Desktop\Lethargy Trainer\HaRepackerCustom.rar probably a variant of Win32/Spy.Agent.CWMTECP trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\Jevontkw\Downloads\Fable.III-SKIDROW\sr-fable3.iso a variant of Win32/Packed.VMProtect.AAA trojan (deleted (after the next restart) - quarantined) 00000000000000000000000000000000 C
C:\Users\Jevontkw\Downloads\The Sims 3 - Razor1911 Final MAXSPEED\The Sims 3 - Razor1911 MAXSPEED www.torentz.3xforum.ro\The Sims 3 - Razor1911 MAXSPEED www.torentz.3xforum.ro.iso probably a variant of Win32/Hupigon.CJKIBCX trojan (deleted - quarantined) 00000000000000000000000000000000 C
D:\Games\paul.dll a variant of Win32/Packed.VMProtect.AAA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C



#10 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:56 PM

Posted 11 June 2011 - 07:06 PM

There is just one thing left needing our attention. OTL could not read the event log and the question is if the eventlog service is functioning properly.

Please download MiniToolBox and save it to your desktop and run it.

Checkmark following checkboxe:

  • List last 10 Event Viewer log
Click Go and post the result (Result.txt) that pops up. A copy of result.txt will be saved in the same directory the tool is run.

Also tell me how is the computer running.

#11 Jtkw

Jtkw
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:56 AM

Posted 11 June 2011 - 08:42 PM

Hi farbar,
here's the results.txt.
The computer is running fine and I don't notice any changes in the speed. Thanks.

MiniToolBox by Farbar
Ran by Jevontkw (administrator) on 12-06-2011 at 09:40:41
Windows 7 Home Premium (X64)

***************************************************************************


========================= Event log errors: ===============================

Application errors:
==================
Error: (06/12/2011 02:11:31 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (06/11/2011 10:15:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (06/11/2011 10:15:42 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (06/11/2011 10:15:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (06/11/2011 02:25:14 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (06/11/2011 02:25:02 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (06/11/2011 02:06:30 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (06/11/2011 02:05:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (06/10/2011 03:48:03 PM) (Source: Application Error) (User: )
Description: Faulting application name: Fable3.exe, version: 1.1.0.3, time stamp: 0x4d94a571
Faulting module name: RPCRT4.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb3b
Exception code: 0xc0020043
Fault offset: 0x0005cd59
Faulting process id: 0x1604
Faulting application start time: 0xFable3.exe0
Faulting application path: Fable3.exe1
Faulting module path: Fable3.exe2
Report Id: Fable3.exe3

Error: (06/10/2011 03:42:37 PM) (Source: Application Error) (User: )
Description: Faulting application name: Fable3.exe, version: 1.1.0.3, time stamp: 0x4d94a571
Faulting module name: RPCRT4.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb3b
Exception code: 0xc0020043
Fault offset: 0x0005cd59
Faulting process id: 0x1690
Faulting application start time: 0xFable3.exe0
Faulting application path: Fable3.exe1
Faulting module path: Fable3.exe2
Report Id: Fable3.exe3


System errors:
=============
Error: (06/11/2011 09:28:50 PM) (Source: Service Control Manager) (User: )
Description: The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (06/11/2011 01:16:47 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer JOSEPH-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B86C1F48-7F04-44F3-8D69-DEB56FC8626D}.
The master browser is stopping or an election is being forced.

Error: (06/11/2011 10:06:14 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer JOSEPH-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B86C1F48-7F04-44F3-8D69-DEB56FC8626D}.
The master browser is stopping or an election is being forced.

Error: (06/11/2011 09:50:23 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer HOME
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B86C1F48-7F04-44F3-8D69-DEB56FC8626D}.
The master browser is stopping or an election is being forced.

Error: (06/10/2011 03:25:13 PM) (Source: cdrom) (User: )
Description: The driver detected a controller error on \Device\CdRom3.

Error: (06/09/2011 07:47:35 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer MAC0025BCDF9FA8
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B86C1F48-7F04-44F3-8D69-DEB56FC8626D}.
The master browser is stopping or an election is being forced.

Error: (06/09/2011 04:12:15 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer MAC0025BCDF9FA8
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B86C1F48-7F04-44F3-8D69-DEB56FC8626D}.
The master browser is stopping or an election is being forced.

Error: (06/09/2011 11:04:15 AM) (Source: cdrom) (User: )
Description: The driver detected a controller error on \Device\CdRom1.

Error: (06/07/2011 03:01:29 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (06/07/2011 03:01:27 PM) (Source: ipnathlp) (User: )
Description: 0


Microsoft Office Sessions:
=========================
Error: (06/12/2011 02:11:31 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (06/11/2011 10:15:45 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Jevontkw\Desktop\esetsmartinstaller_enu.exe

Error: (06/11/2011 10:15:42 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Jevontkw\Desktop\esetsmartinstaller_enu.exe

Error: (06/11/2011 10:15:32 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Jevontkw\Desktop\esetsmartinstaller_enu.exe

Error: (06/11/2011 02:25:14 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

Error: (06/11/2011 02:25:02 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (06/11/2011 02:06:30 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

Error: (06/11/2011 02:05:47 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (06/10/2011 03:48:03 PM) (Source: Application Error)(User: )
Description: Fable3.exe1.1.0.34d94a571RPCRT4.dll6.1.7600.163854a5bdb3bc00200430005cd59160401cc274243dcbf17D:\Games\Fable3.exeC:\Windows\syswow64\RPCRT4.dllf84e39f3-9335-11e0-bb32-00266c7ee924

Error: (06/10/2011 03:42:37 PM) (Source: Application Error)(User: )
Description: Fable3.exe1.1.0.34d94a571RPCRT4.dll6.1.7600.163854a5bdb3bc00200430005cd59169001cc274177399074D:\Games\Fable3.exeC:\Windows\syswow64\RPCRT4.dll3601d522-9335-11e0-bb32-00266c7ee924


========================= End of Event log errors =========================


Edited by Jtkw, 11 June 2011 - 08:45 PM.


#12 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:56 PM

Posted 12 June 2011 - 05:24 AM

The eventlog service is up and running now.

Everything looks good now and you are good to go. :thumbup2:

  • Please run OTL.
    • Click Clean Up button.
    • Accept any prompts.
    • This will remove any tools we used, including OTL, and will require a reboot.
  • You may delete any tool or log we used from your computer.
  • Remove the old restore points and create a new restore point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Setting a new restore point AFTER cleaning your system will enable your computer to "roll-back" to a clean working state if needed. :
    • Go to Start => Right-click "Computer" and select "Properties".
    • In the left pane select "System Protection".
    • Press "Configure".
    • Select "Delete". Then press "Continue" close and "OK".
    • Select your drive (drive C) and press "Create".
      Fill in a name for the restore point and press "Create".
      After finished press "Close".
  • I recommend installing this small application for safe surfing: Javacools© SpywareBlaster
    SpywareBlaster will add a large list of programs and sites into your Internet Explorer and Firefox settings and that will protect you from running and downloading known malicious programs.
    • Download and install it.
    • Update it manually by clicking on Updates in the left pane and then Check for Updates.
    • Then enable all the protections by clicking on Protection Status on the left pane. Then click on Enable All Protection.
    • The free version doesn't have an automatic update. Update it once in two or three weeks and enable all protection again.

Happy Surfing Jtkw.:)

#13 Jtkw

Jtkw
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:56 AM

Posted 12 June 2011 - 07:50 AM

Hi farbar,
Thanks for all the help you've offered in resolving my computer issues.

#14 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:56 PM

Posted 12 June 2011 - 01:32 PM

You are most welcome Jtkw. :)

This thread will now be closed since the issue seems to be resolved.

If you need this topic reopened, please send me a PM and I will reopen it for you. If you should have a new issue, please start a new topic.

Every one else should start a new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users