Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest
zentom anti virus
-
16-09-2011 12:20pm#1Hi folks, I really need some help, Im a bit green when it comes to computers so here goes;
I caught the zentom virus last night, and promptly ran malware bytes & spybot s&d,
Malware bytes said it deleted the virus, it deleted some of it, but it has significantly slowed my computer and internet connection, also my browser windows are intermittently closing and certain programs and applications will not run.
I used OTL as i see mentioned in another thread, below is the report form OTL:
OTL Extras logfile created on: 16/09/2011 12:02:35 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Cheenso\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001809 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy
3.00 Gb Total Physical Memory | 1.87 Gb Available Physical Memory | 62.41% Memory free
7.34 Gb Paging File | 6.26 Gb Available in Paging File | 85.34% Paging File free
Paging file location(s): C:\pagefile.sys 4605 5000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 1.47 Gb Free Space | 7.54% Space Free | Partition Type: NTFS
Drive
| 107.69 Gb Total Space | 80.04 Gb Free Space | 74.32% Space Free | Partition Type: NTFS
Drive F: | 102.39 Gb Total Space | 102.29 Gb Free Space | 99.91% Space Free | Partition Type: NTFS
Computer Name: SLISI-L3C5814 | User Name: Cheenso | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze
"C:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe" = C:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe:*:Enabled:3 USB Modem
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01C08A7D-4CCD-41F8-B020-4B4BB8C08C68}" = Catalyst Control Center - Branding
"{03EC1FFD-2F3C-AB30-FC8F-8A464EA3AB54}" = CCC Help Norwegian
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = CCC
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{1A49527E-76D9-1A0E-1242-D1C449E2F246}" = Catalyst Control Center Localization French
"{1EB867A9-2CAC-9F2B-70AA-225B89329957}" = Catalyst Control Center Localization Swedish
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C22A328-753B-709F-B575-8E7F26EF5769}" = CCC Help Portuguese
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{426E1B57-707D-E5D9-82BB-D375728C0101}" = Catalyst Control Center Localization Dutch
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{46369E80-6A3D-55A6-D54A-489ADE5258A2}" = Catalyst Control Center Localization Portuguese
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{476275FA-A3F8-3BD2-1042-2BD29F13CC2E}" = Skins
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51EAB826-C5A4-2578-44AE-61CB8F6AF06C}" = CCC Help Korean
"{521E1CA4-C40B-E2E0-9C88-94B89CFE1FF9}" = Catalyst Control Center Localization German
"{54213804-C8B0-FF91-FEE4-AE177D55EF56}" = CCC Help Finnish
"{54C87F30-9A03-A151-E25D-643C6A19BE4D}" = Catalyst Control Center Localization Norwegian
"{567B13FA-9FA9-050E-5CD7-6C07F3A28DF7}" = CCC Help Turkish
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5C51F530-415D-6DC1-AF78-4839F93B84C3}" = CCC Help English
"{5F212730-512E-C674-11B5-C4AEECAE1366}" = Catalyst Control Center Localization Thai
"{5F339FE5-9930-1B33-6090-EFFFD1749F3C}" = ccc-core-static
"{64682560-7401-4C2D-4B68-622001EBDB38}" = CCC Help French
"{666E9A48-A877-A912-6E7F-565C4E36A4BB}" = CCC Help Chinese Traditional
"{672F8700-B561-252F-6585-333FEE398EE3}" = CCC Help Swedish
"{68280718-3175-6C86-75E5-EA4706D0F545}" = Catalyst Control Center Localization Chinese Traditional
"{6A0DC722-5AE2-7878-04E3-12FD42242815}" = CCC Help German
"{6A41F0A6-445C-A426-3B9B-0F3138C36EC6}" = Catalyst Control Center Graphics Light
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74F3AA35-BC41-119C-B74E-FFF0072973FE}" = CCC Help Spanish
"{765A0DD0-B60B-F6A0-6A8D-54054A4E6487}" = Catalyst Control Center Localization Czech
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79170233-E0A5-5A4A-28D9-C6A0CF774F13}" = Catalyst Control Center Localization Danish
"{79435D1E-148B-8C58-8F3E-6E96D9284149}" = Catalyst Control Center Localization Chinese Standard
"{7B0B88BC-FF93-DA03-F84E-D23477157E5C}" = Catalyst Control Center Core Implementation
"{7CBFA1C0-9F76-FF29-3EFC-9F7655E8FF56}" = CCC Help Thai
"{80361553-17D6-84D1-31E2-D8ABF0C66959}" = ccc-utility
"{829CD169-E692-48E8-9BDE-A3E8D8B65538}" = mSCfg
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8E87FED9-68EA-8A40-CB37-1F532F4D6D72}" = Catalyst Control Center Graphics Full New
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97521F0B-9072-0C9C-C765-961B07DEA729}" = Catalyst Control Center Localization Japanese
"{9A6C83A6-C190-EBA9-8E38-D480A994DA92}" = Catalyst Control Center Localization Italian
"{9B6C43B6-8B1B-34DA-1E05-B5BC51B2B804}" = Catalyst Control Center Localization Spanish
"{9C62C977-0111-F5FC-EBCA-4D917BADF751}" = CCC Help Dutch
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A34C7BA8-938B-55FD-2600-57BECFB55D6A}" = CCC Help Greek
"{A6139E1F-1392-1442-8152-87BA59B2F64D}" = ccc-core-preinstall
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AEF1E88C-A98D-890F-CFDC-FD6FD3B8E829}" = CCC Help Italian
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B46FFFB4-FE24-3338-D53F-3C899AFD5A23}" = CCC Help Polish
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B98B1629-E1F6-5DD5-8D1E-C8C3F6F80C89}" = Catalyst Control Center Graphics Full Existing
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C165A1B2-08D0-52C3-D5DB-665C8F251570}" = Catalyst Control Center Localization Turkish
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{CB88A5FF-59EE-6BF7-A5B5-2C7B63872745}" = Catalyst Control Center Localization Korean
"{CC6C4177-6365-1500-9279-480C79B0E592}" = CCC Help Czech
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D26BCF43-7100-E5F9-27FD-EA03670F1AE8}" = CCC Help Danish
"{DC34C68C-A16F-56A7-AEFA-5DB8DAA6E9E3}" = CCC Help Russian
"{DD530FBD-D52A-8044-15B6-2E62E65AE83E}" = Catalyst Control Center Localization Polish
"{E42BF37A-510C-D596-081D-307CA952D888}" = Catalyst Control Center Localization Hungarian
"{E58BE852-C68B-D02E-A6CF-BB8B4614AD42}" = Catalyst Control Center Localization Greek
"{E5A48BBD-7D1B-A49A-27D7-D02BE34940D6}" = CCC Help Hungarian
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E697374A-6555-990E-821F-09AF8388CEAA}" = CCC Help Japanese
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{ECB8E83D-CE7B-C7E5-7F36-7677EAAB5F39}" = Catalyst Control Center Localization Russian
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F58C48CB-A079-3BEC-5CB3-1E81F36AC79D}" = Catalyst Control Center Localization Finnish
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F915CF43-C7E7-9886-48F4-640F124A0AAB}" = CCC Help Chinese Standard
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"ClamWin Free Antivirus_is1" = ClamWin Free Antivirus 0.97
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.54
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.22)" = Mozilla Firefox (3.6.22)
"MSNINST" = MSN
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel(R) PROSet/Wireless Software
"RealPlayer 12.0" = RealPlayer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.0.5
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 15/09/2011 18:39:03 | Computer Name = SLISI-L3C5814 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 15/09/2011 18:39:03 | Computer Name = SLISI-L3C5814 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 15/09/2011 18:39:03 | Computer Name = SLISI-L3C5814 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 15/09/2011 19:04:56 | Computer Name = SLISI-L3C5814 | Source = Application Error | ID = 1000
Description = Faulting application spybotsd.exe, version 1.6.2.46, faulting module
kernel32.dll, version 5.1.2600.5781, fault address 0x00012afb.
Error - 15/09/2011 19:15:40 | Computer Name = SLISI-L3C5814 | Source = Application Error | ID = 1000
Description = Faulting application realupgrade.exe, version 12.0.1.609, faulting
module realupgrade.exe, version 12.0.1.609, fault address 0x00009fc7.
Error - 15/09/2011 20:14:45 | Computer Name = SLISI-L3C5814 | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application ccc.exe, version 2.0.0.0, stamp 469cdc9c, faulting
module mscorwks.dll, version 2.0.50727.3623, stamp 4d8c187e, debug? 0, fault address
0x000b0dd2.
Error - 15/09/2011 20:47:18 | Computer Name = SLISI-L3C5814 | Source = Application Error | ID = 1000
Description = Faulting application realupgrade.exe, version 12.0.1.609, faulting
module , version 0.0.0.0, fault address 0x00000000.
Error - 16/09/2011 06:17:15 | Computer Name = SLISI-L3C5814 | Source = Application Error | ID = 1000
Description = Faulting application hki901.exe, version 0.0.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x00005c1c.
Error - 16/09/2011 06:23:34 | Computer Name = SLISI-L3C5814 | Source = Application Hang | ID = 1002
Description = Hanging application hki36718.exe, version 0.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 16/09/2011 06:36:35 | Computer Name = SLISI-L3C5814 | Source = Application Error | ID = 1000
Description = Faulting application realupgrade.exe, version 12.0.1.609, faulting
module , version 0.0.0.0, fault address 0x00000000.
[ System Events ]
Error - 16/09/2011 06:55:31 | Computer Name = SLISI-L3C5814 | Source = SideBySide | ID = 16842810
Description = Syntax error in manifest or policy file "C:\Documents and Settings\Cheenso\My
Documents\Downloads\msert.exe" on line 0.
Error - 16/09/2011 06:55:31 | Computer Name = SLISI-L3C5814 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Documents and Settings\Cheenso\My
Documents\Downloads\msert.exe. Reference error message: The operation completed
successfully. .
Error - 16/09/2011 06:55:45 | Computer Name = SLISI-L3C5814 | Source = SideBySide | ID = 16842810
Description = Syntax error in manifest or policy file "C:\Documents and Settings\Cheenso\My
Documents\Downloads\msert.exe" on line 0.
Error - 16/09/2011 06:55:45 | Computer Name = SLISI-L3C5814 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Documents and Settings\Cheenso\My
Documents\Downloads\msert.exe. Reference error message: The operation completed
successfully. .
Error - 16/09/2011 06:56:00 | Computer Name = SLISI-L3C5814 | Source = SideBySide | ID = 16842810
Description = Syntax error in manifest or policy file "C:\Documents and Settings\Cheenso\My
Documents\Downloads\msert.exe" on line 0.
Error - 16/09/2011 06:56:00 | Computer Name = SLISI-L3C5814 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Documents and Settings\Cheenso\My
Documents\Downloads\msert.exe. Reference error message: The operation completed
successfully. .
Error - 16/09/2011 06:56:09 | Computer Name = SLISI-L3C5814 | Source = SideBySide | ID = 16842810
Description = Syntax error in manifest or policy file "C:\Documents and Settings\Cheenso\My
Documents\Downloads\msert.exe" on line 0.
Error - 16/09/2011 06:56:09 | Computer Name = SLISI-L3C5814 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Documents and Settings\Cheenso\My
Documents\Downloads\msert.exe. Reference error message: The operation completed
successfully. .
Error - 16/09/2011 06:56:32 | Computer Name = SLISI-L3C5814 | Source = SideBySide | ID = 16842810
Description = Syntax error in manifest or policy file "C:\Documents and Settings\Cheenso\My
Documents\Downloads\msert.exe" on line 0.
Error - 16/09/2011 06:56:32 | Computer Name = SLISI-L3C5814 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Documents and Settings\Cheenso\My
Documents\Downloads\msert.exe. Reference error message: The operation completed
successfully. .
< End of report >
OTL logfile created on: 16/09/2011 12:02:35 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Cheenso\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001809 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy
3.00 Gb Total Physical Memory | 1.87 Gb Available Physical Memory | 62.41% Memory free
7.34 Gb Paging File | 6.26 Gb Available in Paging File | 85.34% Paging File free
Paging file location(s): C:\pagefile.sys 4605 5000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 1.47 Gb Free Space | 7.54% Space Free | Partition Type: NTFS
Drive | 107.69 Gb Total Space | 80.04 Gb Free Space | 74.32% Space Free | Partition Type: NTFS
Drive F: | 102.39 Gb Total Space | 102.29 Gb Free Space | 99.91% Space Free | Partition Type: NTFS
Computer Name: SLISI-L3C5814 | User Name: Cheenso | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/09/16 12:01:07 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cheenso\My Documents\Downloads\OTL.exe
PRC - [2011/09/16 11:27:03 | 000,113,664 | ---- | M] () -- C:\Documents and Settings\Cheenso\Local Settings\Temp\hki37055.exe
PRC - [2011/09/16 11:26:17 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\YgRORQe.exe
PRC - [2011/09/16 11:26:17 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\Cheenso\Local Settings\Temp\hki37010.exe
PRC - [2011/09/16 11:21:49 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\Cheenso\Local Settings\Temp\hki36742.exe
PRC - [2011/09/16 11:21:37 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\Cheenso\Local Settings\Temp\hki36729.exe
PRC - [2011/09/16 11:21:32 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\Cheenso\Local Settings\Temp\hki36725.exe
PRC - [2011/09/16 11:21:31 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\Cheenso\Local Settings\Temp\hki36724.exe
PRC - [2011/09/16 11:21:25 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\Cheenso\Local Settings\Temp\hki36718.exe
PRC - [2011/09/16 01:13:01 | 000,114,696 | ---- | M] (MadrasAddison Orestes FrenchSophia AmmanBeijing) -- C:\Program Files\QuickTime\QTTask .exe
PRC - [2011/09/15 23:47:11 | 000,114,692 | ---- | M] (MadrasAddison Orestes FrenchSophia AmmanBeijing) -- C:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2011/09/15 23:47:11 | 000,114,692 | ---- | M] (MadrasAddison Orestes FrenchSophia AmmanBeijing) -- C:\Program Files\ClamWin\bin\ClamTray.exe
PRC - [2011/09/15 23:47:10 | 000,114,692 | ---- | M] (MadrasAddison Orestes FrenchSophia AmmanBeijing) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2011/09/15 23:47:10 | 000,114,692 | ---- | M] (MadrasAddison Orestes FrenchSophia AmmanBeijing) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
PRC - [2011/09/15 23:47:10 | 000,114,692 | ---- | M] (MadrasAddison Orestes FrenchSophia AmmanBeijing) -- C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
PRC - [2011/09/15 23:46:45 | 000,034,304 | ---- | M] () -- C:\WINDOWS\Temp\ymodpn\setup.exe
PRC - [2011/09/07 17:57:56 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/02/16 00:34:50 | 000,086,016 | ---- | M] (alch) -- C:\Program Files\ClamWin\bin\ClamTray .exe
PRC - [2010/11/19 19:17:33 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\real\realplayer\Update\realsched .exe
PRC - [2010/09/24 03:10:52 | 000,421,160 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper .exe
PRC - [2010/06/07 15:20:37 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\Cheenso\Local Settings\Temp\RtkBtMnt.exe
PRC - [2009/09/17 20:11:02 | 001,565,992 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPEnh .exe
PRC - [2008/04/14 01:12:31 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ping.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/06 16:47:02 | 000,819,200 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc .exe
PRC - [2007/03/06 16:44:48 | 000,970,752 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ifrmewrk .exe
PRC - [2007/03/06 16:40:30 | 000,487,424 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
========== Modules (No Company Name) ==========
MOD - [2011/09/16 11:27:03 | 000,113,664 | ---- | M] () -- C:\Documents and Settings\Cheenso\Local Settings\Temp\hki37055.exe
MOD - [2011/09/16 11:26:17 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\YgRORQe.exe
MOD - [2011/09/16 11:26:17 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\Cheenso\Local Settings\Temp\hki37010.exe
MOD - [2011/09/16 11:21:49 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\Cheenso\Local Settings\Temp\hki36742.exe
MOD - [2011/09/16 11:21:37 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\Cheenso\Local Settings\Temp\hki36729.exe
MOD - [2011/09/16 11:21:32 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\Cheenso\Local Settings\Temp\hki36725.exe
MOD - [2011/09/16 11:21:31 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\Cheenso\Local Settings\Temp\hki36724.exe
MOD - [2011/09/16 11:21:25 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\Cheenso\Local Settings\Temp\hki36718.exe
MOD - [2011/09/15 23:46:45 | 000,034,304 | ---- | M] () -- C:\WINDOWS\Temp\ymodpn\setup.exe
MOD - [2011/09/07 17:57:58 | 001,000,920 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2011/08/16 23:24:22 | 006,277,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011/08/12 19:41:58 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll
MOD - [2011/08/11 19:40:54 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MOD - [2011/08/11 19:40:31 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
MOD - [2011/08/11 19:40:09 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
MOD - [2011/08/11 19:37:06 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MOD - [2011/08/11 19:34:11 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011/06/20 18:25:18 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011/05/26 13:42:00 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010/05/12 16:43:52 | 000,253,952 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3050.37221__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2010/05/12 16:43:52 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3050.37253__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2010/05/12 16:43:51 | 001,679,360 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3050.37261__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2010/05/12 16:43:51 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3050.37453__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2010/05/12 16:43:51 | 000,196,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3050.37274__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2010/05/12 16:43:51 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3050.37446__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2010/05/12 16:43:51 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3050.37240__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2010/05/12 16:43:50 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3050.37411__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2010/05/12 16:43:50 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3050.37370__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2010/05/12 16:43:47 | 000,483,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3050.37475__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2010/05/12 16:42:46 | 000,135,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3050.37482__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2010/05/12 16:42:46 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3050.37234__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2010/05/12 16:42:45 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3050.37425__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2010/05/12 16:42:36 | 000,217,088 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3050.37281__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2010/05/12 16:42:35 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3050.37241__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2010/05/12 16:42:34 | 000,901,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3050.37448__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2010/05/12 16:42:34 | 000,401,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3050.37405__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2010/05/12 16:42:34 | 000,307,200 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3050.37293__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2010/05/12 16:42:34 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3050.37404__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2010/05/12 16:42:33 | 000,479,232 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3050.37372__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2010/05/12 16:42:33 | 000,446,464 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3050.37365__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2010/05/12 16:42:33 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3050.37371__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2010/05/12 16:42:32 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3050.37377__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2010/05/12 16:42:32 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2010/05/12 16:42:32 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2010/05/12 16:42:32 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2010/05/12 16:42:31 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2010/05/12 16:42:31 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2010/05/12 16:42:31 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2010/05/12 16:42:30 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2010/05/12 16:42:29 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2010/05/12 16:42:29 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2010/05/12 16:42:29 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2010/05/12 16:42:29 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2010/05/12 16:42:29 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2010/05/12 16:42:29 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2010/05/12 16:42:29 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll
MOD - [2010/05/12 16:42:29 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2010/05/12 16:42:29 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2010/05/12 16:42:29 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2010/05/12 16:42:28 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2010/05/12 16:42:28 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2010/05/12 16:42:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2010/05/12 16:42:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2010/05/12 16:42:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2010/05/12 16:42:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2010/05/12 16:42:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2010/05/12 16:42:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2010/05/12 16:42:27 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2010/05/12 16:42:25 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2010/05/12 16:42:25 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2010/05/12 16:42:25 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2010/05/12 16:42:25 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2010/05/12 16:42:25 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2010/05/12 16:42:25 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2010/05/12 16:42:24 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2010/05/12 16:42:24 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2010/05/12 16:42:24 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2010/05/12 16:42:24 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2010/05/12 16:42:24 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll
MOD - [2010/05/12 16:42:24 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2010/05/12 16:42:02 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3050.37493__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2010/05/12 16:42:02 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3050.37214__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2010/05/12 16:42:01 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3050.37467__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2010/05/12 16:42:01 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2010/05/12 16:42:01 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2010/05/12 16:42:00 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3050.37248__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2010/05/12 16:42:00 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3050.37466__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2010/05/12 16:42:00 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2010/05/12 16:42:00 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2010/05/12 16:42:00 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2010/05/12 16:41:59 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3050.37214__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2010/05/12 16:41:59 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2010/05/12 16:41:58 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2010/05/12 16:41:57 | 001,511,424 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3050.37228__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2010/05/12 16:41:57 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3050.37215__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2010/05/12 16:41:57 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2010/05/12 16:41:57 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3050.37467__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2010/05/12 16:41:57 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2010/05/12 16:41:57 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010/05/12 16:41:56 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3050.37213__90ba9c70f846762e\APM.Server.dll
MOD - [2010/05/12 16:41:56 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3050.37213__90ba9c70f846762e\AEM.Server.dll
MOD - [2010/02/05 19:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008/04/19 16:35:02 | 000,081,920 | ---- | M] () -- C:\Program Files\ClamWin\bin\ExpShell.dll
MOD - [2008/04/14 01:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 01:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/02/04 13:29:02 | 000,688,128 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
MOD - [2007/03/06 16:40:04 | 000,118,784 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2006/10/17 17:13:20 | 001,167,360 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll
MOD - [2005/02/08 17:23:10 | 000,979,005 | ---- | M] () -- C:\Program Files\ClamWin\bin\python23.dll
MOD - [2004/11/20 03:27:54 | 000,106,496 | ---- | M] () -- C:\Program Files\ClamWin\lib\shell.pyd
MOD - [2004/11/20 03:27:54 | 000,086,016 | ---- | M] () -- C:\Program Files\ClamWin\lib\win32gui.pyd
MOD - [2004/11/20 03:27:54 | 000,077,824 | ---- | M] () -- C:\Program Files\ClamWin\lib\win32file.pyd
MOD - [2004/11/20 03:27:54 | 000,069,632 | ---- | M] () -- C:\Program Files\ClamWin\lib\win32api.pyd
MOD - [2004/11/20 03:27:54 | 000,065,536 | ---- | M] () -- C:\Program Files\ClamWin\lib\win32security.pyd
MOD - [2004/11/20 03:27:54 | 000,036,864 | ---- | M] () -- C:\Program Files\ClamWin\lib\win32process.pyd
MOD - [2004/11/20 03:27:54 | 000,024,576 | ---- | M] () -- C:\Program Files\ClamWin\lib\win32pipe.pyd
MOD - [2004/11/20 03:27:54 | 000,024,576 | ---- | M] () -- C:\Program Files\ClamWin\lib\win32event.pyd
MOD - [2004/10/11 20:22:18 | 000,315,392 | ---- | M] () -- C:\Program Files\ClamWin\lib\pythoncom23.dll
MOD - [2004/10/11 20:21:26 | 000,094,208 | ---- | M] () -- C:\Program Files\ClamWin\lib\pywintypes23.dll
MOD - [2004/05/25 21:20:30 | 000,036,864 | ---- | M] () -- C:\Program Files\ClamWin\lib\_winreg.pyd
MOD - [2004/05/25 21:19:32 | 000,045,117 | ---- | M] () -- C:\Program Files\ClamWin\lib\datetime.pyd
MOD - [2004/05/25 21:18:42 | 000,495,616 | ---- | M] () -- C:\Program Files\ClamWin\lib\_ssl.pyd
MOD - [2004/05/25 21:18:28 | 000,057,401 | ---- | M] () -- C:\Program Files\ClamWin\lib\_sre.pyd
MOD - [2004/05/25 21:18:20 | 000,049,212 | ---- | M] () -- C:\Program Files\ClamWin\lib\_socket.pyd
MOD - [2004/05/25 21:17:14 | 000,622,651 | ---- | M] () -- C:\Program Files\ClamWin\lib\_bsddb.pyd
MOD - [2004/01/15 14:45:22 | 000,061,440 | ---- | M] () -- C:\Program Files\ClamWin\lib\_ctypes.pyd
MOD - [2003/10/01 13:40:00 | 002,240,512 | ---- | M] () -- C:\Program Files\ClamWin\lib\wxc.pyd
MOD - [2003/10/01 11:43:02 | 003,239,936 | ---- | M] () -- C:\Program Files\ClamWin\lib\wxmsw24h.dll
MOD - [2003/08/10 09:14:40 | 000,061,440 | ---- | M] () -- C:\Program Files\ClamWin\lib\mxDateTime.pyd
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (McComponentHostService)
SRV - [2011/09/15 23:46:45 | 000,034,304 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\TEMP\ymodpn\setup.exe -- (AMService)
========== Driver Services (SafeList) ==========
DRV - [2010/03/30 23:38:26 | 000,020,968 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\cpuz133_x32.sys -- (cpuz133)
DRV - [2008/06/03 13:37:04 | 000,005,632 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hidshim.sys -- (hidshim)
DRV - [2008/06/03 13:37:00 | 000,023,040 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\winbondhidcir.sys -- (winbondhidcir)
DRV - [2008/05/09 01:00:00 | 002,880,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007/07/20 18:40:10 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2007/05/30 20:04:56 | 004,424,192 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/04/27 04:01:34 | 002,203,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel(R)
DRV - [2007/03/21 22:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/03/01 22:22:04 | 000,988,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007/03/01 22:21:24 | 000,210,688 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007/03/01 22:21:22 | 000,731,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/02/21 12:16:12 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/02/16 15:46:42 | 000,160,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/01/23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/12/28 12:44:44 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.ie"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/19 19:19:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.22\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/07 17:58:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.22\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/07 17:58:32 | 000,000,000 | ---D | M]
[2010/05/05 19:12:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cheenso\Application Data\Mozilla\Extensions
[2011/09/15 21:02:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cheenso\Application Data\Mozilla\Firefox\Profiles\kkqyf2hi.default\extensions
[2010/08/03 01:20:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Cheenso\Application Data\Mozilla\Firefox\Profiles\kkqyf2hi.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/08/02 18:15:41 | 000,000,000 | ---D | M] (FB Chat Sidebar Disabler) -- C:\Documents and Settings\Cheenso\Application Data\Mozilla\Firefox\Profiles\kkqyf2hi.default\extensions\fbsidebardisabler@vittgam.net
[2010/05/05 19:12:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/19 19:19:02 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2010/05/05 18:52:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/03/12 03:48:15 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/03/12 03:48:15 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/03/12 03:48:15 | 000,000,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/03/12 03:48:16 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2010/06/07 14:05:05 | 000,403,666 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 13964 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (MadrasAddison Orestes FrenchSophia AmmanBeijing)
O4 - HKLM..\Run: [ClamWin] C:\Program Files\ClamWin\bin\ClamTray.exe (MadrasAddison Orestes FrenchSophia AmmanBeijing)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (MadrasAddison Orestes FrenchSophia AmmanBeijing)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (MadrasAddison Orestes FrenchSophia AmmanBeijing)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask .exe (MadrasAddison Orestes FrenchSophia AmmanBeijing)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (MadrasAddison Orestes FrenchSophia AmmanBeijing)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (MadrasAddison Orestes FrenchSophia AmmanBeijing)
O4 - HKCU..\Run: [Ngoyocijezowe] C:\WINDOWS\kpdh32.dll (Development Company, L.P.)
O4 - HKLM..\RunOnce: [*evtsstreamntfs.exe] C:\WINDOWS\evtsstreamntfs.exe (My© Systems)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10e.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7DF72FBF-1F11-44BD-8E6F-CC870E4704E1}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Cheenso\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Cheenso\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/05 17:52:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{a2710141-8033-11df-bb87-001e68915d89}\Shell - "" = AutoRun
O33 - MountPoints2\{a2710141-8033-11df-bb87-001e68915d89}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a2710141-8033-11df-bb87-001e68915d89}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{a2710145-8033-11df-bb87-001e68915d89}\Shell - "" = AutoRun
O33 - MountPoints2\{a2710145-8033-11df-bb87-001e68915d89}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a2710145-8033-11df-bb87-001e68915d89}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{c5448d6c-dadf-11e0-bbcb-c2db154e2397}\Shell - "" = AutoRun
O33 - MountPoints2\{c5448d6c-dadf-11e0-bbcb-c2db154e2397}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c5448d6c-dadf-11e0-bbcb-c2db154e2397}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/09/16 11:32:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/09/16 01:17:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cheenso\Desktop\System files for xp
[2011/09/16 01:11:48 | 000,209,920 | ---- | C] (My© Systems) -- C:\WINDOWS\evtsstreamntfs.exe
[2011/09/15 23:36:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cheenso\Application Data\0AEBE2FD6199C0BF6126DA57424DB8F4
[2011/09/15 03:39:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cheenso\Application Data\U3
[2011/09/08 21:38:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cheenso\.jenny
[2011/09/03 11:17:37 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/08/20 17:19:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/08/20 17:09:41 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/08/20 16:53:25 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/08/20 16:46:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/08/20 16:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/08/20 16:41:00 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/08/20 16:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/09/16 11:37:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/09/16 11:36:32 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1409082233-2052111302-839522115-1003.job
[2011/09/16 11:36:30 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1409082233-2052111302-839522115-1003.job
[2011/09/16 11:36:11 | 000,000
Comments
-
-
-
-
-
-
Advertisement
-
-
-
-
-
-
Advertisement
-
-
-
I completed the FixMBR & it did its automatic reboot, but I got no log
Here's the log from OTL as per your instructions:
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Cheenso
->Temp folder emptied: 61941546 bytes
->Temporary Internet Files folder emptied: 273290 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 16926586 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 756 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 130531 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 76.00 mb
[EMPTYFLASH]
User: All Users
User: Cheenso
->Flash cache emptied: 0 bytes
User: Default User
User: LocalService
User: NetworkService
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point (0)
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Cheenso\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\Cheenso\My Documents\Downloads\cmd.txt deleted successfully.
C:\_OTL\MovedFiles\09162011_230923\C_Documents and Settings\Cheenso\YgRORQe.com moved successfully.
C:\_OTL\MovedFiles\09162011_230923\C_WINDOWS\system32\YgRORQe.com moved successfully.
C:\_OTL\MovedFiles\09182011_155323\C__OTL\MovedFiles\09162011_230923\C_Documents and Settings\Cheenso\YgRORQe.com moved successfully.
C:\_OTL\MovedFiles\09182011_155323\C__OTL\MovedFiles\09162011_230923\C_WINDOWS\system32\YgRORQe.com moved successfully.
C:\WINDOWS\Fonts\YgRORQe.com moved successfully.
C:\WINDOWS\system32\YgRORQe.com moved successfully.
c:\windows\Tasks\At1.job moved successfully.
c:\windows\Tasks\At10.job moved successfully.
c:\windows\Tasks\At11.job moved successfully.
c:\windows\Tasks\At12.job moved successfully.
c:\windows\Tasks\At13.job moved successfully.
c:\windows\Tasks\At14.job moved successfully.
c:\windows\Tasks\At15.job moved successfully.
c:\windows\Tasks\At16.job moved successfully.
c:\windows\Tasks\At17.job moved successfully.
c:\windows\Tasks\At18.job moved successfully.
c:\windows\Tasks\At19.job moved successfully.
c:\windows\Tasks\At2.job moved successfully.
c:\windows\Tasks\At20.job moved successfully.
c:\windows\Tasks\At21.job moved successfully.
c:\windows\Tasks\At22.job moved successfully.
c:\windows\Tasks\At23.job moved successfully.
c:\windows\Tasks\At24.job moved successfully.
c:\windows\Tasks\At25.job moved successfully.
c:\windows\Tasks\At26.job moved successfully.
c:\windows\Tasks\At27.job moved successfully.
c:\windows\Tasks\At28.job moved successfully.
c:\windows\Tasks\At29.job moved successfully.
c:\windows\Tasks\At3.job moved successfully.
c:\windows\Tasks\At30.job moved successfully.
c:\windows\Tasks\At31.job moved successfully.
c:\windows\Tasks\At32.job moved successfully.
c:\windows\Tasks\At33.job moved successfully.
c:\windows\Tasks\At34.job moved successfully.
c:\windows\Tasks\At35.job moved successfully.
c:\windows\Tasks\At36.job moved successfully.
c:\windows\Tasks\At37.job moved successfully.
c:\windows\Tasks\At38.job moved successfully.
c:\windows\Tasks\At39.job moved successfully.
c:\windows\Tasks\At4.job moved successfully.
c:\windows\Tasks\At40.job moved successfully.
c:\windows\Tasks\At41.job moved successfully.
c:\windows\Tasks\At42.job moved successfully.
c:\windows\Tasks\At43.job moved successfully.
c:\windows\Tasks\At44.job moved successfully.
c:\windows\Tasks\At45.job moved successfully.
c:\windows\Tasks\At46.job moved successfully.
c:\windows\Tasks\At47.job moved successfully.
c:\windows\Tasks\At48.job moved successfully.
c:\windows\Tasks\At5.job moved successfully.
c:\windows\Tasks\At6.job moved successfully.
c:\windows\Tasks\At7.job moved successfully.
c:\windows\Tasks\At8.job moved successfully.
c:\windows\Tasks\At9.job moved successfully.
File\Folder C:\ntfsadvproxy.exe not found.
C:\_OTL\MovedFiles\09162011_230923\C_Documents and Settings\All Users\Application Data\YgRORQe.exe moved successfully.
C:\_OTL\MovedFiles\09162011_230923\C_Documents and Settings\Cheenso\Local Settings\Application Data\YgRORQe.exe moved successfully.
C:\_OTL\MovedFiles\09182011_155323\C__OTL\MovedFiles\09162011_230923\C_Documents and Settings\All Users\Application Data\YgRORQe.exe moved successfully.
C:\_OTL\MovedFiles\09182011_155323\C__OTL\MovedFiles\09162011_230923\C_Documents and Settings\Cheenso\Local Settings\Application Data\YgRORQe.exe moved successfully.
C:\_OTL\MovedFiles\09182011_155323\C__OTL\MovedFiles\09182011_155323\C__OTL\MovedFiles\09162011_230923\C_Documents and Settings\All Users\Application Data\YgRORQe.exe moved successfully.
C:\_OTL\MovedFiles\09182011_155323\C__OTL\MovedFiles\09182011_155323\C__OTL\MovedFiles\09162011_230923\C_Documents and Settings\Cheenso\Local Settings\Application Data\YgRORQe.exe moved successfully.
OTL by OldTimer - Version 3.2.28.0 log created on 09182011_155323
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...0 -
-
-
-
-
Advertisement