OTL logfile created on: 14.8.2012 22:41:41 - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Documents and Settings\Andrea\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy
445,91 Mb Total Physical Memory | 57,30 Mb Available Physical Memory | 12,85% Memory free
1,03 Gb Paging File | 0,37 Gb Available in Paging File | 36,18% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127,99 Gb Total Space | 79,46 Gb Free Space | 62,09% Space Free | Partition Type: NTFS
Drive E: | 963,70 Mb Total Space | 134,05 Mb Free Space | 13,91% Space Free | Partition Type: FAT
Computer Name: AP-80NVCGATWOLV | User Name: Andrea | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.08.14 22:36:15 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andrea\My Documents\Downloads\OTL.exe
PRC - [2012.07.29 17:07:15 | 001,692,192 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe
PRC - [2012.07.14 02:17:11 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.07.06 02:26:46 | 002,551,128 | ---- | M] (Pokki) -- C:\Documents and Settings\Andrea\Local Settings\Application Data\Pokki\v0.259\pokki.exe
PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.07.03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.03.07 15:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET Smart Security\ekrn.exe
PRC - [2012.03.07 15:40:28 | 003,117,344 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET Smart Security\egui.exe
PRC - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () -- C:\Documents and Settings\Andrea\My Documents\PROGRAMY\CDBurnerXP\NMSAccessU.exe
PRC - [2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.07.12 11:58:02 | 001,397,760 | ---- | M] (Nero AG) -- C:\Program Files\Ahead\InCD\InCD.exe
PRC - [2005.07.08 17:24:46 | 000,871,424 | ---- | M] (Nero AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe
========== Modules (No Company
Name) ==========
MOD - [2012.08.03 11:20:32 | 009,465,032 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll
MOD - [2012.07.29 17:07:15 | 001,692,192 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe
MOD - [2012.07.29 17:07:13 | 002,039,840 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.dll
MOD - [2012.07.14 02:17:14 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.07.06 02:26:26 | 001,012,056 | ---- | M] () -- C:\Documents and Settings\Andrea\Local Settings\Application Data\Pokki\ocdeskband_0.dll
MOD - [2012.06.17 10:26:28 | 000,184,846 | ---- | M] () -- C:\Documents and Settings\Andrea\Local Settings\Application Data\Pokki\v0.259\avformat-53.dll
MOD - [2012.06.17 10:26:26 | 000,062,464 | ---- | M] () -- C:\Documents and Settings\Andrea\Local Settings\Application Data\Pokki\v0.259\chrome.dll
MOD - [2012.06.17 10:26:24 | 001,093,646 | ---- | M] () -- C:\Documents and Settings\Andrea\Local Settings\Application Data\Pokki\v0.259\avcodec-53.dll
MOD - [2012.06.17 10:26:24 | 000,117,262 | ---- | M] () -- C:\Documents and Settings\Andrea\Local Settings\Application Data\Pokki\v0.259\avutil-51.dll
MOD - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () -- C:\Documents and Settings\Andrea\My Documents\PROGRAMY\CDBurnerXP\NMSAccessU.exe
MOD - [2006.08.31 18:46:32 | 000,176,235 | ---- | M] () -- C:\WINDOWS\system32\Primomonnt.dll
MOD - [2000.07.18 16:44:24 | 000,029,882 | ---- | M] () -- C:\WINDOWS\system32\pwprtmon.dll
========== Win32 Services (SafeList) ==========
SRV - [2012.07.29 17:07:15 | 001,692,192 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe -- (Codecs Pack)
SRV - [2012.07.14 02:17:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.03.07 15:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\Eset\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\Andrea\My Documents\PROGRAMY\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2008.11.11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2005.07.08 17:24:46 | 000,871,424 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ZS211.sys -- (ZSMC211)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\pcouffin.sys -- (pcouffin)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8650BCC9-DE40-4C74-AC31-F8AD17A0FA68}\MpKsldb491116.sys -- (MpKsldb491116)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\123.exe\catchme.sys -- (catchme)
DRV - [2012.08.14 19:10:49 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.07.02 15:15:34 | 000,051,072 | ---- | M] (Identcode Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ANGELNT.SYS -- (Angelnt)
DRV - [2012.06.03 10:44:46 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2012.03.14 08:40:04 | 000,148,504 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2012.03.14 08:40:04 | 000,061,936 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2012.03.14 08:40:04 | 000,040,336 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2012.03.14 08:40:02 | 000,160,816 | ---- | M] (ESET) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2012.03.14 08:40:02 | 000,120,152 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2012.01.31 01:15:42 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2011.12.08 06:22:26 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.12.08 06:22:26 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011.12.08 06:22:26 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011.12.08 06:22:26 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011.12.08 06:22:26 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011.07.07 16:13:46 | 000,015,896 | ---- | M] (HandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter_hs.sys -- (massfilter_hs)
DRV - [2011.03.28 15:34:42 | 000,113,432 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ghsmdm.sys -- (ghsmdm)
DRV - [2009.12.22 04:31:26 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008.12.25 17:43:46 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2008.12.25 17:43:45 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2006.10.30 20:19:58 | 000,088,960 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2006.07.12 11:58:02 | 000,028,672 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)
DRV - [2006.06.28 10:25:24 | 004,304,384 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService)
DRV - [2006.06.16 16:09:48 | 001,611,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.03.13 16:50:08 | 000,085,696 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w300obex.sys -- (w300obex)
DRV - [2006.03.13 16:50:06 | 000,087,824 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w300mgmt.sys -- (w300mgmt)
DRV - [2006.03.13 16:50:02 | 000,096,352 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w300mdm.sys -- (w300mdm)
DRV - [2006.03.13 16:50:00 | 000,009,264 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w300mdfl.sys -- (w300mdfl)
DRV - [2005.12.28 12:46:40 | 000,060,800 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w300bus.sys -- (w300bus)
DRV - [2005.07.08 17:17:56 | 000,008,704 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2005.07.08 17:17:54 | 000,099,584 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2005.07.08 17:17:36 | 000,029,696 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2004.08.03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139)
DRV - [2003.01.10 10:56:34 | 000,030,921 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SQCaptur.sys -- (DCamUSBSQTECH)
DRV - [1999.12.10 02:14:36 | 000,017,072 | ---- | M] (Destiny Technology Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pwsysdrv.sys -- (PWSYSDRV)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{D5D47440-0750-463D-BAEF-A47D02414806}: "URL" = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... earchTerms}
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-746137067-1292428093-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=114022 ... 19d13f899c
IE - HKU\S-1-5-21-746137067-1292428093-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-746137067-1292428093-725345543-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-746137067-1292428093-725345543-1003\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKU\S-1-5-21-746137067-1292428093-725345543-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... 8B7EA02B88
IE - HKU\S-1-5-21-746137067-1292428093-725345543-1003\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = http://search.babylon.com/?babsrc=SP_ss ... ffID=17981
IE - HKU\S-1-5-21-746137067-1292428093-725345543-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-746137067-1292428093-725345543-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2801948
IE - HKU\S-1-5-21-746137067-1292428093-725345543-1003\..\SearchScopes\{D5D47440-0750-463D-BAEF-A47D02414806}: "URL" = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
IE - HKU\S-1-5-21-746137067-1292428093-725345543-1003\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... earchTerms}
IE - HKU\S-1-5-21-746137067-1292428093-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaultthis.engineName: "PHPNukeEN Customized Web Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT20867 ... hSource=13"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... ource=2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT20867 ... hSource=13"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@joj.sk/TV_JOJ_Media_Player: C:\Program Files\TV JOJ Media Player\npplugin_netscape.dll (MAC TV s.r.o.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKCU\Software\MozillaPlugins\@joj.sk/TV_JOJ_Media_Player: C:\Program Files\TV JOJ Media Player\npplugin_netscape.dll (MAC TV s.r.o.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.03 19:38:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.08.03 18:43:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012.08.03 21:25:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012.07.29 17:07:23 | 000,000,000 | ---D | M]
[2009.01.09 21:44:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Andrea\Application Data\Mozilla\Extensions
[2012.08.14 18:43:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions
[2007.07.23 21:11:36 | 000,000,000 | ---D | M] (Metal Lion - Vista) -- C:\Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions\{1AF3FC34-0725-4485-A939-6B40EB7CA96A}
[2010.12.29 14:52:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.07.25 14:17:12 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.08.13 19:54:52 | 000,001,765 | ---- | M] () -- C:\Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\searchplugins\atlas.xml
[2012.07.29 15:59:45 | 000,002,349 | ---- | M] () -- C:\Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\searchplugins\bProtect.xml
[2012.08.03 19:38:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.07.14 02:17:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007.12.17 19:16:14 | 000,065,536 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npkimi.dll
[2010.03.26 08:34:16 | 000,001,425 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Cetrumcz_igeared.xml
[2012.07.14 02:16:36 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - homepage: http://home.sweetim.com/?crg=3.1010000& ... 19D13F899C}
CHR - default_search_provider: SweetIM Search (Enabled)
CHR - default_search_provider: search_url = http://search.sweetim.com/search.asp?sr ... 19D13F899C}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://home.sweetim.com/?crg=3.1010000& ... 19D13F899C}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.75\pdf.dll
CHR - plugin: Babylon ToolBar (Enabled) = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gclijllifhfpomppedeljakfegbcpojn\2.3.15.10_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Imikimi.com Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npkimi.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: QuickTime Plug-in 6.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 6.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 6.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 6.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 6.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 6.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: TV JOJ Media Player \2,0,0,100 (Enabled) = C:\Program Files\TV JOJ Media Player\npplugin_netscape.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Savings Sidekick = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.19.14_0\crossrider
CHR - Extension: Savings Sidekick = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.19.14_0\
CHR - Extension: Babylon Toolbar = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\
CHR - Extension: NCH EN = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gclijllifhfpomppedeljakfegbcpojn\2.3.15.10_0\
CHR - Extension: SweetIM for Facebook = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: VideoFileDownload = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kincjchfokkeneeofpeefomkikfkiedl\1.0\
CHR - Extension: BitTorrentBar = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\2.3.15.10_0\
CHR - Extension: Savings Sidekick = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.19.14_0\crossrider
CHR - Extension: Savings Sidekick = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo\1.19.14_0\
CHR - Extension: Babylon Toolbar = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\
CHR - Extension: NCH EN = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gclijllifhfpomppedeljakfegbcpojn\2.3.15.10_0\
CHR - Extension: SweetIM for Facebook = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: VideoFileDownload = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kincjchfokkeneeofpeefomkikfkiedl\1.0\
CHR - Extension: BitTorrentBar = C:\Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\2.3.15.10_0\
O1 HOSTS File: ([2012.08.14 18:22:12 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-1292428093-725345543-1003\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-1292428093-725345543-1003\..\Toolbar\ShellBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-1292428093-725345543-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-1292428093-725345543-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-1292428093-725345543-1003\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-746137067-1292428093-725345543-1003..\Run: [AROReminder] C:\Program Files\ARO 2012\ARO.exe (Support.com, Inc.)
O4 - HKU\S-1-5-21-746137067-1292428093-725345543-1003..\Run: [Pokki] C:\Documents and Settings\Andrea\Local Settings\Application Data\Pokki\v0.259\pokki.exe (Pokki)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-746137067-1292428093-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-746137067-1292428093-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-746137067-1292428093-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-746137067-1292428093-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKU\S-1-5-21-746137067-1292428093-725345543-1003\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BA47E5A-A734-4D61-8CF5-35C0F8AA9D11}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Andrea\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Andrea\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.06.01 20:51:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2012.08.14 21:30:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\Start Menu\Programs\Pokki
[2012.08.14 21:30:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\Local Settings\Application Data\Pokki
[2012.08.14 21:28:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CrystalDiskInfo
[2012.08.14 21:28:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\Application Data\OpenCandy
[2012.08.14 21:28:26 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2012.08.14 20:55:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012.08.14 19:10:49 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012.08.14 19:08:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\Application Data\Malwarebytes
[2012.08.14 19:04:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.14 19:04:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012.08.14 19:04:39 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.08.14 19:04:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.08.14 18:20:44 | 000,000,000 | ---D | C] -- C:\_OTM
[2012.08.14 18:18:06 | 000,522,240 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Andrea\Desktop\OTM.exe
[2012.08.14 10:37:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\My Documents\NECO SK a.s
[2012.08.14 08:49:48 | 000,000,000 | ---D | C] -- C:\!SYSTEM
[2012.08.13 22:08:00 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.08.13 22:07:06 | 000,000,000 | ---D | C] -- C:\rsit
[2012.08.13 21:55:27 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.08.13 21:22:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\Desktop\RK_Quarantine
[2012.08.13 20:44:31 | 001,051,552 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\Andrea\Desktop\rkill.com
[2012.08.13 15:21:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012.08.12 20:01:31 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012.08.12 19:43:54 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012.08.12 19:43:54 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012.08.12 19:43:54 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012.08.12 19:43:54 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012.08.12 19:42:57 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.08.12 19:42:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Andrea\My Documents\My Pictures
[2012.08.12 19:42:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Andrea\Start Menu\Programs\Administrative Tools
[2012.08.12 19:41:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012.08.12 19:34:54 | 004,729,547 | R--- | C] (Swearware) -- C:\Documents and Settings\Andrea\Desktop\123.exe.exe
[2012.08.06 23:41:55 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Andrea\My Documents\My Music
[2012.08.06 12:45:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\Application Data\Canneverbe Limited
[2012.08.06 12:45:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2012.08.03 21:31:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\Application Data\ESET
[2012.08.03 21:29:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
[2012.08.03 21:24:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ESET
[2012.08.03 21:24:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESET
[2012.08.03 18:54:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\Local Settings\Application Data\Sun
[2012.08.03 18:43:20 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012.08.03 18:43:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\Application Data\Oracle
[2012.08.03 18:43:03 | 000,772,544 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012.08.03 18:43:03 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.08.03 18:42:45 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.08.03 18:42:45 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.08.03 17:57:34 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.08.03 17:46:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\Desktop\Mozilla Firefox 14.0.1 Final
[2012.08.03 17:46:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\My Documents\MyTorrents
[2012.08.03 17:45:14 | 000,000,000 | ---D | C] -- C:\Program Files\OpenApp
[2012.08.03 17:42:50 | 000,000,000 | ---D | C] -- C:\Program Files\smartdl
[2012.08.01 11:02:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\My Documents\samsung
[2012.07.30 22:45:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\My Documents\PROGRAMY
[2012.07.30 22:24:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\My Documents\KATKA
[2012.07.30 22:24:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\My Documents\KRALIK
[2012.07.30 22:23:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\My Documents\X LIGHT
[2012.07.30 22:23:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\My Documents\BULKO
[2012.07.30 22:22:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\My Documents\BETAK, Betakova
[2012.07.30 22:22:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\My Documents\Senior
[2012.07.30 22:13:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\My Documents\účtovné
[2012.07.30 22:03:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\My Documents\FOTO II
[2012.07.29 20:37:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\Local Settings\Application Data\NCH_EN
[2012.07.29 20:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\NCH_EN
[2012.07.29 20:32:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Video Related Programs
[2012.07.29 20:29:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NCH Software Suite
[2012.07.29 20:29:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Audio Related Programs
[2012.07.29 20:29:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Software
[2012.07.29 20:29:11 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2012.07.29 20:29:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\Application Data\NCH Software
[2012.07.29 20:12:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Ashampoo
[2012.07.29 20:12:15 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2012.07.29 20:10:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\My Documents\Stažené soubory
[2012.07.29 17:13:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService
[2012.07.29 17:10:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ffdshow
[2012.07.29 17:10:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\Local Settings\Application Data\Savings Sidekick
[2012.07.29 17:09:22 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2012.07.29 17:09:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\searchplugins
[2012.07.29 17:08:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\Start Menu\Programs\Haali Media Splitter
[2012.07.29 17:08:06 | 000,000,000 | ---D | C] -- C:\Program Files\Haali
[2012.07.29 17:07:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\Start Menu\Programs\ffdshow
[2012.07.29 17:07:47 | 000,000,000 | ---D | C] -- C:\Program Files\Savings Sidekick
[2012.07.29 17:07:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Codecs Pack
[2012.07.29 16:48:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\Local Settings\Application Data\CRE
[2012.07.29 16:47:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\Local Settings\Application Data\BitTorrentBar
[2012.07.29 16:46:49 | 000,000,000 | ---D | C] -- C:\Program Files\BitTorrentBar
[2012.07.29 16:46:34 | 000,000,000 | ---D | C] -- C:\Program Files\BitTorrent
[2012.07.29 16:46:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\Local Settings\Application Data\BitTorrent
[2012.07.29 16:46:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\Application Data\BitTorrent
[2012.07.29 15:59:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\Start Menu\Programs\GotClip
[2012.07.29 15:59:13 | 000,000,000 | ---D | C] -- C:\Program Files\GotClip
[2012.07.19 13:38:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrea\.android
[2012.07.19 13:38:31 | 000,138,264 | ---- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\zghsnet.sys
[2012.07.19 13:38:31 | 000,113,688 | ---- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\zghsvousb.sys
[2012.07.19 13:38:31 | 000,113,688 | ---- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\zghstrace.sys
[2012.07.19 13:38:31 | 000,113,688 | ---- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\zghsnmea.sys
[2012.07.19 13:38:31 | 000,113,688 | ---- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\zghsmdm.sys
[2012.07.19 13:38:31 | 000,113,688 | ---- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\zghsdiagmdm.sys
[2012.07.19 13:38:30 | 000,113,688 | ---- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\zghsdiag.sys
[2012.07.19 13:38:30 | 000,113,688 | ---- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\zghsat.sys
[2012.07.19 13:38:30 | 000,113,432 | ---- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\ghsnmea.sys
[2012.07.19 13:38:30 | 000,113,432 | ---- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\ghsmdm.sys
[2012.07.19 13:38:30 | 000,113,432 | ---- | C] (ZTE Incorporated) -- C:\WINDOWS\System32\drivers\ghsdiag.sys
[2012.07.19 13:38:30 | 000,032,408 | ---- | C] (Google Inc) -- C:\WINDOWS\System32\drivers\ghsandroid.sys
[2012.07.19 13:38:30 | 000,015,896 | ---- | C] (HandSet Incorporated) -- C:\WINDOWS\System32\drivers\massfilter_hs.sys
[2012.07.19 13:38:29 | 000,032,408 | ---- | C] (Google Inc) -- C:\WINDOWS\System32\drivers\androidusb.sys
[2012.07.19 13:37:50 | 000,102,936 | ---- | C] (Google, inc) -- C:\WINDOWS\AdbWinApi.dll
[2012.07.19 13:37:48 | 000,000,000 | ---D | C] -- C:\Program Files\Handset USB Driver
[2011.04.11 19:13:43 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Andrea\Application Data\pcouffin.sys
========== Files - Modified Within 30 Days ==========
[2012.08.14 22:58:00 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\Codecs Pack.job
[2012.08.14 22:45:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.08.14 21:28:34 | 000,001,643 | ---- | M] () -- C:\Documents and Settings\Andrea\Desktop\CrystalDiskInfo.lnk
[2012.08.14 20:44:48 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.08.14 20:44:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.08.14 19:10:49 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012.08.14 19:05:03 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.14 18:22:12 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012.08.14 18:18:40 | 000,522,240 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andrea\Desktop\OTM.exe
[2012.08.14 11:37:32 | 000,270,826 | ---- | M] () -- C:\mzdy0003_0004.zip
[2012.08.14 11:37:26 | 002,723,840 | ---- | M] () -- C:\mzdy0003.mdb
[2012.08.14 10:41:18 | 000,001,304 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2012.08.14 08:48:31 | 000,256,283 | ---- | M] () -- C:\mzdy0009.zip
[2012.08.13 23:24:14 | 000,002,068 | ---- | M] () -- C:\Documents and Settings\Andrea\Desktop\Odkaz na codecmngr.lnk
[2012.08.13 23:07:30 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012.08.13 21:18:36 | 001,558,528 | ---- | M] () -- C:\Documents and Settings\Andrea\Desktop\RogueKiller.exe
[2012.08.13 20:44:47 | 001,051,552 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\Andrea\Desktop\rkill.com
[2012.08.13 14:35:20 | 000,001,117 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2012.08.13 11:54:01 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2012.08.13 11:48:42 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2012.08.12 22:43:14 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Andrea\Desktop\xpsp3_5512.080413-2113_usa_x86fre_spcd.iso
[2012.08.12 20:01:39 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012.08.12 19:35:45 | 004,729,547 | R--- | M] (Swearware) -- C:\Documents and Settings\Andrea\Desktop\123.exe.exe
[2012.08.09 20:48:15 | 000,002,293 | ---- | M] () -- C:\Documents and Settings\Andrea\Desktop\Google Chrome.lnk
[2012.08.09 20:48:15 | 000,002,271 | ---- | M] () -- C:\Documents and Settings\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012.08.06 15:15:49 | 000,000,433 | ---- | M] () -- C:\WINDOWS\is-MU3M6.lst
[2012.08.06 15:15:48 | 001,544,704 | ---- | M] () -- C:\WINDOWS\is-MU3M6.exe
[2012.08.06 15:15:48 | 000,025,451 | ---- | M] () -- C:\WINDOWS\is-MU3M6.msg
[2012.08.06 15:15:47 | 000,001,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CDBurnerXP.lnk
[2012.08.06 11:55:12 | 000,000,097 | ---- | M] () -- C:\WINDOWS\vypalovac.ini
[2012.08.03 19:39:08 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012.08.03 19:39:08 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012.08.03 18:42:24 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.08.03 18:42:23 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.08.03 11:20:37 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.08.03 11:20:35 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.08.01 19:13:16 | 000,184,700 | ---- | M] () -- C:\torrent.exe
[2012.07.29 20:38:21 | 000,000,009 | ---- | M] () -- C:\END
[2012.07.29 20:12:35 | 000,000,874 | ---- | M] () -- C:\Documents and Settings\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Ashampoo Burning Studio 6 FREE.lnk
[2012.07.29 17:22:05 | 000,000,668 | ---- | M] () -- C:\Documents and Settings\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2012.07.29 17:16:53 | 000,000,608 | ---- | M] () -- C:\user.js
[2012.07.19 18:55:13 | 000,140,625 | ---- | M] () -- C:\WINDOWS\hpoins14.dat
[2012.07.19 13:40:26 | 000,444,600 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.07.19 13:40:26 | 000,072,476 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.08.13 21:18:30 | 001,558,528 | ---- | C] () -- C:\Documents and Settings\Andrea\Desktop\RogueKiller.exe
[2012.08.12 22:43:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Andrea\Desktop========== Files Created - No Company Name ==========
[2012.08.14 22:45:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.08.14 21:30:53 | 000,001,225 | ---- | C] () -- C:\Documents and Settings\Andrea\Start Menu\Programs\Pokki.lnk
[2012.08.14 21:28:34 | 000,001,643 | ---- | C] () -- C:\Documents and Settings\Andrea\Desktop\CrystalDiskInfo.lnk
[2012.08.14 20:44:25 | 000,000,286 | ---- | C] () -- C:\WINDOWS\tasks\Codecs Pack.job
[2012.08.14 19:05:03 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.14 11:37:32 | 000,270,826 | ---- | C] () -- C:\mzdy0003_0004.zip
[2012.08.14 08:49:43 | 002,723,840 | ---- | C] () -- C:\mzdy0003.mdb
[2012.08.14 08:48:31 | 000,256,283 | ---- | C] () -- C:\mzdy0009.zip
[2012.08.13 23:24:14 | 000,002,068 | ---- | C] () -- C:\Documents and Settings\Andrea\Desktop\Odkaz na codecmngr.lnk\xpsp3_5512.080413-2113_usa_x86fre_spcd.iso
[2012.08.12 20:01:39 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012.08.12 20:01:36 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012.08.12 19:43:54 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.08.12 19:43:54 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.08.12 19:43:54 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.08.12 19:43:54 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.08.12 19:43:54 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012.08.06 15:15:49 | 000,000,433 | ---- | C] () -- C:\WINDOWS\is-MU3M6.lst
[2012.08.06 15:15:48 | 001,544,704 | ---- | C] () -- C:\WINDOWS\is-MU3M6.exe
[2012.08.06 15:15:48 | 000,025,451 | ---- | C] () -- C:\WINDOWS\is-MU3M6.msg
[2012.08.06 12:44:44 | 000,001,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CDBurnerXP.lnk
[2012.08.06 12:44:40 | 000,001,735 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\CDBurnerXP.lnk
[2012.08.06 11:51:15 | 000,000,097 | ---- | C] () -- C:\WINDOWS\vypalovac.ini
[2012.08.03 17:57:37 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012.08.03 17:57:37 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012.08.03 17:57:37 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012.08.01 19:13:16 | 000,184,700 | ---- | C] () -- C:\torrent.exe
[2012.07.29 20:38:14 | 000,000,009 | ---- | C] () -- C:\END
[2012.07.29 20:32:16 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Prism Video File Converter.lnk
[2012.07.29 20:31:36 | 000,000,805 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Express Rip.lnk
[2012.07.29 20:30:52 | 000,001,677 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\WavePad Sound Editor.lnk
[2012.07.29 20:29:27 | 000,001,721 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Express Burn.lnk
[2012.07.29 20:12:35 | 000,000,874 | ---- | C] () -- C:\Documents and Settings\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Ashampoo Burning Studio 6 FREE.lnk
[2012.07.29 17:09:59 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2012.07.29 16:46:44 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2012.07.29 16:01:28 | 000,000,608 | ---- | C] () -- C:\user.js
[2012.07.19 13:37:49 | 000,584,584 | ---- | C] () -- C:\WINDOWS\adb.exe
[2012.05.16 15:47:19 | 000,418,776 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012.02.15 15:57:11 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.31 01:15:44 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2012.01.31 01:15:42 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012.01.31 01:15:42 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012.01.31 01:15:42 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012.01.31 01:15:42 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011.07.09 16:36:43 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2011.05.18 10:31:47 | 000,000,237 | ---- | C] () -- C:\Documents and Settings\Andrea\Application Data\burnaware.ini
[2011.04.11 21:03:50 | 000,000,305 | ---- | C] () -- C:\WINDOWS\007DVDCopy.INI
[2011.04.11 19:14:02 | 000,000,022 | ---- | C] () -- C:\WINDOWS\System32\systeminfo3.dll
[2011.04.11 19:13:43 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Andrea\Application Data\pcouffin.cat
[2011.04.11 19:13:43 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Andrea\Application Data\pcouffin.inf
[2011.04.01 21:21:53 | 000,000,864 | ---- | C] () -- C:\Documents and Settings\Andrea\Local Settings\Application Data\SRDownloader.nast
[2011.03.02 16:05:25 | 000,000,085 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2011.01.27 14:48:16 | 000,000,805 | ---- | C] () -- C:\WINDOWS\eporadca_1012.ini
[2011.01.20 14:37:51 | 000,401,408 | ---- | C] ( ) -- C:\WINDOWS\System32\lexlog.dll
[2010.10.19 17:52:21 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010.10.19 17:52:21 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010.10.19 17:52:06 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Andrea\Application Data\$_hpcst$.hpc
[2010.03.10 16:10:32 | 000,000,873 | ---- | C] () -- C:\Documents and Settings\Andrea\.recently-used.xbel
[2008.10.12 18:38:16 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2008.04.24 18:25:24 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2007.06.13 19:36:06 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\Andrea\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.06.01 22:04:46 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
kontrola logu - pomalé otváranie aplikacii a spomalený pc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: kontrola logu - pomalé otváranie aplikacii a spomalený p
========== LOP Check ==========
[2007.10.20 11:00:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Activision
[2011.06.12 20:38:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2012.07.13 18:08:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011.09.19 10:31:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010.05.09 12:36:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Barbie Fashion Show
[2012.08.06 12:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2012.07.29 17:07:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Codecs Pack
[2011.04.11 23:36:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011.04.11 23:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009.06.20 10:39:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Disney Interactive Studios
[2012.08.03 21:24:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2012.07.29 17:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService
[2009.06.12 10:16:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2012.08.06 09:26:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KASTNER software
[2011.09.18 11:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008.08.18 14:23:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2008.12.25 17:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\My Horse and Me
[2010.10.19 17:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2012.03.31 18:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2010.12.20 19:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Socusoft
[2012.02.07 17:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2012.08.06 12:31:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SweetIM
[2011.04.11 20:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2007.06.01 22:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009.02.10 17:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{D9C99627-949D-458E-883C-40AB097FE49F}
[2011.06.12 20:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Ashampoo
[2012.07.29 16:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\BabylonToolbar
[2012.08.13 14:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\BitTorrent
[2012.07.13 18:20:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\BSplayer
[2007.06.09 21:18:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\BSplayer Pro
[2012.08.06 12:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Canneverbe Limited
[2010.02.12 15:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2008.10.12 19:07:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\ConvertTemp
[2011.04.11 23:58:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\DAEMON Tools Lite
[2012.08.03 21:31:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\ESET
[2010.03.10 16:10:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\gtk-2.0
[2007.12.27 23:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\ICQ
[2007.06.09 20:17:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\ICQ Toolbar
[2007.06.01 22:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\InterTrust
[2012.08.06 09:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Kastner software
[2012.08.14 21:28:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\OpenCandy
[2012.08.03 18:43:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Oracle
[2010.10.19 17:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\PC Suite
[2010.10.19 17:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\PLANStudio Setup
[2012.07.13 19:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Sammsoft
[2012.03.31 19:07:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Samsung
[2010.12.20 19:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Sony
[2007.08.27 23:16:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Teleca
[2008.10.21 20:11:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Temporary
[2008.10.15 15:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\TransRender
[2008.03.11 13:22:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\TV JOJ Media Player
[2011.04.12 09:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Vso
[2012.08.14 22:58:00 | 000,000,286 | ---- | M] () -- C:\WINDOWS\Tasks\Codecs Pack.job
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: AGP440.SYS >
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\cmdcons\autochk.exe
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
[2004.08.04 00:56:48 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2007.04.25 06:20:30 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.04 00:56:42 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 00:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007.06.13 13:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 12:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004.08.04 00:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2004.08.03 23:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\$NtServicePackUninstall$\changer.sys
< MD5 for: ISAPNP.SYS >
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.08.23 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.04 00:56:52 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 00:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.04 00:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2004.08.04 00:56:58 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.04 00:56:58 | 000,152,576 | ---- | M] (Microsoft Corporation) MD5=DA5CF1C368B33D75602FD6B3A7F5E0C6 -- C:\cmdcons\SYSTEM32\SMSS.EXE
< MD5 for: SVCHOST.EXE >
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2004.08.04 00:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2004.08.04 00:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.04 00:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[2004.08.04 00:56:48 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[19 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[25 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\0222400fcf7c78fcaf38fd057cc8f073\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\0222400fcf7c78fcaf38fd057cc8f073\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2008.08.04 21:03:42 | 000,952,320 | ---- | M] (Kros, a.s.) -- C:\eurokalkulacka_kros.exe
[2008.05.16 19:49:13 | 040,820,592 | ---- | M] () -- C:\setup_Moj_CeWe_Fotosvet.exe
[2012.08.01 19:13:16 | 000,184,700 | ---- | M] () -- C:\torrent.exe
[2009.01.03 22:53:17 | 001,371,185 | ---- | M] () -- C:\wrar380cz.exe
< %ALLUSERSPROFILE%\Application Data\*. >
[2007.10.20 11:00:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Activision
[2012.05.04 12:24:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011.06.12 20:38:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2012.07.13 18:08:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011.09.19 10:31:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010.05.09 12:36:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Barbie Fashion Show
[2012.08.06 12:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2012.07.29 17:07:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Codecs Pack
[2011.04.11 23:36:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2007.07.09 21:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2011.04.11 23:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009.06.20 10:39:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Disney Interactive Studios
[2012.08.03 21:24:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2009.04.15 08:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2008.07.21 20:11:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
[2010.01.18 13:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2008.07.21 20:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
[2008.05.16 19:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\hps
[2008.07.21 20:20:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
[2012.07.29 17:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService
[2009.06.12 10:16:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2012.08.06 09:26:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KASTNER software
[2012.08.14 19:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009.09.18 12:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2011.09.18 11:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008.04.26 19:12:05 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2012.05.12 13:53:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2011.02.07 10:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2008.08.18 14:23:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2008.12.25 17:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\My Horse and Me
[2012.08.05 20:32:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Software
[2010.12.20 22:04:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero
[2010.01.28 18:41:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2010.10.19 17:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2007.12.25 11:36:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2012.03.31 18:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2012.01.19 13:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010.12.20 19:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Socusoft
[2012.02.07 17:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2012.01.09 18:21:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2012.08.06 12:31:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SweetIM
[2011.04.11 20:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2008.07.21 20:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WEBREG
[2009.07.08 10:25:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2007.06.01 22:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009.02.10 17:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{D9C99627-949D-458E-883C-40AB097FE49F}
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\15105\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\15105\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\15105\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\15105\ReaderUpdater.exe
[2012.01.03 19:46:15 | 000,345,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1033-7B44-A95000000001}\Setup.exe
[2012.07.29 17:07:15 | 001,692,192 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe
[2012.07.29 17:06:44 | 003,386,400 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\Uninstall Codec Manager.exe
[2011.08.31 11:53:18 | 000,527,024 | ---- | M] (Google Inc.) -- C:\Documents and Settings\All Users\Application Data\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe
[2010.01.28 18:27:12 | 000,086,016 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
[2009.09.15 20:05:24 | 001,925,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
[2009.09.15 20:05:26 | 000,836,464 | ---- | M] (McAfee, Inc.) -- C:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\SecurityScan_Release.exe
[2012.07.12 09:37:45 | 006,204,760 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\update\sweetimsetup.exe
< %APPDATA%\*. >
[2010.02.12 15:18:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Adobe
[2007.06.06 20:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\AdobeUM
[2010.02.24 17:16:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Ahead
[2011.06.12 20:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Ashampoo
[2012.07.29 16:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\BabylonToolbar
[2012.08.13 14:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\BitTorrent
[2012.07.13 18:20:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\BSplayer
[2007.06.09 21:18:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\BSplayer Pro
[2012.08.06 12:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Canneverbe Limited
[2010.02.12 15:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2008.10.12 19:07:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\ConvertTemp
[2007.06.06 20:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\CyberLink
[2011.04.11 23:58:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\DAEMON Tools Lite
[2012.08.03 21:31:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\ESET
[2007.06.01 22:59:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Google
[2010.03.10 16:10:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\gtk-2.0
[2008.02.12 19:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Help
[2010.01.18 13:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\HP
[2009.01.09 21:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\HPAppData
[2007.12.27 23:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\ICQ
[2007.06.09 20:17:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\ICQ Toolbar
[2007.06.01 20:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Identities
[2007.06.01 22:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\InterTrust
[2012.08.06 09:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Kastner software
[2007.06.04 22:47:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Macromedia
[2012.08.14 19:08:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Malwarebytes
[2012.06.04 12:51:03 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Andrea\Application Data\Microsoft
[2009.01.09 21:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Mozilla
[2011.09.18 12:31:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\MSN6
[2012.08.05 20:31:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\NCH Software
[2010.12.20 22:06:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Nero
[2012.08.14 21:28:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\OpenCandy
[2012.08.03 18:43:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Oracle
[2010.10.19 17:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\PC Suite
[2010.10.19 17:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\PLANStudio Setup
[2012.07.13 19:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Sammsoft
[2012.03.31 19:07:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Samsung
[2012.08.05 23:22:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Skype
[2012.01.19 13:40:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\skypePM
[2010.12.20 19:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Sony
[2007.06.05 14:19:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Sun
[2007.06.09 20:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Talkback
[2007.08.27 23:16:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Teleca
[2008.10.21 20:11:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Temporary
[2008.10.15 15:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\TransRender
[2008.03.11 13:22:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\TV JOJ Media Player
[2012.05.10 19:50:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\vlc
[2011.04.12 09:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Vso
[2009.01.03 22:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\WinRAR
< %APPDATA%\*.exe /s >
[2010.03.22 19:47:10 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Andrea\Application Data\Microsoft\Installer\{1B71F326-E41E-42D5-8446-75444C6F8C83}\ARPPRODUCTICON.exe
[2012.07.20 02:23:24 | 001,142,616 | ---- | M] (Pokki) -- C:\Documents and Settings\Andrea\Application Data\OpenCandy\9C25BC5B827C44A3B98D190AC2FA2749\PokkiInstaller.exe
[2012.08.14 21:28:47 | 001,329,208 | ---- | M] () -- C:\Documents and Settings\Andrea\Application Data\OpenCandy\9C25BC5B827C44A3B98D190AC2FA2749\PokkiPACK_Stp2v4.exe
[2012.03.31 19:14:29 | 000,106,408 | ---- | M] () -- C:\Documents and Settings\Andrea\Application Data\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentInstaller.exe
[2012.03.31 19:14:29 | 000,101,288 | ---- | M] () -- C:\Documents and Settings\Andrea\Application Data\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentUpdate.exe
[2012.03.31 19:14:30 | 000,021,416 | ---- | M] () -- C:\Documents and Settings\Andrea\Application Data\Samsung\Kies\FirmwareUpdateTemp\AGENT\KiesPDLR.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2007.06.01 22:38:08 | 000,090,112 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2007.06.01 22:38:08 | 000,630,784 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2007.06.01 22:38:08 | 000,397,312 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
[2012.08.14 19:10:49 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
< %systemroot%\system32\*.* /3 >
[2012.08.14 20:44:48 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
< %SYSTEMDRIVE%\*.exe >
[2008.08.04 21:03:42 | 000,952,320 | ---- | M] (Kros, a.s.) -- C:\eurokalkulacka_kros.exe
[2008.05.16 19:49:13 | 040,820,592 | ---- | M] () -- C:\setup_Moj_CeWe_Fotosvet.exe
[2012.08.01 19:13:16 | 000,184,700 | ---- | M] () -- C:\torrent.exe
[2009.01.03 22:53:17 | 001,371,185 | ---- | M] () -- C:\wrar380cz.exe
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"AROReminder" = C:\Program Files\ARO 2012\ARO.exe -rem -- [2012.07.06 11:09:52 | 002,553,752 | ---- | M] (Support.com, Inc.)
"Pokki" = "C:\Documents and Settings\Andrea\Local Settings\Application Data\Pokki\v0.259\pokki.exe" -- [2012.07.06 02:26:46 | 002,551,128 | ---- | M] (Pokki)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.08.14 22:45:59 | 000,000,512 | ---- | M] () MD5=A83BF45DC9EE56DA448649164E4830FB -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2012.08.12 23:36:51 | 000,000,946 | ---- | M] () -- \Qoobox\Quarantine\C\Documents and Settings\Andrea\Local Settings\Application Data\MyAshampoo\Rss\http___crackle_com_rss_media_sxsw_featured_rss.xml.vir
[2012.08.03 17:42:25 | 000,009,930 | ---- | M] () -- \Qoobox\Quarantine\C\Documents and Settings\Andrea\Local Settings\Application Data\MyAshampoo\Rss\http___crackle_com_rss_media_sxsw_featured_rss_structured.xml.vir
< *keygen* /s >
< *loader* /s >
[2012.07.25 03:42:44 | 000,000,847 | ---- | M] () -- \_OTM\MovedFiles\08142012_182044\C_Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\chrome\CT2801948\content\tb\al\ac\img\ajax-loader.gif
[2012.07.25 03:42:44 | 000,001,135 | ---- | M] () -- \_OTM\MovedFiles\08142012_182044\C_Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\chrome\CT2801948\content\tb\al\ac\img\loader-icon.png
[2012.07.25 03:42:44 | 000,003,208 | ---- | M] () -- \_OTM\MovedFiles\08142012_182044\C_Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\chrome\CT2801948\content\tb\al\ui\gf\img\loader.gif
[2012.07.25 03:42:44 | 000,001,849 | ---- | M] () -- \_OTM\MovedFiles\08142012_182044\C_Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\chrome\CT2801948\content\tb\al\wa\TWITTER\resources\ajax-loader.gif
[2012.07.17 00:01:26 | 000,000,847 | ---- | M] () -- \_OTM\MovedFiles\08142012_182044\C_Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\chrome\CT2790392\content\tb\al\ac\img\ajax-loader.gif
[2012.07.17 00:01:26 | 000,001,135 | ---- | M] () -- \_OTM\MovedFiles\08142012_182044\C_Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\chrome\CT2790392\content\tb\al\ac\img\loader-icon.png
[2012.07.17 00:01:26 | 000,003,208 | ---- | M] () -- \_OTM\MovedFiles\08142012_182044\C_Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\chrome\CT2790392\content\tb\al\ui\gf\img\loader.gif
[2012.07.17 00:01:26 | 000,001,849 | ---- | M] () -- \_OTM\MovedFiles\08142012_182044\C_Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\chrome\CT2790392\content\tb\al\wa\TWITTER\resources\ajax-loader.gif
[2012.07.15 13:44:32 | 000,010,145 | ---- | M] () -- \_OTM\MovedFiles\08142012_182044\C_Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions\{dd02a4eb-4afd-4d60-99d8-e67f964ca813}\modules\ExternalLibraryLoader.jsm
[2011.06.21 12:26:48 | 000,942,080 | ---- | M] () -- \ALFA\Downloader.exe
[2012.08.13 14:28:01 | 000,000,037 | ---- | M] () -- \ALFA\DownloaderVys.dat
[2010.10.01 12:49:06 | 000,000,065 | ---- | M] () -- \ALFA\TEMP\DownloaderVys.dat
[2012.03.06 21:12:14 | 000,010,145 | ---- | M] () -- \Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\conduitCommon\modules\3.10.0.1\ExternalLibraryLoader.jsm
[2012.04.17 19:12:32 | 000,010,145 | ---- | M] () -- \Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\conduitCommon\modules\3.12.0.7\ExternalLibraryLoader.jsm
[2012.04.26 20:35:46 | 000,010,145 | ---- | M] () -- \Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\conduitCommon\modules\3.12.2.3\ExternalLibraryLoader.jsm
[2012.05.30 09:02:00 | 000,010,145 | ---- | M] () -- \Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\conduitCommon\modules\3.13.0.6\ExternalLibraryLoader.jsm
[2012.07.15 13:44:32 | 000,010,145 | ---- | M] () -- \Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\conduitCommon\modules\3.14.1.0\ExternalLibraryLoader.jsm
[2011.04.01 21:21:53 | 000,000,864 | ---- | M] () -- \Documents and Settings\Andrea\Local Settings\Application Data\SRDownloader.nast
[2012.07.30 12:57:27 | 000,000,673 | ---- | M] () -- \Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gclijllifhfpomppedeljakfegbcpojn\2.3.15.10_0\Media\ajax-loader.gif
[2012.07.30 12:57:32 | 000,000,673 | ---- | M] () -- \Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\2.3.15.10_0\Media\ajax-loader.gif
[2012.07.30 12:34:09 | 000,000,673 | ---- | M] () -- \Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Temp\scoped_dir_1676_11486\CRX_INSTALL\Media\ajax-loader.gif
[2012.08.14 21:31:36 | 000,003,487 | ---- | M] () -- \Documents and Settings\Andrea\Local Settings\Application Data\Pokki\Pokkies\83453a3d886e527a470b5bb8291dd338de4b1e44\10d53ce5e2342dbbe30333911ef53850f12ed4b2\img\loader.gif
[2012.08.14 21:31:35 | 000,002,962 | ---- | M] () -- \Documents and Settings\Andrea\Local Settings\Application Data\Pokki\Pokkies\83453a3d886e527a470b5bb8291dd338de4b1e44\10d53ce5e2342dbbe30333911ef53850f12ed4b2\js\lib\downloader.js
[2012.06.17 10:26:02 | 000,004,613 | ---- | M] () -- \Documents and Settings\Andrea\Local Settings\Application Data\Pokki\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\ce97e29270c81abb06c3c8f09dd6cb985cd5d1ff\img\store\loader.gif
[2011.12.21 15:58:58 | 001,339,392 | ---- | M] () -- \Omega\Downloader.EXE
[2012.08.10 16:47:10 | 000,000,051 | ---- | M] () -- \Omega\DownloaderVys.dat
[2011.12.21 15:58:58 | 001,339,392 | ---- | M] () -- \Omega\asociácia\Downloader.EXE
[2012.06.06 13:28:23 | 000,000,051 | ---- | M] () -- \Omega\asociácia\DownloaderVys.dat
[2010.11.08 15:35:39 | 000,000,041 | ---- | M] () -- \Omega\joe\DownloaderVys.dat
[2010.06.25 13:18:00 | 000,647,168 | ---- | M] () -- \Omega\only\Downloader.EXE
[2010.10.07 14:59:50 | 000,651,264 | ---- | M] () -- \Omega\reason2008\Downloader.EXE
[2011.12.21 15:58:58 | 001,339,392 | ---- | M] () -- \Omega\senior\Downloader.EXE
[2012.06.07 10:08:20 | 000,000,051 | ---- | M] () -- \Omega\senior\DownloaderVys.dat
[2001.01.16 06:55:36 | 000,053,248 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.DLL
[2001.01.16 04:22:34 | 000,002,560 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.TLB
[2009.03.01 12:31:26 | 000,005,795 | ---- | M] () -- \Program Files\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.jpg
[2009.03.01 12:31:26 | 000,004,089 | ---- | M] () -- \Program Files\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.swf
[2009.06.12 10:20:18 | 000,003,479 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\content\contact_list\preloader04.swf
[2009.06.12 09:55:59 | 000,552,798 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\theme\game_center\loaderBkg.png
[2011.07.11 14:23:00 | 000,942,080 | ---- | M] () -- \Program Files\OLYMP\Downloader.exe
[2011.07.11 14:31:02 | 000,000,041 | ---- | M] () -- \Program Files\OLYMP\DownloaderVys.dat
[2011.06.22 10:05:48 | 000,942,080 | ---- | M] () -- \Program Files\OLYMPfitnes\Downloader.exe
[2012.08.14 08:22:27 | 000,000,037 | ---- | M] () -- \Program Files\OLYMPfitnes\DownloaderVys.dat
[2012.02.21 21:53:48 | 000,069,120 | ---- | M] () -- \Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2012.03.07 00:36:40 | 000,131,984 | ---- | M] () -- \Program Files\Samsung\Kies\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.07.29 17:05:08 | 000,003,208 | ---- | M] () -- \Program Files\Uninstall Information\ib_uninst_455\config\ajax-loader.gif
[2012.07.29 17:05:08 | 000,006,820 | ---- | M] () -- \Program Files\Uninstall Information\ib_uninst_455\config\ajax-loader2.gif
[2012.07.29 17:05:08 | 000,003,208 | ---- | M] () -- \Program Files\Uninstall Information\ib_uninst_559\config\ajax-loader.gif
[2012.07.29 17:05:08 | 000,006,820 | ---- | M] () -- \Program Files\Uninstall Information\ib_uninst_559\config\ajax-loader2.gif
[2008.06.20 20:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2004.08.04 00:56:44 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2004.08.03 22:59:34 | 000,230,400 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\osloader.exe
[2004.08.03 22:59:36 | 000,278,016 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\osloader.ntd
[2002.02.01 19:25:22 | 000,009,728 | ---- | M] () -- \WINDOWS\mui\FALLBACK\041b\osloader.exe.mui
[2008.04.14 02:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 20:31:43 | 000,230,400 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 20:31:44 | 000,278,016 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 02:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2005.07.26 22:48:38 | 000,138,752 | ---- | M] () -- \AlfaIns\COMMON\BUSINESS OBJECTS\3.0\BIN\SAXMLSERIALIZE.DLL
[2005.07.26 22:36:42 | 000,212,992 | ---- | M] () -- \AlfaIns\COMMON\BUSINESS OBJECTS\3.0\BIN\SAXSERIALIZE.DLL
[2008.01.30 11:08:10 | 000,133,201 | ---- | M] () -- \AlfaIns\PROGRAM FILES\COMMON FILES\CRYSTAL DECISIONS\2.0\BIN\SAXMLSERIALIZE.DLL
[2008.01.30 11:08:10 | 000,056,915 | ---- | M] () -- \AlfaIns\PROGRAM FILES\COMMON FILES\CRYSTAL DECISIONS\2.0\BIN\SAXMLSERIALIZE_RES_EN.DLL
[2004.08.03 23:15:54 | 000,030,067 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2009.12.22 16:26:22 | 000,138,752 | ---- | M] () -- \OmegaIns\COMMON\BUSINESS OBJECTS\3.0\BIN\SAXMLSERIALIZE.DLL
[2009.12.22 16:26:22 | 000,212,992 | ---- | M] () -- \OmegaIns\COMMON\BUSINESS OBJECTS\3.0\BIN\SAXSERIALIZE.DLL
[2008.02.22 13:06:44 | 000,133,201 | ---- | M] () -- \OmegaIns\PROGRAM FILES\COMMON FILES\CRYSTAL DECISIONS\2.0\BIN\SAXMLSERIALIZE.DLL
[2008.02.22 13:06:44 | 000,056,915 | ---- | M] () -- \OmegaIns\PROGRAM FILES\COMMON FILES\CRYSTAL DECISIONS\2.0\BIN\SAXMLSERIALIZE_RES_EN.DLL
[2010.09.16 03:38:36 | 000,087,040 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize.dll
[2010.09.16 04:08:50 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_chs.dll
[2010.09.16 04:08:52 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_cht.dll
[2010.09.16 04:08:40 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_de.dll
[2010.09.16 04:08:38 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_en.dll
[2010.09.16 04:08:44 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_es.dll
[2010.09.16 04:08:38 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_fr.dll
[2010.09.16 04:08:44 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_it.dll
[2010.09.16 04:08:50 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_jp.dll
[2010.09.16 04:08:54 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_ko.dll
[2010.09.16 04:08:46 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_nl.dll
[2010.09.16 04:09:00 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_pl.dll
[2010.09.16 04:08:58 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_pt.dll
[2010.09.16 04:08:58 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_ru.dll
[2010.09.16 04:08:56 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_sv.dll
[2010.09.16 03:26:04 | 000,217,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxserialize.dll
[2005.07.26 23:48:38 | 000,138,752 | ---- | M] () -- \Program Files\Common Files\business objects\3.0\bin\saxmlserialize.dll
[2005.07.26 23:36:42 | 000,212,992 | ---- | M] () -- \Program Files\Common Files\business objects\3.0\bin\saxserialize.dll
[2012.03.29 06:01:00 | 000,413,696 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.1.10329.0\System.Runtime.Serialization.dll
[2012.05.12 19:38:16 | 001,186,816 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.1.10329.0\System.Runtime.Serialization.ni.dll
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012.08.12 22:09:41 | 000,000,948 | ---- | M] () -- \Qoobox\Quarantine\Registry_backups\AddRemove-18_Zinia_Serial_Driver.reg.dat
[2004.08.03 22:59:20 | 000,028,288 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\grserial.sys
[2004.08.03 23:15:54 | 000,064,896 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2008.02.10 19:03:09 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.06.13 20:29:28 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.10.20 09:03:34 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.05.14 08:05:37 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\505e12638acd6fdb22e1fd2d4c6fc232\System.Runtime.Serialization.ni.dll
[2012.05.14 08:08:51 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a644ec04e18202b60f9d828bc207972b\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2004.07.15 15:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2002.02.01 19:21:26 | 000,003,584 | ---- | M] () -- \WINDOWS\mui\FALLBACK\041b\dpserial.dll.mui
[2002.02.01 19:22:16 | 000,004,096 | ---- | M] () -- \WINDOWS\mui\FALLBACK\041b\grserial.sys.mui
[2002.02.01 19:26:12 | 000,010,240 | ---- | M] () -- \WINDOWS\mui\FALLBACK\041b\serial.sys.mui
[2002.02.01 19:26:12 | 000,005,632 | ---- | M] () -- \WINDOWS\mui\FALLBACK\041b\serialui.dll.mui
[2008.04.13 20:40:21 | 000,028,288 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.13 21:15:45 | 000,064,512 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2004.07.19 18:54:20 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2001.08.23 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.08.23 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2001.08.23 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.08.23 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.13 21:15:45 | 000,064,512 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT
< End of report >
[2007.10.20 11:00:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Activision
[2011.06.12 20:38:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2012.07.13 18:08:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011.09.19 10:31:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010.05.09 12:36:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Barbie Fashion Show
[2012.08.06 12:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2012.07.29 17:07:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Codecs Pack
[2011.04.11 23:36:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011.04.11 23:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009.06.20 10:39:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Disney Interactive Studios
[2012.08.03 21:24:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2012.07.29 17:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService
[2009.06.12 10:16:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2012.08.06 09:26:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KASTNER software
[2011.09.18 11:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008.08.18 14:23:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2008.12.25 17:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\My Horse and Me
[2010.10.19 17:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2012.03.31 18:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2010.12.20 19:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Socusoft
[2012.02.07 17:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2012.08.06 12:31:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SweetIM
[2011.04.11 20:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2007.06.01 22:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009.02.10 17:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{D9C99627-949D-458E-883C-40AB097FE49F}
[2011.06.12 20:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Ashampoo
[2012.07.29 16:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\BabylonToolbar
[2012.08.13 14:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\BitTorrent
[2012.07.13 18:20:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\BSplayer
[2007.06.09 21:18:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\BSplayer Pro
[2012.08.06 12:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Canneverbe Limited
[2010.02.12 15:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2008.10.12 19:07:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\ConvertTemp
[2011.04.11 23:58:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\DAEMON Tools Lite
[2012.08.03 21:31:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\ESET
[2010.03.10 16:10:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\gtk-2.0
[2007.12.27 23:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\ICQ
[2007.06.09 20:17:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\ICQ Toolbar
[2007.06.01 22:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\InterTrust
[2012.08.06 09:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Kastner software
[2012.08.14 21:28:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\OpenCandy
[2012.08.03 18:43:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Oracle
[2010.10.19 17:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\PC Suite
[2010.10.19 17:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\PLANStudio Setup
[2012.07.13 19:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Sammsoft
[2012.03.31 19:07:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Samsung
[2010.12.20 19:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Sony
[2007.08.27 23:16:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Teleca
[2008.10.21 20:11:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Temporary
[2008.10.15 15:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\TransRender
[2008.03.11 13:22:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\TV JOJ Media Player
[2011.04.12 09:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Vso
[2012.08.14 22:58:00 | 000,000,286 | ---- | M] () -- C:\WINDOWS\Tasks\Codecs Pack.job
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: AGP440.SYS >
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\cmdcons\autochk.exe
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
[2004.08.04 00:56:48 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2007.04.25 06:20:30 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.04 00:56:42 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 00:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007.06.13 13:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 12:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004.08.04 00:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2004.08.04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2004.08.03 23:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\$NtServicePackUninstall$\changer.sys
< MD5 for: ISAPNP.SYS >
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2009.07.07 10:31:35 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.08.23 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.04 00:56:52 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 00:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.04 00:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2004.08.04 00:56:58 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.04 00:56:58 | 000,152,576 | ---- | M] (Microsoft Corporation) MD5=DA5CF1C368B33D75602FD6B3A7F5E0C6 -- C:\cmdcons\SYSTEM32\SMSS.EXE
< MD5 for: SVCHOST.EXE >
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2004.08.04 00:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2004.08.04 00:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.04 00:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[2004.08.04 00:56:48 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[19 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[25 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\0222400fcf7c78fcaf38fd057cc8f073\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\0222400fcf7c78fcaf38fd057cc8f073\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2008.08.04 21:03:42 | 000,952,320 | ---- | M] (Kros, a.s.) -- C:\eurokalkulacka_kros.exe
[2008.05.16 19:49:13 | 040,820,592 | ---- | M] () -- C:\setup_Moj_CeWe_Fotosvet.exe
[2012.08.01 19:13:16 | 000,184,700 | ---- | M] () -- C:\torrent.exe
[2009.01.03 22:53:17 | 001,371,185 | ---- | M] () -- C:\wrar380cz.exe
< %ALLUSERSPROFILE%\Application Data\*. >
[2007.10.20 11:00:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Activision
[2012.05.04 12:24:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011.06.12 20:38:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2012.07.13 18:08:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011.09.19 10:31:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010.05.09 12:36:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Barbie Fashion Show
[2012.08.06 12:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2012.07.29 17:07:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Codecs Pack
[2011.04.11 23:36:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2007.07.09 21:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2011.04.11 23:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009.06.20 10:39:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Disney Interactive Studios
[2012.08.03 21:24:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2009.04.15 08:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2008.07.21 20:11:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
[2010.01.18 13:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2008.07.21 20:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
[2008.05.16 19:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\hps
[2008.07.21 20:20:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
[2012.07.29 17:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService
[2009.06.12 10:16:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2012.08.06 09:26:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KASTNER software
[2012.08.14 19:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009.09.18 12:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2011.09.18 11:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008.04.26 19:12:05 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2012.05.12 13:53:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2011.02.07 10:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2008.08.18 14:23:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2008.12.25 17:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\My Horse and Me
[2012.08.05 20:32:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Software
[2010.12.20 22:04:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero
[2010.01.28 18:41:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2010.10.19 17:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2007.12.25 11:36:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2012.03.31 18:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2012.01.19 13:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010.12.20 19:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Socusoft
[2012.02.07 17:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2012.01.09 18:21:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2012.08.06 12:31:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SweetIM
[2011.04.11 20:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2008.07.21 20:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WEBREG
[2009.07.08 10:25:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2007.06.01 22:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009.02.10 17:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{D9C99627-949D-458E-883C-40AB097FE49F}
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\15105\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\15105\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\15105\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.4\ARM\15105\ReaderUpdater.exe
[2012.01.03 19:46:15 | 000,345,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1033-7B44-A95000000001}\Setup.exe
[2012.07.29 17:07:15 | 001,692,192 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe
[2012.07.29 17:06:44 | 003,386,400 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Codecs Pack\2.2.529.166\{16cdff19-861d-48e3-a751-d99a27784753}\Uninstall Codec Manager.exe
[2011.08.31 11:53:18 | 000,527,024 | ---- | M] (Google Inc.) -- C:\Documents and Settings\All Users\Application Data\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe
[2010.01.28 18:27:12 | 000,086,016 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
[2009.09.15 20:05:24 | 001,925,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
[2009.09.15 20:05:26 | 000,836,464 | ---- | M] (McAfee, Inc.) -- C:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\SecurityScan_Release.exe
[2012.07.12 09:37:45 | 006,204,760 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\update\sweetimsetup.exe
< %APPDATA%\*. >
[2010.02.12 15:18:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Adobe
[2007.06.06 20:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\AdobeUM
[2010.02.24 17:16:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Ahead
[2011.06.12 20:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Ashampoo
[2012.07.29 16:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\BabylonToolbar
[2012.08.13 14:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\BitTorrent
[2012.07.13 18:20:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\BSplayer
[2007.06.09 21:18:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\BSplayer Pro
[2012.08.06 12:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Canneverbe Limited
[2010.02.12 15:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2008.10.12 19:07:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\ConvertTemp
[2007.06.06 20:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\CyberLink
[2011.04.11 23:58:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\DAEMON Tools Lite
[2012.08.03 21:31:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\ESET
[2007.06.01 22:59:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Google
[2010.03.10 16:10:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\gtk-2.0
[2008.02.12 19:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Help
[2010.01.18 13:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\HP
[2009.01.09 21:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\HPAppData
[2007.12.27 23:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\ICQ
[2007.06.09 20:17:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\ICQ Toolbar
[2007.06.01 20:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Identities
[2007.06.01 22:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\InterTrust
[2012.08.06 09:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Kastner software
[2007.06.04 22:47:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Macromedia
[2012.08.14 19:08:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Malwarebytes
[2012.06.04 12:51:03 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Andrea\Application Data\Microsoft
[2009.01.09 21:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Mozilla
[2011.09.18 12:31:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\MSN6
[2012.08.05 20:31:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\NCH Software
[2010.12.20 22:06:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Nero
[2012.08.14 21:28:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\OpenCandy
[2012.08.03 18:43:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Oracle
[2010.10.19 17:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\PC Suite
[2010.10.19 17:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\PLANStudio Setup
[2012.07.13 19:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Sammsoft
[2012.03.31 19:07:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Samsung
[2012.08.05 23:22:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Skype
[2012.01.19 13:40:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\skypePM
[2010.12.20 19:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Sony
[2007.06.05 14:19:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Sun
[2007.06.09 20:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Talkback
[2007.08.27 23:16:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Teleca
[2008.10.21 20:11:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Temporary
[2008.10.15 15:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\TransRender
[2008.03.11 13:22:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\TV JOJ Media Player
[2012.05.10 19:50:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\vlc
[2011.04.12 09:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\Vso
[2009.01.03 22:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andrea\Application Data\WinRAR
< %APPDATA%\*.exe /s >
[2010.03.22 19:47:10 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Andrea\Application Data\Microsoft\Installer\{1B71F326-E41E-42D5-8446-75444C6F8C83}\ARPPRODUCTICON.exe
[2012.07.20 02:23:24 | 001,142,616 | ---- | M] (Pokki) -- C:\Documents and Settings\Andrea\Application Data\OpenCandy\9C25BC5B827C44A3B98D190AC2FA2749\PokkiInstaller.exe
[2012.08.14 21:28:47 | 001,329,208 | ---- | M] () -- C:\Documents and Settings\Andrea\Application Data\OpenCandy\9C25BC5B827C44A3B98D190AC2FA2749\PokkiPACK_Stp2v4.exe
[2012.03.31 19:14:29 | 000,106,408 | ---- | M] () -- C:\Documents and Settings\Andrea\Application Data\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentInstaller.exe
[2012.03.31 19:14:29 | 000,101,288 | ---- | M] () -- C:\Documents and Settings\Andrea\Application Data\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentUpdate.exe
[2012.03.31 19:14:30 | 000,021,416 | ---- | M] () -- C:\Documents and Settings\Andrea\Application Data\Samsung\Kies\FirmwareUpdateTemp\AGENT\KiesPDLR.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2007.06.01 22:38:08 | 000,090,112 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2007.06.01 22:38:08 | 000,630,784 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2007.06.01 22:38:08 | 000,397,312 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
[2012.08.14 19:10:49 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
< %systemroot%\system32\*.* /3 >
[2012.08.14 20:44:48 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
< %SYSTEMDRIVE%\*.exe >
[2008.08.04 21:03:42 | 000,952,320 | ---- | M] (Kros, a.s.) -- C:\eurokalkulacka_kros.exe
[2008.05.16 19:49:13 | 040,820,592 | ---- | M] () -- C:\setup_Moj_CeWe_Fotosvet.exe
[2012.08.01 19:13:16 | 000,184,700 | ---- | M] () -- C:\torrent.exe
[2009.01.03 22:53:17 | 001,371,185 | ---- | M] () -- C:\wrar380cz.exe
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"AROReminder" = C:\Program Files\ARO 2012\ARO.exe -rem -- [2012.07.06 11:09:52 | 002,553,752 | ---- | M] (Support.com, Inc.)
"Pokki" = "C:\Documents and Settings\Andrea\Local Settings\Application Data\Pokki\v0.259\pokki.exe" -- [2012.07.06 02:26:46 | 002,551,128 | ---- | M] (Pokki)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.08.14 22:45:59 | 000,000,512 | ---- | M] () MD5=A83BF45DC9EE56DA448649164E4830FB -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2012.08.12 23:36:51 | 000,000,946 | ---- | M] () -- \Qoobox\Quarantine\C\Documents and Settings\Andrea\Local Settings\Application Data\MyAshampoo\Rss\http___crackle_com_rss_media_sxsw_featured_rss.xml.vir
[2012.08.03 17:42:25 | 000,009,930 | ---- | M] () -- \Qoobox\Quarantine\C\Documents and Settings\Andrea\Local Settings\Application Data\MyAshampoo\Rss\http___crackle_com_rss_media_sxsw_featured_rss_structured.xml.vir
< *keygen* /s >
< *loader* /s >
[2012.07.25 03:42:44 | 000,000,847 | ---- | M] () -- \_OTM\MovedFiles\08142012_182044\C_Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\chrome\CT2801948\content\tb\al\ac\img\ajax-loader.gif
[2012.07.25 03:42:44 | 000,001,135 | ---- | M] () -- \_OTM\MovedFiles\08142012_182044\C_Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\chrome\CT2801948\content\tb\al\ac\img\loader-icon.png
[2012.07.25 03:42:44 | 000,003,208 | ---- | M] () -- \_OTM\MovedFiles\08142012_182044\C_Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\chrome\CT2801948\content\tb\al\ui\gf\img\loader.gif
[2012.07.25 03:42:44 | 000,001,849 | ---- | M] () -- \_OTM\MovedFiles\08142012_182044\C_Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\chrome\CT2801948\content\tb\al\wa\TWITTER\resources\ajax-loader.gif
[2012.07.17 00:01:26 | 000,000,847 | ---- | M] () -- \_OTM\MovedFiles\08142012_182044\C_Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\chrome\CT2790392\content\tb\al\ac\img\ajax-loader.gif
[2012.07.17 00:01:26 | 000,001,135 | ---- | M] () -- \_OTM\MovedFiles\08142012_182044\C_Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\chrome\CT2790392\content\tb\al\ac\img\loader-icon.png
[2012.07.17 00:01:26 | 000,003,208 | ---- | M] () -- \_OTM\MovedFiles\08142012_182044\C_Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\chrome\CT2790392\content\tb\al\ui\gf\img\loader.gif
[2012.07.17 00:01:26 | 000,001,849 | ---- | M] () -- \_OTM\MovedFiles\08142012_182044\C_Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\chrome\CT2790392\content\tb\al\wa\TWITTER\resources\ajax-loader.gif
[2012.07.15 13:44:32 | 000,010,145 | ---- | M] () -- \_OTM\MovedFiles\08142012_182044\C_Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\extensions\{dd02a4eb-4afd-4d60-99d8-e67f964ca813}\modules\ExternalLibraryLoader.jsm
[2011.06.21 12:26:48 | 000,942,080 | ---- | M] () -- \ALFA\Downloader.exe
[2012.08.13 14:28:01 | 000,000,037 | ---- | M] () -- \ALFA\DownloaderVys.dat
[2010.10.01 12:49:06 | 000,000,065 | ---- | M] () -- \ALFA\TEMP\DownloaderVys.dat
[2012.03.06 21:12:14 | 000,010,145 | ---- | M] () -- \Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\conduitCommon\modules\3.10.0.1\ExternalLibraryLoader.jsm
[2012.04.17 19:12:32 | 000,010,145 | ---- | M] () -- \Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\conduitCommon\modules\3.12.0.7\ExternalLibraryLoader.jsm
[2012.04.26 20:35:46 | 000,010,145 | ---- | M] () -- \Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\conduitCommon\modules\3.12.2.3\ExternalLibraryLoader.jsm
[2012.05.30 09:02:00 | 000,010,145 | ---- | M] () -- \Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\conduitCommon\modules\3.13.0.6\ExternalLibraryLoader.jsm
[2012.07.15 13:44:32 | 000,010,145 | ---- | M] () -- \Documents and Settings\Andrea\Application Data\Mozilla\Firefox\Profiles\97t7ufki.default\conduitCommon\modules\3.14.1.0\ExternalLibraryLoader.jsm
[2011.04.01 21:21:53 | 000,000,864 | ---- | M] () -- \Documents and Settings\Andrea\Local Settings\Application Data\SRDownloader.nast
[2012.07.30 12:57:27 | 000,000,673 | ---- | M] () -- \Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gclijllifhfpomppedeljakfegbcpojn\2.3.15.10_0\Media\ajax-loader.gif
[2012.07.30 12:57:32 | 000,000,673 | ---- | M] () -- \Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\2.3.15.10_0\Media\ajax-loader.gif
[2012.07.30 12:34:09 | 000,000,673 | ---- | M] () -- \Documents and Settings\Andrea\Local Settings\Application Data\Google\Chrome\User Data\Temp\scoped_dir_1676_11486\CRX_INSTALL\Media\ajax-loader.gif
[2012.08.14 21:31:36 | 000,003,487 | ---- | M] () -- \Documents and Settings\Andrea\Local Settings\Application Data\Pokki\Pokkies\83453a3d886e527a470b5bb8291dd338de4b1e44\10d53ce5e2342dbbe30333911ef53850f12ed4b2\img\loader.gif
[2012.08.14 21:31:35 | 000,002,962 | ---- | M] () -- \Documents and Settings\Andrea\Local Settings\Application Data\Pokki\Pokkies\83453a3d886e527a470b5bb8291dd338de4b1e44\10d53ce5e2342dbbe30333911ef53850f12ed4b2\js\lib\downloader.js
[2012.06.17 10:26:02 | 000,004,613 | ---- | M] () -- \Documents and Settings\Andrea\Local Settings\Application Data\Pokki\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\ce97e29270c81abb06c3c8f09dd6cb985cd5d1ff\img\store\loader.gif
[2011.12.21 15:58:58 | 001,339,392 | ---- | M] () -- \Omega\Downloader.EXE
[2012.08.10 16:47:10 | 000,000,051 | ---- | M] () -- \Omega\DownloaderVys.dat
[2011.12.21 15:58:58 | 001,339,392 | ---- | M] () -- \Omega\asociácia\Downloader.EXE
[2012.06.06 13:28:23 | 000,000,051 | ---- | M] () -- \Omega\asociácia\DownloaderVys.dat
[2010.11.08 15:35:39 | 000,000,041 | ---- | M] () -- \Omega\joe\DownloaderVys.dat
[2010.06.25 13:18:00 | 000,647,168 | ---- | M] () -- \Omega\only\Downloader.EXE
[2010.10.07 14:59:50 | 000,651,264 | ---- | M] () -- \Omega\reason2008\Downloader.EXE
[2011.12.21 15:58:58 | 001,339,392 | ---- | M] () -- \Omega\senior\Downloader.EXE
[2012.06.07 10:08:20 | 000,000,051 | ---- | M] () -- \Omega\senior\DownloaderVys.dat
[2001.01.16 06:55:36 | 000,053,248 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.DLL
[2001.01.16 04:22:34 | 000,002,560 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.TLB
[2009.03.01 12:31:26 | 000,005,795 | ---- | M] () -- \Program Files\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.jpg
[2009.03.01 12:31:26 | 000,004,089 | ---- | M] () -- \Program Files\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.swf
[2009.06.12 10:20:18 | 000,003,479 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\content\contact_list\preloader04.swf
[2009.06.12 09:55:59 | 000,552,798 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\theme\game_center\loaderBkg.png
[2011.07.11 14:23:00 | 000,942,080 | ---- | M] () -- \Program Files\OLYMP\Downloader.exe
[2011.07.11 14:31:02 | 000,000,041 | ---- | M] () -- \Program Files\OLYMP\DownloaderVys.dat
[2011.06.22 10:05:48 | 000,942,080 | ---- | M] () -- \Program Files\OLYMPfitnes\Downloader.exe
[2012.08.14 08:22:27 | 000,000,037 | ---- | M] () -- \Program Files\OLYMPfitnes\DownloaderVys.dat
[2012.02.21 21:53:48 | 000,069,120 | ---- | M] () -- \Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2012.03.07 00:36:40 | 000,131,984 | ---- | M] () -- \Program Files\Samsung\Kies\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.07.29 17:05:08 | 000,003,208 | ---- | M] () -- \Program Files\Uninstall Information\ib_uninst_455\config\ajax-loader.gif
[2012.07.29 17:05:08 | 000,006,820 | ---- | M] () -- \Program Files\Uninstall Information\ib_uninst_455\config\ajax-loader2.gif
[2012.07.29 17:05:08 | 000,003,208 | ---- | M] () -- \Program Files\Uninstall Information\ib_uninst_559\config\ajax-loader.gif
[2012.07.29 17:05:08 | 000,006,820 | ---- | M] () -- \Program Files\Uninstall Information\ib_uninst_559\config\ajax-loader2.gif
[2008.06.20 20:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2004.08.04 00:56:44 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2004.08.03 22:59:34 | 000,230,400 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\osloader.exe
[2004.08.03 22:59:36 | 000,278,016 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\osloader.ntd
[2002.02.01 19:25:22 | 000,009,728 | ---- | M] () -- \WINDOWS\mui\FALLBACK\041b\osloader.exe.mui
[2008.04.14 02:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 20:31:43 | 000,230,400 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 20:31:44 | 000,278,016 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 02:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2005.07.26 22:48:38 | 000,138,752 | ---- | M] () -- \AlfaIns\COMMON\BUSINESS OBJECTS\3.0\BIN\SAXMLSERIALIZE.DLL
[2005.07.26 22:36:42 | 000,212,992 | ---- | M] () -- \AlfaIns\COMMON\BUSINESS OBJECTS\3.0\BIN\SAXSERIALIZE.DLL
[2008.01.30 11:08:10 | 000,133,201 | ---- | M] () -- \AlfaIns\PROGRAM FILES\COMMON FILES\CRYSTAL DECISIONS\2.0\BIN\SAXMLSERIALIZE.DLL
[2008.01.30 11:08:10 | 000,056,915 | ---- | M] () -- \AlfaIns\PROGRAM FILES\COMMON FILES\CRYSTAL DECISIONS\2.0\BIN\SAXMLSERIALIZE_RES_EN.DLL
[2004.08.03 23:15:54 | 000,030,067 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2009.12.22 16:26:22 | 000,138,752 | ---- | M] () -- \OmegaIns\COMMON\BUSINESS OBJECTS\3.0\BIN\SAXMLSERIALIZE.DLL
[2009.12.22 16:26:22 | 000,212,992 | ---- | M] () -- \OmegaIns\COMMON\BUSINESS OBJECTS\3.0\BIN\SAXSERIALIZE.DLL
[2008.02.22 13:06:44 | 000,133,201 | ---- | M] () -- \OmegaIns\PROGRAM FILES\COMMON FILES\CRYSTAL DECISIONS\2.0\BIN\SAXMLSERIALIZE.DLL
[2008.02.22 13:06:44 | 000,056,915 | ---- | M] () -- \OmegaIns\PROGRAM FILES\COMMON FILES\CRYSTAL DECISIONS\2.0\BIN\SAXMLSERIALIZE_RES_EN.DLL
[2010.09.16 03:38:36 | 000,087,040 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize.dll
[2010.09.16 04:08:50 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_chs.dll
[2010.09.16 04:08:52 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_cht.dll
[2010.09.16 04:08:40 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_de.dll
[2010.09.16 04:08:38 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_en.dll
[2010.09.16 04:08:44 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_es.dll
[2010.09.16 04:08:38 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_fr.dll
[2010.09.16 04:08:44 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_it.dll
[2010.09.16 04:08:50 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_jp.dll
[2010.09.16 04:08:54 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_ko.dll
[2010.09.16 04:08:46 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_nl.dll
[2010.09.16 04:09:00 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_pl.dll
[2010.09.16 04:08:58 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_pt.dll
[2010.09.16 04:08:58 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_ru.dll
[2010.09.16 04:08:56 | 000,025,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxmlserialize_res_sv.dll
[2010.09.16 03:26:04 | 000,217,088 | ---- | M] () -- \Program Files\Business Objects\Common\3.5\bin\saxserialize.dll
[2005.07.26 23:48:38 | 000,138,752 | ---- | M] () -- \Program Files\Common Files\business objects\3.0\bin\saxmlserialize.dll
[2005.07.26 23:36:42 | 000,212,992 | ---- | M] () -- \Program Files\Common Files\business objects\3.0\bin\saxserialize.dll
[2012.03.29 06:01:00 | 000,413,696 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.1.10329.0\System.Runtime.Serialization.dll
[2012.05.12 19:38:16 | 001,186,816 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.1.10329.0\System.Runtime.Serialization.ni.dll
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012.08.12 22:09:41 | 000,000,948 | ---- | M] () -- \Qoobox\Quarantine\Registry_backups\AddRemove-18_Zinia_Serial_Driver.reg.dat
[2004.08.03 22:59:20 | 000,028,288 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\grserial.sys
[2004.08.03 23:15:54 | 000,064,896 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2008.02.10 19:03:09 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.06.13 20:29:28 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.10.20 09:03:34 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.05.14 08:05:37 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\505e12638acd6fdb22e1fd2d4c6fc232\System.Runtime.Serialization.ni.dll
[2012.05.14 08:08:51 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a644ec04e18202b60f9d828bc207972b\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2004.07.15 15:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2002.02.01 19:21:26 | 000,003,584 | ---- | M] () -- \WINDOWS\mui\FALLBACK\041b\dpserial.dll.mui
[2002.02.01 19:22:16 | 000,004,096 | ---- | M] () -- \WINDOWS\mui\FALLBACK\041b\grserial.sys.mui
[2002.02.01 19:26:12 | 000,010,240 | ---- | M] () -- \WINDOWS\mui\FALLBACK\041b\serial.sys.mui
[2002.02.01 19:26:12 | 000,005,632 | ---- | M] () -- \WINDOWS\mui\FALLBACK\041b\serialui.dll.mui
[2008.04.13 20:40:21 | 000,028,288 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.13 21:15:45 | 000,064,512 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2004.07.19 18:54:20 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2001.08.23 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.08.23 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2001.08.23 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.08.23 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.13 21:15:45 | 000,064,512 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT
< End of report >
Re: kontrola logu - pomalé otváranie aplikacii a spomalený p
OTL Extras logfile created on: 14.8.2012 22:41:43 - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Documents and Settings\Andrea\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy
445,91 Mb Total Physical Memory | 57,30 Mb Available Physical Memory | 12,85% Memory free
1,03 Gb Paging File | 0,37 Gb Available in Paging File | 36,18% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127,99 Gb Total Space | 79,46 Gb Free Space | 62,09% Space Free | Partition Type: NTFS
Drive E: | 963,70 Mb Total Space | 134,05 Mb Free Space | 13,91% Space Free | Partition Type: FAT
Computer Name: AP-80NVCGATWOLV | User Name: Andrea | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-746137067-1292428093-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Môj CEWE Fotosvet.exe] -- "C:\Program Files\Fotolab\Môj CEWE Fotosvet\Môj CEWE Fotosvet.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\BitTorrent.exe" = C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc
"{01D42BF0-ED08-463f-8A28-99EB6FEE962B}" = ZTE Handset USB Driver
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Codecs Pack
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B71F326-E41E-42D5-8446-75444C6F8C83}" = OMEGA komponenty
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{2F8BAACE-C12D-4A51-8433-C55E62ED72D4}" = Thomson Video Converter
"{30DD3A95-E1D6-47EA-A7FE-6E2236AD87D5}" = OMEGA 15.14.00
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}" = PC Connectivity Solution
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3716DCA4-7980-4B80-99A3-2A3F819CA726}" = ESET Smart Security
"{3EAAC5FD-E209-4856-8C49-D4EA40F85032}" = Mobile Connect
"{40719211-D09A-11DF-BA30-0013D3D69929}" = MSVCRT Redists
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{526F1A57-F977-4EFB-B009-D971C5AD6348}" = OLYMP 12.50.00
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{62F51490-6CE9-431A-8AD0-BE6EE1A46A25}" = Intrastat
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69E369F1-6A92-47B5-86D5-474A7E06B3DC}" = ALFA 18.50.00
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E3FBB3A-EB40-40A8-A266-67D9A3DD076F}" = OMEGA 15.14.00
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7683B745-6060-41FD-AA75-0BBB383FEAD4}" = SweetIM for Messenger 3.7
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774C0434-9948-4DEE-A14E-69CDD316E36C}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{83AA2913-C123-4146-85BD-AD8F93971D39}" = BabylonObjectInstaller
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{885744A4-1A01-44B0-858A-0AE6738CBCF7}" = PrimoPDF Redistribution Package
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-041B-0000-0000000FF1CE}" = Balík Compatibility Pack pre systém Office 2007
"{92421D86-0034-4004-8BC8-07312EB4995C}" = ALFA 18.50.00
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9826FB84-BE39-4864-ABB1-45B8F04F3098}" = OMEGA 15.14.00
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1920D73-7374-49d9-8C37-58A6E49078A5}" = F2100_Help
"{C5C00116-FFD7-465e-8316-6055F320E7E5}" = DJ_AIO_NS_LP_DocCD
"{C5EF81AC-FE4C-4157-97E3-2E08B000742A}" = F2100_doccd
"{CA50045C-5119-48e7-9BA7-6B317379857A}" = DJ_AIO_Software
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D2D77DC2-8299-11D1-8949-444553540000}_is1" = Handset USB Driver
"{D3162DFC-7CA1-47A9-AA00-15BE80E3B1F8}" = 602XML Filler
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E548726E-F4E8-459f-BAB8-45551BC071E9}" = DJ_AIO_ProductContext
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1C409F0-8322-4c87-BD08-2F62777D490D}" = F2100
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F2AB8248-E7E2-41EC-BF56-BA2840142173}" = OMEGA 15.14.00
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}" = HP Deskjet All-In-One Software 9.0
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AbiWord2" = AbiWord 2.8.6
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ARO 2012_is1" = ARO 2012
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"ATI Display Driver" = ATI Display Driver
"BitTorrent" = BitTorrent
"BitTorrentBar Toolbar" = BitTorrentBar Toolbar
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"conduitEngine" = Conduit Engine
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.0.0
"DVD Photo Slideshow Professional" = DVD Photo Slideshow Pro 7.97
"Elcomm" = Elcomm
"E-Poradca December 2010" = E-Poradca December 2010
"ExpressBurn" = Express Burn
"ExpressRip" = Express Rip
"Extra Photo to Video Converter Free_is1" = Extra Photo to Video Converter Free 4.0
"ffdshow_is1" = ffdshow v1.2.4422 [2012-04-09]
"Free MP4 Player_is1" = Free MP4 Player 2
"GotClip" = GotClip Downloader
"HaaliMkx" = Haali Media Splitter
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"HPOCR" = HP OCR Software 9.0
"ICQToolbar" = ICQ Toolbar
"Imikimi Plugin" = Imikimi Plugin
"InCD!UninstallKey" = InCD
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Lexmark_HostCD" = Lexmark Software Uninstall
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verzia 1.62.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Minolta PageWorks/Pro 1100L" = Minolta PageWorks/Pro 1100L
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Môj CEWE Fotosvet" = Môj CEWE Fotosvet
"NCH_EN Toolbar" = NCH EN Toolbar
"PhotoScape" = PhotoScape
"PHPNukeEN Toolbar" = PHPNukeEN Toolbar
"PrimoPDF3.0" = PrimoPDF
"Prism" = Prism Video File Converter
"QuickTime" = QuickTime
"Room Arranger" = Room Arranger (remove only)
"Savings Sidekick" = Savings Sidekick
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Totalcmd" = Total Commander (Remove or Repair)
"vfd-ob" = VideoFileDownload
"WavePad" = WavePad Sound Editor
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-746137067-1292428093-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"16f5587400e7e752" = eDANE – aplikácia DR SR pre podávanie daňových dokumentov
"Google Chrome" = Google Chrome
"MyFreeCodec" = MyFreeCodec
"Pokki" = Pokki
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12.8.2012 9:27:30 | Computer Name = AP-80NVCGATWOLV | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie aro.exe, verzia 8.0.12.0, zlyhanie modulu aro.exe,
verzia 8.0.12.0, adresa zlyhania 0x000d9cd8.
Error - 12.8.2012 9:37:31 | Computer Name = AP-80NVCGATWOLV | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie egui.exe, verzia 5.2.7.0, zlyhanie modulu unknown,
verzia 0.0.0.0, adresa zlyhania 0x00cf017a.
Error - 12.8.2012 13:31:45 | Computer Name = AP-80NVCGATWOLV | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia egui.exe, verzia 5.2.7.0, zablokovaný modul
hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
Error - 12.8.2012 16:25:01 | Computer Name = AP-80NVCGATWOLV | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie egui.exe, verzia 5.2.7.0, zlyhanie modulu unknown,
verzia 0.0.0.0, adresa zlyhania 0x003e0158.
Error - 12.8.2012 17:37:13 | Computer Name = AP-80NVCGATWOLV | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie egui.exe, verzia 5.2.7.0, zlyhanie modulu unknown,
verzia 0.0.0.0, adresa zlyhania 0x0111d62c.
Error - 12.8.2012 17:38:09 | Computer Name = AP-80NVCGATWOLV | Source = Application Error | ID = 1001
Description = Chybný blok -1186178894.
Error - 13.8.2012 3:39:55 | Computer Name = AP-80NVCGATWOLV | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie egui.exe, verzia 5.2.7.0, zlyhanie modulu , verzia
0.0.0.0, adresa zlyhania 0x00000000.
Error - 13.8.2012 15:24:45 | Computer Name = AP-80NVCGATWOLV | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie firefox.exe, verzia 14.0.1.4577, zlyhanie modulu
unknown, verzia 0.0.0.0, adresa zlyhania 0x0510ac56.
Error - 13.8.2012 15:41:00 | Computer Name = AP-80NVCGATWOLV | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie explorer.exe, verzia 6.0.2900.5512, zlyhanie modulu
unknown, verzia 0.0.0.0, adresa zlyhania 0x1001c7a0.
Error - 13.8.2012 15:41:33 | Computer Name = AP-80NVCGATWOLV | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie explorer.exe, verzia 6.0.2900.5512, zlyhanie modulu
unknown, verzia 0.0.0.0, adresa zlyhania 0x1001c7a0.
[ System Events ]
Error - 14.8.2012 2:36:29 | Computer Name = AP-80NVCGATWOLV | Source = Disk | ID = 262155
Description = Ovládač zistil chybu radiča na \Device\Harddisk1\D.
Error - 14.8.2012 12:21:11 | Computer Name = AP-80NVCGATWOLV | Source = Service Control Manager | ID = 7034
Description = Služba Ati HotKey Poller sa neočakávane ukončila. Služba sa týmto
spôsobom ukončila už 1 krát.
Error - 14.8.2012 12:21:11 | Computer Name = AP-80NVCGATWOLV | Source = Service Control Manager | ID = 7034
Description = Služba InCD Helper sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát.
Error - 14.8.2012 12:21:11 | Computer Name = AP-80NVCGATWOLV | Source = Service Control Manager | ID = 7031
Description = Služba Codecs Pack sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať
službu.
Error - 14.8.2012 12:21:11 | Computer Name = AP-80NVCGATWOLV | Source = Service Control Manager | ID = 7031
Description = Služba ESET Service sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať
službu.
Error - 14.8.2012 12:21:11 | Computer Name = AP-80NVCGATWOLV | Source = Service Control Manager | ID = 7034
Description = Služba Machine Debug Manager sa neočakávane ukončila. Služba sa týmto
spôsobom ukončila už 1 krát.
Error - 14.8.2012 12:21:11 | Computer Name = AP-80NVCGATWOLV | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter sa neočakávane ukončila. Služba sa týmto
spôsobom ukončila už 1 krát.
Error - 14.8.2012 12:21:11 | Computer Name = AP-80NVCGATWOLV | Source = Service Control Manager | ID = 7034
Description = Služba ICQ Service sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát.
Error - 14.8.2012 12:21:11 | Computer Name = AP-80NVCGATWOLV | Source = Service Control Manager | ID = 7034
Description = Služba NMSAccess sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát.
Error - 14.8.2012 14:44:33 | Computer Name = AP-80NVCGATWOLV | Source = sr | ID = 1
Description = Pri spracovaní súboru „“ vo zväzku „HarddiskVolume1“ filtrom služby
Obnovovanie systému sa vyskytla neočakávaná chyba „0xC0000001“. Služba prestala
sledovať zväzok.
< End of report >
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Documents and Settings\Andrea\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy
445,91 Mb Total Physical Memory | 57,30 Mb Available Physical Memory | 12,85% Memory free
1,03 Gb Paging File | 0,37 Gb Available in Paging File | 36,18% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127,99 Gb Total Space | 79,46 Gb Free Space | 62,09% Space Free | Partition Type: NTFS
Drive E: | 963,70 Mb Total Space | 134,05 Mb Free Space | 13,91% Space Free | Partition Type: FAT
Computer Name: AP-80NVCGATWOLV | User Name: Andrea | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-746137067-1292428093-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Môj CEWE Fotosvet.exe] -- "C:\Program Files\Fotolab\Môj CEWE Fotosvet\Môj CEWE Fotosvet.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\BitTorrent.exe" = C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc
"{01D42BF0-ED08-463f-8A28-99EB6FEE962B}" = ZTE Handset USB Driver
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Codecs Pack
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B71F326-E41E-42D5-8446-75444C6F8C83}" = OMEGA komponenty
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{2F8BAACE-C12D-4A51-8433-C55E62ED72D4}" = Thomson Video Converter
"{30DD3A95-E1D6-47EA-A7FE-6E2236AD87D5}" = OMEGA 15.14.00
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}" = PC Connectivity Solution
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3716DCA4-7980-4B80-99A3-2A3F819CA726}" = ESET Smart Security
"{3EAAC5FD-E209-4856-8C49-D4EA40F85032}" = Mobile Connect
"{40719211-D09A-11DF-BA30-0013D3D69929}" = MSVCRT Redists
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{526F1A57-F977-4EFB-B009-D971C5AD6348}" = OLYMP 12.50.00
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{62F51490-6CE9-431A-8AD0-BE6EE1A46A25}" = Intrastat
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69E369F1-6A92-47B5-86D5-474A7E06B3DC}" = ALFA 18.50.00
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E3FBB3A-EB40-40A8-A266-67D9A3DD076F}" = OMEGA 15.14.00
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7683B745-6060-41FD-AA75-0BBB383FEAD4}" = SweetIM for Messenger 3.7
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774C0434-9948-4DEE-A14E-69CDD316E36C}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{83AA2913-C123-4146-85BD-AD8F93971D39}" = BabylonObjectInstaller
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{885744A4-1A01-44B0-858A-0AE6738CBCF7}" = PrimoPDF Redistribution Package
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-041B-0000-0000000FF1CE}" = Balík Compatibility Pack pre systém Office 2007
"{92421D86-0034-4004-8BC8-07312EB4995C}" = ALFA 18.50.00
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9826FB84-BE39-4864-ABB1-45B8F04F3098}" = OMEGA 15.14.00
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1920D73-7374-49d9-8C37-58A6E49078A5}" = F2100_Help
"{C5C00116-FFD7-465e-8316-6055F320E7E5}" = DJ_AIO_NS_LP_DocCD
"{C5EF81AC-FE4C-4157-97E3-2E08B000742A}" = F2100_doccd
"{CA50045C-5119-48e7-9BA7-6B317379857A}" = DJ_AIO_Software
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D2D77DC2-8299-11D1-8949-444553540000}_is1" = Handset USB Driver
"{D3162DFC-7CA1-47A9-AA00-15BE80E3B1F8}" = 602XML Filler
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E548726E-F4E8-459f-BAB8-45551BC071E9}" = DJ_AIO_ProductContext
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1C409F0-8322-4c87-BD08-2F62777D490D}" = F2100
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F2AB8248-E7E2-41EC-BF56-BA2840142173}" = OMEGA 15.14.00
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}" = HP Deskjet All-In-One Software 9.0
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AbiWord2" = AbiWord 2.8.6
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ARO 2012_is1" = ARO 2012
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"ATI Display Driver" = ATI Display Driver
"BitTorrent" = BitTorrent
"BitTorrentBar Toolbar" = BitTorrentBar Toolbar
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"conduitEngine" = Conduit Engine
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.0.0
"DVD Photo Slideshow Professional" = DVD Photo Slideshow Pro 7.97
"Elcomm" = Elcomm
"E-Poradca December 2010" = E-Poradca December 2010
"ExpressBurn" = Express Burn
"ExpressRip" = Express Rip
"Extra Photo to Video Converter Free_is1" = Extra Photo to Video Converter Free 4.0
"ffdshow_is1" = ffdshow v1.2.4422 [2012-04-09]
"Free MP4 Player_is1" = Free MP4 Player 2
"GotClip" = GotClip Downloader
"HaaliMkx" = Haali Media Splitter
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"HPOCR" = HP OCR Software 9.0
"ICQToolbar" = ICQ Toolbar
"Imikimi Plugin" = Imikimi Plugin
"InCD!UninstallKey" = InCD
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Lexmark_HostCD" = Lexmark Software Uninstall
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verzia 1.62.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Minolta PageWorks/Pro 1100L" = Minolta PageWorks/Pro 1100L
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Môj CEWE Fotosvet" = Môj CEWE Fotosvet
"NCH_EN Toolbar" = NCH EN Toolbar
"PhotoScape" = PhotoScape
"PHPNukeEN Toolbar" = PHPNukeEN Toolbar
"PrimoPDF3.0" = PrimoPDF
"Prism" = Prism Video File Converter
"QuickTime" = QuickTime
"Room Arranger" = Room Arranger (remove only)
"Savings Sidekick" = Savings Sidekick
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Totalcmd" = Total Commander (Remove or Repair)
"vfd-ob" = VideoFileDownload
"WavePad" = WavePad Sound Editor
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-746137067-1292428093-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"16f5587400e7e752" = eDANE – aplikácia DR SR pre podávanie daňových dokumentov
"Google Chrome" = Google Chrome
"MyFreeCodec" = MyFreeCodec
"Pokki" = Pokki
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12.8.2012 9:27:30 | Computer Name = AP-80NVCGATWOLV | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie aro.exe, verzia 8.0.12.0, zlyhanie modulu aro.exe,
verzia 8.0.12.0, adresa zlyhania 0x000d9cd8.
Error - 12.8.2012 9:37:31 | Computer Name = AP-80NVCGATWOLV | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie egui.exe, verzia 5.2.7.0, zlyhanie modulu unknown,
verzia 0.0.0.0, adresa zlyhania 0x00cf017a.
Error - 12.8.2012 13:31:45 | Computer Name = AP-80NVCGATWOLV | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia egui.exe, verzia 5.2.7.0, zablokovaný modul
hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
Error - 12.8.2012 16:25:01 | Computer Name = AP-80NVCGATWOLV | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie egui.exe, verzia 5.2.7.0, zlyhanie modulu unknown,
verzia 0.0.0.0, adresa zlyhania 0x003e0158.
Error - 12.8.2012 17:37:13 | Computer Name = AP-80NVCGATWOLV | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie egui.exe, verzia 5.2.7.0, zlyhanie modulu unknown,
verzia 0.0.0.0, adresa zlyhania 0x0111d62c.
Error - 12.8.2012 17:38:09 | Computer Name = AP-80NVCGATWOLV | Source = Application Error | ID = 1001
Description = Chybný blok -1186178894.
Error - 13.8.2012 3:39:55 | Computer Name = AP-80NVCGATWOLV | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie egui.exe, verzia 5.2.7.0, zlyhanie modulu , verzia
0.0.0.0, adresa zlyhania 0x00000000.
Error - 13.8.2012 15:24:45 | Computer Name = AP-80NVCGATWOLV | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie firefox.exe, verzia 14.0.1.4577, zlyhanie modulu
unknown, verzia 0.0.0.0, adresa zlyhania 0x0510ac56.
Error - 13.8.2012 15:41:00 | Computer Name = AP-80NVCGATWOLV | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie explorer.exe, verzia 6.0.2900.5512, zlyhanie modulu
unknown, verzia 0.0.0.0, adresa zlyhania 0x1001c7a0.
Error - 13.8.2012 15:41:33 | Computer Name = AP-80NVCGATWOLV | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie explorer.exe, verzia 6.0.2900.5512, zlyhanie modulu
unknown, verzia 0.0.0.0, adresa zlyhania 0x1001c7a0.
[ System Events ]
Error - 14.8.2012 2:36:29 | Computer Name = AP-80NVCGATWOLV | Source = Disk | ID = 262155
Description = Ovládač zistil chybu radiča na \Device\Harddisk1\D.
Error - 14.8.2012 12:21:11 | Computer Name = AP-80NVCGATWOLV | Source = Service Control Manager | ID = 7034
Description = Služba Ati HotKey Poller sa neočakávane ukončila. Služba sa týmto
spôsobom ukončila už 1 krát.
Error - 14.8.2012 12:21:11 | Computer Name = AP-80NVCGATWOLV | Source = Service Control Manager | ID = 7034
Description = Služba InCD Helper sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát.
Error - 14.8.2012 12:21:11 | Computer Name = AP-80NVCGATWOLV | Source = Service Control Manager | ID = 7031
Description = Služba Codecs Pack sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať
službu.
Error - 14.8.2012 12:21:11 | Computer Name = AP-80NVCGATWOLV | Source = Service Control Manager | ID = 7031
Description = Služba ESET Service sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať
službu.
Error - 14.8.2012 12:21:11 | Computer Name = AP-80NVCGATWOLV | Source = Service Control Manager | ID = 7034
Description = Služba Machine Debug Manager sa neočakávane ukončila. Služba sa týmto
spôsobom ukončila už 1 krát.
Error - 14.8.2012 12:21:11 | Computer Name = AP-80NVCGATWOLV | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter sa neočakávane ukončila. Služba sa týmto
spôsobom ukončila už 1 krát.
Error - 14.8.2012 12:21:11 | Computer Name = AP-80NVCGATWOLV | Source = Service Control Manager | ID = 7034
Description = Služba ICQ Service sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát.
Error - 14.8.2012 12:21:11 | Computer Name = AP-80NVCGATWOLV | Source = Service Control Manager | ID = 7034
Description = Služba NMSAccess sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát.
Error - 14.8.2012 14:44:33 | Computer Name = AP-80NVCGATWOLV | Source = sr | ID = 1
Description = Pri spracovaní súboru „“ vo zväzku „HarddiskVolume1“ filtrom služby
Obnovovanie systému sa vyskytla neočakávaná chyba „0xC0000001“. Služba prestala
sledovať zväzok.
< End of report >
Re: kontrola logu - pomalé otváranie aplikacii a spomalený p
dakujem za pomoc, pokracujem zajtra. Dobrú noc prajem a dakujem veeľmi moc za pomoc
Re: kontrola logu - pomalé otváranie aplikacii a spomalený p
Nemate zac 
Vam take dobrou noc.
Takze prvni ukol na zitra
Toto mi prosim zase otestujte na jotti
C:\Documents and Settings\Andrea\Desktop\123.exe.exe
C:\WINDOWS\is-MU3M6.lst
C:\WINDOWS\is-MU3M6.exe
C:\WINDOWS\is-MU3M6.msg
Vam take dobrou noc.Takze prvni ukol na zitra
Toto mi prosim zase otestujte na jotti
C:\Documents and Settings\Andrea\Desktop\123.exe.exe
C:\WINDOWS\is-MU3M6.lst
C:\WINDOWS\is-MU3M6.exe
C:\WINDOWS\is-MU3M6.msg
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: kontrola logu - pomalé otváranie aplikacii a spomalený p
Dobrý večer, dostanem sa k tomu až zajtra ráno
Re: kontrola logu - pomalé otváranie aplikacii a spomalený p
Dobry vecer i vam Dik za info. Jasne, az bude cas. Jen doufam, ze se to tam zase nemnozi 
Dik za info. Jasne, az bude cas. Jen doufam, ze se to tam zase nemnozi Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: kontrola logu - pomalé otváranie aplikacii a spomalený p
No, tak ubehlo uz dve hodiny a mne sa ešte na pc nepodarilo otvoriť ani jedna stránka. Tak červy uz zozrali asi cele vnútro počítača. 
Re: kontrola logu - pomalé otváranie aplikacii a spomalený p
No parada Co nouzovy rezim s praci v siti, ten jde?
Co nouzovy rezim s praci v siti, ten jde?Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: kontrola logu - pomalé otváranie aplikacii a spomalený p
A to ako zistíme? On síce ide pc, ale jeden úkon mu trva cca 25 min. Otvorenie
Re: kontrola logu - pomalé otváranie aplikacii a spomalený p
No ze restartujete pc, budete mackat F8 (pripadne jinou klavesu, zalezi na typu stroje) a zvolite nouzovy rezim s praci v siti. Pokud to bude takhle pomale i v nem, je to spatne.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: kontrola logu - pomalé otváranie aplikacii a spomalený p
Tak idem to skúsiť, hádam sa ešte niekedy nastartuje?
Re: kontrola logu - pomalé otváranie aplikacii a spomalený p
Nechame se prekvapit
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: kontrola logu - pomalé otváranie aplikacii a spomalený p
Dala som ešte odstrániť malo používané programy, tak chvíľku cakam
Re: kontrola logu - pomalé otváranie aplikacii a spomalený p
Tak je to zle aj v núdzovo. Asi len preinstalovanie cely win, neotvorili žiadnu aplikáciu
Naposledy upravil(a) AndreaP dne 15 srp 2012 21:39, celkem upraveno 1 x.
Přispějete na provoz fóra?