Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
FB virus asi...Pomoc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Hoong
- Návštěvník
- Příspěvky: 26
- Registrován: 01 led 2009 13:49
- Bydliště: Prešov Slovakia
- Kontaktovat uživatele:
Re: FB virus asi...Pomoc
skor v tych intervaloch...
-
Hoong
- Návštěvník
- Příspěvky: 26
- Registrován: 01 led 2009 13:49
- Bydliště: Prešov Slovakia
- Kontaktovat uživatele:
Re: FB virus asi...Pomoc
este ziadny...jaky odporucate?
-
Hoong
- Návštěvník
- Příspěvky: 26
- Registrován: 01 led 2009 13:49
- Bydliště: Prešov Slovakia
- Kontaktovat uživatele:
Re: FB virus asi...Pomoc
a co dalej ? ak mam ten antivir? fakt neviem kde moze byt problem lebo PC sa mi zda byť uz cisty takze uz ostava len reinstal lebo idem menit aj maticnu procesor a grafiku ramku no proste asi vsetko...
Re: FB virus asi...Pomoc
Dobrý večer, záskok za kolegu 
Ted to s počítačem vypadá jak?
Ted to s počítačem vypadá jak?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
Hoong
- Návštěvník
- Příspěvky: 26
- Registrován: 01 led 2009 13:49
- Bydliště: Prešov Slovakia
- Kontaktovat uživatele:
Re: FB virus asi...Pomoc
stale to sekanie vo videach a hrach...zacala to od kedy som mal PC zavireny...
Re: FB virus asi...Pomoc
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:
Kód: Vybrat vše
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
Hoong
- Návštěvník
- Příspěvky: 26
- Registrován: 01 led 2009 13:49
- Bydliště: Prešov Slovakia
- Kontaktovat uživatele:
Re: FB virus asi...Pomoc
OTL Extras logfile created on: 5.12.2010 12:43:51 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Hong\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
6,00 Gb Paging File | 6,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 95,70 Gb Total Space | 40,21 Gb Free Space | 42,02% Space Free | Partition Type: NTFS
Drive D: | 94,21 Gb Total Space | 31,47 Gb Free Space | 33,40% Space Free | Partition Type: NTFS
Computer Name: CATLOS | User Name: Hong | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-21-789336058-839522115-1617979688-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"57447:TCP" = 57447:TCP:*:Enabled:Pando Media Booster
"57447:UDP" = 57447:UDP:*:Enabled:Pando Media Booster
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"57447:TCP" = 57447:TCP:*:Enabled:Pando Media Booster
"57447:UDP" = 57447:UDP:*:Enabled:Pando Media Booster
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.1\ICQ.exe" = C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.1\aolload.exe" = C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\ICQ7.1\ICQ.exe" = C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.1\aolload.exe" = C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.7
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 12
"{27F5A864-A816-471D-91A4-5CD39305AA23}" = Windows Live Fotogaléria
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = The Battle for Middle-earth (tm)
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{564D0000-547B-4ED8-8070-85286CC8C9BF}" = OpenOffice.org 3.0
"{5C222E33-4CE6-D8CC-1E0D-5A2CB533A728}" = ATI Catalyst Install Manager
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{77E927C4-C603-4E77-8E4E-5EEAD58EBF41}" = Windows Live Messenger
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9011041B-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One
"{9EBDAF91-DADA-47CE-94F2-F5B004007934}" = System Requirements Lab
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A789920E-E183-4311-9DEB-972913AB2FBF}" = Asistent pri prihlasovaní v sieti Windows Live
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AB49B509-8FCA-45E6-9FB9-9E4AEEB8F148}" = System Requirements Lab CYRI
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{AE26E4D3-88C5-4170-A434-F4C759ECBF09}" = Bezpečnosť rodiny v službe Windows Live
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.36
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B3332FCA-3B51-4053-8C2D-9F7ACFE6065A}" = Wocarson Windows Genuine Advantage Validation v1.9.9.1 Cracked V2
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{B536CA63-8BB3-4027-A495-84DD9FED17EC}" = Windows Live Sync
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C900EF06-2E76-49C7-8DB0-41F629B21DC5}" = hp psc 1200 series
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFEAF8DD-4BDF-4141-BF2B-02BCA2DEB7FB}" = Windows Live Writer
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}" = WinXP Manager
"{D7A6C517-11F2-419F-B5BB-27772B939698}" = NvMixer
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1" = Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE092FB2-4B8D-4C02-AEDA-D8DE697F7794}" = Windows Live Essentials
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F94D3203-93C7-4146-80E9-89CCC47D5264}" = Microsoft Diagnostics and Recovery Toolset 5.0
"{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}" = Nokia Software Updater
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"ALZip_is1" = ALZip
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.53.1
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Windows Driver Package - Nokia Modem (06/01/2009 4.1)
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.3)
"Game Booster_is1" = Game Booster
"HijackThis" = HijackThis 2.0.2
"HP PSC 1200 Series" = HP Photo and Imaging 2.0 - hp psc 1200 series
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.5.3 (Full)
"LANGMaster eduExplorer" = LANGMaster eduExplorer
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.10)" = Mozilla Firefox (3.5.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Mumble" = Mumble and Murmur
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OpenAL" = OpenAL
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"VCP" = Remove Vista Customization Pack v3
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.1.3
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Winamp Essentials Pack" = Winamp Essentials Pack
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-789336058-839522115-1617979688-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 26.11.2010 9:19:49 | Computer Name = CATLOS | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module xvid.ax, version 0.0.0.0, fault address 0x0003dd11.
[ System Events ]
Error - 2.12.2010 9:10:01 | Computer Name = CATLOS | Source = BTHUSB | ID = 327697
Description = The local Bluetooth radio has failed in an undetermined manner and
will be unloaded.
Error - 2.12.2010 9:22:18 | Computer Name = CATLOS | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 2.12.2010 12:50:41 | Computer Name = CATLOS | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 3.12.2010 5:01:24 | Computer Name = CATLOS | Source = BTHUSB | ID = 327697
Description = The local Bluetooth radio has failed in an undetermined manner and
will be unloaded.
Error - 3.12.2010 7:53:32 | Computer Name = CATLOS | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 3.12.2010 12:11:49 | Computer Name = CATLOS | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 4.12.2010 7:31:09 | Computer Name = CATLOS | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 4.12.2010 10:20:00 | Computer Name = CATLOS | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 4.12.2010 13:56:05 | Computer Name = CATLOS | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 5.12.2010 7:37:09 | Computer Name = CATLOS | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
< End of report >
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Hong\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
6,00 Gb Paging File | 6,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 95,70 Gb Total Space | 40,21 Gb Free Space | 42,02% Space Free | Partition Type: NTFS
Drive D: | 94,21 Gb Total Space | 31,47 Gb Free Space | 33,40% Space Free | Partition Type: NTFS
Computer Name: CATLOS | User Name: Hong | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-21-789336058-839522115-1617979688-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"57447:TCP" = 57447:TCP:*:Enabled:Pando Media Booster
"57447:UDP" = 57447:UDP:*:Enabled:Pando Media Booster
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"57447:TCP" = 57447:TCP:*:Enabled:Pando Media Booster
"57447:UDP" = 57447:UDP:*:Enabled:Pando Media Booster
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.1\ICQ.exe" = C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.1\aolload.exe" = C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\ICQ7.1\ICQ.exe" = C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.1\aolload.exe" = C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.7
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 12
"{27F5A864-A816-471D-91A4-5CD39305AA23}" = Windows Live Fotogaléria
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = The Battle for Middle-earth (tm)
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{564D0000-547B-4ED8-8070-85286CC8C9BF}" = OpenOffice.org 3.0
"{5C222E33-4CE6-D8CC-1E0D-5A2CB533A728}" = ATI Catalyst Install Manager
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{77E927C4-C603-4E77-8E4E-5EEAD58EBF41}" = Windows Live Messenger
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9011041B-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One
"{9EBDAF91-DADA-47CE-94F2-F5B004007934}" = System Requirements Lab
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A789920E-E183-4311-9DEB-972913AB2FBF}" = Asistent pri prihlasovaní v sieti Windows Live
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AB49B509-8FCA-45E6-9FB9-9E4AEEB8F148}" = System Requirements Lab CYRI
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{AE26E4D3-88C5-4170-A434-F4C759ECBF09}" = Bezpečnosť rodiny v službe Windows Live
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.36
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B3332FCA-3B51-4053-8C2D-9F7ACFE6065A}" = Wocarson Windows Genuine Advantage Validation v1.9.9.1 Cracked V2
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{B536CA63-8BB3-4027-A495-84DD9FED17EC}" = Windows Live Sync
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C900EF06-2E76-49C7-8DB0-41F629B21DC5}" = hp psc 1200 series
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFEAF8DD-4BDF-4141-BF2B-02BCA2DEB7FB}" = Windows Live Writer
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}" = WinXP Manager
"{D7A6C517-11F2-419F-B5BB-27772B939698}" = NvMixer
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1" = Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE092FB2-4B8D-4C02-AEDA-D8DE697F7794}" = Windows Live Essentials
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F94D3203-93C7-4146-80E9-89CCC47D5264}" = Microsoft Diagnostics and Recovery Toolset 5.0
"{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}" = Nokia Software Updater
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"ALZip_is1" = ALZip
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.53.1
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Windows Driver Package - Nokia Modem (06/01/2009 4.1)
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.3)
"Game Booster_is1" = Game Booster
"HijackThis" = HijackThis 2.0.2
"HP PSC 1200 Series" = HP Photo and Imaging 2.0 - hp psc 1200 series
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.5.3 (Full)
"LANGMaster eduExplorer" = LANGMaster eduExplorer
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.10)" = Mozilla Firefox (3.5.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Mumble" = Mumble and Murmur
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OpenAL" = OpenAL
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"VCP" = Remove Vista Customization Pack v3
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.1.3
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Winamp Essentials Pack" = Winamp Essentials Pack
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-789336058-839522115-1617979688-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 26.11.2010 9:19:49 | Computer Name = CATLOS | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module xvid.ax, version 0.0.0.0, fault address 0x0003dd11.
[ System Events ]
Error - 2.12.2010 9:10:01 | Computer Name = CATLOS | Source = BTHUSB | ID = 327697
Description = The local Bluetooth radio has failed in an undetermined manner and
will be unloaded.
Error - 2.12.2010 9:22:18 | Computer Name = CATLOS | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 2.12.2010 12:50:41 | Computer Name = CATLOS | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 3.12.2010 5:01:24 | Computer Name = CATLOS | Source = BTHUSB | ID = 327697
Description = The local Bluetooth radio has failed in an undetermined manner and
will be unloaded.
Error - 3.12.2010 7:53:32 | Computer Name = CATLOS | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 3.12.2010 12:11:49 | Computer Name = CATLOS | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 4.12.2010 7:31:09 | Computer Name = CATLOS | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 4.12.2010 10:20:00 | Computer Name = CATLOS | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 4.12.2010 13:56:05 | Computer Name = CATLOS | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 5.12.2010 7:37:09 | Computer Name = CATLOS | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
< End of report >
-
Hoong
- Návštěvník
- Příspěvky: 26
- Registrován: 01 led 2009 13:49
- Bydliště: Prešov Slovakia
- Kontaktovat uživatele:
Re: FB virus asi...Pomoc
tu je lgog z OTL nevoslo mi to tu ma to prilis vela znakov
- Přílohy
-
- OTL.rar
- (17.5 KiB) Staženo 43 x
Re: FB virus asi...Pomoc
Prosím vložte mi ho sem do více příspěvků, je to pro mě přehlednější
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
Hoong
- Návštěvník
- Příspěvky: 26
- Registrován: 01 led 2009 13:49
- Bydliště: Prešov Slovakia
- Kontaktovat uživatele:
Re: FB virus asi...Pomoc
OTL logfile created on: 5.12.2010 12:43:51 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Hong\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
6,00 Gb Paging File | 6,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 95,70 Gb Total Space | 40,21 Gb Free Space | 42,02% Space Free | Partition Type: NTFS
Drive D: | 94,21 Gb Total Space | 31,47 Gb Free Space | 33,40% Space Free | Partition Type: NTFS
Computer Name: CATLOS | User Name: Hong | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010.12.05 12:42:40 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hong\My Documents\Downloads\OTL.exe
PRC - [2010.10.27 13:20:45 | 000,133,432 | ---- | M] (ICQ, LLC.) -- C:\Program Files\ICQ7.1\ICQ.exe
PRC - [2010.01.21 08:24:00 | 000,527,344 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Hong\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2008.04.14 05:42:20 | 004,919,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.04.16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2003.04.06 00:17:18 | 000,147,456 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
PRC - [2003.04.05 23:55:04 | 000,311,296 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposts08.exe
PRC - [2003.04.05 23:45:10 | 000,286,720 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
========== Modules (SafeList) ==========
MOD - [2010.12.05 12:42:40 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hong\My Documents\Downloads\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.08.11 23:29:02 | 000,655,624 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.08.05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009.06.02 09:10:08 | 000,637,952 | ---- | M] (Nokia.) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.09.04 19:25:44 | 000,131,072 | ---- | M] (NVIDIA) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2007.01.04 22:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Disabled | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2005.11.14 09:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003.03.10 06:31:02 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btkrnl.sys -- (btkrnl)
DRV - [2010.10.16 19:55:00 | 009,623,680 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010.06.28 21:50:22 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/07/11 13:05:02] [Kernel | Auto | Running] -- D:\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2010.06.02 18:08:44 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2010.05.10 19:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.04.22 16:51:43 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.02.17 19:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009.08.05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009.03.27 01:16:28 | 000,012,672 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz132_x32.sys -- (cpuz132)
DRV - [2009.03.25 22:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2009.02.24 17:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009.02.09 07:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.02.09 07:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.02.09 07:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.02.09 07:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.14 06:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\adfs.sys -- (adfs)
DRV - [2007.09.04 19:26:32 | 000,029,696 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\nvoclock.sys -- (NVR0Dev)
DRV - [2007.08.15 15:27:18 | 000,009,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\n558.sys -- (n558)
DRV - [2007.04.25 16:20:48 | 004,030,144 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006.07.01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005.04.06 03:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005.04.06 03:22:28 | 000,033,536 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2004.08.03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004.06.03 10:40:46 | 000,079,360 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2004.04.02 15:40:00 | 000,021,760 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.games-fusion.net
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-789336058-839522115-1617979688-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fullarticles.net
IE - HKU\S-1-5-21-789336058-839522115-1617979688-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.live.com/results.aspx?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/"
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7
FF - prefs.js..extensions.enabledItems: fbchathistory@firechm.com:1.0.3
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b1
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.2
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.75
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... 2.0.0.2&q="
FF - prefs.js..network.proxy.type: 2
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.live.com/results.aspx?FORM=IEFM1&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.10.08 22:50:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.26 12:35:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.11.24 08:08:30 | 000,000,000 | ---D | M]
[2009.03.05 20:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Mozilla\Extensions
[2010.12.02 14:22:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\extensions
[2009.11.08 00:24:00 | 000,000,000 | ---D | M] (Vista-aero) -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
[2010.02.03 22:50:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.06.13 23:22:23 | 000,000,000 | ---D | M] (Aquatint Black Gloss) -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
[2010.05.27 20:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.03.24 17:59:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\extensions\{b8ccaffc-1f41-45bf-ad7a-1c730d9a4656}
[2010.03.03 17:35:47 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.04.22 16:51:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\extensions\DTToolbar@toolbarnet.com
[2009.07.25 11:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\extensions\fastdial@telega.phpnet.us
[2009.09.15 22:25:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\extensions\fbchathistory@firechm.com
[2010.04.22 16:51:48 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\searchplugins\daemon-search.xml
[2010.03.07 22:07:50 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\searchplugins\icq-search.xml
[2010.04.22 21:42:35 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\searchplugins\icqplugin-1.xml
[2010.12.02 14:23:16 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\searchplugins\icqplugin-2.xml
[2010.04.07 21:04:50 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\searchplugins\icqplugin.xml
[2009.03.22 07:22:07 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\searchplugins\live-search.xml
[2010.03.03 17:35:03 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.31 22:39:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2007.04.16 18:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2010.07.12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2009.08.23 15:39:16 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2009.08.23 15:39:16 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2009.08.23 15:39:16 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2009.08.23 15:39:16 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2009.08.23 15:39:16 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2009.08.23 15:39:16 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml
O1 HOSTS File: ([2010.11.23 15:58:10 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No CLSID value found.
O3 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-789336058-839522115-1617979688-1003..\Run: [NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hp psc 1000 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe (Hewlett-Packard Co.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 0
O7 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\..Trusted Domains: com.tw ([asia.msi] http in Trusted sites)
O15 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\..Trusted Domains: com.tw ([global.msi] http in Trusted sites)
O15 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\..Trusted Domains: com.tw ([www.msi] http in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Reg Error: Value error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe ()
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Hong\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Hong\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.11.24 00:19:55 | 000,000,090 | ---- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.HFYU - C:\WINDOWS\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.i263 - C:\WINDOWS\System32\I263_32.drv (Intel Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP62 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP70 - C:\WINDOWS\System32\vp7vfw.dll (On2.com)
Drivers32: VIDC.X264 - C:\WINDOWS\System32\x264vfw.dll ()
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56308606093492224)
========== Files/Folders - Created Within 30 Days ==========
[2010.12.05 00:48:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hong\Desktop\supernatural.s06e10
[2010.11.28 15:46:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hong\Application Data\SUPERAntiSpyware.com
[2010.11.28 15:46:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010.11.28 15:45:49 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010.11.28 01:24:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010.11.27 12:28:59 | 000,888,424 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco32.dll
[2010.11.27 12:28:59 | 000,813,672 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgenco32.dll
[2010.11.27 12:05:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2010.11.27 01:31:15 | 000,000,000 | ---D | C] -- C:\Program Files\Yamicsoft
[2010.11.26 23:50:39 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Hong\Recent
[2010.11.25 14:32:38 | 000,060,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER
[2010.11.25 14:19:50 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2010.11.24 00:59:05 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.11.23 21:26:14 | 000,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2010.11.23 16:03:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010.11.21 18:50:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hong\Application Data\Mumble
[2010.11.21 18:50:03 | 000,000,000 | ---D | C] -- C:\Program Files\Mumble
[2010.11.20 22:17:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hong\My Documents\The KMPlayer
[2010.11.20 22:17:16 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer
[2010.11.19 16:20:49 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Hong\My Documents\My Music
[2010.11.15 22:58:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hong\Application Data\TS3Client
[2010.11.15 22:57:55 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2010.11.14 23:56:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hong\Desktop\luňák
[2010.11.14 19:02:10 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.11.14 18:23:48 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.11.14 18:23:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hong\Local Settings\Application Data\Sunbelt Software
[2010.11.14 18:22:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010.11.14 18:16:50 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.11.13 19:36:38 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010.11.13 19:36:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010.11.12 14:42:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hong\Desktop\Dramatikz - Morfium (2010)
[2010.11.10 10:42:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hong\Desktop\live
[6 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
[2 C:\Documents and Settings\Hong\Desktop\*.tmp files -> C:\Documents and Settings\Hong\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.12.05 12:37:06 | 000,000,374 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2010.12.05 12:36:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.12.05 01:07:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-839522115-1617979688-1003UA.job
[2010.12.04 19:36:55 | 000,444,524 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.12.04 19:36:55 | 000,072,590 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.12.04 14:07:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-839522115-1617979688-1003Core.job
[2010.12.04 13:18:10 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2010.12.03 20:42:28 | 000,000,522 | ---- | M] () -- C:\hpfr3420.xml
[2010.12.02 21:17:33 | 000,001,192 | ---- | M] () -- C:\Documents and Settings\Hong\Local Settings\Application Data\SRDownloader (1).nast
[2010.11.30 13:32:53 | 000,060,416 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER
[2010.11.29 22:55:52 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\Hong\Desktop\Sumarizácia objednávok.x ls
[2010.11.28 15:45:59 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010.11.28 01:18:39 | 112,315,778 | ---- | M] () -- C:\Documents and Settings\Hong\My Documents\BackupRegistry(20101128).reg
[2010.11.28 00:54:33 | 004,682,144 | ---- | M] () -- C:\Documents and Settings\Hong\Desktop\ola ola le.mp3
[2010.11.27 12:34:40 | 000,240,608 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010.11.27 12:34:40 | 000,240,608 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010.11.27 12:34:40 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010.11.27 01:31:18 | 000,001,901 | ---- | M] () -- C:\Documents and Settings\Hong\Desktop\1-Click Cleaner.lnk
[2010.11.27 01:31:18 | 000,001,898 | ---- | M] () -- C:\Documents and Settings\Hong\Desktop\WinXP Manager.lnk
[2010.11.26 14:19:45 | 000,223,744 | ---- | M] () -- C:\Documents and Settings\Hong\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.26 13:28:38 | 007,890,529 | ---- | M] () -- C:\Documents and Settings\Hong\Desktop\14-Toyfriend -Featuring Wynter Gordon-.mp3
[2010.11.25 13:59:43 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.11.24 08:08:30 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010.11.23 22:24:59 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.11.23 15:58:10 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.11.23 09:41:30 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\Hong\Desktop\Korekica patloš.doc
[2010.11.21 18:50:58 | 000,002,380 | ---- | M] () -- C:\Documents and Settings\Hong\My Documents\MumbleAutomaticCertificateBackup.p12
[2010.11.21 02:00:01 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-FAJKOS-Hong.job
[2010.11.20 22:17:29 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\Hong\Desktop\KMPlayer.lnk
[2010.11.15 22:57:59 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamSpeak 3 Client.lnk
[2010.11.14 23:24:25 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1275498585.job
[2010.11.14 19:02:16 | 000,000,339 | RHS- | M] () -- C:\boot.ini
[2010.11.14 18:13:34 | 004,106,760 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.11.14 17:43:04 | 000,007,156 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.11.14 17:13:58 | 000,000,293 | ---- | M] () -- C:\Boot.bak
[2010.11.14 13:10:32 | 000,000,123 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010.11.09 10:16:58 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\Hong\Desktop\Sumarizácia objednávok.xls
[2010.11.08 15:00:16 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Internet Explorer\Quick Launch\World of Warcraft.lnk
[2 C:\Documents and Settings\Hong\Desktop\*.tmp files -> C:\Documents and Settings\Hong\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.12.02 20:46:18 | 000,001,192 | ---- | C] () -- C:\Documents and Settings\Hong\Local Settings\Application Data\SRDownloader (1).nast
[2010.11.29 22:57:41 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Hong\Desktop\Sumarizácia objednávok.x ls
[2010.11.29 18:24:56 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\Hong\Desktop\Korekica patloš.doc
[2010.11.29 18:24:24 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Hong\Desktop\Sumarizácia objednávok.xls
[2010.11.28 15:45:59 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010.11.28 01:18:16 | 112,315,778 | ---- | C] () -- C:\Documents and Settings\Hong\My Documents\BackupRegistry(20101128).reg
[2010.11.28 00:54:58 | 004,682,144 | ---- | C] () -- C:\Documents and Settings\Hong\Desktop\ola ola le.mp3
[2010.11.27 12:28:59 | 000,003,739 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2010.11.27 01:31:18 | 000,001,901 | ---- | C] () -- C:\Documents and Settings\Hong\Desktop\1-Click Cleaner.lnk
[2010.11.27 01:31:18 | 000,001,898 | ---- | C] () -- C:\Documents and Settings\Hong\Desktop\WinXP Manager.lnk
[2010.11.26 13:23:38 | 007,890,529 | ---- | C] () -- C:\Documents and Settings\Hong\Desktop\14-Toyfriend -Featuring Wynter Gordon-.mp3
[2010.11.21 18:50:58 | 000,002,380 | ---- | C] () -- C:\Documents and Settings\Hong\My Documents\MumbleAutomaticCertificateBackup.p12
[2010.11.20 22:17:29 | 000,000,710 | ---- | C] () -- C:\Documents and Settings\Hong\Desktop\KMPlayer.lnk
[2010.11.15 22:57:59 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TeamSpeak 3 Client.lnk
[2010.11.14 13:10:32 | 000,000,123 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010.11.10 16:47:35 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010.11.08 15:00:16 | 000,000,549 | ---- | C] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Internet Explorer\Quick Launch\World of Warcraft.lnk
[2010.03.18 16:01:26 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.11.06 09:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009.09.25 13:43:29 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2009.08.21 13:10:24 | 000,000,319 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2009.06.10 02:20:38 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.05.29 02:24:08 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Hong\Local Settings\Application Data\fusioncache.dat
[2009.04.01 00:40:54 | 000,002,348 | ---- | C] () -- C:\WINDOWS\WINTRAN.INI
[2009.03.31 03:47:51 | 000,001,527 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.03.22 06:31:31 | 000,001,151 | ---- | C] () -- C:\Documents and Settings\Hong\Application Data\MPQEditor.ini
[2009.03.04 04:45:29 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.02.16 04:57:14 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.02.10 01:36:17 | 000,001,193 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009.02.03 06:54:02 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.02.03 06:53:59 | 002,330,643 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2009.02.03 06:53:59 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.02.03 06:53:59 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.02.02 07:29:53 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009.02.02 07:00:18 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009.02.02 06:21:02 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009.02.02 06:10:34 | 000,000,732 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.02.02 05:52:44 | 000,223,744 | ---- | C] () -- C:\Documents and Settings\Hong\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.02.01 21:35:23 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.02.01 08:18:14 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\FlashSys.sys
[2007.08.15 15:27:18 | 000,009,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\n558.sys
[2007.03.12 12:01:30 | 000,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2003.04.07 19:38:32 | 000,005,746 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2003.03.10 06:31:04 | 000,561,152 | R--- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2001.10.29 01:42:30 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
========== LOP Check ==========
[2009.05.18 02:16:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Opera
[2010.07.25 17:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BioWare
[2010.08.28 13:05:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Codemasters
[2010.04.22 16:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009.12.19 16:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009.02.04 05:44:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2009.10.08 22:53:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009.09.07 22:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LANGMaster
[2009.10.08 22:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2009.10.08 22:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009.12.10 20:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2009.12.13 15:04:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle VideoSpin
[2010.09.11 16:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010.05.15 15:39:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2010.04.13 15:13:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010.07.11 12:02:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009.12.10 20:33:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VideoSpin
[2009.08.23 15:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010.07.30 14:45:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\BSplayer
[2010.08.09 16:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\BSplayer Pro
[2009.08.21 14:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\CoreFTP
[2009.02.16 04:59:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\DAEMON Tools
[2009.09.25 13:31:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\DAEMON Tools Lite
[2009.02.16 04:59:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\DAEMON Tools Pro
[2010.02.28 23:58:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Facebook
[2009.08.24 09:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\FileZilla
[2010.06.26 17:36:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\GetRightToGo
[2010.12.05 12:37:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\ICQ
[2009.05.16 22:58:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\IObit
[2009.09.07 22:12:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\LANGMaster
[2009.12.29 11:26:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\MobMapUpdater
[2010.11.21 19:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Mumble
[2010.10.06 22:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\My Battle for Middle-earth Files
[2009.10.08 23:07:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Nokia
[2009.04.10 04:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\OpenOffice.org
[2009.02.02 05:57:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Opera
[2009.10.08 22:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\PC Suite
[2010.09.05 15:34:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\PhotoScape
[2010.04.13 15:34:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Publish Providers
[2009.11.08 00:11:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\QIP
[2010.04.13 15:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Sony
[2010.05.15 15:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.04.11 19:39:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Styler
[2010.10.26 15:59:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\SystemRequirementsLab
[2010.11.15 22:58:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\TS3Client
[2009.05.29 02:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Turbine
[2009.04.17 02:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Unigraphics Solutions
[2010.11.26 01:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\uTorrent
[2009.06.13 23:36:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\ViSplore
[2009.06.13 23:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\ViStart
[2010.11.14 23:24:25 | 000,000,340 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1275498585.job
========== Purity Check ==========
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Hong\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
6,00 Gb Paging File | 6,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 95,70 Gb Total Space | 40,21 Gb Free Space | 42,02% Space Free | Partition Type: NTFS
Drive D: | 94,21 Gb Total Space | 31,47 Gb Free Space | 33,40% Space Free | Partition Type: NTFS
Computer Name: CATLOS | User Name: Hong | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010.12.05 12:42:40 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hong\My Documents\Downloads\OTL.exe
PRC - [2010.10.27 13:20:45 | 000,133,432 | ---- | M] (ICQ, LLC.) -- C:\Program Files\ICQ7.1\ICQ.exe
PRC - [2010.01.21 08:24:00 | 000,527,344 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Hong\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2008.04.14 05:42:20 | 004,919,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.04.16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2003.04.06 00:17:18 | 000,147,456 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
PRC - [2003.04.05 23:55:04 | 000,311,296 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposts08.exe
PRC - [2003.04.05 23:45:10 | 000,286,720 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
========== Modules (SafeList) ==========
MOD - [2010.12.05 12:42:40 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hong\My Documents\Downloads\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.08.11 23:29:02 | 000,655,624 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.08.05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009.06.02 09:10:08 | 000,637,952 | ---- | M] (Nokia.) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.09.04 19:25:44 | 000,131,072 | ---- | M] (NVIDIA) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2007.01.04 22:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Disabled | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2005.11.14 09:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003.03.10 06:31:02 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btkrnl.sys -- (btkrnl)
DRV - [2010.10.16 19:55:00 | 009,623,680 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010.06.28 21:50:22 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/07/11 13:05:02] [Kernel | Auto | Running] -- D:\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2010.06.02 18:08:44 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2010.05.10 19:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.04.22 16:51:43 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.02.17 19:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009.08.05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009.03.27 01:16:28 | 000,012,672 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz132_x32.sys -- (cpuz132)
DRV - [2009.03.25 22:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2009.02.24 17:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009.02.09 07:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.02.09 07:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.02.09 07:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.02.09 07:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.14 06:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\adfs.sys -- (adfs)
DRV - [2007.09.04 19:26:32 | 000,029,696 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\nvoclock.sys -- (NVR0Dev)
DRV - [2007.08.15 15:27:18 | 000,009,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\n558.sys -- (n558)
DRV - [2007.04.25 16:20:48 | 004,030,144 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006.07.01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005.04.06 03:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005.04.06 03:22:28 | 000,033,536 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2004.08.03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004.06.03 10:40:46 | 000,079,360 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2004.04.02 15:40:00 | 000,021,760 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.games-fusion.net
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-789336058-839522115-1617979688-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fullarticles.net
IE - HKU\S-1-5-21-789336058-839522115-1617979688-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.live.com/results.aspx?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/"
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7
FF - prefs.js..extensions.enabledItems: fbchathistory@firechm.com:1.0.3
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b1
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.2
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.75
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... 2.0.0.2&q="
FF - prefs.js..network.proxy.type: 2
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.live.com/results.aspx?FORM=IEFM1&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.10.08 22:50:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.26 12:35:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.11.24 08:08:30 | 000,000,000 | ---D | M]
[2009.03.05 20:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Mozilla\Extensions
[2010.12.02 14:22:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\extensions
[2009.11.08 00:24:00 | 000,000,000 | ---D | M] (Vista-aero) -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
[2010.02.03 22:50:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.06.13 23:22:23 | 000,000,000 | ---D | M] (Aquatint Black Gloss) -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
[2010.05.27 20:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.03.24 17:59:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\extensions\{b8ccaffc-1f41-45bf-ad7a-1c730d9a4656}
[2010.03.03 17:35:47 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.04.22 16:51:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\extensions\DTToolbar@toolbarnet.com
[2009.07.25 11:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\extensions\fastdial@telega.phpnet.us
[2009.09.15 22:25:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\extensions\fbchathistory@firechm.com
[2010.04.22 16:51:48 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\searchplugins\daemon-search.xml
[2010.03.07 22:07:50 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\searchplugins\icq-search.xml
[2010.04.22 21:42:35 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\searchplugins\icqplugin-1.xml
[2010.12.02 14:23:16 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\searchplugins\icqplugin-2.xml
[2010.04.07 21:04:50 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\searchplugins\icqplugin.xml
[2009.03.22 07:22:07 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\searchplugins\live-search.xml
[2010.03.03 17:35:03 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.31 22:39:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2007.04.16 18:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2010.07.12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2009.08.23 15:39:16 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2009.08.23 15:39:16 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2009.08.23 15:39:16 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2009.08.23 15:39:16 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2009.08.23 15:39:16 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2009.08.23 15:39:16 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml
O1 HOSTS File: ([2010.11.23 15:58:10 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No CLSID value found.
O3 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-789336058-839522115-1617979688-1003..\Run: [NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hp psc 1000 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe (Hewlett-Packard Co.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 0
O7 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\..Trusted Domains: com.tw ([asia.msi] http in Trusted sites)
O15 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\..Trusted Domains: com.tw ([global.msi] http in Trusted sites)
O15 - HKU\S-1-5-21-789336058-839522115-1617979688-1003\..Trusted Domains: com.tw ([www.msi] http in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Reg Error: Value error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe ()
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Hong\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Hong\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.11.24 00:19:55 | 000,000,090 | ---- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.HFYU - C:\WINDOWS\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.i263 - C:\WINDOWS\System32\I263_32.drv (Intel Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP62 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP70 - C:\WINDOWS\System32\vp7vfw.dll (On2.com)
Drivers32: VIDC.X264 - C:\WINDOWS\System32\x264vfw.dll ()
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56308606093492224)
========== Files/Folders - Created Within 30 Days ==========
[2010.12.05 00:48:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hong\Desktop\supernatural.s06e10
[2010.11.28 15:46:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hong\Application Data\SUPERAntiSpyware.com
[2010.11.28 15:46:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010.11.28 15:45:49 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010.11.28 01:24:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010.11.27 12:28:59 | 000,888,424 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco32.dll
[2010.11.27 12:28:59 | 000,813,672 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgenco32.dll
[2010.11.27 12:05:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2010.11.27 01:31:15 | 000,000,000 | ---D | C] -- C:\Program Files\Yamicsoft
[2010.11.26 23:50:39 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Hong\Recent
[2010.11.25 14:32:38 | 000,060,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER
[2010.11.25 14:19:50 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2010.11.24 00:59:05 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.11.23 21:26:14 | 000,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2010.11.23 16:03:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010.11.21 18:50:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hong\Application Data\Mumble
[2010.11.21 18:50:03 | 000,000,000 | ---D | C] -- C:\Program Files\Mumble
[2010.11.20 22:17:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hong\My Documents\The KMPlayer
[2010.11.20 22:17:16 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer
[2010.11.19 16:20:49 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Hong\My Documents\My Music
[2010.11.15 22:58:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hong\Application Data\TS3Client
[2010.11.15 22:57:55 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2010.11.14 23:56:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hong\Desktop\luňák
[2010.11.14 19:02:10 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.11.14 18:23:48 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.11.14 18:23:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hong\Local Settings\Application Data\Sunbelt Software
[2010.11.14 18:22:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010.11.14 18:16:50 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.11.13 19:36:38 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010.11.13 19:36:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010.11.12 14:42:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hong\Desktop\Dramatikz - Morfium (2010)
[2010.11.10 10:42:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hong\Desktop\live
[6 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
[2 C:\Documents and Settings\Hong\Desktop\*.tmp files -> C:\Documents and Settings\Hong\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.12.05 12:37:06 | 000,000,374 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2010.12.05 12:36:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.12.05 01:07:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-839522115-1617979688-1003UA.job
[2010.12.04 19:36:55 | 000,444,524 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.12.04 19:36:55 | 000,072,590 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.12.04 14:07:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-839522115-1617979688-1003Core.job
[2010.12.04 13:18:10 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2010.12.03 20:42:28 | 000,000,522 | ---- | M] () -- C:\hpfr3420.xml
[2010.12.02 21:17:33 | 000,001,192 | ---- | M] () -- C:\Documents and Settings\Hong\Local Settings\Application Data\SRDownloader (1).nast
[2010.11.30 13:32:53 | 000,060,416 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER
[2010.11.29 22:55:52 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\Hong\Desktop\Sumarizácia objednávok.x ls
[2010.11.28 15:45:59 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010.11.28 01:18:39 | 112,315,778 | ---- | M] () -- C:\Documents and Settings\Hong\My Documents\BackupRegistry(20101128).reg
[2010.11.28 00:54:33 | 004,682,144 | ---- | M] () -- C:\Documents and Settings\Hong\Desktop\ola ola le.mp3
[2010.11.27 12:34:40 | 000,240,608 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010.11.27 12:34:40 | 000,240,608 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010.11.27 12:34:40 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010.11.27 01:31:18 | 000,001,901 | ---- | M] () -- C:\Documents and Settings\Hong\Desktop\1-Click Cleaner.lnk
[2010.11.27 01:31:18 | 000,001,898 | ---- | M] () -- C:\Documents and Settings\Hong\Desktop\WinXP Manager.lnk
[2010.11.26 14:19:45 | 000,223,744 | ---- | M] () -- C:\Documents and Settings\Hong\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.26 13:28:38 | 007,890,529 | ---- | M] () -- C:\Documents and Settings\Hong\Desktop\14-Toyfriend -Featuring Wynter Gordon-.mp3
[2010.11.25 13:59:43 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.11.24 08:08:30 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010.11.23 22:24:59 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.11.23 15:58:10 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.11.23 09:41:30 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\Hong\Desktop\Korekica patloš.doc
[2010.11.21 18:50:58 | 000,002,380 | ---- | M] () -- C:\Documents and Settings\Hong\My Documents\MumbleAutomaticCertificateBackup.p12
[2010.11.21 02:00:01 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-FAJKOS-Hong.job
[2010.11.20 22:17:29 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\Hong\Desktop\KMPlayer.lnk
[2010.11.15 22:57:59 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamSpeak 3 Client.lnk
[2010.11.14 23:24:25 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1275498585.job
[2010.11.14 19:02:16 | 000,000,339 | RHS- | M] () -- C:\boot.ini
[2010.11.14 18:13:34 | 004,106,760 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.11.14 17:43:04 | 000,007,156 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.11.14 17:13:58 | 000,000,293 | ---- | M] () -- C:\Boot.bak
[2010.11.14 13:10:32 | 000,000,123 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010.11.09 10:16:58 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\Hong\Desktop\Sumarizácia objednávok.xls
[2010.11.08 15:00:16 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Internet Explorer\Quick Launch\World of Warcraft.lnk
[2 C:\Documents and Settings\Hong\Desktop\*.tmp files -> C:\Documents and Settings\Hong\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.12.02 20:46:18 | 000,001,192 | ---- | C] () -- C:\Documents and Settings\Hong\Local Settings\Application Data\SRDownloader (1).nast
[2010.11.29 22:57:41 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Hong\Desktop\Sumarizácia objednávok.x ls
[2010.11.29 18:24:56 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\Hong\Desktop\Korekica patloš.doc
[2010.11.29 18:24:24 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Hong\Desktop\Sumarizácia objednávok.xls
[2010.11.28 15:45:59 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010.11.28 01:18:16 | 112,315,778 | ---- | C] () -- C:\Documents and Settings\Hong\My Documents\BackupRegistry(20101128).reg
[2010.11.28 00:54:58 | 004,682,144 | ---- | C] () -- C:\Documents and Settings\Hong\Desktop\ola ola le.mp3
[2010.11.27 12:28:59 | 000,003,739 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2010.11.27 01:31:18 | 000,001,901 | ---- | C] () -- C:\Documents and Settings\Hong\Desktop\1-Click Cleaner.lnk
[2010.11.27 01:31:18 | 000,001,898 | ---- | C] () -- C:\Documents and Settings\Hong\Desktop\WinXP Manager.lnk
[2010.11.26 13:23:38 | 007,890,529 | ---- | C] () -- C:\Documents and Settings\Hong\Desktop\14-Toyfriend -Featuring Wynter Gordon-.mp3
[2010.11.21 18:50:58 | 000,002,380 | ---- | C] () -- C:\Documents and Settings\Hong\My Documents\MumbleAutomaticCertificateBackup.p12
[2010.11.20 22:17:29 | 000,000,710 | ---- | C] () -- C:\Documents and Settings\Hong\Desktop\KMPlayer.lnk
[2010.11.15 22:57:59 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TeamSpeak 3 Client.lnk
[2010.11.14 13:10:32 | 000,000,123 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010.11.10 16:47:35 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010.11.08 15:00:16 | 000,000,549 | ---- | C] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Internet Explorer\Quick Launch\World of Warcraft.lnk
[2010.03.18 16:01:26 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.11.06 09:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009.09.25 13:43:29 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2009.08.21 13:10:24 | 000,000,319 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2009.06.10 02:20:38 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.05.29 02:24:08 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Hong\Local Settings\Application Data\fusioncache.dat
[2009.04.01 00:40:54 | 000,002,348 | ---- | C] () -- C:\WINDOWS\WINTRAN.INI
[2009.03.31 03:47:51 | 000,001,527 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.03.22 06:31:31 | 000,001,151 | ---- | C] () -- C:\Documents and Settings\Hong\Application Data\MPQEditor.ini
[2009.03.04 04:45:29 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.02.16 04:57:14 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.02.10 01:36:17 | 000,001,193 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009.02.03 06:54:02 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.02.03 06:53:59 | 002,330,643 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2009.02.03 06:53:59 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.02.03 06:53:59 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.02.02 07:29:53 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009.02.02 07:00:18 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009.02.02 06:21:02 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009.02.02 06:10:34 | 000,000,732 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.02.02 05:52:44 | 000,223,744 | ---- | C] () -- C:\Documents and Settings\Hong\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.02.01 21:35:23 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.02.01 08:18:14 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\FlashSys.sys
[2007.08.15 15:27:18 | 000,009,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\n558.sys
[2007.03.12 12:01:30 | 000,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2003.04.07 19:38:32 | 000,005,746 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2003.03.10 06:31:04 | 000,561,152 | R--- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2001.10.29 01:42:30 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
========== LOP Check ==========
[2009.05.18 02:16:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Opera
[2010.07.25 17:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BioWare
[2010.08.28 13:05:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Codemasters
[2010.04.22 16:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009.12.19 16:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009.02.04 05:44:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2009.10.08 22:53:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009.09.07 22:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LANGMaster
[2009.10.08 22:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2009.10.08 22:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009.12.10 20:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2009.12.13 15:04:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle VideoSpin
[2010.09.11 16:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010.05.15 15:39:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2010.04.13 15:13:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010.07.11 12:02:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009.12.10 20:33:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VideoSpin
[2009.08.23 15:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010.07.30 14:45:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\BSplayer
[2010.08.09 16:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\BSplayer Pro
[2009.08.21 14:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\CoreFTP
[2009.02.16 04:59:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\DAEMON Tools
[2009.09.25 13:31:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\DAEMON Tools Lite
[2009.02.16 04:59:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\DAEMON Tools Pro
[2010.02.28 23:58:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Facebook
[2009.08.24 09:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\FileZilla
[2010.06.26 17:36:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\GetRightToGo
[2010.12.05 12:37:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\ICQ
[2009.05.16 22:58:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\IObit
[2009.09.07 22:12:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\LANGMaster
[2009.12.29 11:26:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\MobMapUpdater
[2010.11.21 19:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Mumble
[2010.10.06 22:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\My Battle for Middle-earth Files
[2009.10.08 23:07:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Nokia
[2009.04.10 04:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\OpenOffice.org
[2009.02.02 05:57:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Opera
[2009.10.08 22:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\PC Suite
[2010.09.05 15:34:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\PhotoScape
[2010.04.13 15:34:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Publish Providers
[2009.11.08 00:11:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\QIP
[2010.04.13 15:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Sony
[2010.05.15 15:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.04.11 19:39:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Styler
[2010.10.26 15:59:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\SystemRequirementsLab
[2010.11.15 22:58:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\TS3Client
[2009.05.29 02:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Turbine
[2009.04.17 02:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Unigraphics Solutions
[2010.11.26 01:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\uTorrent
[2009.06.13 23:36:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\ViSplore
[2009.06.13 23:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\ViStart
[2010.11.14 23:24:25 | 000,000,340 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1275498585.job
========== Purity Check ==========
-
Hoong
- Návštěvník
- Příspěvky: 26
- Registrován: 01 led 2009 13:49
- Bydliště: Prešov Slovakia
- Kontaktovat uživatele:
Re: FB virus asi...Pomoc
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"NVIDIA nTune" = "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear -- [2007.09.04 19:25:38 | 000,081,920 | ---- | M] (NVIDIA)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =
< c:\windows\*.* /U >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
[2010.11.10 16:47:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009.03.04 02:24:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems
[2009.03.21 22:10:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL
[2009.03.21 22:11:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL OCP
[2009.08.13 10:23:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010.07.25 17:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BioWare
[2009.04.15 23:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard
[2010.11.03 14:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment
[2010.08.28 13:05:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Codemasters
[2010.07.11 12:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2010.04.22 16:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010.06.14 20:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX
[2009.12.19 16:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009.02.02 07:34:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESTsoft
[2010.04.27 08:30:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009.04.22 02:13:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2009.02.04 05:44:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2009.10.08 22:53:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009.09.07 22:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LANGMaster
[2010.11.14 21:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010.01.31 15:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009.09.12 13:16:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009.09.12 12:55:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2009.03.31 04:56:01 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009.10.08 22:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2010.05.14 15:51:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010.05.13 18:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2009.12.20 17:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2009.10.08 22:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009.12.10 20:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2009.12.13 15:04:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle VideoSpin
[2010.09.11 16:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010.05.15 15:39:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2010.04.13 15:13:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010.11.26 23:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010.11.28 15:46:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010.05.13 18:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010.07.11 12:02:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010.10.28 22:42:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2009.12.10 20:33:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VideoSpin
[2009.08.23 15:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009.02.02 06:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2010.03.01 22:44:10 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\java-rmi.exe
[2010.03.01 22:44:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\java.exe
[2010.03.01 22:44:10 | 000,059,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\javacpl.exe
[2010.03.01 22:44:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\javaw.exe
[2010.03.01 22:44:10 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\javaws.exe
[2010.03.01 22:44:12 | 000,079,648 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jbroker.exe
[2010.03.01 22:44:12 | 000,023,328 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jp2launcher.exe
[2010.03.01 22:44:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jqs.exe
[2010.03.01 22:44:12 | 000,055,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jqsnotify.exe
[2010.03.01 22:44:12 | 000,386,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jucheck.exe
[2010.03.01 22:44:12 | 000,055,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jureg.exe
[2010.03.01 22:44:14 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jusched.exe
[2010.03.01 22:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\keytool.exe
[2010.03.01 22:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\kinit.exe
[2010.03.01 22:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\klist.exe
[2010.03.01 22:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\ktab.exe
[2010.03.01 22:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\orbd.exe
[2010.03.01 22:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\pack200.exe
[2010.03.01 22:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\policytool.exe
[2010.03.01 22:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\rmid.exe
[2010.03.01 22:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\rmiregistry.exe
[2010.03.01 22:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\servertool.exe
[2010.03.01 22:44:14 | 000,030,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\ssvagent.exe
[2010.03.01 22:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\tnameserv.exe
[2010.03.01 22:44:14 | 000,132,896 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\unpack200.exe
[2009.05.19 00:35:46 | 002,402,104 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\AIMinst.exe
[2009.05.19 00:35:48 | 000,550,024 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\AIMLang.exe
[2009.05.19 00:36:04 | 000,142,040 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\alsetup.exe
[2009.05.19 00:35:52 | 000,037,888 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\amoinst.exe
[2009.05.19 00:35:52 | 000,069,104 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\amos.exe
[2009.05.19 00:35:58 | 000,120,368 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\aoldlmgr.exe
[2007.08.17 08:34:16 | 000,107,872 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\aolsetup.exe
[2009.05.19 00:36:04 | 000,097,072 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\bsetutil.exe
[2009.05.19 00:35:52 | 000,231,216 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\migrator.exe
[2009.05.19 00:35:52 | 001,225,352 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\msvc9rt.exe
[2009.05.19 00:35:54 | 004,480,040 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\ocpinst.exe
[2009.05.19 00:35:44 | 000,036,704 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\postproc.exe
[2009.05.19 00:35:42 | 000,172,840 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\setup.exe
[2009.05.19 00:35:56 | 000,383,128 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\tbsetup.exe
[2009.05.19 00:36:04 | 001,484,856 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\toolbar.exe
[2009.05.19 00:35:56 | 000,376,568 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\unagi3.exe
[2009.05.19 00:36:02 | 000,030,512 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\Uninstaller.exe
[2009.05.19 00:36:04 | 002,884,832 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\vwpt.exe
[2010.05.13 17:54:27 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
[2010.05.13 17:55:02 | 000,057,409 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
[2010.05.13 17:55:10 | 000,054,128 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
[2010.05.13 17:55:11 | 000,054,153 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
[2010.03.08 21:21:29 | 000,530,625 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe
[2010.03.08 21:21:39 | 000,530,625 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe
[2010.05.13 17:55:11 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
[2010.05.13 17:55:48 | 000,056,766 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
[2010.05.13 17:55:11 | 000,054,174 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
[2010.05.13 17:55:12 | 000,057,532 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
[2010.05.13 17:55:13 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
[2010.05.13 17:55:13 | 000,057,054 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
[2010.05.13 17:55:02 | 000,054,101 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
[2010.05.13 17:55:02 | 000,052,963 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
[2010.05.13 17:55:36 | 000,057,679 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Player\Uninstaller.exe
[2010.05.13 17:54:33 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
[2010.05.13 17:47:39 | 001,180,952 | ---- | M] (DivX, Inc. ) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
[2010.05.13 17:55:09 | 000,054,629 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
[2010.05.13 17:55:18 | 000,084,040 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
[2010.05.13 17:55:36 | 000,053,600 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe
[2010.05.13 17:55:46 | 000,056,978 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
[2009.10.08 22:48:53 | 033,921,368 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_cze_web.exe
[2009.10.08 22:49:19 | 000,095,232 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\pcswpcsi.exe
[2009.10.08 22:49:19 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstCCD.exe
[2009.10.08 22:49:19 | 000,010,240 | ---- | M] (Nokia) -- C:\Documents and Settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCS.exe
[2009.10.08 22:49:19 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
[2009.10.08 22:53:23 | 024,671,504 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\NokiaSoftwareUpdaterSetup_cs.exe
[2009.10.08 22:53:34 | 003,351,812 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\msxml6Exec.exe
[2009.10.08 22:53:33 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\Sleep.exe
[2009.10.08 22:53:33 | 003,181,612 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\vcredistExec.exe
[2010.07.11 12:02:01 | 000,053,319 | ---- | M] ( ) -- C:\Documents and Settings\All Users\Application Data\TEMP\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\PostBuild.exe
< %APPDATA%\*. >
[2010.05.27 20:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Adobe
[2010.05.15 15:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Adobe Mini Bridge CS5
[2009.08.18 15:17:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Apple Computer
[2010.07.30 14:45:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\BSplayer
[2010.08.09 16:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\BSplayer Pro
[2009.08.21 14:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\CoreFTP
[2010.07.11 12:05:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\CyberLink
[2009.02.16 04:59:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\DAEMON Tools
[2009.09.25 13:31:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\DAEMON Tools Lite
[2009.02.16 04:59:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\DAEMON Tools Pro
[2009.04.18 01:25:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\DivX
[2009.02.02 07:34:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\ESTsoft
[2010.02.28 23:58:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Facebook
[2009.08.24 09:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\FileZilla
[2010.06.26 17:36:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\GetRightToGo
[2009.03.24 18:10:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Google
[2009.02.10 01:39:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Hewlett-Packard
[2010.12.05 12:37:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\ICQ
[2009.02.02 05:52:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Identities
[2009.06.13 20:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\InstallShield
[2009.05.16 22:58:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\IObit
[2009.09.07 22:12:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\LANGMaster
[2009.02.02 06:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Macromedia
[2010.01.31 15:03:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Malwarebytes
[2009.02.03 06:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Media Player Classic
[2010.11.23 23:45:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Hong\Application Data\Microsoft
[2009.08.31 11:44:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\mIRC
[2009.12.29 11:26:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\MobMapUpdater
[2010.06.27 20:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Mozilla
[2010.11.21 19:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Mumble
[2010.10.06 22:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\My Battle for Middle-earth Files
[2009.10.08 23:07:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Nokia
[2009.04.10 04:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\OpenOffice.org
[2009.02.02 05:57:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Opera
[2009.10.08 22:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\PC Suite
[2010.09.05 15:34:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\PhotoScape
[2010.04.13 15:34:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Publish Providers
[2009.11.08 00:11:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\QIP
[2010.04.13 15:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Sony
[2010.05.15 15:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.04.11 19:39:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Styler
[2009.02.14 23:10:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Sun
[2010.11.28 15:46:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\SUPERAntiSpyware.com
[2010.10.26 15:59:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\SystemRequirementsLab
[2009.11.19 22:04:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\teamspeak2
[2010.11.15 22:58:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\TS3Client
[2009.05.29 02:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Turbine
[2009.04.17 02:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Unigraphics Solutions
[2010.11.26 01:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\uTorrent
[2010.01.10 23:12:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Ventrilo
[2009.06.13 23:36:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\ViSplore
[2009.06.13 23:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\ViStart
[2010.11.23 22:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\vlc
[2010.07.30 14:54:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Winamp
[2009.02.21 05:09:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\WinRAR
< %APPDATA%\*.exe /s >
[2009.08.11 20:21:26 | 000,087,552 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 20:21:30 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 13:52:04 | 000,697,690 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 16:01:52 | 001,185,871 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\BSplayer\FFDShow\unins000.exe
[2009.11.14 18:11:36 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\BSplayer\Haali media splitter\dsmux.exe
[2009.11.14 18:33:40 | 000,357,888 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\BSplayer\Haali media splitter\gdsmux.exe
[2009.11.14 18:11:36 | 000,136,704 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.02.23 15:00:42 | 000,042,288 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\BSplayer\Haali media splitter\uninstall.exe
[2010.02.28 23:58:26 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Documents and Settings\Hong\Application Data\Facebook\uninstall.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\ClearMem.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\ClickCleaner.exe
[2010.11.27 01:31:19 | 000,017,542 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\ContextMenuManager.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\DesktopCleaner.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\DiskAnalyzer.exe
[2010.11.27 01:31:19 | 000,013,262 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\DuplicateFilesFinder.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\FileSecurity.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\FileSplitter.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\IconManager.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\IEManager.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\JunkFileCleaner.exe
[2010.11.27 01:31:19 | 000,005,430 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\LiveUpdate.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\OptimizationWizard.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\PrivacyProtector.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\ProcessManager.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\RegistryCleaner.exe
[2010.11.27 01:31:19 | 000,009,662 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\RegistryDefrag.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\RepairCenter.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\RunShortcutCreator.exe
[2010.11.27 01:31:19 | 000,005,430 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\ServiceManager.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\Shutdown.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\StartupManager.exe
[2010.11.27 01:31:19 | 000,014,534 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\SystemFolder_msiexec.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\SystemInfo.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\Uninstaller.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\WallpaperChanger.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\WinXP_Manager.exe
[2009.05.28 03:11:46 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
< MD5 for: AGP440.SYS >
[2004.08.04 00:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.04 08:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.04 00:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\atapi.sys
< MD5 for: CDROM.SYS >
[2004.08.04 00:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[2004.08.03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.03 23:56:42 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2004.08.03 23:56:42 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\cryptsvc.dll
[2008.04.14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 01:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\cryptsvc.dll
[2008.04.14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\eventlog.dll
[2008.04.14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004.08.03 23:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2004.08.03 23:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\explorer.exe
[2004.08.03 23:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004.08.03 23:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\explorer.exe
[2008.04.14 05:42:20 | 004,919,296 | ---- | M] (Microsoft Corporation) MD5=BF09E580BA8E3846F9E107B5A7041837 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:42:20 | 004,919,296 | ---- | M] (Microsoft Corporation) MD5=BF09E580BA8E3846F9E107B5A7041837 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 05:42:20 | 001,480,192 | ---- | M] (Microsoft Corporation) MD5=EE5BB6E5C76B793C9F58AAC68ED18D79 -- C:\WINDOWS\VCP_SAVE\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.04 00:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\hal.dll
[2008.04.14 00:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.04 07:59:20 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C321C95318495909A0066FB0EDC97287 -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\hal.dll
[2004.08.03 21:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.04 00:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\changer.sys
[2004.08.04 08:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2008.04.14 00:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.13 19:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\isapnp.sys
[2008.04.14 00:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.08.23 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2001.08.23 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.03 23:56:52 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2004.08.03 23:56:52 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\lsass.exe
[2008.04.14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 01:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\lsass.exe
[2008.04.14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netlogon.dll
[2008.04.14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009.02.06 19:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.03 23:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004.08.03 23:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\netlogon.dll
< MD5 for: NVATABUS.SYS >
[2004.06.03 10:40:46 | 000,079,360 | ---- | M] (NVIDIA Corporation) MD5=46DEED4C6C5FA765F9A2C723BE60348D -- C:\NVIDIA\nForceWin2KXP\5.11\IDE\Win2K\NvAtaBus.sys
[2004.06.03 10:40:46 | 000,079,360 | ---- | M] (NVIDIA Corporation) MD5=46DEED4C6C5FA765F9A2C723BE60348D -- C:\NVIDIA\nForceWin2KXP\5.11\IDE\WinXP\NvAtaBus.sys
[2004.06.03 10:40:46 | 000,079,360 | ---- | M] (NVIDIA Corporation) MD5=46DEED4C6C5FA765F9A2C723BE60348D -- C:\WINDOWS\system32\drivers\nvatabus.sys
[2004.06.03 10:40:46 | 000,079,360 | ---- | M] (NVIDIA Corporation) MD5=46DEED4C6C5FA765F9A2C723BE60348D -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\nvatabus.sys
[2004.06.03 10:40:46 | 000,079,360 | ---- | M] (NVIDIA Corporation) MD5=46DEED4C6C5FA765F9A2C723BE60348D -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\nvatabus.sys
[2004.06.03 03:40:46 | 000,079,360 | R--- | M] (NVIDIA Corporation) MD5=46DEED4C6C5FA765F9A2C723BE60348D -- C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\nvatabus.sys
< MD5 for: NVRAID.SYS >
[2004.06.03 10:40:50 | 000,068,224 | ---- | M] (NVIDIA Corporation) MD5=A5C77D944410FADEE380FB20B432760D -- C:\NVIDIA\nForceWin2KXP\5.11\IDE\Win2K\nvraid.sys
[2004.06.03 10:40:50 | 000,068,224 | ---- | M] (NVIDIA Corporation) MD5=A5C77D944410FADEE380FB20B432760D -- C:\NVIDIA\nForceWin2KXP\5.11\IDE\WinXP\nvraid.sys
< MD5 for: SCECLI.DLL >
[2004.08.03 23:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2004.08.03 23:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\scecli.dll
[2008.04.14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\scecli.dll
[2008.04.14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2008.04.14 05:42:38 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 01:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\smss.exe
[2008.04.14 05:42:38 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2004.08.03 23:56:58 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.03 23:56:58 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\smss.exe
[2004.08.04 00:56:58 | 000,152,576 | ---- | M] (Microsoft Corporation) MD5=DA5CF1C368B33D75602FD6B3A7F5E0C6 -- C:\cmdcons\SYSTEM32\SMSS.EXE
< MD5 for: SVCHOST.EXE >
[2008.04.14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\svchost.exe
[2008.04.14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004.08.03 23:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2004.08.03 23:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 22:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2004.08.03 23:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2004.08.03 23:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\userinit.exe
[2008.04.14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\userinit.exe
[2008.04.14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.03 23:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2004.08.03 23:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\winlogon.exe
[2008.04.14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\winlogon.exe
[2008.04.14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.04.14 05:42:12 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 01:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ws2_32.dll
[2008.04.14 05:42:12 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[2004.08.03 23:56:48 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2004.08.03 23:56:48 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.04.22 16:51:43 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2009.02.01 21:33:13 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.02.01 21:33:13 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.02.01 21:33:13 | 000,897,024 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.12.04 19:36:55 | 000,072,590 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2010.12.04 19:36:55 | 000,444,524 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2010.12.04 19:36:55 | 000,526,548 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
========== Alternate Data Streams ==========
@Alternate Data Stream - 508 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8B4F37E5
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
< End of report >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"NVIDIA nTune" = "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear -- [2007.09.04 19:25:38 | 000,081,920 | ---- | M] (NVIDIA)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =
< c:\windows\*.* /U >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
[2010.11.10 16:47:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009.03.04 02:24:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems
[2009.03.21 22:10:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL
[2009.03.21 22:11:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL OCP
[2009.08.13 10:23:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010.07.25 17:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BioWare
[2009.04.15 23:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard
[2010.11.03 14:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment
[2010.08.28 13:05:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Codemasters
[2010.07.11 12:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2010.04.22 16:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010.06.14 20:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX
[2009.12.19 16:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009.02.02 07:34:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESTsoft
[2010.04.27 08:30:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009.04.22 02:13:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2009.02.04 05:44:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2009.10.08 22:53:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009.09.07 22:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LANGMaster
[2010.11.14 21:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010.01.31 15:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009.09.12 13:16:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009.09.12 12:55:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2009.03.31 04:56:01 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009.10.08 22:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2010.05.14 15:51:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010.05.13 18:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2009.12.20 17:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2009.10.08 22:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009.12.10 20:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2009.12.13 15:04:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle VideoSpin
[2010.09.11 16:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010.05.15 15:39:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2010.04.13 15:13:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010.11.26 23:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010.11.28 15:46:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010.05.13 18:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010.07.11 12:02:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010.10.28 22:42:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2009.12.10 20:33:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VideoSpin
[2009.08.23 15:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009.02.02 06:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2010.03.01 22:44:10 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\java-rmi.exe
[2010.03.01 22:44:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\java.exe
[2010.03.01 22:44:10 | 000,059,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\javacpl.exe
[2010.03.01 22:44:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\javaw.exe
[2010.03.01 22:44:10 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\javaws.exe
[2010.03.01 22:44:12 | 000,079,648 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jbroker.exe
[2010.03.01 22:44:12 | 000,023,328 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jp2launcher.exe
[2010.03.01 22:44:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jqs.exe
[2010.03.01 22:44:12 | 000,055,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jqsnotify.exe
[2010.03.01 22:44:12 | 000,386,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jucheck.exe
[2010.03.01 22:44:12 | 000,055,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jureg.exe
[2010.03.01 22:44:14 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jusched.exe
[2010.03.01 22:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\keytool.exe
[2010.03.01 22:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\kinit.exe
[2010.03.01 22:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\klist.exe
[2010.03.01 22:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\ktab.exe
[2010.03.01 22:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\orbd.exe
[2010.03.01 22:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\pack200.exe
[2010.03.01 22:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\policytool.exe
[2010.03.01 22:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\rmid.exe
[2010.03.01 22:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\rmiregistry.exe
[2010.03.01 22:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\servertool.exe
[2010.03.01 22:44:14 | 000,030,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\ssvagent.exe
[2010.03.01 22:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\tnameserv.exe
[2010.03.01 22:44:14 | 000,132,896 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\unpack200.exe
[2009.05.19 00:35:46 | 002,402,104 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\AIMinst.exe
[2009.05.19 00:35:48 | 000,550,024 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\AIMLang.exe
[2009.05.19 00:36:04 | 000,142,040 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\alsetup.exe
[2009.05.19 00:35:52 | 000,037,888 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\amoinst.exe
[2009.05.19 00:35:52 | 000,069,104 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\amos.exe
[2009.05.19 00:35:58 | 000,120,368 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\aoldlmgr.exe
[2007.08.17 08:34:16 | 000,107,872 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\aolsetup.exe
[2009.05.19 00:36:04 | 000,097,072 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\bsetutil.exe
[2009.05.19 00:35:52 | 000,231,216 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\migrator.exe
[2009.05.19 00:35:52 | 001,225,352 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\msvc9rt.exe
[2009.05.19 00:35:54 | 004,480,040 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\ocpinst.exe
[2009.05.19 00:35:44 | 000,036,704 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\postproc.exe
[2009.05.19 00:35:42 | 000,172,840 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\setup.exe
[2009.05.19 00:35:56 | 000,383,128 | ---- | M] (AOL LLC) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\tbsetup.exe
[2009.05.19 00:36:04 | 001,484,856 | ---- | M] (AOL LLC.) -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\toolbar.exe
[2009.05.19 00:35:56 | 000,376,568 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\unagi3.exe
[2009.05.19 00:36:02 | 000,030,512 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\Uninstaller.exe
[2009.05.19 00:36:04 | 002,884,832 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\CACHE\4426.0.4\vwpt.exe
[2010.05.13 17:54:27 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
[2010.05.13 17:55:02 | 000,057,409 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
[2010.05.13 17:55:10 | 000,054,128 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
[2010.05.13 17:55:11 | 000,054,153 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
[2010.03.08 21:21:29 | 000,530,625 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe
[2010.03.08 21:21:39 | 000,530,625 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe
[2010.05.13 17:55:11 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
[2010.05.13 17:55:48 | 000,056,766 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
[2010.05.13 17:55:11 | 000,054,174 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
[2010.05.13 17:55:12 | 000,057,532 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
[2010.05.13 17:55:13 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
[2010.05.13 17:55:13 | 000,057,054 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
[2010.05.13 17:55:02 | 000,054,101 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
[2010.05.13 17:55:02 | 000,052,963 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
[2010.05.13 17:55:36 | 000,057,679 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Player\Uninstaller.exe
[2010.05.13 17:54:33 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
[2010.05.13 17:47:39 | 001,180,952 | ---- | M] (DivX, Inc. ) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
[2010.05.13 17:55:09 | 000,054,629 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
[2010.05.13 17:55:18 | 000,084,040 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
[2010.05.13 17:55:36 | 000,053,600 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe
[2010.05.13 17:55:46 | 000,056,978 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
[2009.10.08 22:48:53 | 033,921,368 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_cze_web.exe
[2009.10.08 22:49:19 | 000,095,232 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\pcswpcsi.exe
[2009.10.08 22:49:19 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstCCD.exe
[2009.10.08 22:49:19 | 000,010,240 | ---- | M] (Nokia) -- C:\Documents and Settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCS.exe
[2009.10.08 22:49:19 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
[2009.10.08 22:53:23 | 024,671,504 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\NokiaSoftwareUpdaterSetup_cs.exe
[2009.10.08 22:53:34 | 003,351,812 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\msxml6Exec.exe
[2009.10.08 22:53:33 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\Sleep.exe
[2009.10.08 22:53:33 | 003,181,612 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\vcredistExec.exe
[2010.07.11 12:02:01 | 000,053,319 | ---- | M] ( ) -- C:\Documents and Settings\All Users\Application Data\TEMP\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\PostBuild.exe
< %APPDATA%\*. >
[2010.05.27 20:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Adobe
[2010.05.15 15:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Adobe Mini Bridge CS5
[2009.08.18 15:17:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Apple Computer
[2010.07.30 14:45:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\BSplayer
[2010.08.09 16:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\BSplayer Pro
[2009.08.21 14:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\CoreFTP
[2010.07.11 12:05:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\CyberLink
[2009.02.16 04:59:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\DAEMON Tools
[2009.09.25 13:31:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\DAEMON Tools Lite
[2009.02.16 04:59:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\DAEMON Tools Pro
[2009.04.18 01:25:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\DivX
[2009.02.02 07:34:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\ESTsoft
[2010.02.28 23:58:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Facebook
[2009.08.24 09:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\FileZilla
[2010.06.26 17:36:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\GetRightToGo
[2009.03.24 18:10:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Google
[2009.02.10 01:39:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Hewlett-Packard
[2010.12.05 12:37:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\ICQ
[2009.02.02 05:52:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Identities
[2009.06.13 20:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\InstallShield
[2009.05.16 22:58:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\IObit
[2009.09.07 22:12:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\LANGMaster
[2009.02.02 06:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Macromedia
[2010.01.31 15:03:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Malwarebytes
[2009.02.03 06:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Media Player Classic
[2010.11.23 23:45:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Hong\Application Data\Microsoft
[2009.08.31 11:44:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\mIRC
[2009.12.29 11:26:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\MobMapUpdater
[2010.06.27 20:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Mozilla
[2010.11.21 19:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Mumble
[2010.10.06 22:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\My Battle for Middle-earth Files
[2009.10.08 23:07:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Nokia
[2009.04.10 04:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\OpenOffice.org
[2009.02.02 05:57:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Opera
[2009.10.08 22:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\PC Suite
[2010.09.05 15:34:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\PhotoScape
[2010.04.13 15:34:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Publish Providers
[2009.11.08 00:11:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\QIP
[2010.04.13 15:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Sony
[2010.05.15 15:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.04.11 19:39:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Styler
[2009.02.14 23:10:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Sun
[2010.11.28 15:46:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\SUPERAntiSpyware.com
[2010.10.26 15:59:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\SystemRequirementsLab
[2009.11.19 22:04:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\teamspeak2
[2010.11.15 22:58:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\TS3Client
[2009.05.29 02:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Turbine
[2009.04.17 02:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Unigraphics Solutions
[2010.11.26 01:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\uTorrent
[2010.01.10 23:12:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Ventrilo
[2009.06.13 23:36:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\ViSplore
[2009.06.13 23:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\ViStart
[2010.11.23 22:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\vlc
[2010.07.30 14:54:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\Winamp
[2009.02.21 05:09:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hong\Application Data\WinRAR
< %APPDATA%\*.exe /s >
[2009.08.11 20:21:26 | 000,087,552 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 20:21:30 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 13:52:04 | 000,697,690 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 16:01:52 | 001,185,871 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\BSplayer\FFDShow\unins000.exe
[2009.11.14 18:11:36 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\BSplayer\Haali media splitter\dsmux.exe
[2009.11.14 18:33:40 | 000,357,888 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\BSplayer\Haali media splitter\gdsmux.exe
[2009.11.14 18:11:36 | 000,136,704 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.02.23 15:00:42 | 000,042,288 | ---- | M] () -- C:\Documents and Settings\Hong\Application Data\BSplayer\Haali media splitter\uninstall.exe
[2010.02.28 23:58:26 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Documents and Settings\Hong\Application Data\Facebook\uninstall.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\ClearMem.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\ClickCleaner.exe
[2010.11.27 01:31:19 | 000,017,542 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\ContextMenuManager.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\DesktopCleaner.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\DiskAnalyzer.exe
[2010.11.27 01:31:19 | 000,013,262 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\DuplicateFilesFinder.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\FileSecurity.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\FileSplitter.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\IconManager.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\IEManager.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\JunkFileCleaner.exe
[2010.11.27 01:31:19 | 000,005,430 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\LiveUpdate.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\OptimizationWizard.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\PrivacyProtector.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\ProcessManager.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\RegistryCleaner.exe
[2010.11.27 01:31:19 | 000,009,662 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\RegistryDefrag.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\RepairCenter.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\RunShortcutCreator.exe
[2010.11.27 01:31:19 | 000,005,430 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\ServiceManager.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\Shutdown.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\StartupManager.exe
[2010.11.27 01:31:19 | 000,014,534 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\SystemFolder_msiexec.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\SystemInfo.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\Uninstaller.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\WallpaperChanger.exe
[2010.11.27 01:31:19 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}\WinXP_Manager.exe
[2009.05.28 03:11:46 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Hong\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
< MD5 for: AGP440.SYS >
[2004.08.04 00:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.04 08:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.04 00:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\atapi.sys
< MD5 for: CDROM.SYS >
[2004.08.04 00:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[2004.08.03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.03 23:56:42 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2004.08.03 23:56:42 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\cryptsvc.dll
[2008.04.14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 01:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\cryptsvc.dll
[2008.04.14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\eventlog.dll
[2008.04.14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004.08.03 23:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2004.08.03 23:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\explorer.exe
[2004.08.03 23:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004.08.03 23:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\explorer.exe
[2008.04.14 05:42:20 | 004,919,296 | ---- | M] (Microsoft Corporation) MD5=BF09E580BA8E3846F9E107B5A7041837 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:42:20 | 004,919,296 | ---- | M] (Microsoft Corporation) MD5=BF09E580BA8E3846F9E107B5A7041837 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 05:42:20 | 001,480,192 | ---- | M] (Microsoft Corporation) MD5=EE5BB6E5C76B793C9F58AAC68ED18D79 -- C:\WINDOWS\VCP_SAVE\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.04 00:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\hal.dll
[2008.04.14 00:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.04 07:59:20 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C321C95318495909A0066FB0EDC97287 -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\hal.dll
[2004.08.03 21:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.04 00:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\changer.sys
[2004.08.04 08:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2008.04.14 00:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.13 19:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\isapnp.sys
[2008.04.14 00:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.08.23 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2001.08.23 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.03 23:56:52 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2004.08.03 23:56:52 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\lsass.exe
[2008.04.14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 01:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\lsass.exe
[2008.04.14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netlogon.dll
[2008.04.14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009.02.06 19:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.03 23:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004.08.03 23:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\netlogon.dll
< MD5 for: NVATABUS.SYS >
[2004.06.03 10:40:46 | 000,079,360 | ---- | M] (NVIDIA Corporation) MD5=46DEED4C6C5FA765F9A2C723BE60348D -- C:\NVIDIA\nForceWin2KXP\5.11\IDE\Win2K\NvAtaBus.sys
[2004.06.03 10:40:46 | 000,079,360 | ---- | M] (NVIDIA Corporation) MD5=46DEED4C6C5FA765F9A2C723BE60348D -- C:\NVIDIA\nForceWin2KXP\5.11\IDE\WinXP\NvAtaBus.sys
[2004.06.03 10:40:46 | 000,079,360 | ---- | M] (NVIDIA Corporation) MD5=46DEED4C6C5FA765F9A2C723BE60348D -- C:\WINDOWS\system32\drivers\nvatabus.sys
[2004.06.03 10:40:46 | 000,079,360 | ---- | M] (NVIDIA Corporation) MD5=46DEED4C6C5FA765F9A2C723BE60348D -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\nvatabus.sys
[2004.06.03 10:40:46 | 000,079,360 | ---- | M] (NVIDIA Corporation) MD5=46DEED4C6C5FA765F9A2C723BE60348D -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\nvatabus.sys
[2004.06.03 03:40:46 | 000,079,360 | R--- | M] (NVIDIA Corporation) MD5=46DEED4C6C5FA765F9A2C723BE60348D -- C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\nvatabus.sys
< MD5 for: NVRAID.SYS >
[2004.06.03 10:40:50 | 000,068,224 | ---- | M] (NVIDIA Corporation) MD5=A5C77D944410FADEE380FB20B432760D -- C:\NVIDIA\nForceWin2KXP\5.11\IDE\Win2K\nvraid.sys
[2004.06.03 10:40:50 | 000,068,224 | ---- | M] (NVIDIA Corporation) MD5=A5C77D944410FADEE380FB20B432760D -- C:\NVIDIA\nForceWin2KXP\5.11\IDE\WinXP\nvraid.sys
< MD5 for: SCECLI.DLL >
[2004.08.03 23:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2004.08.03 23:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\scecli.dll
[2008.04.14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\scecli.dll
[2008.04.14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2008.04.14 05:42:38 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 01:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\smss.exe
[2008.04.14 05:42:38 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2004.08.03 23:56:58 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.03 23:56:58 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\smss.exe
[2004.08.04 00:56:58 | 000,152,576 | ---- | M] (Microsoft Corporation) MD5=DA5CF1C368B33D75602FD6B3A7F5E0C6 -- C:\cmdcons\SYSTEM32\SMSS.EXE
< MD5 for: SVCHOST.EXE >
[2008.04.14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\svchost.exe
[2008.04.14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004.08.03 23:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2004.08.03 23:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 22:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2004.08.03 23:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2004.08.03 23:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\userinit.exe
[2008.04.14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\userinit.exe
[2008.04.14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.03 23:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2004.08.03 23:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\winlogon.exe
[2008.04.14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\winlogon.exe
[2008.04.14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.04.14 05:42:12 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 01:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ws2_32.dll
[2008.04.14 05:42:12 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[2004.08.03 23:56:48 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2004.08.03 23:56:48 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.04.22 16:51:43 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2009.02.01 21:33:13 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.02.01 21:33:13 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.02.01 21:33:13 | 000,897,024 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.12.04 19:36:55 | 000,072,590 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2010.12.04 19:36:55 | 000,444,524 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2010.12.04 19:36:55 | 000,526,548 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
========== Alternate Data Streams ==========
@Alternate Data Stream - 508 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8B4F37E5
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
< End of report >
Re: FB virus asi...Pomoc
Spustte OTL-do bílého okna dole skopírujte tento skript:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
@Alternate Data Stream - 508 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8B4F37E5
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
:commands
[emptytemp]
[EMPTYFLASH]
-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
Hoong
- Návštěvník
- Příspěvky: 26
- Registrován: 01 led 2009 13:49
- Bydliště: Prešov Slovakia
- Kontaktovat uživatele:
Re: FB virus asi...Pomoc
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
ADS C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:8B4F37E5 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\ deleted successfully.
Prefs.js: DTToolbar@toolbarnet.com:1.1.2.0185 removed from extensions.enabledItems
========== FILES ==========
C:\WINDOWS\system32\drivers\_003024_.tmp.dll moved successfully.
C:\WINDOWS\system32\Setup\SET1307.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET1308.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET546.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET547.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET548.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET549.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET54A.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET54B.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET54C.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET54D.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET54E.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET54F.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET550.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET551.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET552.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET553.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET554.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET556.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET557.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET558.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET565.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET566.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET568.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET56A.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET56C.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET571.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET574.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET575.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET576.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET579.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET57B.tmp moved successfully.
C:\WINDOWS\$NtServicePackUninstall$\set5ac.tmp moved successfully.
C:\WINDOWS\$NtServicePackUninstall$\set5ad.tmp moved successfully.
C:\WINDOWS\$NtServicePackUninstall$\set5ae.tmp moved successfully.
C:\WINDOWS\$NtServicePackUninstall$\set5af.tmp moved successfully.
C:\WINDOWS\$NtServicePackUninstall$\set5b0.tmp moved successfully.
C:\WINDOWS\$NtServicePackUninstall$\set5b1.tmp moved successfully.
C:\WINDOWS\$NtServicePackUninstall$\set5b2.tmp moved successfully.
C:\WINDOWS\AppPatch\SET5AC.tmp moved successfully.
C:\WINDOWS\AppPatch\SET5AD.tmp moved successfully.
C:\WINDOWS\AppPatch\SET5AE.tmp moved successfully.
C:\WINDOWS\AppPatch\SET5AF.tmp moved successfully.
C:\WINDOWS\AppPatch\SET5B0.tmp moved successfully.
C:\WINDOWS\AppPatch\SET5B1.tmp moved successfully.
C:\WINDOWS\AppPatch\SET5B2.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP12.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP188.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP189.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1B4.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1C2.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP429.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4A5.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6.tmp folder moved successfully.
C:\WINDOWS\CSC\csc1.tmp moved successfully.
C:\WINDOWS\Fonts\SET52C.tmp moved successfully.
C:\WINDOWS\Fonts\SET52D.tmp moved successfully.
C:\WINDOWS\Fonts\SET52E.tmp moved successfully.
C:\WINDOWS\Fonts\SET52F.tmp moved successfully.
C:\WINDOWS\Fonts\SET530.tmp moved successfully.
C:\WINDOWS\Fonts\SET531.tmp moved successfully.
C:\WINDOWS\pchealth\helpctr\binaries\SET5F7.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt65.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt902.tmp moved successfully.
C:\WINDOWS\twain_32\hpqgends.tmp moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Hong
->Temp folder emptied: 2162676 bytes
->Temporary Internet Files folder emptied: 59764159 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 14378151 bytes
->Google Chrome cache emptied: 382537960 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 9170 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 3637536892 bytes
Total Files Cleaned = 3 907,00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: Hong
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.17.3 log created on 12062010_231623
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
========== OTL ==========
No active process named explorer.exe was found!
ADS C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:8B4F37E5 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\ deleted successfully.
Prefs.js: DTToolbar@toolbarnet.com:1.1.2.0185 removed from extensions.enabledItems
========== FILES ==========
C:\WINDOWS\system32\drivers\_003024_.tmp.dll moved successfully.
C:\WINDOWS\system32\Setup\SET1307.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET1308.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET546.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET547.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET548.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET549.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET54A.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET54B.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET54C.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET54D.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET54E.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET54F.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET550.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET551.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET552.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET553.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET554.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET556.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET557.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET558.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET565.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET566.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET568.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET56A.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET56C.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET571.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET574.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET575.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET576.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET579.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET57B.tmp moved successfully.
C:\WINDOWS\$NtServicePackUninstall$\set5ac.tmp moved successfully.
C:\WINDOWS\$NtServicePackUninstall$\set5ad.tmp moved successfully.
C:\WINDOWS\$NtServicePackUninstall$\set5ae.tmp moved successfully.
C:\WINDOWS\$NtServicePackUninstall$\set5af.tmp moved successfully.
C:\WINDOWS\$NtServicePackUninstall$\set5b0.tmp moved successfully.
C:\WINDOWS\$NtServicePackUninstall$\set5b1.tmp moved successfully.
C:\WINDOWS\$NtServicePackUninstall$\set5b2.tmp moved successfully.
C:\WINDOWS\AppPatch\SET5AC.tmp moved successfully.
C:\WINDOWS\AppPatch\SET5AD.tmp moved successfully.
C:\WINDOWS\AppPatch\SET5AE.tmp moved successfully.
C:\WINDOWS\AppPatch\SET5AF.tmp moved successfully.
C:\WINDOWS\AppPatch\SET5B0.tmp moved successfully.
C:\WINDOWS\AppPatch\SET5B1.tmp moved successfully.
C:\WINDOWS\AppPatch\SET5B2.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP12.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP188.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP189.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1B4.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1C2.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP429.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4A5.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6.tmp folder moved successfully.
C:\WINDOWS\CSC\csc1.tmp moved successfully.
C:\WINDOWS\Fonts\SET52C.tmp moved successfully.
C:\WINDOWS\Fonts\SET52D.tmp moved successfully.
C:\WINDOWS\Fonts\SET52E.tmp moved successfully.
C:\WINDOWS\Fonts\SET52F.tmp moved successfully.
C:\WINDOWS\Fonts\SET530.tmp moved successfully.
C:\WINDOWS\Fonts\SET531.tmp moved successfully.
C:\WINDOWS\pchealth\helpctr\binaries\SET5F7.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt65.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt902.tmp moved successfully.
C:\WINDOWS\twain_32\hpqgends.tmp moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Hong
->Temp folder emptied: 2162676 bytes
->Temporary Internet Files folder emptied: 59764159 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 14378151 bytes
->Google Chrome cache emptied: 382537960 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 9170 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 3637536892 bytes
Total Files Cleaned = 3 907,00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: Hong
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.17.3 log created on 12062010_231623
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Přispějete na provoz fóra?