Operating memory - Win32/Olmarik trojan - unable to clean [Closed]

Hi all,

My antivirus detects this Olmarik trojan in the operating memory, but it is unable to remove it.

I have already downloaded OTL and performed the scan. I dont know how to proceed forward. Would you please guide me through this?

Here are the contents of the OTL.Txt and Extras.Txt files:

OTL logfile created on: 19.1.2012 19:31:38 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\kristyna\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,93 Gb Total Physical Memory | 0,21 Gb Available Physical Memory | 10,80% Memory free
3,78 Gb Paging File | 1,88 Gb Available in Paging File | 49,77% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 187,40 Gb Free Space | 80,47% Space Free | Partition Type: NTFS

Computer Name: NB-KRISTYNA | User Name: kristyna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.01.19 19:30:27 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kristyna\Plocha\OTL.exe
PRC - [2011.11.17 16:00:00 | 000,611,144 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK32.EXE
PRC - [2011.03.14 09:59:40 | 000,084,520 | ---- | M] (Software602 a.s.) -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
PRC - [2011.01.07 12:12:22 | 000,505,576 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010.11.18 13:11:36 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2010.11.18 13:11:32 | 002,219,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2010.05.08 12:48:36 | 000,229,376 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\DatacardService\DCService.exe
PRC - [2008.04.18 14:54:02 | 000,354,840 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE
PRC - [2008.04.18 14:53:58 | 000,178,712 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
PRC - [2008.04.11 13:16:34 | 000,077,672 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\accelerometerST.exe
PRC - [2007.12.11 11:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe
PRC - [2006.03.02 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003.12.01 14:27:00 | 000,053,248 | ---- | M] (GEAR Software) -- C:\WINDOWS\system32\gearsec.exe

========== Modules (No Company Name) ==========

MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.05.08 12:48:36 | 000,229,376 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\DatacardService\DCService.exe

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.03.14 09:59:40 | 000,084,520 | ---- | M] (Software602 a.s.) [Auto | Running] -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2010.11.18 13:12:06 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.11.18 13:11:36 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2010.05.08 12:48:36 | 000,229,376 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Data aplikací\DatacardService\DCService.exe -- (DCService.exe)
SRV - [2008.04.18 14:54:02 | 000,354,840 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE -- (IAANTMON) Intel®
SRV - [2007.12.11 11:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2003.12.01 14:27:00 | 000,053,248 | ---- | M] (GEAR Software) [Auto | Running] -- C:\WINDOWS\system32\gearsec.exe -- (gearsec)

========== Driver Services (SafeList) ==========

DRV - [2011.12.19 17:55:32 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2010.08.04 09:50:36 | 000,140,752 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010.08.03 11:28:36 | 000,055,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2010.07.29 11:31:26 | 000,134,512 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2010.07.29 11:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.07.29 11:31:26 | 000,032,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2010.04.09 14:24:12 | 000,063,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010.03.25 09:08:30 | 000,105,728 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010.03.20 10:56:04 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010.03.20 09:28:00 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2008.04.28 05:14:54 | 003,626,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Ovladač adaptéru Intel®
DRV - [2008.04.10 16:27:34 | 001,804,160 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008.03.31 15:04:30 | 000,023,040 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008.03.31 15:04:30 | 000,017,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2008.03.28 11:14:02 | 000,024,064 | R--- | M] (Sonic Focus, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfaudio.sys -- (SFAUDIO)
DRV - [2008.02.29 15:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007.11.29 16:35:44 | 000,163,328 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k) Broadcom NetLink ™
DRV - [2007.06.21 03:40:02 | 000,056,448 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SCR3XX2K.sys -- (SCR3XX2K)
DRV - [2007.06.18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2005.09.19 13:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2005.09.19 13:24:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://intranet
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://intranet
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=4.0: C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\Firefox [2011.05.31 19:55:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011.06.01 20:38:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.06.28 18:42:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011.05.10 11:56:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.06.28 18:42:45 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2006.03.02 13:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\accelerometerST.exe (Hewlett-Packard Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Boingo Wi-Finder] C:\Program Files\Boingo\Boingo Wi-Finder\Boingo.lnk ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE (Intel Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK32.EXE (WinZip Computing, S.L.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: mojebanka.cz ([]https in Důvěryhodné servery)
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} https://www.mojedato...x.cab?3,16,13,0 (Active602XMLFiller Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1305026809625 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} http://download.micr...44/igdtoolx.cab (IGDTester Class)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = pohl
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F4215C73-0BB1-483C-8513-149A91C09442}: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.05.10 10:49:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{19683958-bc7b-11e0-b126-00216b85673c}\Shell - "" = AutoRun
O33 - MountPoints2\{19683958-bc7b-11e0-b126-00216b85673c}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{4b65bee8-b6cd-11e0-b11e-00216b85673c}\Shell - "" = AutoRun
O33 - MountPoints2\{4b65bee8-b6cd-11e0-b11e-00216b85673c}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{4b65beec-b6cd-11e0-b11e-00216b85673c}\Shell - "" = AutoRun
O33 - MountPoints2\{4b65beec-b6cd-11e0-b11e-00216b85673c}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vykreslování vektorové grafiky (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Datové vazby jazyka DHTML pro jazyk Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Vylepšené vytváření obsahu
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Třídy DirectAnimation jazyka Java
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Aktualizace zabezpečení systému Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Plánovač úloh
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax ()
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll ()
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012.01.19 19:30:08 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\kristyna\Plocha\OTL.exe
[2012.01.19 07:07:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Data aplikací\Sun
[2012.01.19 07:04:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Data aplikací\Macromedia
[2012.01.19 07:04:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Data aplikací\Adobe
[2012.01.12 00:24:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kristyna\Local Settings\Data aplikací\Temp
[2012.01.12 00:22:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2012.01.12 00:19:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kristyna\Data aplikací\Google
[2012.01.12 00:19:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2012.01.12 00:19:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kristyna\Local Settings\Data aplikací\Google
[2012.01.12 00:18:57 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012.01.12 00:18:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Google
[2012.01.06 13:00:53 | 000,000,000 | ---D | C] -- C:\Program Files\Boingo
[2012.01.06 13:00:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\GoBoingo
[2012.01.06 13:00:11 | 001,394,056 | ---- | C] (Boingo Wireless) -- C:\Documents and Settings\kristyna\Plocha\GoBoingo_awBwAG8AaABsAG8AdgBhAA==_awByAHkAcwB0AG8AZgAxADUA_GoBoingo.exe
[2012.01.02 18:26:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kristyna\Local Settings\Data aplikací\WinZip
[2012.01.02 18:25:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\WinZip
[2012.01.02 18:25:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\WinZip
[2012.01.02 18:25:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2011.05.10 11:19:03 | 000,176,128 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2011.05.10 11:18:58 | 000,180,224 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[6 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[18 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.01.19 19:38:01 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.01.19 19:30:27 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kristyna\Plocha\OTL.exe
[2012.01.19 19:29:02 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.19 18:34:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.01.19 18:34:16 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.19 18:33:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.01.12 00:26:31 | 000,436,042 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.01.12 00:26:31 | 000,432,964 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.01.12 00:26:31 | 000,079,888 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.01.12 00:26:31 | 000,068,938 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.01.12 00:18:37 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.01.10 22:57:38 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.01.06 13:00:41 | 001,394,056 | ---- | M] (Boingo Wireless) -- C:\Documents and Settings\kristyna\Plocha\GoBoingo_awBwAG8AaABsAG8AdgBhAA==_awByAHkAcwB0AG8AZgAxADUA_GoBoingo.exe
[2012.01.03 16:57:29 | 000,002,563 | ---- | M] () -- C:\Documents and Settings\kristyna\Plocha\Microsoft Office Word 2007.lnk
[2012.01.02 18:25:49 | 000,001,732 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\WinZip.lnk
[2012.01.02 18:25:49 | 000,001,670 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\WinZip Quick Pick.lnk
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[18 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.01.19 07:08:13 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.01.12 00:19:05 | 000,000,944 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.12 00:19:04 | 000,000,940 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.06 13:00:54 | 000,001,818 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Boingo Wi-Finder.lnk
[2012.01.02 18:25:49 | 000,001,732 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\WinZip.lnk
[2012.01.02 18:25:47 | 000,001,670 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\WinZip Quick Pick.lnk
[2011.09.28 19:49:41 | 000,159,776 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2011.06.28 18:35:35 | 000,230,488 | ---- | C] () -- C:\WINDOWS\hpoins47.dat
[2011.06.28 18:35:35 | 000,000,574 | ---- | C] () -- C:\WINDOWS\hpomdl47.dat
[2011.06.22 22:23:13 | 000,230,498 | ---- | C] () -- C:\WINDOWS\hpoins47.dat.temp
[2011.06.14 08:20:48 | 000,000,574 | ---- | C] () -- C:\WINDOWS\hpomdl47.dat.temp
[2011.06.06 17:49:31 | 000,054,948 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011.05.15 16:35:00 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011.05.15 16:35:00 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011.05.15 16:27:59 | 000,012,288 | ---- | C] () -- C:\Documents and Settings\kristyna\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.10 12:38:12 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.05.10 12:37:07 | 000,271,784 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.05.10 11:19:03 | 001,804,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2011.05.10 11:19:03 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2011.05.10 11:19:03 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
[2011.05.10 11:18:19 | 000,000,571 | ---- | C] () -- C:\WINDOWS\HBCIKRNL.INI
[2011.05.10 11:14:42 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4953.dll
[2011.05.10 11:14:41 | 001,991,464 | R--- | C] () -- C:\WINDOWS\System32\igkrng500.bin
[2011.05.10 11:14:41 | 000,432,400 | R--- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin
[2011.05.10 10:53:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.05.10 10:46:55 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2006.03.02 13:00:00 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2006.03.02 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.03.02 13:00:00 | 000,436,042 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.03.02 13:00:00 | 000,432,964 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2006.03.02 13:00:00 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2006.03.02 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.03.02 13:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2006.03.02 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.03.02 13:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2006.03.02 13:00:00 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2006.03.02 13:00:00 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2006.03.02 13:00:00 | 000,079,888 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2006.03.02 13:00:00 | 000,068,938 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.03.02 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.03.02 13:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2006.03.02 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.03.02 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.03.02 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006.03.02 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002.05.28 19:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002.05.28 19:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2011.05.10 10:49:24 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011.05.10 10:41:02 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2006.03.02 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2011.05.10 11:19:13 | 000,000,164 | ---- | M] () -- C:\chicony.log
[2011.05.10 10:49:24 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011.05.10 11:12:28 | 000,000,161 | ---- | M] () -- C:\esuinst.log
[2011.05.10 11:04:53 | 000,000,198 | ---- | M] () -- C:\esu_xpsp2.log
[2011.05.10 11:16:58 | 000,108,982 | ---- | M] () -- C:\intel_chipset.log
[2011.05.10 11:17:55 | 000,259,968 | ---- | M] () -- C:\intel_msm.log
[2011.05.10 10:49:24 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011.05.10 10:49:24 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2006.03.02 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2011.05.10 11:35:09 | 000,250,576 | RHS- | M] () -- C:\ntldr
[2012.01.19 18:33:51 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2011.05.10 11:12:28 | 000,000,227 | ---- | M] () -- C:\sedinst2.log
[2011.05.10 11:24:37 | 000,000,185 | ---- | M] () -- C:\setup.log
[2011.05.10 11:21:13 | 000,000,191 | ---- | M] () -- C:\syntpad.log

< MD5 for: AGP440.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\eventlog.dll
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2006.03.02 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: IASTOR.SYS >
[2008.04.15 18:54:16 | 000,388,120 | R--- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IASTOR.SYS
[2008.04.15 18:53:44 | 000,312,344 | R--- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IASTOR.SYS
[2008.04.15 18:53:44 | 000,312,344 | R--- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\system32\drivers\iaStor.sys
[2008.04.15 18:53:44 | 000,312,344 | R--- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\system32\DRVSTORE\IAAHCI_E7EB69FF3449D216602D0D37A1D73969621673A9\iaStor.sys
[2008.04.15 23:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2006.03.02 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2006.03.02 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[18 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %PROGRAMFILES%\*. >
[2011.06.22 22:33:19 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2011.05.10 11:05:41 | 000,000,000 | ---D | M] -- C:\Program Files\Analog Devices
[2011.10.27 12:54:10 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2012.01.06 13:00:53 | 000,000,000 | ---D | M] -- C:\Program Files\Boingo
[2011.11.01 10:11:28 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2011.05.10 11:20:13 | 000,000,000 | ---D | M] -- C:\Program Files\Broadcom
[2011.05.10 13:52:12 | 000,000,000 | ---D | M] -- C:\Program Files\Canon
[2011.07.21 13:19:32 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2011.05.10 10:46:54 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2011.05.11 19:35:47 | 000,000,000 | ---D | M] -- C:\Program Files\Electronic Arts
[2011.05.10 11:56:17 | 000,000,000 | ---D | M] -- C:\Program Files\ESET
[2012.01.12 00:19:09 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2011.05.10 11:23:47 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2011.06.28 18:58:15 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2011.05.10 11:10:52 | 000,000,000 | ---D | M] -- C:\Program Files\HPQ
[2011.05.12 05:45:23 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2011.05.10 11:17:37 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2011.12.15 11:45:28 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011.11.01 10:14:24 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2011.11.01 10:16:00 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2011.05.16 15:56:37 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2011.05.10 13:23:48 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2011.05.31 19:55:11 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2011.07.21 14:34:18 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2011.05.10 10:49:53 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2011.09.28 19:42:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2011.09.28 19:42:05 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2011.06.28 19:10:48 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011.10.12 13:58:24 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2011.05.10 12:02:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2011.05.10 13:26:25 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2011.05.12 05:48:00 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft WSE
[2011.05.10 14:50:47 | 000,000,000 | ---D | M] -- C:\Program Files\MixMeister Express 6
[2011.07.25 15:56:49 | 000,000,000 | ---D | M] -- C:\Program Files\Mobile Partner
[2011.05.10 13:56:48 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2011.05.14 08:36:54 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2011.05.10 10:46:42 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2011.05.31 19:55:08 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Toolbar
[2011.05.31 19:55:18 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Toolbar Installer
[2011.07.22 07:08:52 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2011.05.10 11:36:29 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2011.05.10 10:48:38 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2011.05.10 13:56:01 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2011.11.01 10:20:17 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2011.05.14 08:36:45 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2011.05.10 11:18:15 | 000,000,000 | ---D | M] -- C:\Program Files\SCM Microsystems
[2011.08.09 18:47:21 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2011.07.21 13:19:15 | 000,000,000 | ---D | M] -- C:\Program Files\Software602
[2011.05.10 11:21:03 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2011.05.10 10:59:50 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2011.07.15 10:35:06 | 000,000,000 | ---D | M] -- C:\Program Files\Veetle
[2011.09.22 13:21:19 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2011.05.10 14:51:17 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2011.05.10 11:36:27 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2011.05.10 10:48:39 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2012.01.02 18:25:39 | 000,000,000 | ---D | M] -- C:\Program Files\WinZip
[2011.05.10 10:49:53 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2011.05.15 16:35:00 | 000,000,000 | ---D | M] -- C:\Program Files\Xvid

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-12-15 10:48:31

< End of report >

OTL Extras logfile created on: 19.1.2012 19:31:38 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\kristyna\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,93 Gb Total Physical Memory | 0,21 Gb Available Physical Memory | 10,80% Memory free
3,78 Gb Paging File | 1,88 Gb Available in Paging File | 49,77% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 187,40 Gb Free Space | 80,47% Space Free | Partition Type: NTFS

Computer Name: NB-KRISTYNA | User Name: kristyna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP
"427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP
"427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\{59C83C08-63F4-4AEC-81D6-392C5E23B843}\setup\hpznui01.exe" = C:\Program Files\HP\Digital Imaging\{59C83C08-63F4-4AEC-81D6-392C5E23B843}\setup\hpznui01.exe:*:Enabled:hpznui01.exe -- (Hewlett-Packard)
"D:\setup\hpznui01.exe" = D:\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Veetle\Player\VeetleNet.exe" = C:\Program Files\Veetle\Player\VeetleNet.exe:*:Enabled:VeetleNet -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\{59C83C08-63F4-4AEC-81D6-392C5E23B843}\setup\hpznui01.exe" = C:\Program Files\HP\Digital Imaging\{59C83C08-63F4-4AEC-81D6-392C5E23B843}\setup\hpznui01.exe:*:Enabled:hpznui01.exe -- (Hewlett-Packard)
"D:\setup\hpznui01.exe" = D:\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Veetle\Player\VeetleNet.exe" = C:\Program Files\Veetle\Player\VeetleNet.exe:*:Enabled:VeetleNet -- ()
"C:\Program Files\Microsoft Games\Age of Empires Online\Spartan.exe" = C:\Program Files\Microsoft Games\Age of Empires Online\Spartan.exe:*:Enabled:Age of Empires Online -- (Microsoft Studios)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0360D8F0-626A-4E87-8A16-938BD0BEBCC5}" = 32 Bit HP CIO Components Installer
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java™ 6 Update 25
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D530FA3-9B89-4186-98B7-F51000008100}" = Age of Empires Online
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{5779A709-BF65-4C42-A0C6-07980120B903}" = ESET Smart Security
"{58E65E96-6649-4CBE-9382-35326D694E6F}" = MSN Toolbar Platform
"{59C83C08-63F4-4AEC-81D6-392C5E23B843}" = HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{983980FC-66FB-4ECC-A5D8-4565BE217733}" = SCR3xxx Smart Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F9A2D22-7E30-4546-B817-10644FFB9935}" = B110
"{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.5 - Czech
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1D35924-EF71-4F74-AE16-5FD2458B533F}" = HP 3D DriveGuard
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240CA}" = WinZip 16.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{DE6C90ED-1CFC-4CE4-8AFA-20D351F8C849}" = Boingo Wi-Finder
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F7DA5EBC-D7C6-45A3-AB36-1DEA3E6801B4}" = MixMeister Express 6
"{F88E2E04-7EF5-488C-8E38-C94EB808458E}" = PS_AIO_07_B110_SW_Min
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FC57FC53-104C-415C-98D7-B05E659461A9}" = Broadcom NetXtreme Ethernet Controller
"602XMLFiller_CAB" = Software602 Form Filler rozšíření pro internetové prohlížeče
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"EADM" = EA Download Manager
"GFWL_{4D530FA3-9B89-4186-98B7-F51000008100}" = Age of Empires Online
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mobile Partner" = Mobile Partner
"PROHYBRIDR" = 2007 Microsoft Office system
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Veetle TV" = Veetle TV
"VLC media player" = VLC media player 1.1.11
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"Xvid_is1" = Xvid 1.2.2 final uninstall

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 18.1.2012 19:32:55 | Computer Name = NB-KRISTYNA | Source = Userenv | ID = 1054
Description = Systém Windows nemůže získat název řadiče domény vaší sítě. (Zadaná
doména neexistuje nebo není k dispozici. ). Zpracovávání zásad skupin bylo zastaveno.

Error - 18.1.2012 19:32:56 | Computer Name = NB-KRISTYNA | Source = AutoEnrollment | ID = 15
Description = Automatickému zápisu certifikátu pro Local System se nezdařilo kontaktovat
adresář Active Directory(0x8007054b). Zadaná doména neexistuje nebo není k dispozici.

Zápis nebude proveden.

Error - 18.1.2012 20:42:43 | Computer Name = NB-KRISTYNA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 19.1.2012 1:02:53 | Computer Name = NB-KRISTYNA | Source = Userenv | ID = 1054
Description = Systém Windows nemůže získat název řadiče domény vaší sítě. (Zadaná
doména neexistuje nebo není k dispozici. ). Zpracovávání zásad skupin bylo zastaveno.

Error - 19.1.2012 12:40:19 | Computer Name = NB-KRISTYNA | Source = Userenv | ID = 1054
Description = Systém Windows nemůže získat název řadiče domény vaší sítě. (Zadaná
doména neexistuje nebo není k dispozici. ). Zpracovávání zásad skupin bylo zastaveno.

Error - 19.1.2012 12:40:19 | Computer Name = NB-KRISTYNA | Source = AutoEnrollment | ID = 15
Description = Automatickému zápisu certifikátu pro Local System se nezdařilo kontaktovat
adresář Active Directory(0x8007054b). Zadaná doména neexistuje nebo není k dispozici.

Zápis nebude proveden.

Error - 19.1.2012 12:41:40 | Computer Name = NB-KRISTYNA | Source = Userenv | ID = 1054
Description = Systém Windows nemůže získat název řadiče domény vaší sítě. (Zadaná
doména neexistuje nebo není k dispozici. ). Zpracovávání zásad skupin bylo zastaveno.

Error - 19.1.2012 13:34:14 | Computer Name = NB-KRISTYNA | Source = Userenv | ID = 1054
Description = Systém Windows nemůže získat název řadiče domény vaší sítě. (Zadaná
doména neexistuje nebo není k dispozici. ). Zpracovávání zásad skupin bylo zastaveno.

Error - 19.1.2012 13:34:15 | Computer Name = NB-KRISTYNA | Source = AutoEnrollment | ID = 15
Description = Automatickému zápisu certifikátu pro Local System se nezdařilo kontaktovat
adresář Active Directory(0x8007054b). Zadaná doména neexistuje nebo není k dispozici.

Zápis nebude proveden.

Error - 19.1.2012 13:34:16 | Computer Name = NB-KRISTYNA | Source = Userenv | ID = 1054
Description = Systém Windows nemůže získat název řadiče domény vaší sítě. (Zadaná
doména neexistuje nebo není k dispozici. ). Zpracovávání zásad skupin bylo zastaveno.

[ OSession Events ]
Error - 6.10.2011 2:32:34 | Computer Name = NB-KRISTYNA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1273
seconds with 1200 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 19.1.2012 12:55:37 | Computer Name = NB-KRISTYNA | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 29 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 19.1.2012 13:25:43 | Computer Name = NB-KRISTYNA | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 59 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 19.1.2012 13:30:17 | Computer Name = NB-KRISTYNA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1053 při pokusu o spuštění služby gupdate
s argumenty /comsvc za účelem spuštění serveru: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error - 19.1.2012 13:30:29 | Computer Name = NB-KRISTYNA | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Služba Google Update (gupdate).

Error - 19.1.2012 13:30:29 | Computer Name = NB-KRISTYNA | Source = Service Control Manager | ID = 7000
Description = Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku
následující chyby: %%1053

Error - 19.1.2012 13:34:13 | Computer Name = NB-KRISTYNA | Source = NETLOGON | ID = 5719
Description = V doméně POHL není k dispozici žádný řadič domény z důvodu: %%1311.

Přesvědčte
se, zda je počítač připojen k síti a akci opakujte. Pokud budou potíže trvat, obraťte
se na správce domény.

Error - 19.1.2012 13:34:15 | Computer Name = NB-KRISTYNA | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 15 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 19.1.2012 13:34:15 | Computer Name = NB-KRISTYNA | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 19.1.2012 13:49:18 | Computer Name = NB-KRISTYNA | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 29 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 19.1.2012 14:19:18 | Computer Name = NB-KRISTYNA | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 59 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

< End of report >

Operating memory - Win32/Olmarik trojan - unable to clean [Closed]

#1
kristynap123

Posted 19 January 2012 - 01:02 PM

Advertisements

#2
Essexboy

Posted 19 January 2012 - 01:47 PM

#3
kristynap123

Posted 19 January 2012 - 02:24 PM

Attached Files

#4
Essexboy

Posted 19 January 2012 - 02:26 PM

#5
kristynap123

Posted 19 January 2012 - 02:30 PM

Attached Files

#6
kristynap123

Posted 19 January 2012 - 02:42 PM

#7
Essexboy

Posted 19 January 2012 - 04:06 PM

#8
Essexboy

Posted 23 January 2012 - 03:03 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Operating memory - Win32/Olmarik trojan - unable to clean [Closed]

#1 kristynap123 Posted 19 January 2012 - 01:02 PM

Advertisements

#2 Essexboy Posted 19 January 2012 - 01:47 PM

#3 kristynap123 Posted 19 January 2012 - 02:24 PM

Attached Files

#4 Essexboy Posted 19 January 2012 - 02:26 PM

#5 kristynap123 Posted 19 January 2012 - 02:30 PM

Attached Files

#6 kristynap123 Posted 19 January 2012 - 02:42 PM

#7 Essexboy Posted 19 January 2012 - 04:06 PM

#8 Essexboy Posted 23 January 2012 - 03:03 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Sign In

#1
kristynap123

Posted 19 January 2012 - 01:02 PM

#2
Essexboy

Posted 19 January 2012 - 01:47 PM

#3
kristynap123

Posted 19 January 2012 - 02:24 PM

#4
Essexboy

Posted 19 January 2012 - 02:26 PM

#5
kristynap123

Posted 19 January 2012 - 02:30 PM

#6
kristynap123

Posted 19 January 2012 - 02:42 PM

#7
Essexboy

Posted 19 January 2012 - 04:06 PM

#8
Essexboy

Posted 23 January 2012 - 03:03 PM