Ve Win Vista nelze mazat soubory Vyřešeno
Re: Ve Win Vista nelze mazat soubory Vyřešeno
OK. A teraz sprav prosim novy log z OTL.
Nemam rad amaterizmus...
A adresat odkazu to vie :)
A adresat odkazu to vie :)
Re: Ve Win Vista nelze mazat soubory
Předpokládám, že to měl být sken se stejnými parametry, jako v tvém prvním příspěvku? Tentokrát vyhodil jenom jeden log...
OTL.txt:
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Extensions Off Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Extensions Off Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Unable to set value : HKU\S-1-5-21-1600578981-3844651555-2168284247-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E!
Unable to set value : HKU\S-1-5-21-1600578981-3844651555-2168284247-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0508F8F1-08E3-43EE-AAA8-09AD09803084} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0508F8F1-08E3-43EE-AAA8-09AD09803084}\ not found.
Registry value HKEY_USERS\S-1-5-21-1600578981-3844651555-2168284247-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NWEReboot deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1600578981-3844651555-2168284247-1000\Software\Microsoft\Windows\CurrentVersion\Run\\PMCRemote deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\Windows\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{71b9bb65-5d92-11dd-9b11-0022151b4d53}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71b9bb65-5d92-11dd-9b11-0022151b4d53}\ not found.
File F:\Autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c04bb846-59d5-11dd-aea2-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c04bb846-59d5-11dd-aea2-806e6f6e6963}\ not found.
File D:\.\Bin\Assetup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f46c5ee7-6b95-11dd-8165-00221549df36}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f46c5ee7-6b95-11dd-8165-00221549df36}\ not found.
File E:\AutoRun.exe not found.
File ptytemp] not found.
File boot] not found.
OTL by OldTimer - Version 3.0.14.0 log created on 09172009_212058
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
OTL.txt:
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Extensions Off Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Extensions Off Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Unable to set value : HKU\S-1-5-21-1600578981-3844651555-2168284247-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E!
Unable to set value : HKU\S-1-5-21-1600578981-3844651555-2168284247-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0508F8F1-08E3-43EE-AAA8-09AD09803084} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0508F8F1-08E3-43EE-AAA8-09AD09803084}\ not found.
Registry value HKEY_USERS\S-1-5-21-1600578981-3844651555-2168284247-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NWEReboot deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1600578981-3844651555-2168284247-1000\Software\Microsoft\Windows\CurrentVersion\Run\\PMCRemote deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\Windows\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{71b9bb65-5d92-11dd-9b11-0022151b4d53}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71b9bb65-5d92-11dd-9b11-0022151b4d53}\ not found.
File F:\Autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c04bb846-59d5-11dd-aea2-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c04bb846-59d5-11dd-aea2-806e6f6e6963}\ not found.
File D:\.\Bin\Assetup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f46c5ee7-6b95-11dd-8165-00221549df36}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f46c5ee7-6b95-11dd-8165-00221549df36}\ not found.
File E:\AutoRun.exe not found.
File ptytemp] not found.
File boot] not found.
OTL by OldTimer - Version 3.0.14.0 log created on 09172009_212058
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Core 2 Duo E8200, Asus P5Q-E (P45) socket 775, A-Data DDR2 800MHz extreme edition 4GB cl.4, Samsung SpinPoint HD753LJ 750GB, Asus EAH4850/512MB, Corsair Power supply VX450, WIN7 home premium 64bit.
Re: Ve Win Vista nelze mazat soubory
Znova spust OTL podla navodu z prveho postu. Tentokrat ale vyskoci len jeden log, ten potrebujem vidiet.
Nemam rad amaterizmus...
A adresat odkazu to vie :)
A adresat odkazu to vie :)
Re: Ve Win Vista nelze mazat soubory
Však to už je ten o příspěvek výše - jak jsem psal, že teď vyhodil jenom jeden...
Core 2 Duo E8200, Asus P5Q-E (P45) socket 775, A-Data DDR2 800MHz extreme edition 4GB cl.4, Samsung SpinPoint HD753LJ 750GB, Asus EAH4850/512MB, Corsair Power supply VX450, WIN7 home premium 64bit.
Re: Ve Win Vista nelze mazat soubory
V poriadku, lenze ty si sem vlozil 2x ten isty vystupny log po spracovani skriptu. No ja potrebujem vidiet log podobny OTL.txt (teda tomu, co si vlozil hned v uvode vlakna) :)
Nemam rad amaterizmus...
A adresat odkazu to vie :)
A adresat odkazu to vie :)
Re: Ve Win Vista nelze mazat soubory
Ok, udělal jsem sken v OTL: Purity check, scan all users, LOP check a File age 7dni...
OTL logfile created on: 18.9.2009 22:22:22 - Run 3
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Users\User\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 1,96 Gb Available Physical Memory | 49,07% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698,63 Gb Total Space | 209,21 Gb Free Space | 29,95% Space Free | Partition Type: NTFS
Drive D: | 7,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PEDROS
Current User Name: User
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2008.05.14 18:42:56 | 05,958,656 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
PRC - [2009.09.11 23:19:22 | 00,798,720 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\WordPad\{8BFC69B8-2FA4-6EEA-DCA2-329A8C9572B6}\cftmon.exe
PRC - [2008.07.07 18:59:54 | 03,272,704 | ---- | M] () -- C:\Program Files\Strong DC\StrongDC.exe
PRC - [2008.03.17 00:40:44 | 01,302,528 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
PRC - [2009.05.14 15:47:54 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2009.09.11 23:19:22 | 00,798,720 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\WordPad\{2D481242-9F74-2824-2B87-AE4A16ECE5BB}\cftmon.exe
PRC - [2009.09.11 23:19:22 | 00,798,720 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\WordPad\{8BFC69B8-2FA4-6EEA-DCA2-329A8C9572B6}\cftmon.exe
PRC - [2009.09.11 23:19:22 | 00,798,720 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\WordPad\{8BFC69B8-2FA4-6EEA-DCA2-329A8C9572B6}\cftmon.exe
PRC - [2009.09.11 23:19:22 | 00,798,720 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\WordPad\{8BFC69B8-2FA4-6EEA-DCA2-329A8C9572B6}\cftmon.exe
PRC - [2008.07.12 00:24:19 | 03,178,496 | ---- | M] () -- C:\Gamesky\Slépka tykvoň\farm2.exe
PRC - [2008.07.03 04:15:57 | 00,307,712 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.09.15 23:02:20 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2008.05.14 16:03:34 | 00,887,808 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility [Auto | Running])
SRV:64bit: - [2009.05.14 15:54:26 | 00,023,296 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv [On_Demand | Stopped])
SRV:64bit: - [2009.05.14 15:47:54 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn [Auto | Running])
SRV:64bit: - [2006.04.14 11:58:16 | 00,153,376 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter [On_Demand | Stopped])
SRV:64bit: - [2008.01.21 04:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV:64bit: - [2008.01.21 04:52:15 | 01,216,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2009.09.11 23:19:22 | 00,798,720 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\WordPad\{8BFC69B8-2FA4-6EEA-DCA2-329A8C9572B6}\cftmon.exe -- (AEADIFilters [Auto | Running])
SRV - [2009.03.30 06:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009.03.30 06:39:54 | 00,089,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64 [On_Demand | Stopped])
SRV - [2008.01.21 04:51:36 | 00,344,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Running])
SRV - [2008.01.21 04:51:36 | 00,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Running])
SRV - [2006.11.02 17:03:48 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2009.02.18 20:40:04 | 00,042,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2005.04.04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2009.02.18 20:39:11 | 00,857,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2006.11.02 11:46:05 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\keyiso.dll -- (KeyIso [On_Demand | Stopped])
SRV - [2006.11.02 15:34:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWow64\Msdtc -- (MSDTC [Unknown | Stopped])
SRV - [2009.09.11 23:19:22 | 00,798,720 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\WordPad\{8BFC69B8-2FA4-6EEA-DCA2-329A8C9572B6}\cftmon.exe -- (Nero BackItUp Scheduler 4.0 [Auto | Running])
SRV - [2009.04.11 08:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netlogon.dll -- (Netlogon [On_Demand | Stopped])
SRV - [2003.07.28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2008.08.07 11:17:30 | 00,575,488 | ---- | M] (Nokia.) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])
SRV - [2009.09.11 23:19:22 | 00,798,720 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\WordPad\{8BFC69B8-2FA4-6EEA-DCA2-329A8C9572B6}\cftmon.exe -- (stisvc [Auto | Running])
SRV - [2006.11.02 08:35:15 | 00,060,994 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vds.mof -- (vds [On_Demand | Stopped])
SRV - [2006.11.02 08:35:15 | 00,055,846 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vss.mof -- (VSS [On_Demand | Stopped])
SRV - [2009.09.11 23:19:22 | 00,798,720 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\WordPad\{8BFC69B8-2FA4-6EEA-DCA2-329A8C9572B6}\cftmon.exe -- (WSearch [Auto | Running])
========== Driver Services (SafeList) ==========
DRV:64bit: - [2006.12.11 17:20:54 | 01,413,592 | ---- | M] (Philips Semiconductors GmbH) -- C:\Windows\SysNative\DRIVERS\3xHybr64.sys -- (3xHybr64 [On_Demand | Stopped])
DRV:64bit: - [2008.03.20 02:44:34 | 00,467,456 | ---- | M] (Analog Devices, Inc.) -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService [On_Demand | Running])
DRV:64bit: - [2008.05.14 16:49:44 | 04,436,480 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag [On_Demand | Running])
DRV:64bit: - [2009.05.14 15:41:14 | 00,142,776 | ---- | M] (ESET) -- C:\Windows\SysNative\DRIVERS\eamon.sys -- (eamon [Auto | Running])
DRV:64bit: - [2009.05.14 15:47:16 | 00,134,024 | ---- | M] (ESET) -- C:\Windows\SysNative\DRIVERS\ehdrv.sys -- (ehdrv [System | Running])
DRV:64bit: - [2009.05.14 15:49:56 | 00,121,152 | ---- | M] (ESET) -- C:\Windows\SysNative\DRIVERS\epfwwfpr.sys -- (epfwwfpr [Auto | Running])
DRV:64bit: - [2009.04.11 07:39:51 | 00,275,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Running])
DRV:64bit: - [2006.10.31 17:23:42 | 00,015,680 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])
DRV:64bit: - [2008.05.19 09:47:48 | 00,173,096 | ---- | M] (Marvell Semiconductor, Inc.) -- C:\Windows\SysNative\DRIVERS\mv61xx.sys -- (mv61xx [Boot | Running])
DRV:64bit: - [2008.05.07 07:39:44 | 00,023,552 | ---- | M] (Nokia) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64 [On_Demand | Stopped])
DRV:64bit: - [2008.05.07 07:39:44 | 00,018,432 | ---- | M] (Nokia) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64 [On_Demand | Stopped])
DRV:64bit: - [2007.09.17 15:53:34 | 00,029,184 | ---- | M] (Nokia) -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys -- (pccsmcfd [On_Demand | Stopped])
DRV:64bit: - [2009.02.20 18:11:16 | 00,082,048 | ---- | M] (VSO Software) -- C:\Windows\SysNative\Drivers\pcouffin64a.sys -- (Pcouffin64 [On_Demand | Stopped])
DRV:64bit: - [2007.04.03 10:30:14 | 01,418,112 | ---- | M] (Philips Semiconductors GmbH) -- C:\Windows\SysNative\DRIVERS\Ph3xIB64.sys -- (Ph3xIB64 [On_Demand | Running])
DRV:64bit: - [2008.09.17 20:56:17 | 00,868,848 | ---- | M] () -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV:64bit: - [2007.05.02 11:11:14 | 00,108,296 | ---- | M] (MCCI Corporation) -- C:\Windows\SysNative\DRIVERS\ss_bus.sys -- (ss_bus [On_Demand | Stopped])
DRV:64bit: - [2007.05.02 11:11:14 | 00,019,208 | ---- | M] (MCCI Corporation) -- C:\Windows\SysNative\DRIVERS\ss_mdfl.sys -- (ss_mdfl [On_Demand | Stopped])
DRV:64bit: - [2007.05.02 11:11:14 | 00,145,160 | ---- | M] (MCCI Corporation) -- C:\Windows\SysNative\DRIVERS\ss_mdm.sys -- (ss_mdm [On_Demand | Stopped])
DRV:64bit: - [2009.08.09 18:30:30 | 00,000,206 | ---- | M] () -- C:\Program Files\Samsung D900i\StarOpen.reg -- (StarOpen [System | Stopped])
DRV:64bit: - [2008.06.06 09:25:44 | 00,008,704 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys -- (upperdev [On_Demand | Stopped])
DRV:64bit: - [2009.04.11 07:39:37 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser [On_Demand | Stopped])
DRV:64bit: - [2008.05.07 07:40:02 | 00,008,704 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64j.sys -- (UsbserFilt [On_Demand | Stopped])
DRV:64bit: - [2008.01.24 15:07:54 | 00,022,024 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum [On_Demand | Running])
DRV:64bit: - [2008.01.24 15:08:04 | 00,032,776 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter [On_Demand | Running])
DRV:64bit: - [2008.01.24 15:08:14 | 00,034,312 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo [On_Demand | Running])
DRV:64bit: - [2008.01.24 15:08:24 | 00,015,752 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid [On_Demand | Stopped])
DRV:64bit: - [2008.01.24 15:08:34 | 00,057,352 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore [On_Demand | Running])
DRV:64bit: - [2008.01.21 04:47:28 | 00,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb [On_Demand | Stopped])
DRV:64bit: - [2007.08.15 10:22:00 | 00,369,152 | ---- | M] (Marvell) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64 [On_Demand | Running])
DRV - [2007.12.17 11:14:14 | 00,014,392 | R--- | M] () -- C:\Windows\SysWow64\drivers\AsIO.sys -- (AsIO [System | Running])
DRV - [2006.09.18 23:35:23 | 00,001,088 | ---- | M] () -- C:\Windows\SysWow64\Wbem\mpsdrv.mof -- (mpsdrv [On_Demand | Running])
DRV - [2009.09.08 13:26:18 | 00,028,276 | ---- | M] (MusicMatch, Inc.) -- C:\Windows\SysWow64\drivers\MxlW2k.sys -- (MxlW2k [On_Demand | Stopped])
DRV - [2009.08.09 18:30:30 | 00,005,632 | ---- | M] () -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen [System | Stopped])
DRV - [2006.09.18 23:36:40 | 00,003,066 | ---- | M] () -- C:\Windows\SysWow64\Wbem\tcpip.mof -- (Tcpip [Boot | Running])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1600578981-3844651555-2168284247-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-1600578981-3844651555-2168284247-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-1600578981-3844651555-2168284247-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.europowersearch.com/Search.h ... rchLang=CZ
IE - HKU\S-1-5-21-1600578981-3844651555-2168284247-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1600578981-3844651555-2168284247-1000\S-1-5-21-1600578981-3844651555-2168284247-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Google Search Community"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.1
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.06.26 09:54:16 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009.08.12 21:52:08 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009.01.28 11:38:39 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[2009.01.28 11:38:46 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2009.01.28 11:38:46 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.09.18 22:05:52 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\dmw5me05.default\extensions
[2009.06.26 10:57:57 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\dmw5me05.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2007.04.10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll
[2003.07.15 06:56:52 | 00,013,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL
[2008.06.11 22:45:28 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
O1 HOSTS File: (736 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [cftmon643e] C:\ProgramData\WordPad\{3A46D79F-8F9D-9116-6BA3-BCBBD3FDB99B}\cftmon.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundTray] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe (Sonic Focus, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-21-1600578981-3844651555-2168284247-1000..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1600578981-3844651555-2168284247-1000..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Strong DC.lnk = C:\Program Files (x86)\Strong DC\StrongDC.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE File not found
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\NLAapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\napinsp.dll (Společnost Microsoft)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWow64\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWow64\napinsp.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWow64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWow64\pnrpnsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.101.1 192.168.102.1 212.24.128.8 212.24.132.132
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\msvidctl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\msvidctl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files (x86)\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files (x86)\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - application/octet-stream - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - application/x-complus - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - application/x-msdownload - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - deflate - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - gzip - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - text/xml - Reg Error: Key error. File not found
O18 - Protocol\Filter: - text/xml - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.11.15 11:52:50 | 00,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) - D:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008.10.11 19:03:48 | 00,000,054 | R--- | M] () - D:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{7d3601aa-5a46-11dd-8689-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7d3601aa-5a46-11dd-8689-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2008.11.15 11:52:50 | 00,161,088 | R--- | M] (Take-Two Interactive Software, Inc.)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
========== Files/Folders - Created Within 7 Days ==========
[1 C:\Windows\*.tmp files]
[2009.09.17 21:20:58 | 00,000,000 | ---D | C] -- C:\_OTL
[2009.09.16 21:53:28 | 00,002,116 | ---- | C] () -- C:\Users\User\Desktop\Malware bytes -log-2009-09-16 (21-52-52)
[2009.09.16 21:12:33 | 00,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Malwarebytes
[2009.09.16 21:12:32 | 00,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.09.16 21:12:30 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009.09.16 21:12:28 | 00,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2009.09.16 21:12:28 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009.09.16 21:12:28 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2009.09.16 21:11:47 | 04,045,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\User\Desktop\mbam-setup.exe
[2009.09.15 23:00:15 | 00,514,560 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2009.09.14 21:59:40 | 01,353,252 | -H-- | C] () -- C:\Users\User\AppData\Local\IconCache.db
[2009.09.14 20:38:07 | 00,000,000 | ---D | C] -- C:\ProgramData\ESET
[2009.09.14 20:16:50 | 42,939,67872 | -HS- | C] () -- C:\hiberfil.sys
[2009.09.13 16:17:56 | 00,001,550 | ---- | C] () -- C:\Users\User\Desktop\Farm Frenzy 2.lnk
[2009.09.13 16:17:54 | 00,000,000 | ---D | C] -- C:\Windows\Farm Frenzy 2
[2009.09.13 16:07:32 | 00,377,797 | -H-- | C] () -- C:\treeinfo.wc
[2009.09.13 14:23:58 | 00,756,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2009.09.13 14:23:58 | 00,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2009.09.13 14:23:41 | 02,900,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVCORE.DLL
[2009.09.13 14:23:40 | 03,547,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2009.09.13 14:23:40 | 02,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2009.09.13 14:23:40 | 02,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVCORE.DLL
[2009.09.13 14:23:21 | 01,425,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tcpip.sys
[2009.09.13 14:23:20 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netiohlp.dll
[2009.09.13 14:23:20 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiohlp.dll
[2009.09.13 14:23:20 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tcpipreg.sys
[2009.09.13 14:23:20 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NETSTAT.EXE
[2009.09.13 14:23:20 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NETSTAT.EXE
[2009.09.13 14:23:20 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ARP.EXE
[2009.09.13 14:23:20 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ROUTE.EXE
[2009.09.13 14:23:20 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ARP.EXE
[2009.09.13 14:23:20 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ROUTE.EXE
[2009.09.13 14:23:20 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2009.09.13 14:23:20 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2009.09.13 14:23:20 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MRINFO.EXE
[2009.09.13 14:23:20 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRINFO.EXE
[2009.09.13 14:23:20 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\finger.exe
[2009.09.13 14:23:20 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TCPSVCS.EXE
[2009.09.13 14:23:20 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\finger.exe
[2009.09.13 14:23:20 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\HOSTNAME.EXE
[2009.09.13 14:23:20 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TCPSVCS.EXE
[2009.09.13 14:23:20 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\HOSTNAME.EXE
[2009.09.13 14:23:00 | 02,608,861 | ---- | C] () -- C:\Windows\SysNative\wlan.tmf
[2009.09.13 14:23:00 | 00,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlansvc.dll
[2009.09.13 14:23:00 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlansec.dll
[2009.09.13 14:23:00 | 00,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll
[2009.09.13 14:23:00 | 00,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlansec.dll
[2009.09.13 14:23:00 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2009.09.13 14:23:00 | 00,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\L2SecHC.dll
[2009.09.13 14:23:00 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\L2SecHC.dll
[2009.09.13 14:23:00 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanhlp.dll
[2009.09.13 14:23:00 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanapi.dll
[2009.09.13 14:23:00 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanapi.dll
[2009.09.12 17:48:27 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\avg
[2009.09.12 13:11:44 | 00,000,000 | ---D | C] -- C:\ProgramData\FarmFrenzy2
[2009.09.12 13:11:31 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\AlawarWrapper
[2009.09.12 13:11:31 | 00,000,000 | ---D | C] -- C:\ProgramData\AlawarWrapper
[2009.09.12 13:11:21 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Alawar
[2009.09.11 23:19:28 | 00,000,000 | ---D | C] -- C:\ProgramData\WordPad
[2009.09.11 22:28:48 | 00,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Nero
[2009.09.11 22:26:24 | 00,002,547 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
[2009.09.11 22:26:01 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2009.09.11 22:25:47 | 00,000,000 | ---D | C] -- C:\ProgramData\Nero
[2009.09.11 22:25:46 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2009.09.11 22:06:21 | 00,000,039 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.07.14 17:15:00 | 00,178,432 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.04 20:49:34 | 00,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.07.04 20:48:39 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.01.25 12:14:17 | 00,168,448 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.01.25 12:14:12 | 00,795,648 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009.01.25 12:14:12 | 00,130,048 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.01.25 12:14:11 | 03,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2009.01.25 12:14:05 | 00,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.01.25 12:14:05 | 00,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2008.12.22 14:55:10 | 00,000,292 | ---- | C] () -- C:\Windows\game.ini
[2008.10.02 09:04:12 | 00,000,223 | ---- | C] () -- C:\Windows\ao97pr.ini
[2008.10.01 22:51:21 | 00,002,003 | ---- | C] () -- C:\Windows\aoxppr.ini
[2008.09.23 19:20:47 | 00,000,732 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.09.12 18:00:47 | 00,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2008.07.25 21:21:08 | 01,420,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2008.07.25 15:05:18 | 00,201,488 | ---- | C] () -- C:\Windows\SysWow64\MACD32.DLL
[2008.07.25 15:05:18 | 00,144,144 | ---- | C] () -- C:\Windows\SysWow64\MASE32.DLL
[2008.07.25 15:05:18 | 00,141,584 | ---- | C] () -- C:\Windows\SysWow64\MAMC32.DLL
[2008.07.25 15:05:18 | 00,063,248 | ---- | C] () -- C:\Windows\SysWow64\MASD32.DLL
[2008.07.25 15:05:18 | 00,033,040 | ---- | C] () -- C:\Windows\SysWow64\MA32.DLL
[2008.07.25 14:36:45 | 00,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2008.07.25 14:36:42 | 00,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2008.07.25 14:36:40 | 00,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2008.07.25 14:36:40 | 00,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2008.07.25 14:18:29 | 00,035,450 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2008.07.25 14:18:06 | 00,035,058 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2008.01.21 04:50:05 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007.12.28 09:22:02 | 00,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2007.03.29 23:00:40 | 00,203,264 | R--- | C] () -- C:\Windows\SysWow64\CddbCdda.dll
[2006.11.02 14:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006.11.02 14:34:27 | 00,000,165 | ---- | C] () -- C:\Windows\win.ini
========== Files - Modified Within 7 Days ==========
[4 C:\Windows\SysWow64\*.tmp files]
[1 C:\Windows\*.tmp files]
[2009.09.18 22:20:11 | 00,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3E778A8B-CB70-4124-BD08-F0835E6B12D7}.job
[2009.09.18 22:16:53 | 00,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009.09.18 22:16:53 | 00,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009.09.18 18:34:01 | 01,402,426 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009.09.18 18:34:01 | 00,601,848 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2009.09.18 18:34:01 | 00,589,884 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009.09.18 18:34:01 | 00,115,976 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2009.09.18 18:34:01 | 00,101,896 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009.09.18 18:27:49 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009.09.18 18:27:47 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009.09.18 18:27:45 | 42,939,67872 | -HS- | M] () -- C:\hiberfil.sys
[2009.09.17 22:12:57 | 01,353,252 | -H-- | M] () -- C:\Users\User\AppData\Local\IconCache.db
[2009.09.17 20:46:09 | 00,377,797 | -H-- | M] () -- C:\treeinfo.wc
[2009.09.16 21:53:28 | 00,002,116 | ---- | M] () -- C:\Users\User\Desktop\Malware bytes -log-2009-09-16 (21-52-52)
[2009.09.16 21:12:32 | 00,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.09.16 21:11:38 | 04,045,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\User\Desktop\mbam-setup.exe
[2009.09.15 23:02:20 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2009.09.13 16:17:56 | 00,001,550 | ---- | M] () -- C:\Users\User\Desktop\Farm Frenzy 2.lnk
[2009.09.11 22:26:24 | 00,002,547 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
========== LOP Check ==========
[2006.11.02 17:07:25 | 00,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming
[2006.11.02 17:07:25 | 00,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Media Center Programs
[2006.11.02 17:07:25 | 00,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming
[2006.11.02 17:07:25 | 00,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Media Center Programs
[2009.09.16 21:12:33 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming
[2009.09.11 22:06:45 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ahead
[2009.01.27 23:56:45 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ashampoo
[2008.07.25 16:31:17 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ATI
[2008.09.17 20:55:57 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools
[2009.06.07 16:11:20 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\flightgear.org
[2009.09.12 14:53:14 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GHISLER
[2009.01.29 15:41:07 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GRETECH
[2009.01.15 20:23:14 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ICQ
[2008.07.29 19:26:03 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\iWin
[2006.11.02 17:07:25 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Media Center Programs
[2008.11.24 15:20:59 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Nokia
[2008.10.01 22:38:13 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Password Solutions
[2008.10.02 15:53:04 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PC Suite
[2008.09.12 18:06:04 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Samsung
[2008.08.23 20:58:02 | 00,000,000 | RH-D | M] -- C:\Users\User\AppData\Roaming\SecuROM
[2008.07.25 14:33:07 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TMP
[2009.02.20 18:14:01 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Vso
[2009.09.18 18:27:49 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009.09.18 13:10:37 | 00,032,574 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.09.18 22:20:11 | 00,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{3E778A8B-CB70-4124-BD08-F0835E6B12D7}.job
========== Purity Check ==========
< End of report >
OTL logfile created on: 18.9.2009 22:22:22 - Run 3
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Users\User\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 1,96 Gb Available Physical Memory | 49,07% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698,63 Gb Total Space | 209,21 Gb Free Space | 29,95% Space Free | Partition Type: NTFS
Drive D: | 7,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PEDROS
Current User Name: User
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2008.05.14 18:42:56 | 05,958,656 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
PRC - [2009.09.11 23:19:22 | 00,798,720 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\WordPad\{8BFC69B8-2FA4-6EEA-DCA2-329A8C9572B6}\cftmon.exe
PRC - [2008.07.07 18:59:54 | 03,272,704 | ---- | M] () -- C:\Program Files\Strong DC\StrongDC.exe
PRC - [2008.03.17 00:40:44 | 01,302,528 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
PRC - [2009.05.14 15:47:54 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2009.09.11 23:19:22 | 00,798,720 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\WordPad\{2D481242-9F74-2824-2B87-AE4A16ECE5BB}\cftmon.exe
PRC - [2009.09.11 23:19:22 | 00,798,720 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\WordPad\{8BFC69B8-2FA4-6EEA-DCA2-329A8C9572B6}\cftmon.exe
PRC - [2009.09.11 23:19:22 | 00,798,720 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\WordPad\{8BFC69B8-2FA4-6EEA-DCA2-329A8C9572B6}\cftmon.exe
PRC - [2009.09.11 23:19:22 | 00,798,720 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\WordPad\{8BFC69B8-2FA4-6EEA-DCA2-329A8C9572B6}\cftmon.exe
PRC - [2008.07.12 00:24:19 | 03,178,496 | ---- | M] () -- C:\Gamesky\Slépka tykvoň\farm2.exe
PRC - [2008.07.03 04:15:57 | 00,307,712 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.09.15 23:02:20 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2008.05.14 16:03:34 | 00,887,808 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility [Auto | Running])
SRV:64bit: - [2009.05.14 15:54:26 | 00,023,296 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv [On_Demand | Stopped])
SRV:64bit: - [2009.05.14 15:47:54 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn [Auto | Running])
SRV:64bit: - [2006.04.14 11:58:16 | 00,153,376 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter [On_Demand | Stopped])
SRV:64bit: - [2008.01.21 04:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV:64bit: - [2008.01.21 04:52:15 | 01,216,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2009.09.11 23:19:22 | 00,798,720 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\WordPad\{8BFC69B8-2FA4-6EEA-DCA2-329A8C9572B6}\cftmon.exe -- (AEADIFilters [Auto | Running])
SRV - [2009.03.30 06:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009.03.30 06:39:54 | 00,089,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64 [On_Demand | Stopped])
SRV - [2008.01.21 04:51:36 | 00,344,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Running])
SRV - [2008.01.21 04:51:36 | 00,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Running])
SRV - [2006.11.02 17:03:48 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2009.02.18 20:40:04 | 00,042,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2005.04.04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2009.02.18 20:39:11 | 00,857,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2006.11.02 11:46:05 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\keyiso.dll -- (KeyIso [On_Demand | Stopped])
SRV - [2006.11.02 15:34:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWow64\Msdtc -- (MSDTC [Unknown | Stopped])
SRV - [2009.09.11 23:19:22 | 00,798,720 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\WordPad\{8BFC69B8-2FA4-6EEA-DCA2-329A8C9572B6}\cftmon.exe -- (Nero BackItUp Scheduler 4.0 [Auto | Running])
SRV - [2009.04.11 08:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netlogon.dll -- (Netlogon [On_Demand | Stopped])
SRV - [2003.07.28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2008.08.07 11:17:30 | 00,575,488 | ---- | M] (Nokia.) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])
SRV - [2009.09.11 23:19:22 | 00,798,720 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\WordPad\{8BFC69B8-2FA4-6EEA-DCA2-329A8C9572B6}\cftmon.exe -- (stisvc [Auto | Running])
SRV - [2006.11.02 08:35:15 | 00,060,994 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vds.mof -- (vds [On_Demand | Stopped])
SRV - [2006.11.02 08:35:15 | 00,055,846 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vss.mof -- (VSS [On_Demand | Stopped])
SRV - [2009.09.11 23:19:22 | 00,798,720 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\WordPad\{8BFC69B8-2FA4-6EEA-DCA2-329A8C9572B6}\cftmon.exe -- (WSearch [Auto | Running])
========== Driver Services (SafeList) ==========
DRV:64bit: - [2006.12.11 17:20:54 | 01,413,592 | ---- | M] (Philips Semiconductors GmbH) -- C:\Windows\SysNative\DRIVERS\3xHybr64.sys -- (3xHybr64 [On_Demand | Stopped])
DRV:64bit: - [2008.03.20 02:44:34 | 00,467,456 | ---- | M] (Analog Devices, Inc.) -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService [On_Demand | Running])
DRV:64bit: - [2008.05.14 16:49:44 | 04,436,480 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag [On_Demand | Running])
DRV:64bit: - [2009.05.14 15:41:14 | 00,142,776 | ---- | M] (ESET) -- C:\Windows\SysNative\DRIVERS\eamon.sys -- (eamon [Auto | Running])
DRV:64bit: - [2009.05.14 15:47:16 | 00,134,024 | ---- | M] (ESET) -- C:\Windows\SysNative\DRIVERS\ehdrv.sys -- (ehdrv [System | Running])
DRV:64bit: - [2009.05.14 15:49:56 | 00,121,152 | ---- | M] (ESET) -- C:\Windows\SysNative\DRIVERS\epfwwfpr.sys -- (epfwwfpr [Auto | Running])
DRV:64bit: - [2009.04.11 07:39:51 | 00,275,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Running])
DRV:64bit: - [2006.10.31 17:23:42 | 00,015,680 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])
DRV:64bit: - [2008.05.19 09:47:48 | 00,173,096 | ---- | M] (Marvell Semiconductor, Inc.) -- C:\Windows\SysNative\DRIVERS\mv61xx.sys -- (mv61xx [Boot | Running])
DRV:64bit: - [2008.05.07 07:39:44 | 00,023,552 | ---- | M] (Nokia) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64 [On_Demand | Stopped])
DRV:64bit: - [2008.05.07 07:39:44 | 00,018,432 | ---- | M] (Nokia) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64 [On_Demand | Stopped])
DRV:64bit: - [2007.09.17 15:53:34 | 00,029,184 | ---- | M] (Nokia) -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys -- (pccsmcfd [On_Demand | Stopped])
DRV:64bit: - [2009.02.20 18:11:16 | 00,082,048 | ---- | M] (VSO Software) -- C:\Windows\SysNative\Drivers\pcouffin64a.sys -- (Pcouffin64 [On_Demand | Stopped])
DRV:64bit: - [2007.04.03 10:30:14 | 01,418,112 | ---- | M] (Philips Semiconductors GmbH) -- C:\Windows\SysNative\DRIVERS\Ph3xIB64.sys -- (Ph3xIB64 [On_Demand | Running])
DRV:64bit: - [2008.09.17 20:56:17 | 00,868,848 | ---- | M] () -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV:64bit: - [2007.05.02 11:11:14 | 00,108,296 | ---- | M] (MCCI Corporation) -- C:\Windows\SysNative\DRIVERS\ss_bus.sys -- (ss_bus [On_Demand | Stopped])
DRV:64bit: - [2007.05.02 11:11:14 | 00,019,208 | ---- | M] (MCCI Corporation) -- C:\Windows\SysNative\DRIVERS\ss_mdfl.sys -- (ss_mdfl [On_Demand | Stopped])
DRV:64bit: - [2007.05.02 11:11:14 | 00,145,160 | ---- | M] (MCCI Corporation) -- C:\Windows\SysNative\DRIVERS\ss_mdm.sys -- (ss_mdm [On_Demand | Stopped])
DRV:64bit: - [2009.08.09 18:30:30 | 00,000,206 | ---- | M] () -- C:\Program Files\Samsung D900i\StarOpen.reg -- (StarOpen [System | Stopped])
DRV:64bit: - [2008.06.06 09:25:44 | 00,008,704 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys -- (upperdev [On_Demand | Stopped])
DRV:64bit: - [2009.04.11 07:39:37 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser [On_Demand | Stopped])
DRV:64bit: - [2008.05.07 07:40:02 | 00,008,704 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64j.sys -- (UsbserFilt [On_Demand | Stopped])
DRV:64bit: - [2008.01.24 15:07:54 | 00,022,024 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum [On_Demand | Running])
DRV:64bit: - [2008.01.24 15:08:04 | 00,032,776 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter [On_Demand | Running])
DRV:64bit: - [2008.01.24 15:08:14 | 00,034,312 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo [On_Demand | Running])
DRV:64bit: - [2008.01.24 15:08:24 | 00,015,752 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid [On_Demand | Stopped])
DRV:64bit: - [2008.01.24 15:08:34 | 00,057,352 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore [On_Demand | Running])
DRV:64bit: - [2008.01.21 04:47:28 | 00,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb [On_Demand | Stopped])
DRV:64bit: - [2007.08.15 10:22:00 | 00,369,152 | ---- | M] (Marvell) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64 [On_Demand | Running])
DRV - [2007.12.17 11:14:14 | 00,014,392 | R--- | M] () -- C:\Windows\SysWow64\drivers\AsIO.sys -- (AsIO [System | Running])
DRV - [2006.09.18 23:35:23 | 00,001,088 | ---- | M] () -- C:\Windows\SysWow64\Wbem\mpsdrv.mof -- (mpsdrv [On_Demand | Running])
DRV - [2009.09.08 13:26:18 | 00,028,276 | ---- | M] (MusicMatch, Inc.) -- C:\Windows\SysWow64\drivers\MxlW2k.sys -- (MxlW2k [On_Demand | Stopped])
DRV - [2009.08.09 18:30:30 | 00,005,632 | ---- | M] () -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen [System | Stopped])
DRV - [2006.09.18 23:36:40 | 00,003,066 | ---- | M] () -- C:\Windows\SysWow64\Wbem\tcpip.mof -- (Tcpip [Boot | Running])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1600578981-3844651555-2168284247-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-1600578981-3844651555-2168284247-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-1600578981-3844651555-2168284247-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.europowersearch.com/Search.h ... rchLang=CZ
IE - HKU\S-1-5-21-1600578981-3844651555-2168284247-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1600578981-3844651555-2168284247-1000\S-1-5-21-1600578981-3844651555-2168284247-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Google Search Community"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.1
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.06.26 09:54:16 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009.08.12 21:52:08 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009.01.28 11:38:39 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[2009.01.28 11:38:46 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2009.01.28 11:38:46 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.09.18 22:05:52 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\dmw5me05.default\extensions
[2009.06.26 10:57:57 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\dmw5me05.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2007.04.10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll
[2003.07.15 06:56:52 | 00,013,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL
[2008.06.11 22:45:28 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
O1 HOSTS File: (736 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [cftmon643e] C:\ProgramData\WordPad\{3A46D79F-8F9D-9116-6BA3-BCBBD3FDB99B}\cftmon.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundTray] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe (Sonic Focus, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-21-1600578981-3844651555-2168284247-1000..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1600578981-3844651555-2168284247-1000..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Strong DC.lnk = C:\Program Files (x86)\Strong DC\StrongDC.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE File not found
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\NLAapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\napinsp.dll (Společnost Microsoft)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWow64\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWow64\napinsp.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWow64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWow64\pnrpnsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.101.1 192.168.102.1 212.24.128.8 212.24.132.132
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\msvidctl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\msvidctl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files (x86)\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files (x86)\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - application/octet-stream - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - application/x-complus - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - application/x-msdownload - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - deflate - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - gzip - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - text/xml - Reg Error: Key error. File not found
O18 - Protocol\Filter: - text/xml - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.11.15 11:52:50 | 00,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) - D:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008.10.11 19:03:48 | 00,000,054 | R--- | M] () - D:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{7d3601aa-5a46-11dd-8689-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7d3601aa-5a46-11dd-8689-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2008.11.15 11:52:50 | 00,161,088 | R--- | M] (Take-Two Interactive Software, Inc.)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
========== Files/Folders - Created Within 7 Days ==========
[1 C:\Windows\*.tmp files]
[2009.09.17 21:20:58 | 00,000,000 | ---D | C] -- C:\_OTL
[2009.09.16 21:53:28 | 00,002,116 | ---- | C] () -- C:\Users\User\Desktop\Malware bytes -log-2009-09-16 (21-52-52)
[2009.09.16 21:12:33 | 00,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Malwarebytes
[2009.09.16 21:12:32 | 00,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.09.16 21:12:30 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009.09.16 21:12:28 | 00,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2009.09.16 21:12:28 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009.09.16 21:12:28 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2009.09.16 21:11:47 | 04,045,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\User\Desktop\mbam-setup.exe
[2009.09.15 23:00:15 | 00,514,560 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2009.09.14 21:59:40 | 01,353,252 | -H-- | C] () -- C:\Users\User\AppData\Local\IconCache.db
[2009.09.14 20:38:07 | 00,000,000 | ---D | C] -- C:\ProgramData\ESET
[2009.09.14 20:16:50 | 42,939,67872 | -HS- | C] () -- C:\hiberfil.sys
[2009.09.13 16:17:56 | 00,001,550 | ---- | C] () -- C:\Users\User\Desktop\Farm Frenzy 2.lnk
[2009.09.13 16:17:54 | 00,000,000 | ---D | C] -- C:\Windows\Farm Frenzy 2
[2009.09.13 16:07:32 | 00,377,797 | -H-- | C] () -- C:\treeinfo.wc
[2009.09.13 14:23:58 | 00,756,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2009.09.13 14:23:58 | 00,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2009.09.13 14:23:41 | 02,900,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVCORE.DLL
[2009.09.13 14:23:40 | 03,547,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2009.09.13 14:23:40 | 02,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2009.09.13 14:23:40 | 02,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVCORE.DLL
[2009.09.13 14:23:21 | 01,425,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tcpip.sys
[2009.09.13 14:23:20 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netiohlp.dll
[2009.09.13 14:23:20 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiohlp.dll
[2009.09.13 14:23:20 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tcpipreg.sys
[2009.09.13 14:23:20 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NETSTAT.EXE
[2009.09.13 14:23:20 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NETSTAT.EXE
[2009.09.13 14:23:20 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ARP.EXE
[2009.09.13 14:23:20 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ROUTE.EXE
[2009.09.13 14:23:20 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ARP.EXE
[2009.09.13 14:23:20 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ROUTE.EXE
[2009.09.13 14:23:20 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2009.09.13 14:23:20 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2009.09.13 14:23:20 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MRINFO.EXE
[2009.09.13 14:23:20 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRINFO.EXE
[2009.09.13 14:23:20 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\finger.exe
[2009.09.13 14:23:20 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TCPSVCS.EXE
[2009.09.13 14:23:20 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\finger.exe
[2009.09.13 14:23:20 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\HOSTNAME.EXE
[2009.09.13 14:23:20 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TCPSVCS.EXE
[2009.09.13 14:23:20 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\HOSTNAME.EXE
[2009.09.13 14:23:00 | 02,608,861 | ---- | C] () -- C:\Windows\SysNative\wlan.tmf
[2009.09.13 14:23:00 | 00,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlansvc.dll
[2009.09.13 14:23:00 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlansec.dll
[2009.09.13 14:23:00 | 00,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll
[2009.09.13 14:23:00 | 00,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlansec.dll
[2009.09.13 14:23:00 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2009.09.13 14:23:00 | 00,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\L2SecHC.dll
[2009.09.13 14:23:00 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\L2SecHC.dll
[2009.09.13 14:23:00 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanhlp.dll
[2009.09.13 14:23:00 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanapi.dll
[2009.09.13 14:23:00 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanapi.dll
[2009.09.12 17:48:27 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\avg
[2009.09.12 13:11:44 | 00,000,000 | ---D | C] -- C:\ProgramData\FarmFrenzy2
[2009.09.12 13:11:31 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\AlawarWrapper
[2009.09.12 13:11:31 | 00,000,000 | ---D | C] -- C:\ProgramData\AlawarWrapper
[2009.09.12 13:11:21 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Alawar
[2009.09.11 23:19:28 | 00,000,000 | ---D | C] -- C:\ProgramData\WordPad
[2009.09.11 22:28:48 | 00,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Nero
[2009.09.11 22:26:24 | 00,002,547 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
[2009.09.11 22:26:01 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2009.09.11 22:25:47 | 00,000,000 | ---D | C] -- C:\ProgramData\Nero
[2009.09.11 22:25:46 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2009.09.11 22:06:21 | 00,000,039 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.07.14 17:15:00 | 00,178,432 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.04 20:49:34 | 00,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.07.04 20:48:39 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.01.25 12:14:17 | 00,168,448 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.01.25 12:14:12 | 00,795,648 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009.01.25 12:14:12 | 00,130,048 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.01.25 12:14:11 | 03,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2009.01.25 12:14:05 | 00,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.01.25 12:14:05 | 00,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2008.12.22 14:55:10 | 00,000,292 | ---- | C] () -- C:\Windows\game.ini
[2008.10.02 09:04:12 | 00,000,223 | ---- | C] () -- C:\Windows\ao97pr.ini
[2008.10.01 22:51:21 | 00,002,003 | ---- | C] () -- C:\Windows\aoxppr.ini
[2008.09.23 19:20:47 | 00,000,732 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.09.12 18:00:47 | 00,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2008.07.25 21:21:08 | 01,420,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2008.07.25 15:05:18 | 00,201,488 | ---- | C] () -- C:\Windows\SysWow64\MACD32.DLL
[2008.07.25 15:05:18 | 00,144,144 | ---- | C] () -- C:\Windows\SysWow64\MASE32.DLL
[2008.07.25 15:05:18 | 00,141,584 | ---- | C] () -- C:\Windows\SysWow64\MAMC32.DLL
[2008.07.25 15:05:18 | 00,063,248 | ---- | C] () -- C:\Windows\SysWow64\MASD32.DLL
[2008.07.25 15:05:18 | 00,033,040 | ---- | C] () -- C:\Windows\SysWow64\MA32.DLL
[2008.07.25 14:36:45 | 00,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2008.07.25 14:36:42 | 00,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2008.07.25 14:36:40 | 00,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2008.07.25 14:36:40 | 00,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2008.07.25 14:18:29 | 00,035,450 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2008.07.25 14:18:06 | 00,035,058 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2008.01.21 04:50:05 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007.12.28 09:22:02 | 00,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2007.03.29 23:00:40 | 00,203,264 | R--- | C] () -- C:\Windows\SysWow64\CddbCdda.dll
[2006.11.02 14:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006.11.02 14:34:27 | 00,000,165 | ---- | C] () -- C:\Windows\win.ini
========== Files - Modified Within 7 Days ==========
[4 C:\Windows\SysWow64\*.tmp files]
[1 C:\Windows\*.tmp files]
[2009.09.18 22:20:11 | 00,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3E778A8B-CB70-4124-BD08-F0835E6B12D7}.job
[2009.09.18 22:16:53 | 00,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009.09.18 22:16:53 | 00,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009.09.18 18:34:01 | 01,402,426 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009.09.18 18:34:01 | 00,601,848 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2009.09.18 18:34:01 | 00,589,884 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009.09.18 18:34:01 | 00,115,976 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2009.09.18 18:34:01 | 00,101,896 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009.09.18 18:27:49 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009.09.18 18:27:47 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009.09.18 18:27:45 | 42,939,67872 | -HS- | M] () -- C:\hiberfil.sys
[2009.09.17 22:12:57 | 01,353,252 | -H-- | M] () -- C:\Users\User\AppData\Local\IconCache.db
[2009.09.17 20:46:09 | 00,377,797 | -H-- | M] () -- C:\treeinfo.wc
[2009.09.16 21:53:28 | 00,002,116 | ---- | M] () -- C:\Users\User\Desktop\Malware bytes -log-2009-09-16 (21-52-52)
[2009.09.16 21:12:32 | 00,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.09.16 21:11:38 | 04,045,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\User\Desktop\mbam-setup.exe
[2009.09.15 23:02:20 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2009.09.13 16:17:56 | 00,001,550 | ---- | M] () -- C:\Users\User\Desktop\Farm Frenzy 2.lnk
[2009.09.11 22:26:24 | 00,002,547 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
========== LOP Check ==========
[2006.11.02 17:07:25 | 00,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming
[2006.11.02 17:07:25 | 00,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Media Center Programs
[2006.11.02 17:07:25 | 00,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming
[2006.11.02 17:07:25 | 00,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Media Center Programs
[2009.09.16 21:12:33 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming
[2009.09.11 22:06:45 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ahead
[2009.01.27 23:56:45 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ashampoo
[2008.07.25 16:31:17 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ATI
[2008.09.17 20:55:57 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools
[2009.06.07 16:11:20 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\flightgear.org
[2009.09.12 14:53:14 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GHISLER
[2009.01.29 15:41:07 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GRETECH
[2009.01.15 20:23:14 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ICQ
[2008.07.29 19:26:03 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\iWin
[2006.11.02 17:07:25 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Media Center Programs
[2008.11.24 15:20:59 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Nokia
[2008.10.01 22:38:13 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Password Solutions
[2008.10.02 15:53:04 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PC Suite
[2008.09.12 18:06:04 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Samsung
[2008.08.23 20:58:02 | 00,000,000 | RH-D | M] -- C:\Users\User\AppData\Roaming\SecuROM
[2008.07.25 14:33:07 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TMP
[2009.02.20 18:14:01 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Vso
[2009.09.18 18:27:49 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009.09.18 13:10:37 | 00,032,574 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.09.18 22:20:11 | 00,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{3E778A8B-CB70-4124-BD08-F0835E6B12D7}.job
========== Purity Check ==========
< End of report >
Core 2 Duo E8200, Asus P5Q-E (P45) socket 775, A-Data DDR2 800MHz extreme edition 4GB cl.4, Samsung SpinPoint HD753LJ 750GB, Asus EAH4850/512MB, Corsair Power supply VX450, WIN7 home premium 64bit.
Re: Ve Win Vista nelze mazat soubory
1) Skopiruj do poznamkoveho bloku:
Uloz ako fix.reg (typ vsetky subory) na plochu. Otvor dvojklikom -> OK.
2) Skor by som to videl ako systemovy nez malware problem. Preto by som skusil pouzit Vista Manager a opravit nim, co pojde.
Kód: Vybrat vše
Windows Registry Editor Version 5.00
[HKU\S-1-5-21-1600578981-3844651555-2168284247-1000\SOFTWARE\Microsoft\Internet Explorer]
Main,Start Page=-Uloz ako fix.reg (typ vsetky subory) na plochu. Otvor dvojklikom -> OK.
2) Skor by som to videl ako systemovy nez malware problem. Preto by som skusil pouzit Vista Manager a opravit nim, co pojde.
Nemam rad amaterizmus...
A adresat odkazu to vie :)
A adresat odkazu to vie :)
Re: Ve Win Vista nelze mazat soubory
Okie dokie,
projedu to Vista Managerem, podívám se na event log, udělám defragmentaci, dám zkontrolovat a opravit disk a když to nepomůže, tak to budu muset omlátit Mironetu o hlavu!
Díky za pomoc, asi jsi mě navedl na správnou stopu, takže téma značím jako vyřešené a nějak se s tím poperu.
Díky
projedu to Vista Managerem, podívám se na event log, udělám defragmentaci, dám zkontrolovat a opravit disk a když to nepomůže, tak to budu muset omlátit Mironetu o hlavu!
Díky za pomoc, asi jsi mě navedl na správnou stopu, takže téma značím jako vyřešené a nějak se s tím poperu.
Díky
Core 2 Duo E8200, Asus P5Q-E (P45) socket 775, A-Data DDR2 800MHz extreme edition 4GB cl.4, Samsung SpinPoint HD753LJ 750GB, Asus EAH4850/512MB, Corsair Power supply VX450, WIN7 home premium 64bit.
-
- Mohlo by vás zajímat
- Odpovědi
- Zobrazení
- Poslední příspěvek
-
- 3
- 3784
-
od buchtik
Zobrazit poslední příspěvek
19 pro 2024 12:16
-
-
Soubory ve složkách na externím HDD se nezobrazují
od Ghoust23 » 12 led 2025 20:40 » v Problémy s hardwarem - 7
- 3199
-
od petr22
Zobrazit poslední příspěvek
14 led 2025 12:27
-
-
-
eqkes = nejdou otevřít soubory (jpg, doc, xls...) Příloha(y)
od pajauh » 11 srp 2024 10:58 » v Vše ostatní (bezp) - 8
- 9284
-
od pajauh
Zobrazit poslední příspěvek
24 zář 2024 18:07
-
-
-
Ve složce stažené soubory zmizely fotky a videa- jak je zachránit?
od Ondras66 » 03 kvě 2025 19:28 » v Windows 11, 10, 8... - 3
- 4368
-
od petr22
Zobrazit poslední příspěvek
05 kvě 2025 14:38
-
-
- 4
- 3268
-
od sasshrek
Zobrazit poslední příspěvek
08 zář 2024 15:12
Zpět na “Windows 11, 10, 8...”
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 1 host