Prosím o kontrolu logů Vyřešeno

[jaro3]

Čekám na ten log z OTL..

[Reklama]

[Clorky]

OTL logfile created on: 24.7.2010 20:08:39 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Peta\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 61.00% Memory free
7.00 Gb Paging File | 5.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 292.87 Gb Total Space | 216.47 Gb Free Space | 73.91% Space Free | Partition Type: NTFS
Drive D: | 638.54 Gb Total Space | 425.70 Gb Free Space | 66.67% Space Free | Partition Type: NTFS
Drive E: | 4.24 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 74.52 Gb Total Space | 0.19 Gb Free Space | 0.26% Space Free | Partition Type: NTFS

Computer Name: I5
Current User Name: Peta
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010.07.24 19:40:47 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Peta\Desktop\OTL.exe
PRC - [2010.07.22 18:15:31 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010.07.22 18:15:30 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.06.18 06:39:11 | 000,107,832 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2010.05.30 15:21:24 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010.05.16 09:55:38 | 000,322,352 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2010.04.13 00:46:36 | 001,135,912 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2009.12.08 12:46:32 | 000,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2009.09.06 13:38:06 | 000,071,096 | ---- | M] () -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
PRC - [2009.08.19 13:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2009.08.06 09:55:22 | 000,030,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe
PRC - [2009.07.17 16:25:02 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) -- C:\ASUS.SYS\config\DVMExportService.exe
PRC - [2009.06.04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009.05.14 16:47:54 | 000,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2008.07.10 17:33:06 | 040,999,448 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe


========== Modules (SafeList) ==========

MOD - [2010.07.24 19:40:47 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Peta\Desktop\OTL.exe
MOD - [2010.05.06 14:41:49 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2010.03.05 22:59:49 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll
MOD - [2009.07.14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009.07.14 03:16:18 | 001,011,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2009.07.14 03:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009.07.14 03:16:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\thumbcache.dll
MOD - [2009.07.14 03:16:15 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\StructuredQuery.dll
MOD - [2009.07.14 03:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2009.07.14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009.07.14 03:16:13 | 000,643,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SearchFolder.dll
MOD - [2009.07.14 03:16:13 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2009.07.14 03:16:11 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2009.07.14 03:16:03 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\networkexplorer.dll
MOD - [2009.07.14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009.07.14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009.07.14 03:15:07 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2009.07.14 03:14:52 | 000,309,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2009.06.10 23:23:11 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll
MOD - [2009.06.05 19:01:26 | 000,085,712 | ---- | M] (http://tortoisesvn.net) -- C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
MOD - [2006.10.27 01:48:42 | 002,210,608 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
MOD - [2006.10.27 01:48:34 | 000,955,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll
MOD - [2006.10.27 01:48:02 | 000,222,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
MOD - [2006.10.27 01:47:40 | 000,022,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrB.exe -- (PnkBstrB)
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2010.04.19 13:42:42 | 000,036,168 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2010.04.07 04:12:18 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.01.22 20:52:20 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2009.12.09 18:01:28 | 008,124,416 | ---- | M] () [Auto | Running] -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe -- (MySQL501)
SRV:64bit: - [2009.07.14 03:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2009.07.14 03:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.05.14 16:54:26 | 000,023,296 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2009.05.14 16:47:54 | 000,731,840 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2008.07.29 14:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2010.06.18 06:39:11 | 000,107,832 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2010.05.30 15:21:24 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.04.19 13:42:36 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.03.18 17:23:04 | 000,044,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010.03.18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.22 20:52:17 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.12.08 12:46:32 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2009.11.06 10:18:50 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009.09.06 13:38:06 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2009.08.19 13:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009.08.06 09:55:22 | 000,030,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe -- (XTUService) Intel(R)
SRV - [2009.07.17 16:25:02 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2009.07.16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.06.04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2009.01.09 12:46:26 | 000,548,704 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe -- (DfSdkS)
SRV - [2008.07.10 17:33:06 | 040,999,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2008.07.10 17:33:06 | 000,369,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SQL Server Agent (SQLEXPRESS)
SRV - [2008.07.10 17:33:02 | 000,047,128 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE -- (MSSQLServerADHelper100)
SRV - [2006.10.27 01:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\kwflower.sys -- (kwflower)
DRV:64bit: - [2010.04.16 20:05:52 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2010.04.10 11:21:28 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2010.04.10 11:21:28 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010.04.07 04:44:06 | 006,659,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.04.07 04:44:06 | 006,659,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.04.07 03:23:30 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.03.30 23:35:04 | 000,020,968 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz133_x64.sys -- (cpuz133)
DRV:64bit: - [2009.12.19 06:39:22 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.11.26 01:05:28 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2009.11.17 18:01:20 | 000,294,400 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.10.28 08:08:34 | 000,028,208 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\acs6ntm.sys -- (acs6ntm)
DRV:64bit: - [2009.09.30 23:34:30 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.09.17 13:04:18 | 001,250,816 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009.07.16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:64bit: - [2009.07.14 03:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:64bit: - [2009.07.14 03:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:09:15 | 000,145,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST) Protokol RMP (Reliable Multicast Protocol)
DRV:64bit: - [2009.07.14 02:09:10 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\loop.sys -- (msloop)
DRV:64bit: - [2009.07.14 01:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:64bit: - [2009.07.14 01:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2009.07.14 01:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 19:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.05.14 16:49:56 | 000,121,152 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2009.05.14 16:47:16 | 000,134,024 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2009.05.14 16:41:14 | 000,142,776 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamon.sys -- (eamon)
DRV:64bit: - [2009.05.13 16:31:02 | 000,063,616 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\intelsmb.sys -- (smbusp) Intel(R)
DRV:64bit: - [2009.03.23 11:25:54 | 000,030,208 | ---- | M] (Kerio Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kvnet.sys -- (kvnet)
DRV:64bit: - [2008.10.24 04:55:28 | 000,043,008 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.0)
DRV:64bit: - [2008.10.24 04:55:28 | 000,043,008 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.0)
DRV:64bit: - [2008.09.17 15:14:00 | 000,012,744 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Entech64.sys -- (ENTECH64)
DRV:64bit: - [2007.12.11 04:49:54 | 000,026,624 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2007.12.03 04:20:54 | 000,024,064 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (VLAN) Realtek Virtual Miniport Driver for VLAN (NDIS 6.0)
DRV:64bit: - [2007.12.03 04:20:54 | 000,024,064 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.0)
DRV - [2010.05.14 17:29:13 | 000,029,392 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\SECDRV.SYS -- (SecDrv)
DRV - [2009.11.12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.09.24 08:50:10 | 000,007,888 | ---- | M] (C. Ghisler & Co.) [Kernel | On_Demand | Stopped] -- C:\totalcmd\CGLPTNT.SYS -- (cglptnt)
DRV - [2009.08.08 00:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\WNt500x64\sandra.sys -- (SANDRA)
DRV - [2009.07.09 11:53:00 | 000,027,096 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\iOCbios.sys -- (IOCBIOS)
DRV - [2008.08.14 08:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
DRV - [2007.09.07 15:55:04 | 000,012,744 | ---- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\Entech64.sys -- (ENTECH64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AB 6C C4 50 FF 7F CA 01 [binary data]
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=

[Clorky]

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Centrum.cz Search"
FF - prefs.js..browser.search.selectedEngine: "Centrum.cz Search"
FF - prefs.js..browser.startup.homepage: "www.wowresource.eu|www.google.cz|www.airsoftmorava.cz|www.cztorrent.net"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.6.0.15
FF - prefs.js..keyword.URL: "http://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\Cetrumcz@igeared: C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared [2009.12.24 20:53:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.07.22 18:15:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.07.22 18:15:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.02.21 17:33:19 | 000,000,000 | ---D | M]

[2009.12.24 20:54:33 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\mozilla\Extensions
[2010.07.24 09:31:26 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\mozilla\Firefox\Profiles\kiqze7em.default\extensions
[2010.05.31 16:07:30 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Users\Peta\AppData\Roaming\mozilla\Firefox\Profiles\kiqze7em.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2010.07.24 09:31:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.03.30 13:59:46 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2009.10.21 04:10:38 | 000,001,425 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\Cetrumcz_igeared.xml
[2010.03.25 14:18:33 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.03.25 14:18:33 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.03.25 14:18:33 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.03.25 14:18:33 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.03.25 14:18:33 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.07.18 18:48:34 | 000,001,510 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O2:64bit: - BHO: (Shareaza Web Download Hook) - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files (x86)\Shareaza\RazaWebHook64.dll (Shareaza Development Team)
O2 - BHO: (Shareaza Web Download Hook) - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files (x86)\Shareaza\RazaWebHook32.dll (Shareaza Development Team)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Centrum.cz Toolbar) - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll File not found
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [eurobattlegui] D:\Hry\Blizzard's\warcraft III\Warcraft III\eb.exe (http://www.eurobattle.net)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LGODDFU] C:\Program Files (x86)\lg_fwupdate\fwupdate.exe (BL)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] D:\Programy\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [QFan Help] C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [T Probe] C:\Program Files (x86)\ASUS\T Probe\TProbe.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TurboV EVO] C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ICQ] D:\Programy\ICQ 7\ICQ7.0\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] D:\Programy\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Peta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uTorrent.exe – zástupce.lnk = C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Download with &Shareaza - c:\program files (x86)\shareaza\razawebhook32.dll (Shareaza Development Team)
O8 - Extra context menu item: Download with &Shareaza - c:\program files (x86)\shareaza\razawebhook32.dll (Shareaza Development Team)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\Programy\ICQ 7\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\Programy\ICQ 7\ICQ7.0\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} http://intel-drv-cdn.systemrequirements ... b_srlx.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (sxehack.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.02.17 18:42:58 | 000,000,027 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{3c117a2d-ec59-11de-bbe7-e0cb4e05e67f}\Shell - "" = AutoRun
O33 - MountPoints2\{3c117a2d-ec59-11de-bbe7-e0cb4e05e67f}\Shell\AutoRun\command - "" = O:\autorun.exe -- File not found
O33 - MountPoints2\{534b3306-22ac-11df-bc5c-e0cb4e05e67f}\Shell - "" = AutoRun
O33 - MountPoints2\{534b3306-22ac-11df-bc5c-e0cb4e05e67f}\Shell\AutoRun\command - "" = F:\MirrorsEdge.part01.exe -- File not found
O33 - MountPoints2\{93d2f37c-2438-11df-997d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{93d2f37c-2438-11df-997d-806e6f6e6963}\Shell\AutoRun\command - "" = G:\M2033.part01.exe -- File not found
O33 - MountPoints2\{dcb09f49-ebee-11de-97ae-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{dcb09f49-ebee-11de-97ae-806e6f6e6963}\Shell\AutoRun\command - "" = E:\.\Bin\ASSETUP.exe -- File not found
O33 - MountPoints2\{df115f3f-ec52-11de-9fed-e0cb4e05e67f}\Shell - "" = AutoRun
O33 - MountPoints2\{df115f3f-ec52-11de-9fed-e0cb4e05e67f}\Shell\AutoRun\command - "" = E:\score.exe -- [2007.02.12 22:44:08 | 001,196,544 | R--- | M] ()
O33 - MountPoints2\{e89ee796-ec65-11de-b99d-e0cb4e05e67f}\Shell - "" = AutoRun
O33 - MountPoints2\{e89ee796-ec65-11de-b99d-e0cb4e05e67f}\Shell\AutoRun\command - "" = P:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010.07.24 19:42:35 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Peta\Desktop\OTL.exe
[2010.07.24 19:42:33 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Users\Peta\Desktop\OTH.scr
[2010.07.24 19:05:37 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\Malwarebytes
[2010.07.24 19:05:30 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.07.24 19:05:29 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.07.24 19:05:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.07.23 08:13:22 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\SKIDROW
[2010.07.23 08:13:11 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\DogFighter
[2010.07.22 09:54:36 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\4A Games
[2010.07.21 17:02:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010.07.21 15:14:10 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\4A Games
[2010.07.21 14:45:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\City Interactive
[2010.07.21 09:36:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Games
[2010.07.21 09:29:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2010.07.12 14:38:55 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\Bonetown
[2010.07.12 14:24:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Merge Modules
[2010.07.12 14:04:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2010.07.12 14:04:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010.07.12 14:04:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2010.07.12 14:04:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2010.07.12 14:03:47 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\Visual Studio 2010
[2010.07.12 14:02:33 | 000,000,000 | ---D | C] -- C:\Windows\symbols
[2010.07.12 14:02:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 10.0
[2010.07.12 14:02:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2010.07.12 14:02:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer
[2010.07.11 15:27:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Calamus 2.0
[2010.07.11 15:20:14 | 000,000,000 | ---D | C] -- C:\Users\Peta\Plocha
[2010.07.11 14:52:00 | 000,000,000 | ---D | C] -- C:\vcs5BGEffects
[2010.07.10 16:39:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2010.07.10 14:57:48 | 000,000,000 | ---D | C] -- C:\MT-X
[2010.07.08 17:47:57 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\Singularity
[2010.07.08 17:44:56 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\Mael
[2010.07.08 17:42:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HxD
[2010.07.08 17:39:21 | 000,000,000 | ---D | C] -- C:\Windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP
[2010.07.08 13:20:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2010.07.08 13:20:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2010.07.08 13:20:16 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2010.07.08 13:20:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2010.06.26 11:48:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\3DO Shared
[2010.06.23 22:03:49 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\Dream Aquarium
[2010.06.23 22:03:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dream Aquarium
[2010.06.23 21:28:07 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\Super Internet TV
[2010.06.23 20:02:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TrackMania
[2010.06.23 19:50:56 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\TrackMania
[2010.06.23 16:21:17 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\Divinity 2
[2010.06.23 16:12:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Divinity 2
[2010.06.22 14:39:03 | 000,000,000 | ---D | C] -- C:\ProgramData\THQ
[2010.06.21 14:02:34 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\Hunting Unlimited 2010
[2010.06.18 15:44:09 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\Activision
[2010.06.18 14:32:34 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\KONAMI
[2010.06.18 14:25:34 | 000,000,000 | ---D | C] -- C:\ProgramData\KONAMI
[2010.06.17 19:08:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010.06.17 13:28:03 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\kaneandlynch
[2010.06.15 22:26:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010.06.15 22:26:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010.06.15 13:52:42 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\Fallout3
[2010.06.13 14:43:38 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\Electronic Arts
[2010.06.13 14:43:20 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\Electronic Arts
[2010.06.12 20:40:15 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\XRay Engine
[2010.06.12 17:43:59 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\Shareaza
[2010.06.12 17:43:46 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\Shareaza
[2010.06.12 17:43:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Shareaza
[2010.06.12 11:17:41 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\teamspeak2
[2010.06.12 08:41:28 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\S.T.A.L.K.E.R. - Call of Pripyat
[2010.06.11 19:34:00 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\LolClient
[2010.06.11 19:20:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2010.06.11 19:16:35 | 000,000,000 | ---D | C] -- C:\Riot Games
[2010.06.11 18:11:52 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\PMB Files
[2010.06.11 18:11:51 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2010.06.11 18:11:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2010.06.09 21:08:14 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\MagicBall4
[2010.06.09 21:08:14 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\DreamDale
[2010.06.09 21:07:00 | 000,000,000 | ---D | C] -- C:\Windows\Magic Ball 4
[2010.06.07 16:33:57 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\ArmA 2
[2010.06.07 16:33:57 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\ArmA 2
[2010.06.05 20:49:00 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\3-D HUNTING 2010
[2010.06.05 20:49:00 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\3-D HUNTING 2010
[2010.06.05 20:48:51 | 000,000,000 | ---D | C] -- C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP
[2010.06.01 10:11:05 | 000,000,000 | ---D | C] -- C:\Windows\usgwmt
[2010.06.01 07:49:12 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\XBlades
[2010.05.31 17:00:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI
[2010.05.31 17:00:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2010.05.31 17:00:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2010.05.31 16:59:29 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.05.31 16:58:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2010.05.31 16:58:26 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010.05.31 16:08:32 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\Vuze Downloads
[2010.05.31 16:07:47 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\Azureus
[2010.05.31 16:07:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze
[2010.05.31 16:07:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze_Remote
[2010.05.31 16:07:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2010.05.31 14:10:51 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\The Witcher
[2010.05.31 14:10:51 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\The Witcher
[2010.05.31 13:07:48 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\Command and Conquer Generals Data
[2010.05.27 19:09:28 | 000,000,000 | R--D | C] -- C:\Users\Peta\Documents\Scanned Documents
[2010.05.27 19:09:28 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\Fax
[2010.05.26 20:53:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA Games
[2010.05.25 14:06:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine
[2010.05.23 12:08:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2010.05.21 19:04:50 | 000,000,000 | ---D | C] -- C:\Windows\jusched_32765916
[2010.05.20 15:54:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent Acceleration Tool
[2010.05.20 15:50:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent Ultra Accelerator
[2010.05.19 18:26:29 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\GullySoft
[2010.05.19 18:26:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Poznáváme C-Sharp a Microsoft.NET
[2010.05.17 19:08:07 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\NinjaBlade
[2010.05.17 12:43:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2010.05.17 12:43:37 | 000,000,000 | ---D | C] -- C:\rsit
[2010.05.17 11:05:06 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\The Witcher
[2010.05.17 09:45:08 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\Sudeki
[2010.05.16 17:25:10 | 000,020,968 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\cpuz133_x64.sys
[2010.05.16 17:25:09 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2010.05.15 19:13:53 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\Mount&Blade Savegames
[2010.05.15 19:10:39 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\Mount&Blade
[2010.05.14 17:44:56 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\runic games
[2010.05.14 17:43:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Datalode
[2010.05.14 14:25:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010.05.14 13:33:17 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\Risen
[2010.05.14 13:29:45 | 000,000,000 | ---D | C] -- C:\Windows\1C4551A64743409391E41477CD655043.TMP
[2010.05.13 13:41:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Music NFO Builder
[2010.05.12 19:30:40 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\BC
[2010.05.12 19:30:40 | 000,000,000 | ---D | C] -- C:\ProgramData\BC
[2010.05.05 21:09:21 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\storage
[2010.05.05 20:52:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2010.05.04 21:03:39 | 000,036,168 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2010.05.04 21:03:39 | 000,034,632 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2010.05.04 21:03:38 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2010.05.04 21:03:38 | 000,025,928 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2010.05.04 21:03:38 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2010.05.04 21:03:32 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\TuneUp Software
[2010.05.04 21:03:08 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2010.05.04 21:03:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.05.04 15:54:59 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\Eidos
[2010.05.03 21:45:26 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\gtk-2.0
[2010.05.03 21:43:28 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\gegl-0.0
[2010.05.03 21:43:28 | 000,000,000 | ---D | C] -- C:\Users\Peta\.gimp-2.6
[2010.05.02 13:06:55 | 000,000,000 | ---D | C] -- C:\Users\Peta\Desktop\GHostOne
[2010.04.30 14:36:41 | 000,000,000 | ---D | C] -- C:\Users\Peta\Machines
[2010.04.27 16:14:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Eidos
[2010.04.27 14:27:21 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\Touchstone
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010.07.24 20:09:05 | 007,077,888 | -HS- | M] () -- C:\Users\Peta\NTUSER.DAT
[2010.07.24 19:40:47 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Peta\Desktop\OTL.exe
[2010.07.24 19:40:22 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\Peta\Desktop\OTH.scr
[2010.07.24 19:35:01 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.24 19:21:57 | 000,013,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.24 19:21:57 | 000,013,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.24 19:05:33 | 000,000,675 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.24 17:50:32 | 000,002,971 | ---- | M] () -- C:\Users\Peta\Desktop\HiJackThis.lnk
[2010.07.24 13:44:36 | 000,000,312 | ---- | M] () -- C:\Users\Peta\Desktop\wowrm.ini
[2010.07.24 12:19:27 | 000,000,301 | ---- | M] () -- C:\Windows\lgfwup.ini
[2010.07.24 12:19:25 | 000,000,429 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2010.07.24 09:28:58 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2010.07.24 09:19:01 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.24 09:18:56 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.24 09:18:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.24 09:18:45 | 2817,040,384 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.23 23:44:27 | 003,808,602 | -H-- | M] () -- C:\Users\Peta\AppData\Local\IconCache.db
[2010.07.23 14:07:11 | 000,001,000 | ---- | M] () -- C:\Users\Peta\Desktop\metro2033.exe – zástupce.lnk
[2010.07.22 18:55:39 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010.07.22 14:56:09 | 999,260,468 | ---- | M] () -- C:\Users\Peta\Desktop\Constantine (cz).avi
[2010.07.21 14:30:11 | 000,000,703 | ---- | M] () -- C:\Users\Peta\Desktop\Wolfschanze II.lnk
[2010.07.18 18:48:34 | 000,001,510 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010.07.13 13:31:23 | 000,000,693 | ---- | M] () -- C:\Users\Peta\Desktop\Virtua Tennis 2009.EXE – zástupce.lnk
[2010.07.12 14:02:10 | 000,734,294 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.07.12 14:02:10 | 000,719,666 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.07.12 14:02:10 | 000,165,002 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.07.12 14:02:10 | 000,145,628 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.07.12 14:02:09 | 001,745,516 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.07.12 14:01:43 | 001,745,516 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.07.11 22:47:02 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2010.07.08 17:40:06 | 000,000,855 | ---- | M] () -- C:\Users\Public\Desktop\Singularity(TM).lnk
[2010.06.24 17:24:52 | 000,000,001 | ---- | M] () -- C:\Windows\SysWow64\SI.bin
[2010.06.23 19:50:14 | 000,000,725 | ---- | M] () -- C:\Users\Public\Desktop\TmNationsForever.lnk
[2010.06.18 13:43:42 | 000,002,048 | ---- | M] () -- C:\Windows\SysWow64\winver.exe
[2010.06.18 13:43:37 | 000,113,543 | ---- | M] () -- C:\Windows\SysWow64\slmgr.vbs
[2010.06.18 06:39:11 | 000,107,832 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.06.18 06:39:02 | 000,682,280 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.06.18 06:30:00 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll
[2010.06.17 19:08:05 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
[2010.06.17 19:08:05 | 000,001,409 | ---- | M] () -- C:\Windows\QTFont.for
[2010.06.15 21:44:16 | 000,001,222 | ---- | M] () -- C:\Users\Peta\Desktop\FarCry2.exe – zástupce -DEVMODE.lnk
[2010.06.15 13:54:36 | 000,000,504 | ---- | M] () -- C:\Hry, Hudba, Filmy atd. (D) – zástupce.lnk
[2010.06.12 15:24:51 | 000,000,946 | ---- | M] () -- C:\Users\Peta\Desktop\cstrike.exe – zástupce.lnk
[2010.06.11 10:31:24 | 000,111,392 | ---- | M] () -- C:\Users\Peta\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.06.11 10:30:00 | 003,030,888 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.06.09 18:23:40 | 000,001,319 | ---- | M] () -- C:\Users\Peta\Desktop\eb.exe – zástupce.lnk
[2010.06.07 16:33:30 | 000,500,739 | ---- | M] () -- C:\AnalysisLog.sr0
[2010.06.06 17:41:46 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2010.06.02 15:16:05 | 000,000,007 | ---- | M] () -- C:\Windows\treeskp.sys
[2010.06.02 15:16:05 | 000,000,007 | ---- | M] () -- C:\Windows\sbacknt.bin
[2010.05.31 14:10:58 | 000,000,031 | ---- | M] () -- C:\Windows\progress
[2010.05.31 13:47:19 | 000,152,904 | ---- | M] () -- C:\Windows\SysWow64\vghd.scr
[2010.05.30 15:22:48 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.05.30 15:21:24 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.05.26 20:55:22 | 000,000,979 | ---- | M] () -- C:\Windows\eReg.dat
[2010.05.26 20:46:34 | 000,000,032 | ---- | M] () -- C:\Windows\CD_Start.INI
[2010.05.25 14:01:13 | 000,000,000 | RH-- | M] () -- C:\logwmemory.bin
[2010.05.23 10:13:25 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2010.05.21 19:13:40 | 000,000,044 | ---- | M] () -- C:\Users\Peta\AppData\Roaming\PerX.ini
[2010.05.20 15:54:08 | 000,001,253 | ---- | M] () -- C:\Users\Peta\Application Data\Microsoft\Internet Explorer\Quick Launch\uTorrent Acceleration Tool.lnk
[2010.05.20 15:50:56 | 000,001,253 | ---- | M] () -- C:\Users\Peta\Application Data\Microsoft\Internet Explorer\Quick Launch\uTorrent Ultra Accelerator.lnk
[2010.05.14 17:29:13 | 000,029,392 | ---- | M] () -- C:\Windows\SysWow64\drivers\SECDRV.SYS
[2010.05.08 13:57:52 | 000,000,020 | ---- | M] () -- C:\Users\Peta\Documents\aionmemo_f5cbd0b5.dat
[2010.05.02 21:14:34 | 000,000,329 | ---- | M] () -- C:\Users\Peta\Documents\trinity_string.sql
[2010.04.29 19:56:26 | 000,013,714 | ---- | M] () -- C:\Users\Peta\migrace.php
[2010.04.29 18:59:02 | 000,003,946 | ---- | M] () -- C:\Users\Peta\prehledarenateamu.php
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.04.29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.07.24 19:05:33 | 000,000,675 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.24 17:50:32 | 000,002,971 | ---- | C] () -- C:\Users\Peta\Desktop\HiJackThis.lnk
[2010.07.23 14:07:11 | 000,001,000 | ---- | C] () -- C:\Users\Peta\Desktop\metro2033.exe – zástupce.lnk
[2010.07.22 12:15:49 | 999,260,468 | ---- | C] () -- C:\Users\Peta\Desktop\Constantine (cz).avi
[2010.07.21 14:30:11 | 000,000,703 | ---- | C] () -- C:\Users\Peta\Desktop\Wolfschanze II.lnk
[2010.07.13 13:31:23 | 000,000,693 | ---- | C] () -- C:\Users\Peta\Desktop\Virtua Tennis 2009.EXE – zástupce.lnk
[2010.07.08 17:40:06 | 000,000,855 | ---- | C] () -- C:\Users\Public\Desktop\Singularity(TM).lnk
[2010.06.24 17:24:52 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2010.06.24 14:51:54 | 000,000,312 | ---- | C] () -- C:\Users\Peta\Desktop\wowrm.ini
[2010.06.23 19:50:14 | 000,000,725 | ---- | C] () -- C:\Users\Public\Desktop\TmNationsForever.lnk
[2010.06.18 13:43:37 | 000,113,543 | ---- | C] () -- C:\Windows\SysWow64\slmgr.vbs
[2010.06.18 13:43:37 | 000,002,048 | ---- | C] () -- C:\Windows\SysWow64\winver.exe
[2010.06.17 19:08:05 | 000,054,156 | -H-- | C] () -- C:\Windows\QTFont.qfn
[2010.06.17 19:08:05 | 000,001,409 | ---- | C] () -- C:\Windows\QTFont.for
[2010.06.15 21:44:16 | 000,001,222 | ---- | C] () -- C:\Users\Peta\Desktop\FarCry2.exe – zástupce -DEVMODE.lnk
[2010.06.15 13:54:36 | 000,000,504 | ---- | C] () -- C:\Hry, Hudba, Filmy atd. (D) – zástupce.lnk
[2010.06.12 15:24:51 | 000,000,946 | ---- | C] () -- C:\Users\Peta\Desktop\cstrike.exe – zástupce.lnk
[2010.06.09 18:23:40 | 000,001,319 | ---- | C] () -- C:\Users\Peta\Desktop\eb.exe – zástupce.lnk
[2010.06.08 17:34:51 | 000,000,000 | ---- | C] () -- C:\ProgramData\driverinfo.txt
[2010.06.07 16:33:14 | 000,500,739 | ---- | C] () -- C:\AnalysisLog.sr0
[2010.05.31 14:10:52 | 000,000,031 | ---- | C] () -- C:\Windows\progress
[2010.05.31 13:47:20 | 000,000,007 | ---- | C] () -- C:\Windows\treeskp.sys
[2010.05.31 13:47:20 | 000,000,007 | ---- | C] () -- C:\Windows\sbacknt.bin
[2010.05.31 13:47:19 | 000,152,904 | ---- | C] () -- C:\Windows\SysWow64\vghd.scr
[2010.05.26 20:51:51 | 000,000,979 | ---- | C] () -- C:\Windows\eReg.dat
[2010.05.26 20:46:34 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2010.05.25 14:06:46 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll
[2010.05.25 14:01:13 | 000,000,000 | RH-- | C] () -- C:\logwmemory.bin
[2010.05.21 19:13:40 | 000,000,044 | ---- | C] () -- C:\Users\Peta\AppData\Roaming\PerX.ini
[2010.05.20 15:54:08 | 000,001,253 | ---- | C] () -- C:\Users\Peta\Application Data\Microsoft\Internet Explorer\Quick Launch\uTorrent Acceleration Tool.lnk
[2010.05.20 15:50:56 | 000,001,253 | ---- | C] () -- C:\Users\Peta\Application Data\Microsoft\Internet Explorer\Quick Launch\uTorrent Ultra Accelerator.lnk
[2010.05.16 17:25:10 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2010.05.14 17:29:14 | 000,029,392 | ---- | C] () -- C:\Windows\SysWow64\drivers\SECDRV.SYS
[2010.05.14 14:25:30 | 000,000,948 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.14 14:25:29 | 000,000,944 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.05.02 21:14:32 | 000,000,329 | ---- | C] () -- C:\Users\Peta\Documents\trinity_string.sql
[2010.04.29 18:57:16 | 000,003,946 | ---- | C] () -- C:\Users\Peta\prehledarenateamu.php
[2010.04.03 17:19:43 | 000,221,184 | ---- | C] () -- C:\Windows\SysWow64\COMSocketServer.dll
[2010.04.03 17:19:40 | 000,055,808 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2010.04.03 17:11:45 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2010.03.01 17:21:51 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\vbzlib1.dll
[2010.02.26 21:16:46 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010.02.22 18:59:29 | 000,000,332 | ---- | C] () -- C:\Windows\WPE PRO.INI
[2010.02.10 17:45:06 | 000,000,083 | ---- | C] () -- C:\Windows\wwp.INI
[2010.01.31 18:49:15 | 000,000,761 | ---- | C] () -- C:\Windows\CoD.INI
[2010.01.18 16:19:36 | 000,000,942 | ---- | C] () -- C:\Windows\my.ini
[2010.01.10 16:15:12 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009.12.27 11:35:26 | 001,745,516 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.12.26 17:43:47 | 000,000,297 | ---- | C] () -- C:\Windows\tmp2Level.ini
[2009.12.26 17:43:47 | 000,000,297 | ---- | C] () -- C:\Windows\level.ini
[2009.12.26 10:52:20 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
[2009.12.24 23:18:54 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.12.20 22:26:52 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
[2009.12.19 06:40:10 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2009.12.19 06:22:54 | 000,000,301 | ---- | C] () -- C:\Windows\lgfwup.ini
[2009.12.18 18:59:04 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2009.12.18 18:59:04 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2009.12.18 18:59:03 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2009.12.18 18:59:03 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2009.12.18 18:45:20 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009.12.18 18:45:14 | 000,030,586 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.11.06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.07.06 04:48:34 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2009.04.02 14:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2008.12.01 19:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll

========== LOP Check ==========

[2010.03.02 21:06:42 | 000,000,000 | -HSD | M] -- C:\Users\Peta\AppData\Roaming\.#
[2010.04.04 13:15:34 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Activision
[2010.07.24 09:57:16 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Azureus
[2010.02.18 18:17:46 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Bioshock
[2010.07.12 14:50:09 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Bonetown
[2009.12.19 06:40:16 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Canneverbe_Limited
[2010.02.26 18:12:01 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\DAEMON Tools
[2009.12.20 00:46:58 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\DAEMON Tools Lite
[2010.03.01 17:22:02 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Desktopicon
[2010.06.23 22:04:15 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Dream Aquarium
[2010.06.09 21:21:24 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\DreamDale
[2009.12.26 17:52:21 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Gearbox Software
[2009.12.26 21:30:40 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\GetRightToGo
[2010.03.27 23:22:13 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\GHISLER
[2010.05.03 21:48:24 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\gtk-2.0
[2010.05.19 18:26:29 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\GullySoft
[2010.03.21 10:46:51 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Hide IP NG
[2010.07.24 19:00:11 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\ICQ
[2010.02.13 15:10:23 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Kerio
[2009.12.19 12:32:28 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Leadertech
[2010.06.11 19:34:00 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\LolClient
[2010.07.08 17:44:56 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Mael
[2010.06.09 21:21:20 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\MagicBall4
[2010.05.15 19:21:02 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Mount&Blade
[2010.03.27 13:38:00 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\MySQL
[2010.04.10 11:52:17 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Prison Break
[2010.01.21 13:36:34 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Red Alert 3
[2010.05.14 17:44:56 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\runic games
[2010.02.02 15:11:09 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Screaming Bee
[2010.06.12 17:43:59 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Shareaza
[2010.05.08 09:04:44 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\SQLyog
[2010.02.13 22:45:56 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Subversion
[2010.05.17 09:45:11 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Sudeki
[2010.01.04 19:38:12 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\TeamViewer
[2010.04.27 14:27:21 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Touchstone
[2010.05.04 21:03:32 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\TuneUp Software
[2010.07.18 18:36:01 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Ubisoft
[2010.02.12 22:01:31 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Utherverse
[2010.07.24 20:09:51 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\uTorrent
[2010.06.12 20:40:15 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\XRay Engine
[2009.12.21 00:09:11 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Zoner
[2010.06.24 14:02:00 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 609 bytes -> C:\ProgramData\Temp:05EE1EEF
@Alternate Data Stream - 16 bytes -> C:\Users\Peta\Downloads:Shareaza.GUID
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:010ADD2C
< End of report >

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrB.exe -- (PnkBstrB)
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\kwflower.sys -- (kwflower)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - Reg Error: Key error. File not found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=
FF - HKLM\software\mozilla\Firefox\Extensions\\Cetrumcz@igeared: C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared [2009.12.24 20:53:05 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2010.07.18 18:48:34 | 000,001,510 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Centrum.cz Toolbar) - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} http://intel-drv-cdn.systemrequirements ... b_srlx.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O20 - AppInit_DLLs: (sxehack.dll) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - AutoRun File - [2004.02.17 18:42:58 | 000,000,027 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{3c117a2d-ec59-11de-bbe7-e0cb4e05e67f}\Shell - "" = AutoRun
O33 - MountPoints2\{3c117a2d-ec59-11de-bbe7-e0cb4e05e67f}\Shell\AutoRun\command - "" = O:\autorun.exe -- File not found
O33 - MountPoints2\{534b3306-22ac-11df-bc5c-e0cb4e05e67f}\Shell - "" = AutoRun
O33 - MountPoints2\{534b3306-22ac-11df-bc5c-e0cb4e05e67f}\Shell\AutoRun\command - "" = F:\MirrorsEdge.part01.exe -- File not found
O33 - MountPoints2\{93d2f37c-2438-11df-997d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{93d2f37c-2438-11df-997d-806e6f6e6963}\Shell\AutoRun\command - "" = G:\M2033.part01.exe -- File not found
O33 - MountPoints2\{dcb09f49-ebee-11de-97ae-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{dcb09f49-ebee-11de-97ae-806e6f6e6963}\Shell\AutoRun\command - "" = E:\.\Bin\ASSETUP.exe -- File not found
O33 - MountPoints2\{df115f3f-ec52-11de-9fed-e0cb4e05e67f}\Shell - "" = AutoRun
O33 - MountPoints2\{df115f3f-ec52-11de-9fed-e0cb4e05e67f}\Shell\AutoRun\command - "" = E:\score.exe -- [2007.02.12 22:44:08 | 001,196,544 | R--- | M] ()
O33 - MountPoints2\{e89ee796-ec65-11de-b99d-e0cb4e05e67f}\Shell - "" = AutoRun
O33 - MountPoints2\{e89ee796-ec65-11de-b99d-e0cb4e05e67f}\Shell\AutoRun\command - "" = P:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
@Alternate Data Stream - 609 bytes -> C:\ProgramData\Temp:05EE1EEF
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:010ADD2C

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Windows\SysWow64\*.tmp
E:\score.exe
E:\autorun.inf
C:\Windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP
C:\ProgramData\Symantec
C:\ProgramData\Norton
C:\ProgramData\NortonInstaller
C:\Program Files (x86)\NortonInstaller
C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP
C:\Windows\usgwmt
C:\Windows\jusched_32765916
C:\Windows\1C4551A64743409391E41477CD655043.TMP
C:\Windows\lgfwup.ini
C:\Windows\SysNative\drivers\etc\hosts.ics
C:\Windows\tasks\SA.DAT
C:\Windows\sbacknt.bin

:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\Windows\SysWow64\SI.bin
C:\Users\Peta\Documents\aionmemo_f5cbd0b5.dat

Pokud už byl soubor testován-klikni na otestovat znovu.
Až skončí test všech antivirů, vlož sem pak odkazy na stránky s výsledky.

[Clorky]

C:\Windows\SysWow64\SI.bin => http://www.virustotal.com/cs/analisis/9 ... 1280004144
C:\Users\Peta\Documents\aionmemo_f5cbd0b5.dat => http://www.virustotal.com/cs/analisis/b ... 1280004349

Log z OTL Bude zítra.

[jaro3]

Fajn.

[Clorky]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service PnkBstrB stopped successfully!
Service PnkBstrB deleted successfully!
File C:\Windows\SysNative\PnkBstrB.exe not found.
Service PnkBstrA stopped successfully!
Service PnkBstrA deleted successfully!
File C:\Windows\SysNative\PnkBstrA.exe not found.
Service kwflower stopped successfully!
Service kwflower deleted successfully!
File C:\Windows\SysNative\DRIVERS\kwflower.sys not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\Cetrumcz@igeared deleted successfully.
C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared\components folder moved successfully.
C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin folder moved successfully.
C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\icons\default folder moved successfully.
C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\icons folder moved successfully.
C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libsex folder moved successfully.
C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs folder moved successfully.
C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\Languages folder moved successfully.
C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html folder moved successfully.
C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\ex folder moved successfully.
C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content folder moved successfully.
C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome folder moved successfully.
C:\Program Files (x86)\CentrumczToolbar\Firefox\Cetrumcz@igeared folder moved successfully.
127.0.0.1 static3.cdn.ubi.com removed from HOSTS file successfully
127.0.0.1 ubisoft-orbit.s3.amazonaws.com removed from HOSTS file successfully
127.0.0.1 onlineconfigservice.ubi.com removed from HOSTS file successfully
127.0.0.1 orbitservice.ubi.com removed from HOSTS file successfully
127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com removed from HOSTS file successfully
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll moved successfully.
64bit-Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D5D47440-0750-463D-BAEF-A47D02414806} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {166B1BCA-3F9C-11CF-8075-444553540000}
C:\Windows\Downloaded Program Files\swdir.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{166B1BCA-3F9C-11CF-8075-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Starting removal of ActiveX control {2EDF75C0-5ABD-49f9-BAB6-220476A32034}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2EDF75C0-5ABD-49f9-BAB6-220476A32034}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2EDF75C0-5ABD-49f9-BAB6-220476A32034}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EDF75C0-5ABD-49f9-BAB6-220476A32034}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2EDF75C0-5ABD-49f9-BAB6-220476A32034}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EDF75C0-5ABD-49f9-BAB6-220476A32034}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88FED34C-F0CA-4636-A375-3CB6248B04CD}\ not found.
File {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:sxehack.dll deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
File move failed. E:\autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3c117a2d-ec59-11de-bbe7-e0cb4e05e67f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3c117a2d-ec59-11de-bbe7-e0cb4e05e67f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3c117a2d-ec59-11de-bbe7-e0cb4e05e67f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3c117a2d-ec59-11de-bbe7-e0cb4e05e67f}\ not found.
File O:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{534b3306-22ac-11df-bc5c-e0cb4e05e67f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{534b3306-22ac-11df-bc5c-e0cb4e05e67f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{534b3306-22ac-11df-bc5c-e0cb4e05e67f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{534b3306-22ac-11df-bc5c-e0cb4e05e67f}\ not found.
File F:\MirrorsEdge.part01.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{93d2f37c-2438-11df-997d-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{93d2f37c-2438-11df-997d-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{93d2f37c-2438-11df-997d-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{93d2f37c-2438-11df-997d-806e6f6e6963}\ not found.
File G:\M2033.part01.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dcb09f49-ebee-11de-97ae-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dcb09f49-ebee-11de-97ae-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dcb09f49-ebee-11de-97ae-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dcb09f49-ebee-11de-97ae-806e6f6e6963}\ not found.
File E:\.\Bin\ASSETUP.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df115f3f-ec52-11de-9fed-e0cb4e05e67f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{df115f3f-ec52-11de-9fed-e0cb4e05e67f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df115f3f-ec52-11de-9fed-e0cb4e05e67f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{df115f3f-ec52-11de-9fed-e0cb4e05e67f}\ not found.
File move failed. E:\score.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e89ee796-ec65-11de-b99d-e0cb4e05e67f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e89ee796-ec65-11de-b99d-e0cb4e05e67f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e89ee796-ec65-11de-b99d-e0cb4e05e67f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e89ee796-ec65-11de-b99d-e0cb4e05e67f}\ not found.
File P:\setup.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
ADS C:\ProgramData\Temp:05EE1EEF deleted successfully.
ADS C:\ProgramData\Temp:010ADD2C deleted successfully.
========== FILES ==========
C:\WINDOWS\System32\tmp2196.tmp moved successfully.
C:\WINDOWS\System32\tmp9964.tmp moved successfully.
C:\WINDOWS\1C4551A64743409391E41477CD655043.TMP folder moved successfully.
C:\WINDOWS\45235788142C44BE8A4DDDE9A84492E5.TMP folder moved successfully.
C:\WINDOWS\8AAB4176A747493AA42CB63CFADFD8E3.TMP folder moved successfully.
C:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP folder moved successfully.
C:\WINDOWS\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP folder moved successfully.
C:\WINDOWS\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP folder moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
File move failed. E:\score.exe scheduled to be moved on reboot.
File move failed. E:\autorun.inf scheduled to be moved on reboot.
File\Folder C:\Windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP not found.
C:\ProgramData\Symantec folder moved successfully.
C:\ProgramData\Norton folder moved successfully.
C:\ProgramData\NortonInstaller\Logs\07-24-2010-20h06m48s folder moved successfully.
C:\ProgramData\NortonInstaller\Logs\07-24-2010-20h06m34s folder moved successfully.
C:\ProgramData\NortonInstaller\Logs\07-08-2010-13h20m16s folder moved successfully.
C:\ProgramData\NortonInstaller\Logs folder moved successfully.
C:\ProgramData\NortonInstaller folder moved successfully.
C:\Program Files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.3.34 folder moved successfully.
C:\Program Files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType folder moved successfully.
C:\Program Files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS folder moved successfully.
C:\Program Files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35} folder moved successfully.
C:\Program Files (x86)\NortonInstaller folder moved successfully.
File\Folder C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP not found.
C:\Windows\usgwmt folder moved successfully.
C:\Windows\jusched_32765916\ServerLogs\Peta folder moved successfully.
C:\Windows\jusched_32765916\ServerLogs folder moved successfully.
C:\Windows\jusched_32765916 folder moved successfully.
File\Folder C:\Windows\1C4551A64743409391E41477CD655043.TMP not found.
C:\Windows\lgfwup.ini moved successfully.
C:\Windows\SysNative\drivers\etc\hosts.ics moved successfully.
C:\Windows\tasks\SA.DAT moved successfully.
C:\Windows\sbacknt.bin moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56504 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Peta
->Temp folder emptied: 2082873 bytes
->Temporary Internet Files folder emptied: 7679955 bytes
->Java cache emptied: 30213823 bytes
->FireFox cache emptied: 39687913 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 59763 bytes

User: Public

User: Táta
->Temp folder emptied: 1375043 bytes
->Temporary Internet Files folder emptied: 84753778 bytes
->Java cache emptied: 29517322 bytes
->FireFox cache emptied: 72720674 bytes
->Flash cache emptied: 8279 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 53231692 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 307.00 mb


[EMPTYFLASH]

User: All Users

User: AppData

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Peta
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.9.1 log created on 07242010_224207

Files\Folders moved on Reboot...
File move failed. E:\autorun.inf scheduled to be moved on reboot.
File move failed. E:\score.exe scheduled to be moved on reboot.
C:\Users\Peta\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Peta\AppData\Local\Mozilla\Firefox\Profiles\kiqze7em.default\Cache\_CACHE_001_ moved successfully.
C:\Users\Peta\AppData\Local\Mozilla\Firefox\Profiles\kiqze7em.default\Cache\_CACHE_002_ moved successfully.
C:\Users\Peta\AppData\Local\Mozilla\Firefox\Profiles\kiqze7em.default\Cache\_CACHE_003_ moved successfully.
C:\Users\Peta\AppData\Local\Mozilla\Firefox\Profiles\kiqze7em.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\Peta\AppData\Local\Mozilla\Firefox\Profiles\kiqze7em.default\urlclassifier3.sqlite moved successfully.
C:\Users\Peta\AppData\Local\Mozilla\Firefox\Profiles\kiqze7em.default\XUL.mfl moved successfully.

Registry entries deleted on Reboot...

[jaro3]

Smaž OTL :
C:\_OTL

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

[Clorky]

Ok, moc ti děkuji.