HiJackThis - prosím o prověření logů + Vyřešeno

[Clorky]

Dříve než jsem zde postnul tento log, použil jsem k údržbě PC tyto programy: Ashampoo Win Optimizer, Advanced System Care, CCleaner, IObit Smart Defrag, O&O Defrag a Glary Ulities. K prohlédnutí mého PC jsem použil NOD32 a MalwareBytes Anti-Malware - nic nenašli.

Prosím o prověření logů, předem díky.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:38:09, on 22.10.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe
C:\Program Files (x86)\lg_fwupdate\fwupdate.exe
C:\Genius\ioCentre\gTaskBar.exe
C:\Genius\ioCentre\gMouseTask.exe
C:\Genius\ioCentre\gKbdTask.exe
C:\Genius\ioCentre\gAutoPan.exe
C:\Genius\ioCentre\gAutoScroll.exe
C:\Genius\ioCentre\gZoom.exe
C:\Genius\ioCentre\gMGlass.exe
C:\Genius\ioCentre\gIMMgm.exe
C:\Genius\ioCentre\gDeskMgm.exe
C:\Genius\ioCentre\gTaskSwitch.exe
C:\mowes\apache2\bin\httpd.exe
C:\mowes\apache2\bin\httpd.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Smart PC Utilities\Game Fire\GFTray.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
D:\Optimalizace Systému\Defrag\IObit SmartDefrag.exe
C:\Users\Peta\Desktop\GHostOne\GHostOne.exe
C:\Users\Peta\Desktop\GHostOne\ghost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
D:\Programy\Gamebooster v2\GameBooster.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\trend micro\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2776682
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - (no file)
O1 - Hosts: ˙ţ1
O2 - BHO: (no name) - {0EEDB912-C5FA-486F-8334-57288578C627} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: (no name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: (no name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - (no file)
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [T Probe] "C:\Program Files (x86)\ASUS\T Probe\TProbe.exe" -b
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [eurobattlegui] "D:\Hry\Blizzard's\warcraft III\Warcraft III\eb.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [Adobe.exe] C:\Users\Peta\AppData\Roaming\Adobe.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download with &Shareaza - res://c:\program files (x86)\shareaza\razawebhook32.dll/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\Programy\ICQ 7\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\Programy\ICQ 7\ICQ7.0\ICQ.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: CrossLoop Service (CrossLoopService) - CrossLoop Inc - C:\Users\Peta\AppData\Local\CrossLoop\CrossLoopService.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - D:\Optimalizace Systému\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: MySQL501 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: uvnc_service - UltraVNC - C:\Users\Peta\AppData\Local\CrossLoop\winvnc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility (XTUService) - Intel Corporation - C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe

--
End of file - 11535 bytes

[Reklama]

[memphisto]

odinstaluj:
Conduit Engine

v logu fixni:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2776682
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - (no file)
O1 - Hosts: ˙ţ1
O2 - BHO: (no name) - {0EEDB912-C5FA-486F-8334-57288578C627} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: (no name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - (no file)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: (no name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - (no file)
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole muzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat


Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[Clorky]

-ATF Cleaner = hotovo
-HiJackThis (fix vypsaných objektů) = hotovo
-Dr. Web = hotovo
-MalwareBytes Anti-Malwave = hotovo, zde je log:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4344

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

22.10.2010 20:14:06
mbam-log-2010-10-22 (20-14-06).txt

Typ skenu: Rychlý sken
Skenované objekty: 144935
Uplynulý čas: 2 minuta(y), 45 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[memphisto]

Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[Clorky]

Zde:

OTL.log:

OTL logfile created on: 22.10.2010 20:36:58 - Run 4
OTL by OldTimer - Version 3.2.16.0 Folder = C:\Users\Peta\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
7.00 Gb Paging File | 5.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 292.87 Gb Total Space | 214.01 Gb Free Space | 73.07% Space Free | Partition Type: NTFS
Drive D: | 638.54 Gb Total Space | 296.00 Gb Free Space | 46.36% Space Free | Partition Type: NTFS
Drive E: | 7.75 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive O: | 4.31 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive Z: | 74.52 Gb Total Space | 0.01 Gb Free Space | 0.01% Space Free | Partition Type: NTFS

Computer Name: I5 | User Name: Peta | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Peta\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Program Files (x86)\Smart PC Utilities\Game Fire\GFTray.exe (Smart PC Utilities, Ltd.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - D:\Optimalizace Systému\Defrag\IObit SmartDefrag.exe (IObit)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Users\Peta\Desktop\GHostOne\ghost.exe ()
PRC - C:\Users\Peta\Desktop\GHostOne\GHostOne.exe (psionic.one)
PRC - C:\Users\Peta\AppData\Local\CrossLoop\CrossLoopService.exe (CrossLoop Inc)
PRC - C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHelp.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe (Intel Corporation)
PRC - C:\ASUS.SYS\config\DVMExportService.exe (DeviceVM, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
PRC - C:\mowes\apache2\bin\httpd.exe (Apache Software Foundation)
PRC - C:\Program Files (x86)\lg_fwupdate\fwupdate.exe (BL)
PRC - C:\Genius\ioCentre\gKbdTask.exe (TODO: <Company name>)
PRC - C:\Genius\ioCentre\gAutoScroll.exe ()
PRC - C:\Genius\ioCentre\gTaskBar.exe (TODO: <Company name>)
PRC - C:\Genius\ioCentre\gMouseTask.exe (TODO: <Company name>)
PRC - C:\Genius\ioCentre\gDeskMgm.exe (TODO: <Company name>)
PRC - C:\Genius\ioCentre\gZoom.exe (TODO: <Company name>)
PRC - C:\Genius\ioCentre\gTaskSwitch.exe (TODO: <Company name>)
PRC - C:\Genius\ioCentre\gMGlass.exe (TODO: <Company name>)
PRC - C:\Genius\ioCentre\gIMMgm.exe (TODO: <Company name>)
PRC - C:\Genius\ioCentre\gAutoPan.exe (TODO: <Company name>)


========== Modules (SafeList) ==========

MOD - C:\Users\Peta\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (MySQL501) -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
SRV:64bit: - (msvsmon90) -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe (Microsoft Corporation)
SRV:64bit: - (pr2agqwb) -- C:\Windows\SysNative\pr2agqwb.exe (Cyanide)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (CrossLoopService) -- C:\Users\Peta\AppData\Local\CrossLoop\CrossLoopService.exe (CrossLoop Inc)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (uvnc_service) -- C:\Users\Peta\AppData\Local\CrossLoop\winvnc.exe (UltraVNC)
SRV - (NMSAccessU) -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
SRV - (DfSdkS) -- D:\Optimalizace Systému\Ashampoo WinOptimizer 6\Dfsdks.exe (mst software GmbH, Germany)
SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (ASUSTeK Computer Inc.)
SRV - (SandraAgentSrv) -- D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe (SiSoftware)
SRV - (XTUService) Intel(R) -- C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe (Intel Corporation)
SRV - (DvmMDES) -- C:\ASUS.SYS\config\DVMExportService.exe (DeviceVM, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (ATI Technologies, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (cpuz133) -- C:\Windows\SysNative\drivers\cpuz133_x64.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (acs6ntm) -- C:\Windows\SysNative\drivers\acs6ntm.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (RMCAST) Protokol RMP (Reliable Multicast Protocol) -- C:\Windows\SysNative\drivers\rmcast.sys (Microsoft Corporation)
DRV:64bit: - (msloop) -- C:\Windows\SysNative\drivers\loop.sys (Microsoft Corporation)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (epfwwfpr) -- C:\Windows\SysNative\drivers\epfwwfpr.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
DRV:64bit: - (eamon) -- C:\Windows\SysNative\drivers\eamon.sys (ESET)
DRV:64bit: - (smbusp) Intel(R) -- C:\Windows\SysNative\drivers\intelsmb.sys (Intel Corporation)
DRV:64bit: - (kvnet) -- C:\Windows\SysNative\drivers\kvnet.sys (Kerio Technologies Inc.)
DRV:64bit: - (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.0) -- C:\Windows\SysNative\drivers\RtTeam60.sys (Realtek Corporation)
DRV:64bit: - (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.0) -- C:\Windows\SysNative\drivers\RtTeam60.sys (Realtek Corporation)
DRV:64bit: - (ENTECH64) -- C:\Windows\SysNative\drivers\Entech64.sys (EnTech Taiwan)
DRV:64bit: - (RtNdPt60) -- C:\Windows\SysNative\drivers\RtNdPt60.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (VLAN) Realtek Virtual Miniport Driver for VLAN (NDIS 6.0) -- C:\Windows\SysNative\drivers\RtVlan60.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.0) -- C:\Windows\SysNative\drivers\RtVlan60.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (pe3agqwb) Loki Environment Driver (pe3agqwb) -- C:\Windows\SysNative\drivers\pe3agqwb.sys (Cyanide)
DRV:64bit: - (ps6agqwb) Loki Synchronization Driver (ps6agqwb) -- C:\Windows\SysNative\drivers\ps6agqwb.sys (Cyanide)
DRV - (SecDrv) -- C:\Windows\SysWOW64\drivers\SECDRV.SYS ()
DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys ()
DRV - (cglptnt) -- C:\totalcmd\CGLPTNT.SYS (C. Ghisler & Co.)
DRV - (SANDRA) -- D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\WNt500x64\sandra.sys (SiSoftware)
DRV - (IOCBIOS) -- C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\iOCbios.sys (Intel Corporation)
DRV - (ENTECH64) -- C:\Windows\SysWOW64\drivers\Entech64.sys (EnTech Taiwan)
DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2776682
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DC 8C 59 D9 1E 3B CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "BrotherSoft Extreme Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "BrotherSoft Extreme Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://www.greentd.net/downloads/"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19
FF - prefs.js..extensions.enabledItems: {51a86bb3-6602-4c85-92a5-130ee4864f13}:3.1.0.12
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.11
FF - prefs.js..keyword.URL: "http://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q="

FF - user.js..browser.search.openintab: false

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.10.21 14:39:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.10.21 14:39:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.02.21 17:33:19 | 000,000,000 | ---D | M]

[2009.12.24 20:54:33 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\mozilla\Extensions
[2009.12.24 20:54:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peta\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.10.21 21:19:31 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\mozilla\Firefox\Profiles\kiqze7em.default\extensions
[2010.10.18 13:14:47 | 000,000,000 | ---D | M] (BrotherSoft Extreme Community Toolbar) -- C:\Users\Peta\AppData\Roaming\mozilla\Firefox\Profiles\kiqze7em.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}
[2010.09.25 15:07:38 | 000,002,392 | ---- | M] () -- C:\Users\Peta\AppData\Roaming\Mozilla\FireFox\Profiles\kiqze7em.default\searchplugins\askcom.xml
[2010.09.16 18:48:08 | 000,000,941 | ---- | M] () -- C:\Users\Peta\AppData\Roaming\Mozilla\FireFox\Profiles\kiqze7em.default\searchplugins\conduit.xml
[2010.10.21 21:19:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.10.21 14:39:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.03.30 13:59:46 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.04.13 14:35:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
[2010.10.21 14:39:18 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browserdirprovider.dll
[2010.10.21 14:39:18 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\brwsrcmp.dll
[2007.04.10 18:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
[2010.04.13 14:35:09 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeploytk.dll
[2010.10.21 14:39:19 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npnul32.dll
[2010.01.10 16:14:30 | 000,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
[2010.08.03 13:56:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
[2010.08.03 13:56:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
[2010.08.03 13:56:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
[2010.08.03 13:56:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
[2010.08.03 13:56:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
[2010.08.03 13:56:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
[2010.08.03 13:56:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
[2010.01.10 16:14:32 | 000,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
[2010.01.10 16:14:29 | 000,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
[2009.10.21 04:10:38 | 000,001,425 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\Cetrumcz_igeared.xml
[2010.03.25 14:18:33 | 000,002,371 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\google.xml
[2010.03.25 14:18:33 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.03.25 14:18:33 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.03.25 14:18:33 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.03.25 14:18:33 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.03.25 14:18:33 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.10.22 20:08:03 | 000,000,808 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (no name) - {0EEDB912-C5FA-486F-8334-57288578C627} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [eurobattlegui] D:\Hry\Blizzard's\warcraft III\Warcraft III\eb.exe (http://www.eurobattle.net)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe (TODO: <Company name>)
O4 - HKLM..\Run: [LGODDFU] C:\Program Files (x86)\lg_fwupdate\fwupdate.exe (BL)
O4 - HKLM..\Run: [QFan Help] C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [T Probe] C:\Program Files (x86)\ASUS\T Probe\TProbe.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Adobe.exe] C:\Users\Peta\AppData\Roaming\Adobe.exe (Adobe Corporation)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ShutdownWithoutLogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\Programy\ICQ 7\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\Programy\ICQ 7\ICQ7.0\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing

Žádné jiné logy se mi nevytvořily.

[Clorky]

POKRAČOVÁNÍ OTL.log:

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311 begin_of_the_skype_highlighting              006097942311      end_of_the_skype_highlighting begin_of_the_skype_highlighting 006097942311 end_of_the_skype_highlighting} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.07.17 11:17:08 | 000,000,049 | R--- | M] () - E:\AUTORUN.INF -- [ UDF ]
O32 - AutoRun File - [2007.07.10 19:48:52 | 001,433,600 | R--- | M] (Cyanide) - O:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2007.04.25 15:33:08 | 000,000,053 | R--- | M] () - O:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{602fff1c-ec64-11de-9b78-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{602fff1c-ec64-11de-9b78-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LEVEL.EXE -- [2006.07.17 11:17:08 | 000,389,120 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.10.22 20:35:03 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Peta\Desktop\OTL.exe
[2010.10.22 20:07:35 | 000,000,000 | ---D | C] -- C:\Users\Peta\DoctorWeb
[2010.10.22 19:31:43 | 000,034,304 | ---- | C] (mst software GmbH, Germany) -- C:\Windows\SysNative\DfSdkBt.exe
[2010.10.22 19:31:43 | 000,028,160 | ---- | C] (mst software GmbH, Germany) -- C:\Windows\SysWow64\DfSdkBt32.exe
[2010.10.22 07:12:45 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\Mount&Blade Savegames
[2010.10.20 14:27:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Futuremark
[2010.10.20 10:20:22 | 000,000,000 | ---D | C] -- C:\Users\Peta\Desktop\Data_test_lvl69
[2010.10.20 10:20:22 | 000,000,000 | ---D | C] -- C:\Users\Peta\Desktop\Data
[2010.10.20 10:13:00 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\ArcaniA - Gothic 4
[2010.10.20 10:01:55 | 000,000,000 | ---D | C] -- C:\Users\Peta\Arcania.Gothic.4.CRACK.FINAL.ELiTE.Group.CZ
[2010.10.19 17:07:06 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\Smart_PC_Utilities,_Ltd
[2010.10.19 17:06:09 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\Smart PC Utilities
[2010.10.19 17:06:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart PC Utilities
[2010.10.19 15:54:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RamCleaner
[2010.10.19 15:53:54 | 000,925,950 | ---- | C] (Benutec Software, INC) -- C:\Users\Peta\Desktop\RamCleaner.exe
[2010.10.19 14:28:23 | 000,324,608 | ---- | C] (Adobe Corporation) -- C:\Users\Peta\AppData\Roaming\Adobe.exe
[2010.10.19 12:42:23 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2010.10.19 12:38:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GetData
[2010.10.19 12:28:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Doctor
[2010.10.19 10:58:09 | 000,000,000 | ---D | C] -- C:\mowes
[2010.10.18 15:01:08 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\capcom
[2010.10.18 13:14:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConduitEngine
[2010.10.18 13:14:30 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\Downloads
[2010.10.18 07:59:52 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\Alcohol 120%
[2010.10.18 07:58:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft
[2010.10.18 07:53:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\EZB Systems
[2010.10.18 07:53:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UltraISO
[2010.10.18 07:53:28 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\My ISO Files
[2010.10.17 17:54:05 | 000,000,000 | ---D | C] -- C:\ProgramData\MySQL
[2010.10.16 23:31:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2010.10.16 23:31:05 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\EA Games
[2010.10.14 19:20:25 | 000,000,000 | ---D | C] -- C:\Users\Peta\Desktop\EA_1.7
[2010.10.14 08:30:16 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\Any Video Converter
[2010.10.13 21:08:48 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\AVI ReComp
[2010.10.13 15:10:35 | 000,000,000 | ---D | C] -- C:\Users\Peta\tmp
[2010.10.13 12:13:53 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2010.10.13 12:13:43 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010.10.13 12:13:42 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010.10.13 12:13:42 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010.10.13 12:13:42 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010.10.13 12:13:41 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.10.13 12:13:41 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.10.13 12:13:41 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.10.13 12:13:41 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.10.13 12:13:41 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010.10.13 12:13:41 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010.10.13 12:13:40 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010.10.13 12:13:40 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010.10.13 12:13:40 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.10.13 12:13:40 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.10.13 12:13:28 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2010.10.13 12:13:28 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010.10.13 12:13:26 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2010.10.13 12:13:25 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2010.10.13 12:13:23 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2010.10.13 12:13:21 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010.10.13 12:13:21 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010.10.13 12:13:18 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010.10.13 12:13:15 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010.10.13 12:13:15 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010.10.13 12:13:14 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010.10.13 12:13:14 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010.10.13 12:13:14 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010.10.12 19:57:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garena
[2010.10.12 08:33:02 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\Front Mission Evolved
[2010.10.12 08:14:37 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\StarCraft II
[2010.10.12 07:53:44 | 000,000,000 | ---D | C] -- C:\Users\Peta\Desktop\Stats maker
[2010.10.11 20:01:41 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\FlatOut Ultimate Carnage
[2010.10.11 16:19:48 | 000,000,000 | ---D | C] -- C:\Users\Peta\Desktop\AlterIW EAM 1.3.37a
[2010.10.11 13:11:03 | 017,686,528 | ---- | C] (Intel Corporation / Blue Ripple Sound Limited) -- C:\Windows\SysWow64\mkl_blueripple.dll
[2010.10.11 13:11:03 | 001,380,352 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\SysWow64\rapture3d_oal.dll
[2010.10.11 13:11:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BRS
[2010.10.11 13:09:44 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\BioWare
[2010.10.11 12:50:33 | 000,964,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudioD2_7.dll
[2010.10.11 12:50:32 | 002,686,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9d_43.dll
[2010.10.11 12:50:32 | 000,411,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XactEngineA3_7.dll
[2010.10.11 12:50:32 | 000,327,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XactEngineD3_7.dll
[2010.10.11 12:50:32 | 000,139,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFXD1_5.dll
[2010.10.11 12:50:32 | 000,053,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudioD1_7.dll
[2010.10.11 12:50:30 | 004,830,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9d_33.dll
[2010.10.11 12:50:28 | 002,947,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9d.dll
[2010.10.11 12:50:28 | 001,931,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCSXd_43.dll
[2010.10.11 12:50:28 | 000,645,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3D11SDKLayers.dll
[2010.10.11 12:50:28 | 000,639,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3D11Ref.dll
[2010.10.11 12:50:28 | 000,568,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX10d_43.dll
[2010.10.11 12:50:28 | 000,447,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dref9.dll
[2010.10.11 12:50:28 | 000,308,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX11d_43.dll
[2010.10.11 12:50:27 | 002,261,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3dx9d_43.dll
[2010.10.11 12:50:27 | 000,954,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudioD2_7.dll
[2010.10.11 12:50:27 | 000,608,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3D10SDKLayers.DLL
[2010.10.11 12:50:27 | 000,453,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3D10Ref.DLL
[2010.10.11 12:50:27 | 000,435,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XactEngineA3_7.dll
[2010.10.11 12:50:27 | 000,349,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XactEngineD3_7.dll
[2010.10.11 12:50:27 | 000,131,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFXD1_5.dll
[2010.10.11 12:50:27 | 000,045,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudioD1_7.dll
[2010.10.11 12:50:26 | 003,795,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9d_33.dll
[2010.10.11 12:50:24 | 002,719,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d9d.dll
[2010.10.11 12:50:24 | 001,883,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCSXd_43.dll
[2010.10.11 12:50:24 | 000,514,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX10d_43.dll
[2010.10.11 12:50:24 | 000,348,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dref9.dll
[2010.10.11 12:50:24 | 000,268,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX11d_43.dll
[2010.10.11 12:50:23 | 000,525,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3D11Ref.dll
[2010.10.11 12:50:23 | 000,496,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3D11SDKLayers.dll
[2010.10.11 12:50:23 | 000,442,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3D10SDKLayers.DLL
[2010.10.11 12:50:23 | 000,367,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3D10Ref.DLL
[2010.10.11 12:47:03 | 000,111,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\dxsdkuninst.exe
[2010.10.11 12:47:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)
[2010.10.10 22:07:18 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\SystemRequirementsLab
[2010.10.09 12:57:19 | 000,094,208 | ---- | C] (Blizzard Entertainment) -- C:\Windows\DIIUnin.exe
[2010.10.09 07:46:50 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\BlackBean
[2010.10.08 20:50:15 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\Registry Mechanic
[2010.10.08 20:47:06 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox210.ocx
[2010.10.08 20:47:06 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox10.ocx
[2010.10.08 20:47:06 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml.dll
[2010.10.08 20:47:06 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBoxVB12.ocx
[2010.10.08 20:47:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2010.10.08 14:35:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2010.10.07 19:18:14 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\BlackMirror2
[2010.10.07 19:00:35 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\FIFA 11
[2010.10.06 21:11:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2010.10.05 18:30:25 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\FileZilla
[2010.10.05 18:30:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2010.10.04 09:41:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2010.10.03 20:37:48 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\CrossLoop
[2010.10.03 17:06:53 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\Navicat
[2010.10.02 23:03:58 | 000,000,000 | ---D | C] -- C:\Downloads
[2010.10.02 22:36:54 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Silent Hill Homecoming
[2010.10.02 18:54:21 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\GlarySoft
[2010.10.02 18:48:09 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\ZPS12
[2010.10.02 11:41:35 | 000,000,000 | ---D | C] -- C:\Users\Peta\Documents\Hitman Blood Money
[2010.10.01 19:31:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Eraidea Software
[2010.10.01 15:46:56 | 000,000,000 | ---D | C] -- C:\Users\Peta\Nová složka
[2010.09.30 14:46:31 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Roaming\Xfire
[2010.09.30 14:46:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2010.09.26 08:13:35 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\Darksiders
[2010.09.25 16:24:56 | 000,000,000 | ---D | C] -- C:\Users\Peta\AppData\Local\O&O
[2010.09.25 16:22:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oodag
[2010.09.25 14:31:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PFConfig
[2010.09.25 06:13:21 | 000,000,000 | -H-D | C] -- C:\Users\Peta\AppData\Local\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
[2007.06.13 19:14:56 | 003,406,336 | ---- | C] (Madison Media Software, Inc.) -- C:\Program Files\vegas70k.dll
[2007.06.13 19:14:55 | 001,349,632 | ---- | C] (Madison Media Software, Inc.) -- C:\Program Files\sfvstwrap.dll
[2007.06.13 19:14:00 | 010,505,728 | ---- | C] (Madison Media Software, Inc.) -- C:\Program Files\vegas70.exe
[8 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.10.22 20:34:55 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Peta\Desktop\OTL.exe
[2010.10.22 20:08:03 | 000,000,808 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010.10.22 19:44:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\AWC Update.job
[2010.10.22 19:31:43 | 000,000,819 | ---- | M] () -- C:\Users\Peta\Desktop\One-Click-Optimizer.lnk
[2010.10.22 19:31:43 | 000,000,697 | ---- | M] () -- C:\Users\Peta\Desktop\Ashampoo WinOptimizer 6.lnk
[2010.10.22 19:13:58 | 000,001,487 | ---- | M] () -- C:\Users\Peta\Desktop\hijackthis.exe – zástupce.lnk
[2010.10.22 19:12:47 | 000,000,725 | ---- | M] () -- C:\Users\Peta\Desktop\Loki.lnk
[2010.10.22 17:39:08 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\UpdateCheck.job
[2010.10.21 17:35:26 | 000,000,749 | ---- | M] () -- C:\Users\Peta\Desktop\Gothic II.lnk
[2010.10.21 13:53:19 | 000,004,096 | ---- | M] () -- C:\Windows\d3dx.dat
[2010.10.21 09:10:46 | 001,545,056 | ---- | M] () -- C:\Users\Peta\Desktop\Bez názvu.png
[2010.10.20 20:44:59 | 000,000,676 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2010.10.20 20:44:59 | 000,000,664 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster 2.lnk
[2010.10.20 20:44:59 | 000,000,664 | ---- | M] () -- C:\Users\Peta\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Booster 2.lnk
[2010.10.20 19:33:06 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2010.10.20 19:28:18 | 000,020,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.20 19:28:18 | 000,020,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.20 19:23:55 | 000,000,123 | ---- | M] () -- C:\Windows\lgfwup.ini
[2010.10.20 19:23:52 | 000,000,428 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2010.10.20 19:23:04 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2010.10.20 19:23:03 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\AWC AutoSweep.job
[2010.10.20 19:23:03 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2010.10.20 19:22:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.20 19:22:53 | 2817,040,384 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.20 19:22:52 | 000,037,004 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor
[2010.10.20 19:20:30 | 000,000,003 | ---- | M] () -- C:\7Loader.TAG
[2010.10.20 10:33:55 | 000,000,984 | ---- | M] () -- C:\Users\Peta\Desktop\Start ArcaniA - Gothic 4.lnk
[2010.10.20 09:14:19 | 106,128,416 | ---- | M] () -- C:\Users\Peta\arcania-gothic-4-crack-final-elite-group-cz.rar
[2010.10.19 17:52:10 | 003,063,888 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.10.19 17:06:10 | 000,002,119 | ---- | M] () -- C:\Users\Public\Desktop\Game Fire.lnk
[2010.10.19 15:54:26 | 000,925,950 | ---- | M] (Benutec Software, INC) -- C:\Users\Peta\Desktop\RamCleaner.exe
[2010.10.19 14:28:23 | 000,324,608 | ---- | M] (Adobe Corporation) -- C:\Users\Peta\AppData\Roaming\Adobe.exe
[2010.10.19 13:19:56 | 237,852,243 | R--- | M] () -- C:\Users\Peta\Desktop\ArcaniA_Gothic4_Hotfix_Installer_CZ-PL-HU.zip
[2010.10.19 12:42:24 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\Recuva.lnk
[2010.10.19 12:38:07 | 000,001,221 | ---- | M] () -- C:\Users\Peta\Desktop\Recover My Files.lnk
[2010.10.19 11:07:29 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\euroloader.lnk
[2010.10.19 10:58:33 | 000,000,570 | ---- | M] () -- C:\Users\Peta\Desktop\Mowes.lnk
[2010.10.19 10:21:25 | 000,000,860 | ---- | M] () -- C:\Users\Peta\Desktop\AVI ReComp.lnk
[2010.10.18 19:37:47 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010.10.18 15:22:23 | 000,000,343 | ---- | M] () -- C:\Users\Peta\Documents\ax_files.xml
[2010.10.17 17:47:09 | 000,215,104 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.10.16 07:19:43 | 000,000,721 | ---- | M] () -- C:\Users\Public\Desktop\iw3mp.exe.lnk
[2010.10.16 07:19:43 | 000,000,721 | ---- | M] () -- C:\Users\Public\Desktop\iw2sp.exe.lnk
[2010.10.16 07:19:41 | 000,000,281 | ---- | M] () -- C:\Windows\game.ini
[2010.10.15 18:53:45 | 000,000,038 | ---- | M] () -- C:\Windows\AviSplitter.INI
[2010.10.14 12:40:04 | 000,000,565 | ---- | M] () -- C:\Users\Peta\AppData\Roaming\myMPQ.ini
[2010.10.13 21:08:29 | 000,006,144 | ---- | M] () -- C:\Users\Peta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.13 20:22:06 | 000,215,104 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.10.13 12:19:54 | 000,000,256 | ---- | M] () -- C:\Windows\level.ini
[2010.10.13 12:19:52 | 000,734,772 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.10.13 12:19:52 | 000,720,144 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.10.13 12:19:52 | 000,165,480 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.10.13 12:19:52 | 000,146,106 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.10.13 12:19:51 | 001,787,948 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.10.11 16:13:59 | 000,108,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mswinsck.ocx
[2010.10.11 13:11:01 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010.10.11 13:11:01 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010.10.11 13:11:01 | 000,122,968 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2010.10.11 13:11:01 | 000,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010.10.11 12:46:49 | 000,111,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\dxsdkuninst.exe
[2010.10.10 22:00:00 | 000,000,294 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job
[2010.10.10 17:02:14 | 000,021,840 | ---- | M] () -- C:\Windows\SysWow64\SIntfNT.dll
[2010.10.10 17:02:14 | 000,017,212 | ---- | M] () -- C:\Windows\SysWow64\SIntf32.dll
[2010.10.10 17:02:14 | 000,012,067 | ---- | M] () -- C:\Windows\SysWow64\SIntf16.dll
[2010.10.10 08:36:49 | 001,746,440 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.10.09 21:41:48 | 008,454,144 | ---- | M] () -- C:\Users\Peta\s-1-5-21-3772232233-1002815925-119122930-1000.rrr
[2010.10.09 13:46:33 | 000,001,011 | ---- | M] () -- C:\Users\Peta\Desktop\Torchlight.exe – zástupce.lnk
[2010.10.09 12:59:06 | 000,029,025 | ---- | M] () -- C:\Windows\DIIUnin.dat
[2010.10.09 12:57:19 | 000,094,208 | ---- | M] (Blizzard Entertainment) -- C:\Windows\DIIUnin.exe
[2010.10.09 12:57:19 | 000,002,829 | ---- | M] () -- C:\Windows\DIIUnin.pif
[2010.10.08 20:58:58 | 000,007,602 | ---- | M] () -- C:\Users\Peta\AppData\Local\Resmon.ResmonCfg
[2010.10.07 21:06:52 | 000,001,052 | ---- | M] () -- C:\Users\Peta\Desktop\Restarter (2).bat
[2010.10.06 16:28:57 | 000,002,723 | ---- | M] () -- C:\Users\Peta\Desktop\OnlineHraci.php
[2010.10.03 20:53:35 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010.10.01 22:46:57 | 000,000,773 | ---- | M] () -- C:\Users\Public\Desktop\Worms Reloaded.lnk
[2010.09.27 19:11:23 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[8 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.10.22 19:31:43 | 000,000,819 | ---- | C] () -- C:\Users\Peta\Desktop\One-Click-Optimizer.lnk
[2010.10.22 19:31:43 | 000,000,697 | ---- | C] () -- C:\Users\Peta\Desktop\Ashampoo WinOptimizer 6.lnk
[2010.10.22 19:13:58 | 000,001,487 | ---- | C] () -- C:\Users\Peta\Desktop\hijackthis.exe – zástupce.lnk
[2010.10.22 19:12:47 | 000,000,725 | ---- | C] () -- C:\Users\Peta\Desktop\Loki.lnk
[2010.10.21 17:35:26 | 000,000,749 | ---- | C] () -- C:\Users\Peta\Desktop\Gothic II.lnk
[2010.10.21 13:53:19 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2010.10.21 09:10:46 | 001,545,056 | ---- | C] () -- C:\Users\Peta\Desktop\Bez názvu.png
[2010.10.20 20:44:59 | 000,000,664 | ---- | C] () -- C:\Users\Peta\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Booster 2.lnk
[2010.10.20 19:20:30 | 000,000,003 | ---- | C] () -- C:\7Loader.TAG
[2010.10.20 10:33:55 | 000,000,984 | ---- | C] () -- C:\Users\Peta\Desktop\Start ArcaniA - Gothic 4.lnk
[2010.10.20 10:02:13 | 106,128,416 | ---- | C] () -- C:\Users\Peta\arcania-gothic-4-crack-final-elite-group-cz.rar
[2010.10.19 17:06:10 | 000,002,119 | ---- | C] () -- C:\Users\Public\Desktop\Game Fire.lnk
[2010.10.19 17:06:08 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\UpdateCheck.job
[2010.10.19 13:20:04 | 237,852,243 | R--- | C] () -- C:\Users\Peta\Desktop\ArcaniA_Gothic4_Hotfix_Installer_CZ-PL-HU.zip
[2010.10.19 12:42:24 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\Recuva.lnk
[2010.10.19 12:38:07 | 000,001,221 | ---- | C] () -- C:\Users\Peta\Desktop\Recover My Files.lnk
[2010.10.19 11:07:29 | 000,001,048 | ---- | C] () -- C:\Users\Public\Desktop\euroloader.lnk
[2010.10.19 10:58:33 | 000,000,570 | ---- | C] () -- C:\Users\Peta\Desktop\Mowes.lnk
[2010.10.19 10:21:25 | 000,000,860 | ---- | C] () -- C:\Users\Peta\Desktop\AVI ReComp.lnk
[2010.10.18 09:28:14 | 000,000,343 | ---- | C] () -- C:\Users\Peta\Documents\ax_files.xml
[2010.10.16 07:19:43 | 000,000,721 | ---- | C] () -- C:\Users\Public\Desktop\iw3mp.exe.lnk
[2010.10.16 07:19:43 | 000,000,721 | ---- | C] () -- C:\Users\Public\Desktop\iw2sp.exe.lnk
[2010.10.16 07:19:41 | 000,000,281 | ---- | C] () -- C:\Windows\game.ini
[2010.10.13 14:50:11 | 000,411,648 | ---- | C] () -- C:\Users\Peta\Desktop\PM.exe
[2010.10.13 14:34:05 | 000,001,308 | ---- | C] () -- C:\Users\Peta\Desktop\LICENCE
[2010.10.09 13:46:56 | 008,454,144 | ---- | C] () -- C:\Users\Peta\s-1-5-21-3772232233-1002815925-119122930-1000.rrr
[2010.10.09 13:46:33 | 000,001,011 | ---- | C] () -- C:\Users\Peta\Desktop\Torchlight.exe – zástupce.lnk
[2010.10.09 13:25:00 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2010.10.09 13:25:00 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2010.10.09 13:25:00 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2010.10.09 12:57:20 | 000,029,025 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2010.10.09 12:57:19 | 000,002,829 | ---- | C] () -- C:\Windows\DIIUnin.pif
[2010.10.08 20:47:06 | 000,040,408 | ---- | C] () -- C:\Windows\SysNative\CleanMFT64.exe
[2010.10.05 19:22:17 | 000,002,723 | ---- | C] () -- C:\Users\Peta\Desktop\OnlineHraci.php
[2010.10.03 20:53:35 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.10.03 20:51:41 | 000,001,052 | ---- | C] () -- C:\Users\Peta\Desktop\Restarter (2).bat
[2010.10.02 18:51:38 | 000,000,318 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
[2010.10.01 22:46:57 | 000,000,773 | ---- | C] () -- C:\Users\Public\Desktop\Worms Reloaded.lnk
[2010.09.25 17:48:59 | 000,000,565 | ---- | C] () -- C:\Users\Peta\AppData\Roaming\myMPQ.ini
[2010.09.25 16:38:13 | 000,037,004 | ---- | C] () -- C:\Windows\SysNative\oodbs.lor
[2010.09.21 14:33:30 | 000,004,922 | ---- | C] () -- C:\ProgramData\amjmwaey.gaf
[2010.09.20 22:12:52 | 000,000,036 | ---- | C] () -- C:\Windows\IniFile1.ini
[2010.09.20 18:35:51 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2010.09.18 21:25:36 | 000,013,312 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2010.09.09 15:03:34 | 000,000,120 | ---- | C] () -- C:\Windows\SysWow64\enbconvertor.ini
[2010.09.03 19:34:37 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2010.09.02 13:00:38 | 000,005,120 | ---- | C] () -- C:\Windows\SysWow64\BReWErS.dll
[2010.08.13 21:26:08 | 000,006,144 | ---- | C] () -- C:\Users\Peta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.13 21:24:04 | 000,129,024 | ---- | C] () -- C:\Windows\SysWow64\AVERM.dll
[2010.08.13 21:24:04 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\AVEQT.dll
[2010.08.05 16:08:08 | 012,869,632 | ---- | C] () -- C:\ProgramData\sandra.mda
[2010.08.02 10:19:08 | 000,060,168 | ---- | C] () -- C:\Users\Peta\AppData\Roaming\SQLite3.dll
[2010.07.30 13:33:58 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\_Valve001.dll
[2010.07.30 11:00:15 | 000,000,600 | ---- | C] () -- C:\Users\Peta\AppData\Roaming\winscp.rnd
[2010.07.28 21:40:07 | 000,000,600 | ---- | C] () -- C:\Users\Peta\AppData\Local\PUTTY.RND
[2010.07.25 08:16:11 | 000,000,123 | ---- | C] () -- C:\Windows\lgfwup.ini
[2010.05.31 13:47:20 | 000,000,007 | ---- | C] () -- C:\Windows\treeskp.sys
[2010.05.28 02:04:46 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2010.05.26 20:46:34 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2010.05.21 19:13:40 | 000,000,044 | ---- | C] () -- C:\Users\Peta\AppData\Roaming\PerX.ini
[2010.05.14 17:29:14 | 000,029,392 | ---- | C] () -- C:\Windows\SysWow64\drivers\SECDRV.SYS
[2010.04.03 17:19:43 | 000,221,184 | ---- | C] () -- C:\Windows\SysWow64\COMSocketServer.dll
[2010.04.03 17:19:40 | 000,055,808 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2010.04.03 17:11:45 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.02.26 21:16:46 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010.02.22 18:59:29 | 000,000,332 | ---- | C] () -- C:\Windows\WPE PRO.INI
[2010.02.10 17:45:06 | 000,000,083 | ---- | C] () -- C:\Windows\wwp.INI
[2010.01.31 18:49:15 | 000,000,761 | ---- | C] () -- C:\Windows\CoD.INI
[2010.01.18 16:19:36 | 000,000,942 | ---- | C] () -- C:\Windows\my.ini
[2010.01.10 16:15:12 | 000,000,050 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009.12.27 11:35:26 | 001,746,440 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.12.26 17:43:47 | 000,000,297 | ---- | C] () -- C:\Windows\tmp2Level.ini
[2009.12.26 17:43:47 | 000,000,256 | ---- | C] () -- C:\Windows\level.ini
[2009.12.26 10:52:20 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
[2009.12.24 23:18:54 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.12.20 22:26:52 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
[2009.12.19 12:31:18 | 000,007,602 | ---- | C] () -- C:\Users\Peta\AppData\Local\Resmon.ResmonCfg
[2009.12.19 06:40:10 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2009.12.18 18:59:04 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2009.12.18 18:59:04 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2009.12.18 18:59:03 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2009.12.18 18:59:03 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2009.12.18 18:45:20 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009.12.18 18:45:14 | 000,030,586 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.07.06 04:48:34 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2009.06.07 16:24:04 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.06.07 16:16:12 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009.06.07 13:27:20 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\vbzlib1.dll
[2009.04.02 14:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2009.01.28 20:50:44 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2008.12.01 19:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2006.08.16 16:13:34 | 001,382,280 | ---- | C] () -- C:\Windows\SysWow64\fftw3.dll
[2002.08.29 19:33:56 | 000,319,488 | R--- | C] () -- C:\Users\Peta\AppData\Roaming\MafiaSetup.exe

========== LOP Check ==========

[2010.03.02 21:06:42 | 000,000,000 | -HSD | M] -- C:\Users\Peta\AppData\Roaming\.#
[2010.07.28 21:35:55 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\AbsoluteTelnet
[2010.04.04 13:15:34 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Activision
[2010.08.08 20:12:08 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\AnvSoft
[2010.10.21 20:39:15 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\AVI ReComp
[2010.08.08 19:34:06 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\avidemux
[2010.10.02 18:58:43 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Azureus
[2010.02.18 18:17:46 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Bioshock
[2010.09.02 13:45:23 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Bioshock2
[2010.09.19 18:41:37 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\BitSpirit
[2010.09.21 14:42:51 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\bizarre creations
[2010.10.09 07:46:50 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\BlackBean
[2010.09.30 14:45:56 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Bonetown
[2009.12.19 06:40:16 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Canneverbe_Limited
[2010.02.26 18:12:01 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\DAEMON Tools
[2009.12.20 00:46:58 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\DAEMON Tools Lite
[2010.03.01 17:22:02 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Desktopicon
[2010.10.01 19:37:48 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Dream Aquarium
[2010.06.09 21:21:24 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\DreamDale
[2010.10.09 08:56:56 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\FileZilla
[2010.09.19 15:59:50 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\FUEL
[2009.12.26 17:52:21 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Gearbox Software
[2010.10.18 13:15:05 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\GetRightToGo
[2010.03.27 23:22:13 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\GHISLER
[2010.10.02 19:01:59 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\GlarySoft
[2010.05.03 21:48:24 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\gtk-2.0
[2010.05.19 18:26:29 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\GullySoft
[2010.07.29 21:49:46 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\HeidiSQL
[2010.03.21 10:46:51 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Hide IP NG
[2010.10.16 22:55:41 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\ICQ
[2010.09.25 16:18:30 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\IObit
[2010.02.13 15:10:23 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Kerio
[2009.12.19 12:32:28 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Leadertech
[2010.06.11 19:34:00 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\LolClient
[2010.07.08 17:44:56 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Mael
[2010.06.09 21:21:20 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\MagicBall4
[2010.05.15 19:21:02 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Mount&Blade
[2010.09.21 14:33:35 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\MOVAVI
[2010.03.27 13:38:00 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\MySQL
[2010.04.10 11:52:17 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Prison Break
[2010.01.21 13:36:34 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Red Alert 3
[2010.10.08 20:50:27 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Registry Mechanic
[2010.10.09 11:54:06 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\runic games
[2010.02.02 15:11:09 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Screaming Bee
[2010.09.10 15:41:33 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\SEGA Corporation
[2010.06.12 17:43:59 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Shareaza
[2010.09.30 14:45:56 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\SQLyog
[2010.02.13 22:45:56 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Subversion
[2010.05.17 09:45:11 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Sudeki
[2010.10.10 22:07:18 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\SystemRequirementsLab
[2010.09.30 14:45:56 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\TeamViewer
[2010.04.27 14:27:21 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Touchstone
[2010.05.04 21:03:32 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\TuneUp Software
[2010.07.18 18:36:01 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Ubisoft
[2010.02.12 22:01:31 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Utherverse
[2010.10.22 20:38:34 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\uTorrent
[2010.06.12 20:40:15 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\XRay Engine
[2009.12.21 00:09:11 | 000,000,000 | ---D | M] -- C:\Users\Peta\AppData\Roaming\Zoner
[2010.10.20 19:23:03 | 000,000,330 | ---- | M] () -- C:\Windows\Tasks\AWC AutoSweep.job
[2010.10.20 19:23:03 | 000,000,324 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2010.10.22 19:44:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\AWC Update.job
[2010.10.20 19:23:04 | 000,000,318 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2010.09.24 06:45:01 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.10.10 22:00:00 | 000,000,294 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job
[2010.10.22 17:39:08 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\UpdateCheck.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 85 bytes -> C:\ProgramData:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM
@Alternate Data Stream - 171 bytes -> C:\ProgramData\Temp:D1B5B4F1
@Alternate Data Stream - 16 bytes -> C:\Users\Peta\Downloads:Shareaza.GUID

< End of report >

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found
IE - HKLM\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - Reg Error: Key error. File not found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2776682
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "BrotherSoft Extreme Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "BrotherSoft Extreme Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://www.greentd.net/downloads/"
FF - prefs.js..keyword.URL: "http://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q="
O2:64bit: - BHO: (no name) - {0EEDB912-C5FA-486F-8334-57288578C627} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O13 - gopher Prefix: missing
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.07.17 11:17:08 | 000,000,049 | R--- | M] () - E:\AUTORUN.INF -- [ UDF ]
O32 - AutoRun File - [2007.07.10 19:48:52 | 001,433,600 | R--- | M] (Cyanide) - O:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2007.04.25 15:33:08 | 000,000,053 | R--- | M] () - O:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{602fff1c-ec64-11de-9b78-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{602fff1c-ec64-11de-9b78-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LEVEL.EXE -- [2006.07.17 11:17:08 | 000,389,120 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - File not found
@Alternate Data Stream - 171 bytes -> C:\ProgramData\Temp:D1B5B4F1

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\d3dx.dat
C:\Windows\lgfwup.ini
C:\Windows\SysNative\drivers\etc\hosts.ics
C:\7Loader.TAG
C:\Users\Peta\arcania-gothic-4-crack-final-elite-group-cz.rar
C:\Users\Peta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Windows\SysNative\perfh005.dat
C:\Windows\SysNative\perfh009.dat
C:\Windows\SysNative\perfc005.dat
C:\Windows\SysNative\perfc009.dat
C:\Windows\SysWow64\SIntf16.dll
C:\Windows\ativpsrm.bin
C:\Windows\_MSRSTRT.EXE
C:\ProgramData\sandra.mda
C:\Windows\treeskp.sys

:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\Windows\SysNative\pr2agqwb.exe
C:\Users\Peta\Desktop\PM.exe
C:\ProgramData\amjmwaey.gaf
C:\Windows\SysWow64\BReWErS.dll
C:\Users\Peta\Desktop\GHostOne\ghost.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.


C:\Downloads
C:\Users\Peta\Nová složka
C:\ProgramData\DSS
znáš tyto složky?

[Clorky]

OTL.log:

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Unable to kill active process firefox.exe!
Service PnkBstrA stopped successfully!
Service PnkBstrA deleted successfully!
File C:\Windows\SysNative\PnkBstrA.exe File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{51a86bb3-6602-4c85-92a5-130ee4864f13} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51a86bb3-6602-4c85-92a5-130ee4864f13}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "BrotherSoft Extreme Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "BrotherSoft Extreme Customized Web Search" removed from browser.search.selectedEngine
Prefs.js: "http://www.greentd.net/downloads/" removed from browser.startup.homepage
Prefs.js: "http://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q=" removed from keyword.URL
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EEDB912-C5FA-486F-8334-57288578C627}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EEDB912-C5FA-486F-8334-57288578C627}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{51A86BB3-6602-4C85-92A5-130EE4864F13} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51A86BB3-6602-4C85-92A5-130EE4864F13}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BA14329E-9550-4989-B3F2-9732E92D17CC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File move failed. E:\AUTORUN.INF scheduled to be moved on reboot.
File move failed. O:\AutoRun.exe scheduled to be moved on reboot.
File move failed. O:\Autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{602fff1c-ec64-11de-9b78-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{602fff1c-ec64-11de-9b78-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{602fff1c-ec64-11de-9b78-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{602fff1c-ec64-11de-9b78-806e6f6e6963}\ not found.
File move failed. E:\LEVEL.EXE scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:OODBS deleted successfully.
ADS C:\ProgramData\Temp:D1B5B4F1 deleted successfully.
========== FILES ==========
C:\WINDOWS\System32\tmp2D95.tmp moved successfully.
C:\WINDOWS\System32\tmp2DA6.tmp moved successfully.
C:\WINDOWS\System32\tmp462B.tmp moved successfully.
C:\WINDOWS\System32\tmp467A.tmp moved successfully.
C:\WINDOWS\System32\tmp47C2.tmp moved successfully.
C:\WINDOWS\System32\tmp47D2.tmp moved successfully.
C:\WINDOWS\System32\tmp48E7.tmp moved successfully.
C:\WINDOWS\System32\tmp48F7.tmp moved successfully.
C:\WINDOWS\1C4551A64743409391E41477CD655043.TMP folder moved successfully.
C:\WINDOWS\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP folder moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\AWC AutoSweep.job moved successfully.
c:\windows\Tasks\AWC Startup.job moved successfully.
c:\windows\Tasks\AWC Update.job moved successfully.
c:\windows\Tasks\GlaryInitialize.job moved successfully.
c:\windows\Tasks\SmartDefrag.job moved successfully.
c:\windows\Tasks\UpdateCheck.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\Windows\SysNative\drivers\*.tmp not found.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
C:\Windows\d3dx.dat moved successfully.
C:\Windows\lgfwup.ini moved successfully.
C:\Windows\SysNative\drivers\etc\hosts.ics moved successfully.
C:\7Loader.TAG moved successfully.
File\Folder C:\Users\Peta\arcania-gothic-4-crack-final-elite-group-cz.rar not found.
C:\Users\Peta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Windows\SysNative\perfh005.dat moved successfully.
C:\Windows\SysNative\perfh009.dat moved successfully.
C:\Windows\SysNative\perfc005.dat moved successfully.
C:\Windows\SysNative\perfc009.dat moved successfully.
C:\Windows\SysWow64\SIntf16.dll moved successfully.
C:\Windows\ativpsrm.bin moved successfully.
C:\Windows\_MSRSTRT.EXE moved successfully.
C:\ProgramData\sandra.mda moved successfully.
C:\Windows\treeskp.sys moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temporary Internet Files folder emptied: 0 bytes

User: Peta
->Temp folder emptied: 26003380 bytes
->Temporary Internet Files folder emptied: 11170708 bytes
->Java cache emptied: 4291297 bytes
->FireFox cache emptied: 103022605 bytes
->Flash cache emptied: 986 bytes

User: Public

User: Táta
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3412 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 138.00 mb


[EMPTYFLASH]

User: All Users

User: AppData

User: Default

User: Default User

User: Peta
->Flash cache emptied: 0 bytes

User: Public

User: Táta

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.16.0 log created on 10222010_225248

Files\Folders moved on Reboot...
File move failed. E:\AUTORUN.INF scheduled to be moved on reboot.
File\Folder O:\AutoRun.exe not found!
File\Folder O:\Autorun.inf not found!
File move failed. E:\LEVEL.EXE scheduled to be moved on reboot.
C:\Users\Peta\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

[Clorky]

Virustotal nic nenašel, a ano, ty složky znám.

[jaro3]

Spusť OTL a klikni na Vyčisti.
Pak můžeš OTL smazat , C:\_OTL

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

[Clorky]

Bezva, mnohokrát děkuji za pomoc.