Nejde internet Vyřešeno

[jaro3]

Stáhni si ToolsCleaner2( by de A.Rothstein & Dj Quiou & překlad: Damned )
Na plochu a spusť ho.
Klikni na Bod obnovení a poté na OK , OK.
Klikni na Koš a poté na OK.
Klikni na Dočasné soubory a poté na OK.
Klikni na Vyhledat[b] a nech Cleaner pracovat. Může se během čištění zastavit (neodpovídá), ale nech ho pokračovat.
Když program skončí , klikni na [b]Odstranit a odstraň nalezené.
Zavři program.
Program maže i všechny nástroje na odvirování a vytváření logů , které se zde používají (HJT, Combofix, OTM, OTL, OTS atd.)


Atheros AR5B93 Wireless Network Adapter = Bezdrátové připojení k síti (Media disconnected) medium odpojeno) --zkontroluj


# Konfigurace protokolu IPv4
# ----------------------------------
pushd interface ipv4
doinstaluj si ipv6


Error: (09/08/2012 00:29:13 PM) (Source: VSS) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x800706ba, Server RPC není k dispozici.

Vyzkoušej tohle:
http://answers.microsoft.com/en-us/wind ... e3f4019ebb

[Reklama]

[s.le]

Co je to ipv6 a kde to mám stáhnout? :)

[s.le]

Ta stínová kopie nebyla spuštěna, tak jsem jí zapla.
Atheros AR5B93 Wireless Network Adapter - nefungoval ovladač, předtím když jsem to kontrolovala bylo vše v pořádku..

[jaro3]

Stáhni si Slim Drivers

Pomůže ti najít a aktualizovat ovladače..

Ovládací panely\Síť a Internet\Síťová připojení
klikni na tu sítovku pravým a vyber vlastnosti.

Protokol IP verze 6 klikni na to a pak na nainstalovat.

[s.le]

Ovladač opět nainstalovaný nebyl.
Pokaždé ho nainstaluju a po něolika hodinách zmizí..

[jaro3]

Stáhni si OTH
na svojí plochu( pokud používáš Firefox , pravým klikni na OTH link a vyber uložit jako (Save as..).

Stáhni si OTL
na svojí plochu (pokud používáš Firefox , pravým klikni na OTL link a vyber uložit jako (Save as..).

Stáhni si soubor Scan.txt
na svojí plochu (pokud používáš Firefox , pravým klikni na OTL link a vyber uložit jako (Save as..).

Poklepej na soubor OTH na ploše , po spuštění programu klikni na Kill All Processes.Poté klikni na Start OTL .Poklepej Do prázdného okna pod Vlastní skenování /opravy ( Custom Scans box). Objeví se zpráva: Kliknutím na OK vyberete cestu k souboru, kliknutím na Zrušit zrušíte výběr.
Klikni na OK. Objeví se okno průzkumníku , zde klikneš na plochu a najdeš na ní soubor Scan.txt .Klikni na Otevřít.
Poté klikni na Rychle prohledat (Quick Scan). Neměň žádná jiná nastavení . Sken může trvat dlouho.
Kdy sken skončí , objeví se na ploše dva logy:
OTL.Txt a Extras.Txt , jsou uloženy ve stejném místě jako OTL.
Zkopíruj sem prosím celý obsah obou logů.

[s.le]

OTL Extras logfile created on: 9/12/2012 9:54:56 AM - Run 1
OTL by OldTimer - Version 3.2.61.3 Folder = C:\Users\Sabina\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2.75 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 61.32% Memory free
5.49 Gb Paging File | 4.12 Gb Available in Paging File | 75.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.66 Gb Total Space | 394.85 Gb Free Space | 87.42% Space Free | Partition Type: NTFS
Drive D: | 4.36 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: JABLICKOVA-PC | User Name: Sabina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{C1F17516-FDA9-4399-B6D6-CE12928381C0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DD41D9A1-0914-45FE-B1F2-EEED41492F70}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2D9E80CE-88CF-4803-89D5-508B5A1CC526}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{609FB9D3-64A2-48CE-9180-29914632A96F}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{60B426D0-C6E8-4B61-9A99-125025CD5419}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{674E0CD2-5E91-482F-B5E2-79881883A7F6}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{69525C52-ADE2-4603-B298-C1C91531C80C}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{7221B15C-6DA5-404B-84AE-0E76A660ECCF}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{CE646563-BCFB-4187-A4EF-4B71133315F8}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{E950B2E3-5FD6-426D-AAF5-C31452BFAA20}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{EE945BA7-650E-45E0-96E1-036A6AC8A6DB}" = dir=in | app=c:\program files (x86)\file type assistant\tsassist.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{16D8AAE0-EA5A-F5AC-D9B7-4B802EC1CB46}" = ccc-utility64
"{21958FA9-A346-4745-E831-98013FA0C203}" = ATI Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.11 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{0CA2063D-D43F-41F2-A8AC-A3C4A4C722D2}" = Qualcomm Atheros Fast Reconnect
"{191348A7-13EC-2650-6ABC-1C1D2423A40C}" = CCC Help German
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}" = OpenOffice.org 3.4.1
"{1E91951D-0114-4692-8F55-F95E1B2F3542}" = SlimDrivers
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23D5D3E2-26F4-556E-B798-09B7CC796BD1}" = CCC Help Portuguese
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3653CD74-6658-CEBB-CD6D-C0307AD95C42}" = CCC Help Dutch
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3DB0448D-AD82-4923-B305-D001E521A964}" = eMachines Power Management
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{4460DD07-4171-C90E-1D90-B77AC15A1091}" = CCC Help Danish
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{4B0E901E-F7E0-E568-85C8-2EA65A1BDAF5}" = CCC Help Turkish
"{4D20ABBF-B73C-A373-5BAB-D4B0339B6A0A}" = CCC Help Japanese
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5A3D0EE7-72E0-B579-425A-098B091709A8}" = CCC Help Chinese Standard
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5FB9AC96-BC36-7EED-7DCF-8B2FF4437A59}" = ccc-core-static
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65E556A8-6CA0-22A4-6818-6CD068DA0AFD}" = Catalyst Control Center Graphics Full New
"{6F29746D-92E6-F783-A0F4-4F096E78D050}" = Catalyst Control Center Graphics Full Existing
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-emachines" = WildTangent Games App (eMachines Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Video Web Camera
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{7B96F0C0-BDD3-A367-11CC-45597C63ABEB}" = Catalyst Control Center Graphics Light
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = eMachines Recovery Management
"{8595562C-577E-5EF2-D41B-ED9179C11148}" = CCC Help Thai
"{8A7F7E19-9019-D754-4BCF-48C6439F99C3}" = CCC Help English
"{8DB37F8B-12E1-E616-3D73-8D09FC012107}" = CCC Help Swedish
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A23514CE-CE89-43D1-BAB2-685E49538766}" = CCC Help Hungarian
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{B0490CEE-D5ED-431A-88EB-772D9DB70C0C}" = Windows Live Movie Maker
"{B2F7D09B-E3AE-8BCA-A798-C8DA98D0A9AC}" = CCC Help Norwegian
"{B376DE99-5243-D03D-B51D-4BE193EA7985}" = CCC Help Greek
"{BDBAEB81-FACA-1CF6-9A74-8EB532F0012D}" = CCC Help Spanish
"{C2BE0404-9252-8657-6839-EA2B60EA3CE8}" = Catalyst Control Center Localization All
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{CB8D8129-4592-3EB9-4976-68515DC4D0C1}" = CCC Help French
"{CC757D67-711D-4459-AB6A-8835CA5BF699}" = CCC Help Chinese Traditional
"{CC9D85AF-30DB-55A0-1E00-976BFDAF04D0}" = CCC Help Russian
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{DC8F6F65-558C-1C57-8F08-D367F6C19988}" = CCC Help Korean
"{DF57F301-0416-55BA-8287-5E929615D967}" = CCC Help Polish
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3CA43BE-C574-1938-E60B-E7A4486A1DAD}" = CCC Help Finnish
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E4CD072D-13E1-5EAB-A350-76E7F8A2DD51}" = Catalyst Control Center Graphics Previews Common
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = eMachines Updater
"{EF48185C-1BE3-3EE0-22C5-EDE82A08C105}" = CCC Help Italian
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26A271D-5602-CA19-6456-AEB22BEFE1EA}" = Catalyst Control Center Core Implementation
"{FC635D8E-FFBA-4B2C-BE68-A37D56BDFB74}" = Catalyst Control Center - Branding
"{FDAEEEC4-E57E-D75A-E885-EE4E3BEE916B}" = CCC Help Czech
"{FF6BA6F7-67C8-5F93-89B7-F6679D51D869}" = Catalyst Control Center InstallProxy
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Agatha Christie Dead Man's Folly" = Agatha Christie Dead Man's Folly
"eMachines Registration" = eMachines Registration
"eMachines Screensaver" = eMachines ScreenSaver
"eMachines Welcome Center" = Welcome Center
"Identity Card" = Identity Card
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"JpegResampler2010_is1" = Jpeg Resampler Vs 6+
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.62.0.1300
"NIS" = Norton Internet Security
"rajče.net_is1" = rajče průvodce verze 1.59.42.257
"Revo Uninstaller" = Revo Uninstaller 1.93
"The KMPlayer" = The KMPlayer (remove only)
"Trusted Software Assistant_is1" = File Type Assistant
"Uc_heb a Hebrák_is1" = Uc_heb a Hebrák 2.31
"VisiPics_is1" = VisiPics V1.30
"WildTangent emachines Master Uninstall" = eMachines Games
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WT088155" = Bejeweled 2 Deluxe
"WT088159" = Build-a-lot 2
"WT088166" = Chuzzle Deluxe
"WT088175" = Diner Dash 2 Restaurant Rescue
"WT088181" = Farm Frenzy
"WT088189" = Insaniquarium Deluxe
"WT088194" = Jewel Quest Solitaire 2
"WT088203" = Plants vs. Zombies
"WT088215" = Zuma Deluxe
"WT088414" = FATE
"WT088418" = Final Drive Nitro
"WT088446" = John Deere Drive Green
"WT088450" = Penguins!
"WT088454" = Polar Bowler
"WT088458" = Polar Golfer
"WT088506" = Virtual Villagers 4 - The Tree of Life
"WT088521" = Zuma's Revenge
"WTA-f5b27337-6b30-447a-83c4-a803b4ba1aa5" = Agatha Christie - 4:50 from Paddington

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/1/2012 10:57:18 PM | Computer Name = jablickova-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 9/1/2012 10:57:18 PM | Computer Name = jablickova-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 9/1/2012 10:57:18 PM | Computer Name = jablickova-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error - 9/2/2012 5:18:51 AM | Computer Name = jablickova-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 9/2/2012 5:18:51 AM | Computer Name = jablickova-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 9/2/2012 5:18:51 AM | Computer Name = jablickova-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error - 9/4/2012 11:47:32 AM | Computer Name = jablickova-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové
razítko: 0x4d672ee4 Název chybujícího modulu: SHELL32.dll, verze: 6.1.7601.17859,
časové razítko: 0x4fd2dfec Kód výjimky: 0xc0000005 Posun chyby: 0x000000000015e489
ID
chybujícího procesu: 0x47c Čas spuštění chybující aplikace: 0x01cd8ab43d0dc27c Cesta
k chybující aplikaci: C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: C:\Windows\system32\SHELL32.dll
ID
zprávy: d65bd7d0-f6a7-11e1-9ff8-70f1a1ce102c

Error - 9/5/2012 2:01:45 AM | Computer Name = jablickova-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: DeathOnTheNile-WT.exe, verze: 2.2.0.95,
časové razítko: 0x4b8ec7c7 Název chybujícího modulu: DeathOnTheNile-WT.exe, verze:
2.2.0.95, časové razítko: 0x4b8ec7c7 Kód výjimky: 0x4000001f Posun chyby: 0x000804fb
ID
chybujícího procesu: 0x135c Čas spuštění chybující aplikace: 0x01cd8b2bde1b5f20 Cesta
k chybující aplikaci: C:\Program Files (x86)\eMachines Games\Agatha Christie -
Death on the Nile\DeathOnTheNile-WT.exe Cesta k chybujícímu modulu: C:\Program Files
(x86)\eMachines Games\Agatha Christie - Death on the Nile\DeathOnTheNile-WT.exe
ID
zprávy: 2b61d297-f71f-11e1-ba14-70f1a1ce102c

Error - 9/5/2012 1:58:05 PM | Computer Name = jablickova-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 9/5/2012 1:58:05 PM | Computer Name = jablickova-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 9/5/2012 1:58:05 PM | Computer Name = jablickova-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.

[ System Events ]
Error - 9/7/2012 11:45:15 AM | Computer Name = jablickova-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 9/7/2012 11:51:03 AM | Computer Name = jablickova-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 9/7/2012 11:51:15 AM | Computer Name = jablickova-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 9/7/2012 11:52:31 AM | Computer Name = jablickova-PC | Source = Service Control Manager | ID = 7023
Description = Služba Windows Defender byla ukončena s následující chybou: %%126

Error - 9/7/2012 2:10:35 PM | Computer Name = jablickova-PC | Source = DCOM | ID = 10010
Description =

Error - 9/8/2012 11:50:12 AM | Computer Name = jablickova-PC | Source = ACPI | ID = 327693
Description = : Integrovaný řadič neodpověděl během zadaného časového limitu. Může
to znamenat chybu hardwaru nebo firmwaru integrovaného řadiče nebo že systém BIOS
přistupuje k integrovanému řadiči nesprávně. Měli byste zjistit, zda výrobce počítače
nemá k dispozici upgrade systému BIOS. V některých situacích může tato chyba způsobit,
že počítač nebude pracovat správně.

Error - 9/10/2012 7:26:59 AM | Computer Name = jablickova-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby NIS bylo dosaženo časového limitu
(30000 ms).

Error - 9/12/2012 3:52:38 AM | Computer Name = jablickova-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo
časového limitu (30000 ms).

Error - 9/12/2012 3:53:57 AM | Computer Name = jablickova-PC | Source = Service Control Manager | ID = 7034
Description = Služba Dritek WMI Service byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 9/12/2012 3:54:05 AM | Computer Name = jablickova-PC | Source = Service Control Manager | ID = 7034
Description = Služba GREGService byla neočekávaně ukončena. Tento stav nastal již
1krát.


< End of report >

[s.le]

OTL logfile created on: 9/12/2012 9:54:56 AM - Run 1
OTL by OldTimer - Version 3.2.61.3 Folder = C:\Users\Sabina\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2.75 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 61.32% Memory free
5.49 Gb Paging File | 4.12 Gb Available in Paging File | 75.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.66 Gb Total Space | 394.85 Gb Free Space | 87.42% Space Free | Partition Type: NTFS
Drive D: | 4.36 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: JABLICKOVA-PC | User Name: Sabina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/12 09:51:12 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Sabina\Desktop\otl.exe
PRC - [2012/09/12 09:51:12 | 000,259,584 | ---- | M] (OldTimer Tools) -- C:\Users\Sabina\Desktop\OTH.scr
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/06/16 04:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccsvchst.exe
PRC - [2011/08/10 15:09:56 | 000,057,344 | ---- | M] (Atheros) -- C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
PRC - [2010/01/29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - [2010/06/11 23:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/04/21 01:34:40 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/01/29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/08/28 15:28:03 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/06/16 04:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe -- (NIS)
SRV - [2011/08/10 15:09:56 | 000,057,344 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2010/10/12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/07/15 03:31:31 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/06/22 08:34:48 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/11 10:20:23 | 000,015,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2012/08/28 10:25:37 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/07/06 04:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/07/06 04:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/06/07 06:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012/05/22 03:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/04/18 04:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/04/18 03:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/08/05 16:33:48 | 002,768,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/07/25 20:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symds64.sys -- (SymDS)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 12:49:51 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010/07/09 05:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010/06/17 11:18:28 | 000,246,376 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/05/14 23:48:28 | 000,384,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010/04/21 03:15:04 | 006,406,144 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/04/21 00:39:36 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/04/20 04:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2010/01/27 05:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/12/10 13:25:10 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/08/23 11:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/09/11 10:19:42 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120910.032\ex64.sys -- (NAVEX15)
DRV - [2012/09/11 10:19:42 | 000,125,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120910.032\eng64.sys -- (NAVENG)
DRV - [2012/09/01 02:27:23 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120908.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/09/01 00:09:13 | 001,385,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120905.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/08/27 13:30:40 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/08/27 13:30:40 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emachines.com/rdr.aspx? ... 5r4702s46o
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW_csCZ481CZ481
IE - HKCU\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sabina\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sabina\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012/08/28 10:02:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2012/09/11 09:55:47 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Sabina\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Sabina\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sabina\AppData\Local\Google\Chrome\User Data\NPAPIFlash\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Sabina\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Norton Identity Protection = C:\Users\Sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.5.11_0\
CHR - Extension: Gmail = C:\Users\Sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/09/07 17:52:49 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ips\ipsbho.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7C1CCC02-742B-47E1-BA2C-296CD7214858}: DhcpNameServer = 82.100.29.65 212.24.128.8
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/09/12 09:53:35 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\Sabina\Desktop\OTL.exe
[2012/09/12 09:53:35 | 000,259,584 | ---- | C] (OldTimer Tools) -- C:\Users\Sabina\Desktop\OTH.scr
[2012/09/11 10:30:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect
[2012/09/11 10:28:41 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2012/09/11 10:27:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros
[2012/09/11 10:20:16 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Local\SlimWare Utilities Inc
[2012/09/11 10:19:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
[2012/09/11 10:19:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SlimDrivers
[2012/09/11 10:19:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2012/09/11 10:03:20 | 000,608,128 | ---- | C] (SlimWare Utilities, Inc.) -- C:\Users\Sabina\Desktop\slimdrivers-setup.exe
[2012/09/09 18:15:01 | 002,768,384 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2012/09/09 18:15:01 | 002,768,384 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athrx.sys
[2012/09/09 18:15:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atheros
[2012/09/09 18:14:35 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Roaming\InstallShield
[2012/09/09 12:12:14 | 000,000,000 | ---D | C] -- C:\Users\Sabina\Recent
[2012/09/08 12:24:41 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/09/07 12:10:47 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/09/06 23:11:59 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Local\ATI
[2012/09/06 21:45:10 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Roaming\Malwarebytes
[2012/09/06 21:44:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/06 21:44:48 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/09/06 21:44:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/09/06 21:44:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/06 18:18:18 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Roaming\Flood Light Games
[2012/09/06 18:18:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Flood Light Games
[2012/09/06 18:17:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Agatha Christie Dead Man's Folly
[2012/09/06 11:31:29 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/09/06 11:11:55 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2012/09/06 11:06:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2012/09/05 18:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012/09/05 18:27:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Big Fish Games
[2012/09/05 18:24:42 | 000,000,000 | ---D | C] -- C:\BigFishGamesCache
[2012/09/05 18:12:08 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Roaming\Floodlight Games
[2012/09/05 18:12:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Floodlight Games
[2012/09/05 18:09:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WildGames
[2012/09/05 17:46:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WildTangent Games
[2012/09/05 08:14:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Wild Tangent
[2012/09/04 17:48:11 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Roaming\FloodLightGames
[2012/09/04 17:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\FloodLightGames
[2012/08/28 16:42:08 | 000,000,000 | ---D | C] -- C:\Users\Sabina\Desktop\Alice_In_Chains-Nothing_Safe-1999-h8me
[2012/08/28 10:25:14 | 001,129,120 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symefa64.sys
[2012/08/28 10:25:14 | 000,405,624 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symnets.sys
[2012/08/28 10:25:13 | 000,737,952 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtsp64.sys
[2012/08/28 10:25:13 | 000,451,192 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symds64.sys
[2012/08/28 10:25:13 | 000,190,072 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\ironx64.sys
[2012/08/28 10:25:13 | 000,167,072 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\ccsetx64.sys
[2012/08/28 10:25:13 | 000,037,536 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtspx64.sys
[2012/08/28 10:24:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E
[2012/08/27 23:50:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VisiPics
[2012/08/27 23:50:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VisiPics
[2012/08/27 23:23:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/08/27 23:23:24 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/08/27 23:09:30 | 000,000,000 | ---D | C] -- C:\RecoveryBin
[2012/08/27 23:06:11 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012/08/27 23:05:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Executive Software
[2012/08/27 23:04:01 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Local\FileTypeAssistant
[2012/08/27 22:58:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2012/08/27 22:54:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\File Type Assistant
[2012/08/27 22:52:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Speed Up
[2012/08/27 22:52:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Offers from Freeze.com
[2012/08/27 17:40:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Miranda IM KP v5.0.9.16
[2012/08/27 17:36:39 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Roaming\PhotoFiltre Studio X
[2012/08/27 17:18:06 | 000,000,000 | ---D | C] -- C:\Users\Sabina\Documents\ICQ
[2012/08/27 16:47:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7M
[2012/08/27 16:47:41 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Roaming\ICQ
[2012/08/27 16:47:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7M
[2012/08/27 16:41:26 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Roaming\QIP
[2012/08/27 16:38:22 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Roaming\Miranda
[2012/08/27 16:37:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Miranda IM
[2012/08/27 13:44:55 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Local\Facebook
[2012/08/27 13:25:28 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2012/08/27 12:40:30 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/08/27 12:39:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64
[2012/08/27 12:39:25 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2012/08/27 12:39:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2012/08/27 12:36:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2012/08/27 12:22:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LG Electronics
[2012/08/22 18:40:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2012/08/22 18:40:53 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012/08/18 11:07:14 | 000,000,000 | ---D | C] -- C:\048a3a01ef8ff53a2e1f43e058
[2012/08/13 21:35:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\rajce
[2012/08/13 21:35:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\rajce
[2012/08/13 21:14:18 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Roaming\Jpeg Resampler
[2012/08/13 21:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jpeg Resampler 2010

========== Files - Modified Within 30 Days ==========

[2012/09/12 09:57:11 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1156782259-1607028684-1919980262-1001UA.job
[2012/09/12 09:55:52 | 004,731,322 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012/09/12 09:55:52 | 002,068,140 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/12 09:55:52 | 001,550,514 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012/09/12 09:55:52 | 001,493,922 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/12 09:55:52 | 000,005,194 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/12 09:52:48 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/12 09:52:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/12 09:51:12 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Sabina\Desktop\OTL.exe
[2012/09/12 09:51:12 | 000,259,584 | ---- | M] (OldTimer Tools) -- C:\Users\Sabina\Desktop\OTH.scr
[2012/09/11 22:52:37 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1156782259-1607028684-1919980262-1001Core.job
[2012/09/11 10:28:37 | 002,195,735 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\Cat.DB
[2012/09/11 10:20:40 | 000,000,412 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2012/09/11 10:20:23 | 000,015,712 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2012/09/11 10:19:59 | 000,002,467 | ---- | M] () -- C:\Users\Public\Desktop\SlimDrivers.lnk
[2012/09/11 10:02:19 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/11 10:02:19 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/11 09:54:25 | 2210,578,432 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/11 09:52:00 | 000,608,128 | ---- | M] (SlimWare Utilities, Inc.) -- C:\Users\Sabina\Desktop\slimdrivers-setup.exe
[2012/09/10 19:49:59 | 000,002,603 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - emachines.lnk
[2012/09/08 14:07:22 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\Agatha Christie Dead Man's Folly.lnk
[2012/09/08 12:36:03 | 000,000,512 | ---- | M] () -- C:\Users\Sabina\Desktop\MBR.dat
[2012/09/07 17:52:49 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/09/06 18:08:44 | 042,384,118 | ---- | M] () -- C:\Users\Sabina\Desktop\A.C.exe
[2012/09/06 11:10:40 | 000,006,656 | ---- | M] () -- C:\Windows\SysNative\bcmwlrc.dll
[2012/09/04 12:03:19 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/09/03 11:04:24 | 000,002,429 | ---- | M] () -- C:\Users\Sabina\Desktop\Google Chrome.lnk
[2012/09/02 22:27:03 | 000,057,653 | ---- | M] () -- C:\Users\Sabina\Desktop\223868_342956539107822_1173636429_n.jpg
[2012/08/28 18:58:04 | 000,002,510 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/08/28 10:25:37 | 000,175,736 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/08/28 10:25:37 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/08/28 10:25:37 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/08/27 22:09:41 | 000,198,700 | ---- | M] () -- C:\Users\Sabina\Desktop\DSC09254.jpg
[2012/08/27 17:43:52 | 000,293,792 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/27 16:47:59 | 000,001,826 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7M.lnk
[2012/08/27 13:25:36 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2012/08/27 12:25:32 | 000,001,277 | ---- | M] () -- C:\Users\Sabina\Desktop\Revo Uninstaller.lnk
[2012/08/13 21:35:13 | 000,000,976 | ---- | M] () -- C:\Users\Public\Desktop\rajče průvodce.lnk
[2012/08/13 21:13:54 | 000,001,026 | ---- | M] () -- C:\Users\Sabina\Desktop\Jpeg Resampler 2010.lnk

========== Files Created - No Company Name ==========

[2012/09/11 10:20:38 | 000,000,412 | ---- | C] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2012/09/11 10:20:23 | 000,015,712 | ---- | C] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2012/09/11 10:19:59 | 000,002,467 | ---- | C] () -- C:\Users\Public\Desktop\SlimDrivers.lnk
[2012/09/09 18:15:01 | 000,439,771 | ---- | C] () -- C:\Windows\SysNative\netathrx.inf
[2012/09/09 18:15:01 | 000,067,685 | ---- | C] () -- C:\Windows\SysNative\athrextx.cat
[2012/09/09 15:52:40 | 000,000,966 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1156782259-1607028684-1919980262-1001UA.job
[2012/09/09 15:52:39 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1156782259-1607028684-1919980262-1001Core.job
[2012/09/08 12:36:03 | 000,000,512 | ---- | C] () -- C:\Users\Sabina\Desktop\MBR.dat
[2012/09/06 18:17:57 | 000,001,178 | ---- | C] () -- C:\Users\Public\Desktop\Agatha Christie Dead Man's Folly.lnk
[2012/09/06 18:14:59 | 042,384,118 | ---- | C] () -- C:\Users\Sabina\Desktop\A.C.exe
[2012/09/06 11:11:56 | 000,006,656 | ---- | C] () -- C:\Windows\SysNative\bcmwlrc.dll
[2012/09/05 17:47:19 | 000,002,603 | ---- | C] () -- C:\Users\Public\Desktop\WildTangent Games App - emachines.lnk
[2012/09/02 22:27:16 | 000,057,653 | ---- | C] () -- C:\Users\Sabina\Desktop\223868_342956539107822_1173636429_n.jpg
[2012/08/28 18:55:34 | 002,195,735 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\Cat.DB
[2012/08/28 10:25:14 | 000,007,458 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symnet64.cat
[2012/08/28 10:25:14 | 000,001,441 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symnet.inf
[2012/08/28 10:25:13 | 000,007,496 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symds64.cat
[2012/08/28 10:25:13 | 000,007,450 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\iron.cat
[2012/08/28 10:25:13 | 000,007,446 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\ccsetx64.cat
[2012/08/28 10:25:13 | 000,007,402 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtsp64.cat
[2012/08/28 10:25:13 | 000,003,435 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symefa.inf
[2012/08/28 10:25:13 | 000,002,852 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symds.inf
[2012/08/28 10:25:13 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtsp64.inf
[2012/08/28 10:25:13 | 000,001,419 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtspx64.inf
[2012/08/28 10:25:13 | 000,000,853 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\ccsetx64.inf
[2012/08/28 10:25:13 | 000,000,772 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\iron.inf
[2012/08/28 10:24:10 | 000,008,942 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symvtcer.dat
[2012/08/28 10:24:10 | 000,007,438 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symefa64.cat
[2012/08/28 10:24:10 | 000,007,406 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtspx64.cat
[2012/08/28 10:24:10 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\isolate.ini
[2012/08/27 23:23:27 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/27 23:09:50 | 000,000,020 | ---- | C] () -- C:\Windows\GndGGGg.dat
[2012/08/27 23:09:50 | 000,000,012 | ---- | C] () -- C:\Windows\nGdGGfg.cfg
[2012/08/27 22:09:39 | 000,198,700 | ---- | C] () -- C:\Users\Sabina\Desktop\DSC09254.jpg
[2012/08/27 16:47:59 | 000,001,826 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7M.lnk
[2012/08/27 13:25:34 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2012/08/27 12:40:17 | 000,002,510 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/08/27 12:25:32 | 000,001,277 | ---- | C] () -- C:\Users\Sabina\Desktop\Revo Uninstaller.lnk
[2012/08/13 21:35:02 | 000,000,976 | ---- | C] () -- C:\Users\Public\Desktop\rajče průvodce.lnk
[2012/08/13 21:13:54 | 000,001,026 | ---- | C] () -- C:\Users\Sabina\Desktop\Jpeg Resampler 2010.lnk
[2012/06/20 06:39:08 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat

========== LOP Check ==========

[2012/09/06 18:18:18 | 000,000,000 | ---D | M] -- C:\Users\Sabina\AppData\Roaming\Flood Light Games
[2012/09/05 18:12:08 | 000,000,000 | ---D | M] -- C:\Users\Sabina\AppData\Roaming\Floodlight Games
[2012/09/04 17:48:11 | 000,000,000 | ---D | M] -- C:\Users\Sabina\AppData\Roaming\FloodLightGames
[2012/09/11 09:55:28 | 000,000,000 | ---D | M] -- C:\Users\Sabina\AppData\Roaming\ICQ
[2012/08/25 19:33:08 | 000,000,000 | ---D | M] -- C:\Users\Sabina\AppData\Roaming\Jpeg Resampler
[2012/08/02 18:19:53 | 000,000,000 | ---D | M] -- C:\Users\Sabina\AppData\Roaming\mioObjects
[2012/08/27 16:38:22 | 000,000,000 | ---D | M] -- C:\Users\Sabina\AppData\Roaming\Miranda
[2012/05/12 13:34:58 | 000,000,000 | ---D | M] -- C:\Users\Sabina\AppData\Roaming\OpenOffice.org
[2012/08/27 17:37:51 | 000,000,000 | ---D | M] -- C:\Users\Sabina\AppData\Roaming\PhotoFiltre Studio X
[2012/08/27 18:04:32 | 000,000,000 | ---D | M] -- C:\Users\Sabina\AppData\Roaming\QIP
[2012/09/05 18:04:10 | 000,000,000 | ---D | M] -- C:\Users\Sabina\AppData\Roaming\WildTangent
[2012/07/18 21:31:11 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/09/11 10:20:40 | 000,000,412 | ---- | M] () -- C:\Windows\Tasks\SlimDrivers Startup.job

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2010/07/14 16:53:51 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2008/04/11 10:07:18 | 000,003,820 | ---- | M] () -- C:\eula.1028.txt
[2008/04/11 10:07:18 | 000,015,428 | ---- | M] () -- C:\eula.1031.txt
[2008/04/11 10:07:18 | 000,010,058 | ---- | M] () -- C:\eula.1033.txt
[2008/04/11 10:07:18 | 000,012,246 | ---- | M] () -- C:\eula.1036.txt
[2008/04/11 10:07:18 | 000,013,912 | ---- | M] () -- C:\eula.1040.txt
[2008/04/11 10:07:18 | 000,005,868 | ---- | M] () -- C:\eula.1041.txt
[2008/04/11 10:07:18 | 000,005,970 | ---- | M] () -- C:\eula.1042.txt
[2008/04/11 10:07:18 | 000,010,134 | ---- | M] () -- C:\eula.1049.txt
[2008/04/11 10:07:18 | 000,003,814 | ---- | M] () -- C:\eula.2052.txt
[2008/04/11 10:07:18 | 000,012,936 | ---- | M] () -- C:\eula.3082.txt
[2008/04/11 10:07:18 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2012/09/11 09:54:25 | 2210,578,432 | -HS- | M] () -- C:\hiberfil.sys
[2008/04/11 10:07:18 | 000,000,843 | ---- | M] () -- C:\install.ini
[2008/04/11 08:03:48 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2008/04/11 08:03:48 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2008/04/11 08:03:48 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2008/04/11 08:03:48 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2008/04/11 08:03:48 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2008/04/11 08:03:48 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2008/04/11 08:03:48 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2008/04/11 10:09:24 | 000,093,200 | ---- | M] (Microsoft Corporation) -- C:\install.res.1049.dll
[2008/04/11 08:03:48 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2008/04/11 08:03:48 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2012/09/11 09:54:30 | 2947,440,640 | -HS- | M] () -- C:\pagefile.sys
[2010/08/28 02:34:42 | 000,003,572 | ---- | M] () -- C:\RHDSetup.log
[2012/09/09 12:32:23 | 000,000,093 | ---- | M] () -- C:\TCleaner.txt
[2008/04/11 10:07:18 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2008/04/11 10:09:38 | 003,797,292 | ---- | M] () -- C:\VC_RED.cab
[2008/04/11 10:11:40 | 000,233,472 | ---- | M] () -- C:\VC_RED.MSI
[2010/08/28 02:35:24 | 000,000,182 | ---- | M] () -- C:\Webcam.log

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >

========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:55F44B88

< End of report >

[s.le]

OTL logfile created on: 9/12/2012 9:54:56 AM - Run 1
OTL by OldTimer - Version 3.2.61.3 Folder = C:\Users\Sabina\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2.75 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 61.32% Memory free
5.49 Gb Paging File | 4.12 Gb Available in Paging File | 75.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.66 Gb Total Space | 394.85 Gb Free Space | 87.42% Space Free | Partition Type: NTFS
Drive D: | 4.36 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: JABLICKOVA-PC | User Name: Sabina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/12 09:51:12 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Sabina\Desktop\otl.exe
PRC - [2012/09/12 09:51:12 | 000,259,584 | ---- | M] (OldTimer Tools) -- C:\Users\Sabina\Desktop\OTH.scr
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/06/16 04:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccsvchst.exe
PRC - [2011/08/10 15:09:56 | 000,057,344 | ---- | M] (Atheros) -- C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
PRC - [2010/01/29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - [2010/06/11 23:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/04/21 01:34:40 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/01/29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/08/28 15:28:03 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/06/16 04:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe -- (NIS)
SRV - [2011/08/10 15:09:56 | 000,057,344 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2010/10/12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/07/15 03:31:31 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/06/22 08:34:48 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/11 10:20:23 | 000,015,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2012/08/28 10:25:37 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/07/06 04:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/07/06 04:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/06/07 06:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012/05/22 03:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/04/18 04:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/04/18 03:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/08/05 16:33:48 | 002,768,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/07/25 20:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symds64.sys -- (SymDS)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 12:49:51 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010/07/09 05:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010/06/17 11:18:28 | 000,246,376 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/05/14 23:48:28 | 000,384,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010/04/21 03:15:04 | 006,406,144 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/04/21 00:39:36 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/04/20 04:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2010/01/27 05:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/12/10 13:25:10 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/08/23 11:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/09/11 10:19:42 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120910.032\ex64.sys -- (NAVEX15)
DRV - [2012/09/11 10:19:42 | 000,125,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120910.032\eng64.sys -- (NAVENG)
DRV - [2012/09/01 02:27:23 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120908.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/09/01 00:09:13 | 001,385,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120905.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/08/27 13:30:40 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/08/27 13:30:40 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emachines.com/rdr.aspx? ... 5r4702s46o
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW_csCZ481CZ481
IE - HKCU\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sabina\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sabina\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012/08/28 10:02:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2012/09/11 09:55:47 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Sabina\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Sabina\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sabina\AppData\Local\Google\Chrome\User Data\NPAPIFlash\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Sabina\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Norton Identity Protection = C:\Users\Sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.5.11_0\
CHR - Extension: Gmail = C:\Users\Sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/09/07 17:52:49 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ips\ipsbho.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7C1CCC02-742B-47E1-BA2C-296CD7214858}: DhcpNameServer = 82.100.29.65 212.24.128.8
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/09/12 09:53:35 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\Sabina\Desktop\OTL.exe
[2012/09/12 09:53:35 | 000,259,584 | ---- | C] (OldTimer Tools) -- C:\Users\Sabina\Desktop\OTH.scr
[2012/09/11 10:30:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect
[2012/09/11 10:28:41 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2012/09/11 10:27:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros
[2012/09/11 10:20:16 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Local\SlimWare Utilities Inc
[2012/09/11 10:19:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
[2012/09/11 10:19:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SlimDrivers
[2012/09/11 10:19:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2012/09/11 10:03:20 | 000,608,128 | ---- | C] (SlimWare Utilities, Inc.) -- C:\Users\Sabina\Desktop\slimdrivers-setup.exe
[2012/09/09 18:15:01 | 002,768,384 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2012/09/09 18:15:01 | 002,768,384 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athrx.sys
[2012/09/09 18:15:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atheros
[2012/09/09 18:14:35 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Roaming\InstallShield
[2012/09/09 12:12:14 | 000,000,000 | ---D | C] -- C:\Users\Sabina\Recent
[2012/09/08 12:24:41 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/09/07 12:10:47 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/09/06 23:11:59 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Local\ATI
[2012/09/06 21:45:10 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Roaming\Malwarebytes
[2012/09/06 21:44:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/06 21:44:48 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/09/06 21:44:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/09/06 21:44:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/06 18:18:18 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Roaming\Flood Light Games
[2012/09/06 18:18:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Flood Light Games
[2012/09/06 18:17:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Agatha Christie Dead Man's Folly
[2012/09/06 11:31:29 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/09/06 11:11:55 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2012/09/06 11:06:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2012/09/05 18:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012/09/05 18:27:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Big Fish Games
[2012/09/05 18:24:42 | 000,000,000 | ---D | C] -- C:\BigFishGamesCache
[2012/09/05 18:12:08 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Roaming\Floodlight Games
[2012/09/05 18:12:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Floodlight Games
[2012/09/05 18:09:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WildGames
[2012/09/05 17:46:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WildTangent Games
[2012/09/05 08:14:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Wild Tangent
[2012/09/04 17:48:11 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Roaming\FloodLightGames
[2012/09/04 17:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\FloodLightGames
[2012/08/28 16:42:08 | 000,000,000 | ---D | C] -- C:\Users\Sabina\Desktop\Alice_In_Chains-Nothing_Safe-1999-h8me
[2012/08/28 10:25:14 | 001,129,120 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symefa64.sys
[2012/08/28 10:25:14 | 000,405,624 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symnets.sys
[2012/08/28 10:25:13 | 000,737,952 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtsp64.sys
[2012/08/28 10:25:13 | 000,451,192 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symds64.sys
[2012/08/28 10:25:13 | 000,190,072 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\ironx64.sys
[2012/08/28 10:25:13 | 000,167,072 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\ccsetx64.sys
[2012/08/28 10:25:13 | 000,037,536 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtspx64.sys
[2012/08/28 10:24:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E
[2012/08/27 23:50:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VisiPics
[2012/08/27 23:50:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VisiPics
[2012/08/27 23:23:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/08/27 23:23:24 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/08/27 23:09:30 | 000,000,000 | ---D | C] -- C:\RecoveryBin
[2012/08/27 23:06:11 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012/08/27 23:05:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Executive Software
[2012/08/27 23:04:01 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Local\FileTypeAssistant
[2012/08/27 22:58:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2012/08/27 22:54:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\File Type Assistant
[2012/08/27 22:52:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Speed Up
[2012/08/27 22:52:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Offers from Freeze.com
[2012/08/27 17:40:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Miranda IM KP v5.0.9.16
[2012/08/27 17:36:39 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Roaming\PhotoFiltre Studio X
[2012/08/27 17:18:06 | 000,000,000 | ---D | C] -- C:\Users\Sabina\Documents\ICQ
[2012/08/27 16:47:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7M
[2012/08/27 16:47:41 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Roaming\ICQ
[2012/08/27 16:47:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7M
[2012/08/27 16:41:26 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Roaming\QIP
[2012/08/27 16:38:22 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Roaming\Miranda
[2012/08/27 16:37:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Miranda IM
[2012/08/27 13:44:55 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Local\Facebook
[2012/08/27 13:25:28 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2012/08/27 12:40:30 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/08/27 12:39:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64
[2012/08/27 12:39:25 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2012/08/27 12:39:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2012/08/27 12:36:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2012/08/27 12:22:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LG Electronics
[2012/08/22 18:40:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2012/08/22 18:40:53 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012/08/18 11:07:14 | 000,000,000 | ---D | C] -- C:\048a3a01ef8ff53a2e1f43e058
[2012/08/13 21:35:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\rajce
[2012/08/13 21:35:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\rajce
[2012/08/13 21:14:18 | 000,000,000 | ---D | C] -- C:\Users\Sabina\AppData\Roaming\Jpeg Resampler
[2012/08/13 21:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jpeg Resampler 2010

========== Files - Modified Within 30 Days ==========

[2012/09/12 09:57:11 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1156782259-1607028684-1919980262-1001UA.job
[2012/09/12 09:55:52 | 004,731,322 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012/09/12 09:55:52 | 002,068,140 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/12 09:55:52 | 001,550,514 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012/09/12 09:55:52 | 001,493,922 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/12 09:55:52 | 000,005,194 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/12 09:52:48 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/12 09:52:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/12 09:51:12 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Sabina\Desktop\OTL.exe
[2012/09/12 09:51:12 | 000,259,584 | ---- | M] (OldTimer Tools) -- C:\Users\Sabina\Desktop\OTH.scr
[2012/09/11 22:52:37 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1156782259-1607028684-1919980262-1001Core.job
[2012/09/11 10:28:37 | 002,195,735 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\Cat.DB
[2012/09/11 10:20:40 | 000,000,412 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2012/09/11 10:20:23 | 000,015,712 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2012/09/11 10:19:59 | 000,002,467 | ---- | M] () -- C:\Users\Public\Desktop\SlimDrivers.lnk
[2012/09/11 10:02:19 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/11 10:02:19 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/11 09:54:25 | 2210,578,432 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/11 09:52:00 | 000,608,128 | ---- | M] (SlimWare Utilities, Inc.) -- C:\Users\Sabina\Desktop\slimdrivers-setup.exe
[2012/09/10 19:49:59 | 000,002,603 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - emachines.lnk
[2012/09/08 14:07:22 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\Agatha Christie Dead Man's Folly.lnk
[2012/09/08 12:36:03 | 000,000,512 | ---- | M] () -- C:\Users\Sabina\Desktop\MBR.dat
[2012/09/07 17:52:49 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/09/06 18:08:44 | 042,384,118 | ---- | M] () -- C:\Users\Sabina\Desktop\A.C.exe
[2012/09/06 11:10:40 | 000,006,656 | ---- | M] () -- C:\Windows\SysNative\bcmwlrc.dll
[2012/09/04 12:03:19 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/09/03 11:04:24 | 000,002,429 | ---- | M] () -- C:\Users\Sabina\Desktop\Google Chrome.lnk
[2012/09/02 22:27:03 | 000,057,653 | ---- | M] () -- C:\Users\Sabina\Desktop\223868_342956539107822_1173636429_n.jpg
[2012/08/28 18:58:04 | 000,002,510 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/08/28 10:25:37 | 000,175,736 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/08/28 10:25:37 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/08/28 10:25:37 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/08/27 22:09:41 | 000,198,700 | ---- | M] () -- C:\Users\Sabina\Desktop\DSC09254.jpg
[2012/08/27 17:43:52 | 000,293,792 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/27 16:47:59 | 000,001,826 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7M.lnk
[2012/08/27 13:25:36 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2012/08/27 12:25:32 | 000,001,277 | ---- | M] () -- C:\Users\Sabina\Desktop\Revo Uninstaller.lnk
[2012/08/13 21:35:13 | 000,000,976 | ---- | M] () -- C:\Users\Public\Desktop\rajče průvodce.lnk
[2012/08/13 21:13:54 | 000,001,026 | ---- | M] () -- C:\Users\Sabina\Desktop\Jpeg Resampler 2010.lnk

========== Files Created - No Company Name ==========

[2012/09/11 10:20:38 | 000,000,412 | ---- | C] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2012/09/11 10:20:23 | 000,015,712 | ---- | C] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2012/09/11 10:19:59 | 000,002,467 | ---- | C] () -- C:\Users\Public\Desktop\SlimDrivers.lnk
[2012/09/09 18:15:01 | 000,439,771 | ---- | C] () -- C:\Windows\SysNative\netathrx.inf
[2012/09/09 18:15:01 | 000,067,685 | ---- | C] () -- C:\Windows\SysNative\athrextx.cat
[2012/09/09 15:52:40 | 000,000,966 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1156782259-1607028684-1919980262-1001UA.job
[2012/09/09 15:52:39 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1156782259-1607028684-1919980262-1001Core.job
[2012/09/08 12:36:03 | 000,000,512 | ---- | C] () -- C:\Users\Sabina\Desktop\MBR.dat
[2012/09/06 18:17:57 | 000,001,178 | ---- | C] () -- C:\Users\Public\Desktop\Agatha Christie Dead Man's Folly.lnk
[2012/09/06 18:14:59 | 042,384,118 | ---- | C] () -- C:\Users\Sabina\Desktop\A.C.exe
[2012/09/06 11:11:56 | 000,006,656 | ---- | C] () -- C:\Windows\SysNative\bcmwlrc.dll
[2012/09/05 17:47:19 | 000,002,603 | ---- | C] () -- C:\Users\Public\Desktop\WildTangent Games App - emachines.lnk
[2012/09/02 22:27:16 | 000,057,653 | ---- | C] () -- C:\Users\Sabina\Desktop\223868_342956539107822_1173636429_n.jpg
[2012/08/28 18:55:34 | 002,195,735 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\Cat.DB
[2012/08/28 10:25:14 | 000,007,458 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symnet64.cat
[2012/08/28 10:25:14 | 000,001,441 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symnet.inf
[2012/08/28 10:25:13 | 000,007,496 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symds64.cat
[2012/08/28 10:25:13 | 000,007,450 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\iron.cat
[2012/08/28 10:25:13 | 000,007,446 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\ccsetx64.cat
[2012/08/28 10:25:13 | 000,007,402 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtsp64.cat
[2012/08/28 10:25:13 | 000,003,435 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symefa.inf
[2012/08/28 10:25:13 | 000,002,852 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symds.inf
[2012/08/28 10:25:13 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtsp64.inf
[2012/08/28 10:25:13 | 000,001,419 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtspx64.inf
[2012/08/28 10:25:13 | 000,000,853 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\ccsetx64.inf
[2012/08/28 10:25:13 | 000,000,772 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\iron.inf
[2012/08/28 10:24:10 | 000,008,942 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symvtcer.dat
[2012/08/28 10:24:10 | 000,007,438 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symefa64.cat
[2012/08/28 10:24:10 | 000,007,406 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtspx64.cat
[2012/08/28 10:24:10 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\isolate.ini
[2012/08/27 23:23:27 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/27 23:09:50 | 000,000,020 | ---- | C] () -- C:\Windows\GndGGGg.dat
[2012/08/27 23:09:50 | 000,000,012 | ---- | C] () -- C:\Windows\nGdGGfg.cfg
[2012/08/27 22:09:39 | 000,198,700 | ---- | C] () -- C:\Users\Sabina\Desktop\DSC09254.jpg
[2012/08/27 16:47:59 | 000,001,826 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7M.lnk
[2012/08/27 13:25:34 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2012/08/27 12:40:17 | 000,002,510 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/08/27 12:25:32 | 000,001,277 | ---- | C] () -- C:\Users\Sabina\Desktop\Revo Uninstaller.lnk
[2012/08/13 21:35:02 | 000,000,976 | ---- | C] () -- C:\Users\Public\Desktop\rajče průvodce.lnk
[2012/08/13 21:13:54 | 000,001,026 | ---- | C] () -- C:\Users\Sabina\Desktop\Jpeg Resampler 2010.lnk
[2012/06/20 06:39:08 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat

========== LOP Check ==========

[2012/09/06 18:18:18 | 000,000,000 | ---D | M] -- C:\Users\Sabina\AppData\Roaming\Flood Light Games
[2012/09/05 18:12:08 | 000,000,000 | ---D | M] -- C:\Users\Sabina\AppData\Roaming\Floodlight Games
[2012/09/04 17:48:11 | 000,000,000 | ---D | M] -- C:\Users\Sabina\AppData\Roaming\FloodLightGames
[2012/09/11 09:55:28 | 000,000,000 | ---D | M] -- C:\Users\Sabina\AppData\Roaming\ICQ
[2012/08/25 19:33:08 | 000,000,000 | ---D | M] -- C:\Users\Sabina\AppData\Roaming\Jpeg Resampler
[2012/08/02 18:19:53 | 000,000,000 | ---D | M] -- C:\Users\Sabina\AppData\Roaming\mioObjects
[2012/08/27 16:38:22 | 000,000,000 | ---D | M] -- C:\Users\Sabina\AppData\Roaming\Miranda
[2012/05/12 13:34:58 | 000,000,000 | ---D | M] -- C:\Users\Sabina\AppData\Roaming\OpenOffice.org
[2012/08/27 17:37:51 | 000,000,000 | ---D | M] -- C:\Users\Sabina\AppData\Roaming\PhotoFiltre Studio X
[2012/08/27 18:04:32 | 000,000,000 | ---D | M] -- C:\Users\Sabina\AppData\Roaming\QIP
[2012/09/05 18:04:10 | 000,000,000 | ---D | M] -- C:\Users\Sabina\AppData\Roaming\WildTangent
[2012/07/18 21:31:11 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/09/11 10:20:40 | 000,000,412 | ---- | M] () -- C:\Windows\Tasks\SlimDrivers Startup.job

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2010/07/14 16:53:51 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2008/04/11 10:07:18 | 000,003,820 | ---- | M] () -- C:\eula.1028.txt
[2008/04/11 10:07:18 | 000,015,428 | ---- | M] () -- C:\eula.1031.txt
[2008/04/11 10:07:18 | 000,010,058 | ---- | M] () -- C:\eula.1033.txt
[2008/04/11 10:07:18 | 000,012,246 | ---- | M] () -- C:\eula.1036.txt
[2008/04/11 10:07:18 | 000,013,912 | ---- | M] () -- C:\eula.1040.txt
[2008/04/11 10:07:18 | 000,005,868 | ---- | M] () -- C:\eula.1041.txt
[2008/04/11 10:07:18 | 000,005,970 | ---- | M] () -- C:\eula.1042.txt
[2008/04/11 10:07:18 | 000,010,134 | ---- | M] () -- C:\eula.1049.txt
[2008/04/11 10:07:18 | 000,003,814 | ---- | M] () -- C:\eula.2052.txt
[2008/04/11 10:07:18 | 000,012,936 | ---- | M] () -- C:\eula.3082.txt
[2008/04/11 10:07:18 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2012/09/11 09:54:25 | 2210,578,432 | -HS- | M] () -- C:\hiberfil.sys
[2008/04/11 10:07:18 | 000,000,843 | ---- | M] () -- C:\install.ini
[2008/04/11 08:03:48 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2008/04/11 08:03:48 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2008/04/11 08:03:48 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2008/04/11 08:03:48 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2008/04/11 08:03:48 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2008/04/11 08:03:48 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2008/04/11 08:03:48 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2008/04/11 10:09:24 | 000,093,200 | ---- | M] (Microsoft Corporation) -- C:\install.res.1049.dll
[2008/04/11 08:03:48 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2008/04/11 08:03:48 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2012/09/11 09:54:30 | 2947,440,640 | -HS- | M] () -- C:\pagefile.sys
[2010/08/28 02:34:42 | 000,003,572 | ---- | M] () -- C:\RHDSetup.log
[2012/09/09 12:32:23 | 000,000,093 | ---- | M] () -- C:\TCleaner.txt
[2008/04/11 10:07:18 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2008/04/11 10:09:38 | 003,797,292 | ---- | M] () -- C:\VC_RED.cab
[2008/04/11 10:11:40 | 000,233,472 | ---- | M] () -- C:\VC_RED.MSI
[2010/08/28 02:35:24 | 000,000,182 | ---- | M] () -- C:\Webcam.log

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >

========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:55F44B88

< End of report >

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW_csCZ481CZ481
IE - HKCU\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll File not found
O1 HOSTS File: ([2012/09/07 17:52:49 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
[2012/09/12 09:55:52 | 004,731,322 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012/09/12 09:55:52 | 002,068,140 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/12 09:55:52 | 001,550,514 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012/09/12 09:55:52 | 001,493,922 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:55F44B88

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Windows\GndGGGg.dat
C:\Windows\nGdGGfg.cfg
C:\Windows\popcinfo.dat
ipconfig /flushdns /c

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
""=""%1" %*"

:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

[s.le]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
127.0.0.1 localhost removed from HOSTS file successfully
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
C:\Windows\SysNative\perfh005.dat moved successfully.
C:\Windows\SysNative\perfh009.dat moved successfully.
C:\Windows\SysNative\perfc005.dat moved successfully.
C:\Windows\SysNative\perfc009.dat moved successfully.
ADS C:\ProgramData\TEMP:55F44B88 deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1156782259-1607028684-1919980262-1001Core.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1156782259-1607028684-1919980262-1001UA.job moved successfully.
c:\windows\Tasks\SlimDrivers Startup.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Windows\SysNative\drivers\*.tmp not found.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
File\Folder C:\Windows\SysNative\*.tmp not found.
C:\Windows\GndGGGg.dat moved successfully.
C:\Windows\nGdGGfg.cfg moved successfully.
C:\Windows\popcinfo.dat moved successfully.
< ipconfig /flushdns /c >
Konfigurace protokolu IP syst‚mu Windows
MezipamŘś pýekl d nˇ DNS byla ŁspŘçnŘ vypr zdnŘna.
C:\Users\Sabina\Desktop\cmd.bat deleted successfully.
C:\Users\Sabina\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*"64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully!
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: jablickova
->Temp folder emptied: 1055 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Google Chrome cache emptied: 117279325 bytes
->Flash cache emptied: 1231 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Sabina
->Temp folder emptied: 145131 bytes
->Temporary Internet Files folder emptied: 1374913 bytes
->Google Chrome cache emptied: 383406404 bytes
->Flash cache emptied: 752 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1041857 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46358617 bytes
RecycleBin emptied: 6849006 bytes

Total Files Cleaned = 531.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: jablickova
->Flash cache emptied: 0 bytes

User: Public

User: Sabina
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.61.3 log created on 09122012_193316

Files\Folders moved on Reboot...
C:\Users\Sabina\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[jaro3]

Jak o vypadá nyní?