Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Nejde mi zapnout antivír AVIRA

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Uživatelský avatar
rakato11
Návštěvník
Návštěvník
Příspěvky: 286
Registrován: 02 pro 2009 15:18
Kontaktovat uživatele:
Kontaktovat uživatele rakato11

Re: Nejde mi zapnout antivír AVIRA

#31 Příspěvek od rakato11 »

Dobrý den.
Tak jsem zkoušel odinstalovat ten ComboFix,je tam pouze okénko "Prohledat soubory a programy".Do toho jsem vkládal i před tím,ale nekliknul jsem na "Enter".Nyní po kliknutí na "Enter" se mi akorát zobrazilo to,co se zobrazí při dvojkliku na ikonu na ploše,čili spuštění programu.Tak jsem to nechal tak a "T-Cleaner" program odinstaloval,přesně jako jste psala :thumbsups: .
Dále,tyto složky : 2010-12-11 17:08 . 2010-12-11 18:17 -------- d-sh--w- c:\programdata\IAHBV
2010-12-11 17:07 . 2010-12-11 18:17 -------- d-sh--w- c:\programdata\384e50 jsem pomocí návodu nenašel.Zkoušel jsem to různě,ale nepodařilo se najít :?: .
Potom už vše probíhalo podle Vaších skvělých rad a šlo to jako po másle :D .Takže zde dávám logy OTL.Txt a Extras.txt :

OTL logfile created on: 17.12.2010 8:47:29 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Otakar Vavrečka\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 154,29 Gb Total Space | 121,36 Gb Free Space | 78,66% Space Free | Partition Type: NTFS
Drive D: | 126,51 Gb Total Space | 65,29 Gb Free Space | 51,61% Space Free | Partition Type: NTFS
Drive E: | 1,99 Gb Total Space | 1,92 Gb Free Space | 96,36% Space Free | Partition Type: FAT32

Computer Name: OTAKAR-PC | User Name: Otakar Vavrečka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010.12.17 08:45:11 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Otakar Vavrečka\Desktop\OTL.exe
PRC - [2010.12.11 09:34:18 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.12.09 07:49:09 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.11.06 19:44:03 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010.11.06 19:44:02 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.10.19 20:14:19 | 000,328,056 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2010.09.27 09:42:48 | 000,239,928 | ---- | M] (Systweak Inc., (www.systweak.com)) -- C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe
PRC - [2010.08.04 02:51:36 | 000,380,928 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010.08.04 02:51:10 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010.06.02 15:58:20 | 000,246,520 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.05.14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010.05.04 11:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2010.01.14 20:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010.01.04 19:13:28 | 023,941,120 | ---- | M] () -- C:\Program Files\CounterPath\X-Lite\x-lite.exe
PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.08.25 18:57:52 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009.08.25 18:57:44 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.07.30 15:49:34 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2009.07.30 15:49:34 | 000,582,944 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009.07.30 12:28:18 | 000,354,360 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
PRC - [2009.07.29 14:28:44 | 000,256,544 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2009.07.29 11:43:50 | 001,201,400 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe
PRC - [2009.07.27 23:32:56 | 000,076,344 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
PRC - [2009.07.27 16:52:16 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2009.07.23 10:12:00 | 000,078,608 | ---- | M] (Bioscrypt Inc.) -- C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe
PRC - [2009.07.14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009.06.18 17:07:06 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe
PRC - [2009.06.03 15:16:42 | 000,207,400 | ---- | M] (ActivIdentity) -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
PRC - [2009.06.03 15:16:34 | 000,153,640 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\acevents.exe
PRC - [2009.06.03 15:13:28 | 000,400,936 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
PRC - [2009.05.20 22:28:12 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009.05.20 22:28:12 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009.05.18 22:28:04 | 001,314,816 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2008.07.15 22:09:52 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2004.11.25 23:39:14 | 000,151,552 | ---- | M] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) -- C:\Windows\System32\MSTMON_N.EXE


========== Modules (SafeList) ==========

MOD - [2010.12.17 08:45:11 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Otakar Vavrečka\Desktop\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009.07.14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009.07.14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009.07.14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009.07.14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009.07.14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.12.09 07:49:09 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.11.06 19:44:03 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.09.27 09:42:48 | 000,239,928 | ---- | M] (Systweak Inc., (www.systweak.com)) [Auto | Running] -- C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe -- (ASO3DiskOptimizer)
SRV - [2010.08.04 02:51:10 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010.06.02 15:58:20 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.05.22 13:08:42 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.05.14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010.05.04 11:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.09.28 08:22:00 | 000,364,544 | ---- | M] (Marvell) [Auto | Running] -- C:\Windows\System32\yk62x86.dll -- (yksvc)
SRV - [2009.08.25 18:57:52 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2009.07.30 15:49:34 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009.07.30 12:24:02 | 000,045,056 | ---- | M] (Hewlett-Packard Development Company, L.P) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2009.07.29 14:28:44 | 000,256,544 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2009.07.29 11:43:50 | 001,201,400 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2009.07.27 16:52:16 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2009.07.23 10:05:32 | 000,192,784 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2009.07.23 10:05:26 | 000,150,288 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll -- (ASChannel)
SRV - [2009.07.14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009.07.14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009.06.18 17:07:06 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009.06.13 19:13:20 | 001,120,752 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2009.06.03 15:16:42 | 000,207,400 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe -- (ac.sharedstore)
SRV - [2008.07.15 22:09:52 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\OTAKAR~1\AppData\Local\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\OTAKAR~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2010.12.13 09:17:51 | 000,420,920 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.12.09 07:49:11 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.11.23 18:34:32 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.08.04 03:21:42 | 006,096,384 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010.08.04 03:21:42 | 006,096,384 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010.08.04 02:15:28 | 000,214,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.06.15 15:53:28 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2010.06.15 15:53:12 | 000,033,848 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2010.06.04 01:18:58 | 001,303,728 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2010.05.11 11:00:34 | 000,020,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz133_x32.sys -- (cpuz133)
DRV - [2010.04.12 08:34:01 | 002,506,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2009.12.11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.09.28 08:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009.08.07 14:17:26 | 000,330,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2009.07.29 14:30:28 | 000,051,408 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\SbAlg.sys -- (SbAlg)
DRV - [2009.07.29 14:30:20 | 000,012,960 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2009.07.29 14:30:18 | 000,012,528 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\windows\System32\drivers\rsvlock.sys -- (RsvLock)
DRV - [2009.07.29 14:30:16 | 000,109,216 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2009.07.27 16:52:14 | 001,161,664 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009.07.24 11:48:00 | 000,103,440 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.07.14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009.07.14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 00:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009.07.14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\windows\system32\DRIVERS\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 00:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009.07.14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009.07.13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009.07.13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009.07.13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009.07.13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2009.07.13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009.07.01 21:46:14 | 000,086,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2009.07.01 21:46:12 | 000,108,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2009.07.01 21:46:04 | 000,018,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2009.06.30 13:01:14 | 000,118,656 | ---- | M] (Ricoh co.,Ltd.) [2 MP series] [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\5U876.sys -- (5U876UVC)
DRV - [2009.06.10 22:19:30 | 004,756,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2009.05.18 22:32:58 | 000,381,440 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2009.05.16 02:15:14 | 000,214,024 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009.05.16 02:15:14 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeavfk.sys -- (MfeAVFK)
DRV - [2009.05.16 02:15:14 | 000,055,336 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2009.05.16 02:15:14 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (MfeBOPK)
DRV - [2009.05.16 02:15:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (MfeRKDK)
DRV - [2009.05.11 08:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.04.29 16:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\windows\system32\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2009.04.08 00:32:50 | 000,029,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2003.07.19 03:55:06 | 000,018,848 | ---- | M] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [Kernel | Auto | Stopped] -- C:\Windows\System32\MLPTDR_N.SYS -- (MLPTDR_N)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyA0.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2338030867-1793448873-1332901503-1001\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
IE - HKU\S-1-5-21-2338030867-1793448873-1332901503-1001\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2338030867-1793448873-1332901503-1001\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-2338030867-1793448873-1332901503-1001\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyA0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2338030867-1793448873-1332901503-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2338030867-1793448873-1332901503-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25397

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.sk/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..network.proxy.type: 2

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.11 19:17:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.11 19:17:58 | 000,000,000 | ---D | M]

[2010.04.13 21:45:10 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\mozilla\Extensions
[2010.04.13 21:45:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Otakar Vavrečka\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.12.17 07:54:10 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\mozilla\Firefox\Profiles\dnr21fna.default\extensions
[2010.11.15 14:42:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Otakar Vavrečka\AppData\Roaming\mozilla\Firefox\Profiles\dnr21fna.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.08.22 16:23:28 | 000,000,000 | ---D | M] (MyAshampoo Toolbar) -- C:\Users\Otakar Vavrečka\AppData\Roaming\mozilla\Firefox\Profiles\dnr21fna.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
[2010.12.13 08:34:50 | 000,002,397 | ---- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\FireFox\Profiles\dnr21fna.default\searchplugins\askcom.xml
[2010.08.28 19:20:51 | 000,001,819 | ---- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\FireFox\Profiles\dnr21fna.default\searchplugins\bing.xml
[2010.01.20 11:19:10 | 000,000,923 | ---- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\FireFox\Profiles\dnr21fna.default\searchplugins\conduit.xml
[2010.12.15 21:54:26 | 000,000,950 | ---- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\FireFox\Profiles\dnr21fna.default\searchplugins\icqplugin-1.xml
[2010.11.16 08:27:14 | 000,000,950 | ---- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\FireFox\Profiles\dnr21fna.default\searchplugins\icqplugin-10.xml
[2010.12.11 19:43:53 | 000,000,950 | ---- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\FireFox\Profiles\dnr21fna.default\searchplugins\icqplugin-11.xml
[2010.06.28 07:05:07 | 000,000,950 | ---- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\FireFox\Profiles\dnr21fna.default\searchplugins\icqplugin-2.xml
[2010.07.23 13:38:20 | 000,000,950 | ---- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\FireFox\Profiles\dnr21fna.default\searchplugins\icqplugin-3.xml
[2010.07.23 17:27:49 | 000,000,950 | ---- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\FireFox\Profiles\dnr21fna.default\searchplugins\icqplugin-4.xml
[2010.09.09 06:07:22 | 000,000,950 | ---- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\FireFox\Profiles\dnr21fna.default\searchplugins\icqplugin-5.xml
[2010.09.17 05:28:31 | 000,000,950 | ---- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\FireFox\Profiles\dnr21fna.default\searchplugins\icqplugin-6.xml
[2010.09.28 19:57:35 | 000,000,950 | ---- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\FireFox\Profiles\dnr21fna.default\searchplugins\icqplugin-7.xml
[2010.10.22 12:56:04 | 000,000,950 | ---- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\FireFox\Profiles\dnr21fna.default\searchplugins\icqplugin-8.xml
[2010.10.29 19:45:56 | 000,000,950 | ---- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\FireFox\Profiles\dnr21fna.default\searchplugins\icqplugin-9.xml
[2010.05.12 17:40:06 | 000,001,042 | ---- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\FireFox\Profiles\dnr21fna.default\searchplugins\icqplugin.xml
[2010.10.25 19:56:37 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.04.20 20:34:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.10.03 11:35:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.25 19:56:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.09.15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.07.25 13:34:14 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.07.25 13:34:15 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.07.25 13:34:15 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.07.25 13:34:15 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.07.25 13:34:15 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.12.15 08:47:48 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyA0.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyA0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2338030867-1793448873-1332901503-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2338030867-1793448873-1332901503-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-2338030867-1793448873-1332901503-1001\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Program Files\MyAshampoo\tbMyA0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [acevents] C:\Program Files\ActivIdentity\ActivClient\acevents.exe (ActivIdentity)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CognizanceTS] C:\Program Files\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Bioscrypt Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KONICA MINOLTA PagePro 1300WStatusDisplay] C:\Windows\System32\MSTMON_N.EXE (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-2338030867-1793448873-1332901503-1001..\Run: [eyeBeam SIP Client] C:\Program Files\CounterPath\X-Lite\x-lite.exe ()
O4 - HKU\S-1-5-21-2338030867-1793448873-1332901503-1001..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-2338030867-1793448873-1332901503-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_setup_9.0.0.722_15.12.2010_12-23(AVPTool).exe.lnk = C:\Users\Otakar Vavrečka\AppData\Local\temp\_uninst_setup_9.0.0.722_15.12.2010_12-23(AVPTool).exe.bat File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2338030867-1793448873-1332901503-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2338030867-1793448873-1332901503-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\HEWLET~1\IAM\Bin\APSHook.dll) - C:\Program Files\Hewlett-Packard\IAM\Bin\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O30 - LSA: Security Packages - (pku2u) - C:\windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

Drivers32: msacm.ac3acm - C:\windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\windows\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\windows\System32\yv12vfw.dll (www.helixcommunity.org)


========== Files/Folders - Created Within 30 Days ==========

[2010.12.17 08:45:08 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Otakar Vavrečka\Desktop\OTL.exe
[2010.12.17 08:34:02 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.12.16 15:09:16 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.12.16 15:01:30 | 000,212,480 | ---- | C] (SteelWerX) -- C:\windows\SWXCACLS.exe
[2010.12.16 08:37:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll
[2010.12.16 08:37:43 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll
[2010.12.16 08:37:41 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2010.12.16 08:37:41 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2010.12.16 08:37:41 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec
[2010.12.16 08:37:41 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2010.12.16 08:37:41 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
[2010.12.16 08:37:41 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2010.12.16 08:37:41 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
[2010.12.16 08:37:41 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2010.12.16 08:37:41 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll
[2010.12.16 08:37:41 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe
[2010.12.16 08:37:39 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskschd.dll
[2010.12.16 08:37:39 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmicmiplugin.dll
[2010.12.16 08:37:39 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskcomp.dll
[2010.12.16 08:37:39 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\schtasks.exe
[2010.12.16 08:37:37 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\webio.dll
[2010.12.16 08:37:37 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll
[2010.12.16 08:37:37 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\consent.exe
[2010.12.16 08:37:37 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll
[2010.12.16 08:37:36 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2010.12.15 11:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.12.15 11:32:50 | 000,000,000 | ---D | C] -- C:\Users\Otakar Vavrečka\Desktop\Virus Removal Tool
[2010.12.15 08:46:13 | 000,000,000 | ---D | C] -- C:\windows\temp
[2010.12.15 08:46:13 | 000,000,000 | ---D | C] -- C:\Users\Otakar Vavrečka\AppData\Local\temp
[2010.12.14 20:49:16 | 001,344,600 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Otakar Vavrečka\Desktop\tdsskiller.exe
[2010.12.13 21:17:25 | 000,000,000 | ---D | C] -- C:\Users\Otakar Vavrečka\AppData\Roaming\vlc
[2010.12.13 21:16:54 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010.12.13 09:17:51 | 000,420,920 | ---- | C] (Duplex Secure Ltd.) -- C:\windows\System32\drivers\sptd.sys
[2010.12.13 09:14:47 | 000,590,392 | ---- | C] (Duplex Secure Ltd.) -- C:\Users\Otakar Vavrečka\Desktop\SPTDinst-v175-x86.exe
[2010.12.12 08:41:52 | 000,000,000 | ---D | C] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Malwarebytes
[2010.12.12 08:41:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2010.12.12 08:41:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.12.12 08:41:34 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2010.12.12 08:41:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.12.12 08:39:02 | 007,622,112 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Otakar Vavrečka\Desktop\mbam-setup-1.50.0.0.exe
[2010.12.11 18:08:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\IAHBV
[2010.12.11 18:07:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\384e50

========== Files - Modified Within 30 Days ==========

[2010.12.17 08:45:11 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Otakar Vavrečka\Desktop\OTL.exe
[2010.12.17 08:34:03 | 000,000,969 | ---- | M] () -- C:\Users\Otakar Vavrečka\Desktop\CCleaner.lnk
[2010.12.17 08:21:47 | 000,210,944 | ---- | M] () -- C:\Users\Otakar Vavrečka\Desktop\T-Cleaner.exe
[2010.12.17 08:07:25 | 000,019,760 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.17 08:07:25 | 000,019,760 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.17 08:00:32 | 000,001,014 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.17 08:00:10 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2010.12.17 08:00:02 | 2411,409,408 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.16 21:00:00 | 000,001,018 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.16 14:29:07 | 000,471,480 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2010.12.16 08:34:25 | 000,002,452 | ---- | M] () -- C:\Users\Otakar Vavrečka\Desktop\Google Chrome.lnk
[2010.12.15 22:44:02 | 000,001,318 | ---- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_setup_9.0.0.722_15.12.2010_12-23(AVPTool).exe.lnk
[2010.12.15 10:56:44 | 000,034,841 | ---- | M] () -- C:\Users\Otakar Vavrečka\Documents\Instalace,scan a odinstalování AVPTool.odt
[2010.12.15 10:40:57 | 000,014,663 | ---- | M] () -- C:\Users\Otakar Vavrečka\Documents\Odinstalování AVPTool.odt
[2010.12.15 08:47:48 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2010.12.14 20:49:19 | 001,344,600 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Otakar Vavrečka\Desktop\tdsskiller.exe
[2010.12.14 10:51:45 | 039,943,523 | ---- | M] () -- C:\Users\Otakar Vavrečka\Documents\Bez názvu (21).wma
[2010.12.14 09:53:51 | 024,722,423 | ---- | M] () -- C:\Users\Otakar Vavrečka\Documents\Bez názvu (20).wma
Blbý můžeš být,ale musíš si umět poradit...
Nahoru
Uživatelský avatar
rakato11
Návštěvník
Návštěvník
Příspěvky: 286
Registrován: 02 pro 2009 15:18
Kontaktovat uživatele:
Kontaktovat uživatele rakato11

Re: Nejde mi zapnout antivír AVIRA

#32 Příspěvek od rakato11 »

[2010.12.13 21:17:14 | 000,001,028 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.12.13 21:15:55 | 019,985,265 | ---- | M] () -- C:\Users\Otakar Vavrečka\Desktop\vlc-1.1.5-win32.exe
[2010.12.13 14:55:56 | 000,616,008 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2010.12.13 14:55:56 | 000,106,388 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2010.12.13 10:21:19 | 000,007,776 | ---- | M] () -- C:\Users\Otakar Vavrečka\Documents\Čísla.odt
[2010.12.13 09:24:56 | 000,000,020 | ---- | M] () -- C:\Users\Otakar Vavrečka\defogger_reenable
[2010.12.13 09:23:50 | 000,050,477 | ---- | M] () -- C:\Users\Otakar Vavrečka\Desktop\Defogger.exe
[2010.12.13 09:17:51 | 000,420,920 | ---- | M] (Duplex Secure Ltd.) -- C:\windows\System32\drivers\sptd.sys
[2010.12.13 09:14:48 | 000,590,392 | ---- | M] (Duplex Secure Ltd.) -- C:\Users\Otakar Vavrečka\Desktop\SPTDinst-v175-x86.exe
[2010.12.12 13:04:48 | 000,035,808 | ---- | M] () -- C:\Users\Otakar Vavrečka\Documents\Motto.odt
[2010.12.12 08:41:38 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.12 08:39:12 | 007,622,112 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Otakar Vavrečka\Desktop\mbam-setup-1.50.0.0.exe
[2010.12.11 18:15:18 | 000,027,631 | ---- | M] () -- C:\Users\Otakar Vavrečka\Documents\Moučníky s jablky.odt
[2010.12.09 08:41:00 | 000,012,390 | ---- | M] () -- C:\Users\Otakar Vavrečka\Documents\Ořechové řezy.odt
[2010.12.09 07:49:11 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\windows\System32\drivers\avipbb.sys
[2010.12.08 21:39:46 | 000,051,638 | ---- | M] () -- C:\Users\Otakar Vavrečka\Documents\Ochrana před vlhkostí.odt
[2010.12.06 19:15:01 | 000,007,168 | ---- | M] () -- C:\Users\Otakar Vavrečka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.03 18:29:16 | 019,945,063 | ---- | M] () -- C:\Users\Otakar Vavrečka\Documents\Bez názvu (20)-S Monikou.wma
[2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2010.11.29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2010.11.29 13:49:14 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.11.28 20:02:23 | 000,013,849 | ---- | M] () -- C:\Users\Otakar Vavrečka\Documents\Lidé po povodních.odt
[2010.11.28 06:40:08 | 000,385,818 | ---- | M] () -- C:\Users\Otakar Vavrečka\Desktop\tdss_remover_latest.rar
[2010.11.27 16:31:41 | 000,013,639 | ---- | M] () -- C:\Users\Otakar Vavrečka\Documents\dopis.pdf
[2010.11.23 18:34:32 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\windows\System32\drivers\avgntflt.sys
[2010.11.21 15:24:22 | 017,637,203 | ---- | M] () -- C:\Users\Otakar Vavrečka\Documents\Bez názvu (20)-Já a Kristián.wma
[2010.11.21 14:32:22 | 018,324,173 | ---- | M] () -- C:\Users\Otakar Vavrečka\Documents\Bez názvu (20)-Anča a já doma.wma
[2010.11.21 09:31:20 | 000,001,047 | ---- | M] () -- C:\Users\Otakar Vavrečka\Desktop\Freerapid-Downloader_0.85_Build_555 - odkaz.lnk
[2010.11.20 22:39:33 | 003,444,313 | ---- | M] () -- C:\Users\Otakar Vavrečka\Documents\Bez názvu (19).wma
[2010.11.20 22:29:10 | 004,333,333 | ---- | M] () -- C:\Users\Otakar Vavrečka\Documents\Bez názvu (18).wma
[2010.11.20 22:06:57 | 003,704,733 | ---- | M] () -- C:\Users\Otakar Vavrečka\Documents\Bez názvu (17).wma
[2010.11.18 09:55:46 | 001,904,243 | ---- | M] () -- C:\Users\Otakar Vavrečka\Documents\Bez názvu (17)-Bambusové ponožky.wma
[2010.11.17 21:28:42 | 001,224,671 | ---- | M] () -- C:\Users\Otakar Vavrečka\Desktop\tdsskiller.zip
[2010.11.17 20:07:37 | 057,764,333 | ---- | M] () -- C:\Users\Otakar Vavrečka\Documents\Bez názvu (17)-Anča v Šali.wma

========== Files Created - No Company Name ==========

[2010.12.17 08:34:03 | 000,000,969 | ---- | C] () -- C:\Users\Otakar Vavrečka\Desktop\CCleaner.lnk
[2010.12.17 08:21:45 | 000,210,944 | ---- | C] () -- C:\Users\Otakar Vavrečka\Desktop\T-Cleaner.exe
[2010.12.15 22:44:02 | 000,001,318 | ---- | C] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_setup_9.0.0.722_15.12.2010_12-23(AVPTool).exe.lnk
[2010.12.15 10:56:44 | 000,034,841 | ---- | C] () -- C:\Users\Otakar Vavrečka\Documents\Instalace,scan a odinstalování AVPTool.odt
[2010.12.15 10:39:28 | 000,014,663 | ---- | C] () -- C:\Users\Otakar Vavrečka\Documents\Odinstalování AVPTool.odt
[2010.12.14 10:51:45 | 039,943,523 | ---- | C] () -- C:\Users\Otakar Vavrečka\Documents\Bez názvu (21).wma
[2010.12.14 09:53:51 | 024,722,423 | ---- | C] () -- C:\Users\Otakar Vavrečka\Documents\Bez názvu (20).wma
[2010.12.13 21:17:14 | 000,001,028 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.12.13 21:14:19 | 019,985,265 | ---- | C] () -- C:\Users\Otakar Vavrečka\Desktop\vlc-1.1.5-win32.exe
[2010.12.13 10:21:19 | 000,007,776 | ---- | C] () -- C:\Users\Otakar Vavrečka\Documents\Čísla.odt
[2010.12.13 09:24:33 | 000,000,020 | ---- | C] () -- C:\Users\Otakar Vavrečka\defogger_reenable
[2010.12.13 09:23:49 | 000,050,477 | ---- | C] () -- C:\Users\Otakar Vavrečka\Desktop\Defogger.exe
[2010.12.12 08:41:38 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.11 18:15:17 | 000,027,631 | ---- | C] () -- C:\Users\Otakar Vavrečka\Documents\Moučníky s jablky.odt
[2010.12.09 08:40:59 | 000,012,390 | ---- | C] () -- C:\Users\Otakar Vavrečka\Documents\Ořechové řezy.odt
[2010.12.08 21:27:36 | 000,051,638 | ---- | C] () -- C:\Users\Otakar Vavrečka\Documents\Ochrana před vlhkostí.odt
[2010.12.03 18:29:16 | 019,945,063 | ---- | C] () -- C:\Users\Otakar Vavrečka\Documents\Bez názvu (20)-S Monikou.wma
[2010.11.28 20:02:23 | 000,013,849 | ---- | C] () -- C:\Users\Otakar Vavrečka\Documents\Lidé po povodních.odt
[2010.11.28 06:40:07 | 000,385,818 | ---- | C] () -- C:\Users\Otakar Vavrečka\Desktop\tdss_remover_latest.rar
[2010.11.27 16:31:40 | 000,013,639 | ---- | C] () -- C:\Users\Otakar Vavrečka\Documents\dopis.pdf
[2010.11.21 15:24:22 | 017,637,203 | ---- | C] () -- C:\Users\Otakar Vavrečka\Documents\Bez názvu (20)-Já a Kristián.wma
[2010.11.21 14:32:22 | 018,324,173 | ---- | C] () -- C:\Users\Otakar Vavrečka\Documents\Bez názvu (20)-Anča a já doma.wma
[2010.11.21 09:31:20 | 000,001,047 | ---- | C] () -- C:\Users\Otakar Vavrečka\Desktop\Freerapid-Downloader_0.85_Build_555 - odkaz.lnk
[2010.11.20 22:39:33 | 003,444,313 | ---- | C] () -- C:\Users\Otakar Vavrečka\Documents\Bez názvu (19).wma
[2010.11.20 22:29:10 | 004,333,333 | ---- | C] () -- C:\Users\Otakar Vavrečka\Documents\Bez názvu (18).wma
[2010.11.20 22:06:56 | 003,704,733 | ---- | C] () -- C:\Users\Otakar Vavrečka\Documents\Bez názvu (17).wma
[2010.11.18 09:55:46 | 001,904,243 | ---- | C] () -- C:\Users\Otakar Vavrečka\Documents\Bez názvu (17)-Bambusové ponožky.wma
[2010.11.17 21:28:39 | 001,224,671 | ---- | C] () -- C:\Users\Otakar Vavrečka\Desktop\tdsskiller.zip
[2010.11.17 20:07:37 | 057,764,333 | ---- | C] () -- C:\Users\Otakar Vavrečka\Documents\Bez názvu (17)-Anča v Šali.wma
[2010.11.06 22:32:56 | 000,000,760 | ---- | C] () -- C:\Users\Otakar Vavrečka\AppData\Local\SRDownloader[1].nast
[2010.10.13 20:59:53 | 000,000,754 | ---- | C] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\burnaware.ini
[2010.08.30 16:18:46 | 000,007,605 | ---- | C] () -- C:\Users\Otakar Vavrečka\AppData\Local\Resmon.ResmonCfg
[2010.07.11 09:16:40 | 000,007,168 | ---- | C] () -- C:\Users\Otakar Vavrečka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.25 15:19:52 | 000,014,877 | ---- | C] () -- C:\windows\MSTMON_N.INI
[2010.05.25 15:19:52 | 000,011,521 | ---- | C] () -- C:\windows\MSUMLT_N.INI
[2010.04.12 19:15:32 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.04.12 09:19:38 | 000,168,448 | ---- | C] () -- C:\windows\System32\unrar.dll
[2010.04.12 09:19:33 | 003,596,288 | ---- | C] () -- C:\windows\System32\qt-dx331.dll
[2010.04.12 09:19:33 | 000,795,648 | ---- | C] () -- C:\windows\System32\xvidcore.dll
[2010.04.12 09:19:33 | 000,130,048 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2010.04.12 09:19:30 | 000,067,584 | ---- | C] () -- C:\windows\System32\ff_vfw.dll
[2010.04.12 08:50:04 | 000,000,000 | ---- | C] () -- C:\Users\Otakar Vavrečka\AppData\Local\QSwitch.txt
[2010.04.12 08:50:04 | 000,000,000 | ---- | C] () -- C:\Users\Otakar Vavrečka\AppData\Local\DSwitch.txt
[2010.04.12 08:50:04 | 000,000,000 | ---- | C] () -- C:\Users\Otakar Vavrečka\AppData\Local\AtStart.txt
[2010.04.12 08:35:21 | 000,000,880 | ---- | C] () -- C:\windows\HBCIKRNL.INI
[2010.04.12 08:34:07 | 000,006,656 | ---- | C] () -- C:\windows\System32\bcmwlrc.dll
[2009.09.28 08:22:00 | 000,315,392 | ---- | C] () -- C:\windows\System32\drivers\yk62x86.sys
[2009.09.20 08:39:08 | 000,000,191 | ---- | C] () -- C:\ProgramData\HPWALog.txt
[2009.07.29 14:30:16 | 000,109,216 | ---- | C] () -- C:\windows\System32\drivers\SafeBoot.sys
[2009.07.16 01:50:42 | 000,013,312 | ---- | C] () -- C:\windows\LPRES.DLL
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll

========== LOP Check ==========

[2010.10.11 18:34:04 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\AIMP
[2010.09.17 23:03:18 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Ashampoo
[2010.11.13 22:09:30 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\CadSoft
[2010.10.13 09:31:49 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\FeyWriter
[2010.06.27 10:58:35 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Fighters
[2010.12.12 16:11:31 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\ICQ
[2010.10.21 20:40:08 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\InfraRecorder
[2010.10.31 22:10:09 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\IObit
[2010.11.13 22:09:30 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\IrfanView
[2010.04.12 09:29:28 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\OpenOffice.org
[2010.04.12 09:18:12 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Opera
[2010.09.28 09:33:44 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Systweak
[2010.04.13 21:45:09 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Thunderbird
[2010.09.28 19:13:18 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\TweakNow RegCleaner
[2010.09.07 19:28:55 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Uniblue
[2010.05.01 14:54:56 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\URSoft
[2010.12.17 08:40:44 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\uTorrent
[2010.04.20 20:36:35 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\VitySoft
[2010.12.11 12:35:49 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"HPADVISOR" = C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW -- [2009.07.16 01:51:42 | 001,668,664 | ---- | M] (Hewlett-Packard)
"LightScribe Control Panel" = C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden -- [2009.06.17 20:13:36 | 002,363,392 | ---- | M] (Hewlett-Packard Company)
"eyeBeam SIP Client" = "C:\Program Files\CounterPath\X-Lite\x-lite.exe" -- [2010.01.04 19:13:28 | 023,941,120 | ---- | M] ()
"Google Update" = "C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2010.08.24 19:50:05 | 000,135,664 | ---- | M] (Google Inc.)
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2010.08.24 19:50:03 | 000,039,408 | ---- | M] (Google Inc.)
"uTorrent" = "C:\Program Files\uTorrent\uTorrent.exe" -- [2010.10.19 20:14:19 | 000,328,056 | ---- | M] (BitTorrent, Inc.)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.07.14 02:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.05.25 09:44:40 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Adobe
[2010.10.11 18:34:04 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\AIMP
[2010.09.17 23:03:18 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Ashampoo
[2010.04.12 15:04:36 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\ATI
[2010.04.12 12:41:00 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Avira
[2010.11.13 22:09:30 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\CadSoft
[2010.10.13 09:31:49 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\FeyWriter
[2010.06.27 10:58:35 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Fighters
[2010.08.28 13:52:17 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Google
[2010.05.07 13:23:08 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Hewlett-Packard
[2010.04.12 08:37:43 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\HP TCS
[2010.06.24 15:17:13 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\hpqLog
[2010.12.12 16:11:31 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\ICQ
[2010.04.12 08:49:45 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Identities
[2010.10.21 20:40:08 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\InfraRecorder
[2010.04.12 08:29:47 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\InstallShield
[2010.10.31 22:10:09 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\IObit
[2010.11.13 22:09:30 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\IrfanView
[2010.04.12 09:33:09 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Macromedia
[2010.12.12 08:41:52 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Malwarebytes
[2010.08.24 08:23:04 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Media Player Classic
[2010.11.13 21:19:53 | 000,000,000 | --SD | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft
[2010.04.13 19:31:36 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla
[2010.10.13 16:48:15 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Nero
[2010.04.12 09:29:28 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\OpenOffice.org
[2010.04.12 09:18:12 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Opera
[2010.07.02 20:54:06 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Roxio Log Files
[2010.12.16 21:34:22 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Skype
[2010.12.16 19:57:58 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\skypePM
[2010.09.28 09:33:44 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Systweak
[2010.04.13 22:14:25 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Talkback
[2010.04.13 21:45:09 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Thunderbird
[2010.09.28 19:13:18 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\TweakNow RegCleaner
[2010.09.07 19:28:55 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\Uniblue
[2010.05.01 14:54:56 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\URSoft
[2010.12.17 08:40:44 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\uTorrent
[2010.04.20 20:36:35 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\VitySoft
[2010.12.13 21:17:59 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\vlc
[2010.04.12 09:19:49 | 000,000,000 | ---D | M] -- C:\Users\Otakar Vavrečka\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2010.11.13 21:19:53 | 000,015,086 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\ClickCleaner.exe
[2010.11.13 21:19:53 | 000,017,542 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\ContextMenuManager.exe
[2010.11.13 21:19:54 | 000,017,542 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\DesktopCleaner.exe
[2010.11.13 21:19:53 | 000,015,086 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\DiskAnalyzer.exe
[2010.11.13 21:19:53 | 000,015,086 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\DuplicateFilesFinder.exe
[2010.11.13 21:19:53 | 000,015,086 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\FileSecurity.exe
[2010.11.13 21:19:53 | 000,015,086 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\FileSplitter.exe
[2010.11.13 21:19:53 | 000,017,542 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\FreeMemory.exe
[2010.11.13 21:19:53 | 000,015,086 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\IEManager.exe
[2010.11.13 21:19:54 | 000,017,542 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\IPSwitcher.exe
[2010.11.13 21:19:54 | 000,017,542 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\JumpListQuickLauncher.exe
[2010.11.13 21:19:53 | 000,015,086 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\JunkFileCleaner.exe
[2010.11.13 21:19:53 | 000,005,430 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\LiveUpdate.exe
[2010.11.13 21:19:53 | 000,013,262 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\OptimizationWizard.exe
[2010.11.13 21:19:53 | 000,015,086 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\PrivacyProtector.exe
[2010.11.13 21:19:53 | 000,015,086 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\ProcessManager.exe
[2010.11.13 21:19:53 | 000,015,086 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\RegistryCleaner.exe
[2010.11.13 21:19:53 | 000,015,086 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\RegistryDefrag.exe
[2010.11.13 21:19:54 | 000,304,886 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\RegistryTools.exe
[2010.11.13 21:19:53 | 000,015,086 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\RepairCenter.exe
[2010.11.13 21:19:53 | 000,015,086 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\RunShortcutCreator.exe
[2010.11.13 21:19:53 | 000,015,086 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\ServiceManager.exe
[2010.11.13 21:19:53 | 000,017,542 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\SmartUninstaller.exe
[2010.11.13 21:19:53 | 000,015,086 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\StartupManager.exe
[2010.11.13 21:19:54 | 000,082,726 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\SuperCopy.exe
[2010.11.13 21:19:54 | 000,014,534 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\SystemFolder_msiexec.exe
[2010.11.13 21:19:53 | 000,007,886 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\SystemInfo.exe
[2010.11.13 21:19:53 | 000,017,542 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\TaskSchedulerManager.exe
[2010.11.13 21:19:53 | 000,017,542 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\VisualCustomizer.exe
[2010.11.13 21:19:53 | 000,092,560 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\Windows7Manager.exe
[2010.11.13 21:19:53 | 000,013,262 | R--- | M] () -- C:\Users\Otakar Vavrečka\AppData\Roaming\Microsoft\Installer\{162CA844-B05F-40D7-BAC7-EE04A95AB106}\WinUtilities.exe
[2010.09.28 09:34:35 | 010,493,880 | ---- | M] (Systweak Inc ) -- C:\Users\Otakar Vavrečka\AppData\Roaming\Systweak\ASO3\Installer\aso3setup.exe


< MD5 for: AGP440.SYS >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\ERDNT\cache\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\ERDNT\cache\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\ERDNT\cache\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\System32\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\ERDNT\cache\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: IASTOR.SYS >
[2009.08.07 14:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2009.08.07 14:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\swsetup\Drivers\32\HDD\IaStor.sys
[2009.08.07 14:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\swsetup\INTELMSM\Winall\Driver\IaStor.sys
[2009.08.07 14:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\Windows\System32\drivers\iaStor.sys
[2009.08.07 14:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_1f2a8fa4448bd5bf\iaStor.sys
[2009.08.07 14:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_x86_neutral_e0df85a86191e9fe\iaStor.sys
[2009.08.07 14:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009.08.07 14:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\swsetup\Drivers\64\HDD\IaStor.sys
[2009.08.07 14:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\swsetup\INTELMSM\Winall\Driver64\IaStor.sys

< MD5 for: IASTORV.SYS >
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\ERDNT\cache\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\System32\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\ERDNT\cache\ndis.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\drivers\nvraid.sys
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\ERDNT\cache\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\System32\drivers\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\ERDNT\cache\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\ERDNT\cache\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\System32\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 02:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009.07.14 02:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009.07.14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\LocationApi.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.07.29 14:30:16 | 000,109,216 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\SafeBoot.sys

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 02:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009.07.14 02:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009.07.14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\LocationApi.dll

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.12.17 08:07:25 | 000,019,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.17 08:07:25 | 000,019,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.16 14:29:07 | 000,471,480 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.12.16 09:51:19 | 037,366,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MRT.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 168 bytes -> C:\ProgramData\TEMP:1CE11B51

< End of report >
Blbý můžeš být,ale musíš si umět poradit...
Nahoru
Uživatelský avatar
rakato11
Návštěvník
Návštěvník
Příspěvky: 286
Registrován: 02 pro 2009 15:18
Kontaktovat uživatele:
Kontaktovat uživatele rakato11

Re: Nejde mi zapnout antivír AVIRA

#33 Příspěvek od rakato11 »

OTL Extras logfile created on: 17.12.2010 8:47:29 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Otakar Vavrečka\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 154,29 Gb Total Space | 121,36 Gb Free Space | 78,66% Space Free | Partition Type: NTFS
Drive D: | 126,51 Gb Total Space | 65,29 Gb Free Space | 51,61% Space Free | Partition Type: NTFS
Drive E: | 1,99 Gb Total Space | 1,92 Gb Free Space | 96,36% Space Free | Partition Type: FAT32

Computer Name: OTAKAR-PC | User Name: Otakar Vavrečka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-2338030867-1793448873-1332901503-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Value error.
https [open] -- "C:\Program Files\Opera\opera.exe" File not found
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{004739E9-9BBF-4A8B-9FAC-EB7CA5B7A9D9}" = HP User Guides 0136
"{024DE942-267A-4B60-A1C0-70C1163E0355}" = CCC Help Korean
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{0934E41E-D8EE-478A-A540-AE9FAE399D5D}" = HP ProtectTools Security Manager
"{15353551-375C-8E5A-5CAF-A4564C1CC2A5}" = ccc-core-static
"{162CA844-B05F-40D7-BAC7-EE04A95AB106}" = Windows 7 Manager
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1BE8806A-84F8-4655-A381-0D5524430944}" = ActivClient x86
"{1D61E881-43CD-447B-9E6B-D2C6138B2862}" = HP Webcam
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{21E2508C-D5F4-44C6-C224-456DDA341BBB}" = CCC Help Turkish
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{30A2A953-DEB1-466A-B660-F4399C7C6B9D}" = Roxio MyDVD
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32D2E8C3-452A-69E9-21CF-C55E0612C974}" = CCC Help Chinese Traditional
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{3B84CB71-78CA-4E9B-9167-1B877D60FB97}" = HP JavaCard for HP ProtectTools
"{3CD5E925-0EFE-4E0E-849E-BAF2E6D9E1C5}" = Credential Manager for HP ProtectTools
"{4453AA9B-867A-17DB-C429-E9A64F0FB77F}" = CCC Help Finnish
"{485B9C29-6B47-22AF-022A-F9D65292F3A7}" = CCC Help English
"{4893B2BB-5C9B-7E6C-4BAD-BDFBAB33184A}" = Catalyst Control Center Localization All
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C0E850A-DD63-455A-9113-B52CB97AA915}" = HP QuickLook
"{50C1A63E-4653-9DBE-E8E4-28DF2778BED0}" = CCC Help Polish
"{511376F5-7E5A-4EC9-B603-193B1D425BC3}" = HP ESU for Microsoft Windows 7
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5725E5CA-A91D-C903-99DB-F8C010E0B637}" = Catalyst Control Center InstallProxy
"{5A89BFD5-12DB-038F-DBCE-58832B82D824}" = CCC Help Norwegian
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{75D7BB3A-9AB7-4ad1-AD5E-0059B90C624B}" = HP ProtectTools Security Manager Suite
"{76AF1F61-BB44-4694-A0EA-C6830C8BEF41}" = HP Software Setup
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7EFEE754-EA7D-A79B-8DDA-65CADCAF1AB4}" = Catalyst Control Center InstallProxy
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{85D10697-A1D4-472A-2114-E07A77019BE1}" = CCC Help Japanese
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87909077-445C-976C-0D23-D6C367B422D6}" = CCC Help Danish
"{87CA636B-85B8-4611-A81D-F97E71024AFD}" = HP Common Access Service Library
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{8DD0171B-2ED1-311C-882E-AD3EC3A77A7E}" = CCC Help Czech
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9087C601-4B52-C0F0-D4EF-4C98DEC1D6B0}" = CCC Help Portuguese
"{91B82CC7-F33E-211B-DFD6-0A91B637B455}" = CCC Help Greek
"{925A0B4E-F885-997B-8A74-E8E7A2FAC049}" = CCC Help French
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96B7FD92-0D96-7C04-5D1C-D6CF70202403}" = CCC Help Hungarian
"{97A58F57-5F50-4B0E-92BA-D41AF806E1B3}" = Asistent pri prihlasovaní v sieti Windows Live
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = HP Integrated Module with Bluetooth wireless technology
"{A18E4E3A-5013-E319-AB36-4FDE7483AA5D}" = CCC Help Spanish
"{A2A04DAA-094C-27EA-0CDF-E02A778FD761}" = ccc-utility
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB7D24EC-BB5A-E746-C5D2-526BBE6C36AD}" = Catalyst Control Center Graphics Previews Vista
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{AC76BA86-7AD7-2447-0000-900000000003}" = Chinese Simplified Fonts Support For Adobe Reader 9
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B0344B38-378B-47E0-BDCC-977785D24768}" = Integrated Camera Driver Installer Package Ver.1.30.110.0
"{B1995371-129A-4232-A0C8-E98500B4F317}" = OpenOffice.org 3.1
"{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}" = HP Advisor
"{B60DCA15-56A3-4D2D-8747-22CF7D7B588B}" = HP Support Assistant
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BB0030F2-DA47-FABF-D3F2-903FA253D56D}" = CCC Help Thai
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD7A7136-1E88-4EB8-985C-1326DCE5612A}" = AuthenTec Fingerprint System
"{C4518D5B-C62C-4984-A615-1FC1DD55B86A}" = Drive Encryption for HP ProtectTools
"{C7AE4EC3-9C13-4213-8457-74D16B353F91}" = HP Web Camera
"{CB8ABF7D-B3F7-D774-645B-0DCD0297D9FA}" = CCC Help German
"{CD9A1574-197A-156D-9D8C-39D68AE9B7A6}" = CCC Help Russian
"{D0BFE65D-C320-4FC9-88D2-B9C32FB95DA0}" = HP Setup
"{D5F25F29-5A2A-4222-A7B2-C70D72ED600F}" = HP 3D DriveGuard
"{D7C73761-237A-2B01-6DB5-E76276223C3B}" = CCC Help Italian
"{DD082978-011E-7058-8252-15E2E1AAFABB}" = CCC Help Dutch
"{E045FAC9-0B70-4796-AD3A-7035E89CE536}" = SCR3xxx Smart Card Reader
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E70E6183-F6EC-45B4-AFA4-0C3C36D4B664}" = Windows 7 Default Setting
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Business v10
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F173C2B3-296F-458C-98FF-1676A42EBA02}" = HP Wallpaper
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{FA3B4B32-D753-672D-842C-946644FEFC0A}" = CCC Help Swedish
"{FACB7956-B924-B663-E167-3C8900E7D679}" = ATI Catalyst Install Manager
"{FF6FA054-25B9-1CA2-D22A-DFD87735E9F6}" = CCC Help Chinese Standard
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIMP2" = AIMP2
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.16
"DjVuLibre+DjView" = DjVuLibre+DjView
"EAGLE 5.4.0" = EAGLE 5.4.0
"ICQToolbar" = ICQ Toolbar
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.6.2 (Full)
"KONICA MINOLTA PagePro 1300W" = KONICA MINOLTA PagePro 1300W
"LSI Soft Modem" = LSI HDA Modem
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MyAshampoo Toolbar" = MyAshampoo Toolbar
"PDF Complete" = PDF Complete Special Edition
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Theophilos_is1" = Theophilos 3
"TweakNow RegCleaner_is1" = TweakNow RegCleaner
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.5
"WinRAR archiver" = WinRAR archivátor
"X-Lite 1.5_is1" = X-Lite 3.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2338030867-1793448873-1332901503-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 21.11.2010 8:02:42 | Computer Name = Otakar-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 21.11.2010 8:50:23 | Computer Name = Otakar-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: firefox.exe, verzia: 1.9.2.3951, časová
značka: 0x4cc7ae16 Názov chybového modulu: ole32.dll, verzia: 6.1.7600.16624, časová
značka: 0x4c297c56 Kód výnimky: 0xc0000005 Odstup chyby: 0x0002f36a Identifikácia
chybného procesu: 0x1450 Čas spustenia chybnej aplikácie: 0x01cb8972408a76dc Cesta
chybnej aplikácie: C:\Program Files\Mozilla Firefox\firefox.exe Cesta chybného modulu:
C:\windows\system32\ole32.dll Identifikácia hlásenia: e74ed6d0-f56d-11df-a8dd-18a905e47eaa

Error - 21.11.2010 8:51:10 | Computer Name = Otakar-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: firefox.exe, verzia: 1.9.2.3951, časová
značka: 0x4cc7ae16 Názov chybového modulu: ole32.dll, verzia: 6.1.7600.16624, časová
značka: 0x4c297c56 Kód výnimky: 0xc0000005 Odstup chyby: 0x0002f36a Identifikácia
chybného procesu: 0x2d40 Čas spustenia chybnej aplikácie: 0x01cb897aade6e978 Cesta
chybnej aplikácie: C:\Program Files\Mozilla Firefox\firefox.exe Cesta chybného modulu:
C:\windows\system32\ole32.dll Identifikácia hlásenia: 038d4459-f56e-11df-a8dd-18a905e47eaa

Error - 21.11.2010 9:07:42 | Computer Name = Otakar-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 21.11.2010 10:14:56 | Computer Name = Otakar-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 21.11.2010 12:06:17 | Computer Name = Otakar-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 21.11.2010 13:10:35 | Computer Name = Otakar-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 21.11.2010 14:08:35 | Computer Name = Otakar-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 21.11.2010 15:09:16 | Computer Name = Otakar-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 21.11.2010 16:12:44 | Computer Name = Otakar-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

[ Credential Manager Events ]
Error - 12.10.2010 1:54:56 | Computer Name = Otakar-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Otakar Vavrečka@OTAKAR-PC Client GUID: {Password} Error: 0xC516020B Client Host: localhost

Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 12.10.2010 1:54:56 | Computer Name = Otakar-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Otakar Vavrečka@OTAKAR-PC
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 17.10.2010 8:22:23 | Computer Name = Otakar-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Otakar Vavrečka@OTAKAR-PC Client GUID: {Password} Error: 0xC516020B Client Host: localhost

Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 17.10.2010 8:22:23 | Computer Name = Otakar-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Otakar Vavrečka@OTAKAR-PC
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 9.11.2010 4:35:41 | Computer Name = Otakar-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Otakar Vavrečka@OTAKAR-PC Client GUID: {Password} Error: 0xC516020B Client Host: localhost

Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 9.11.2010 4:35:41 | Computer Name = Otakar-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Otakar Vavrečka@OTAKAR-PC
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 9.12.2010 1:30:24 | Computer Name = Otakar-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Otakar Vavrečka@OTAKAR-PC Client GUID: {Password} Error: 0xC516020B Client Host: localhost

Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 9.12.2010 1:30:24 | Computer Name = Otakar-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Otakar Vavrečka@OTAKAR-PC
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 9.12.2010 1:37:30 | Computer Name = Otakar-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Otakar Vavrečka@OTAKAR-PC
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 9.12.2010 1:37:30 | Computer Name = Otakar-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Otakar Vavrečka@OTAKAR-PC Client GUID: {Password} Error: 0xC516020B Client Host: localhost

Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

[ Hewlett-Packard Events ]
Error - 15.4.2010 5:19:50 | Computer Name = Otakar-PC | Source = Hewlett-Packard | ID = 0
Description = sk-SK Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 15.4.2010 5:19:50 | Computer Name = Otakar-PC | Source = Hewlett-Packard | ID = 0
Description = sk-SK Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 15.4.2010 12:00:35 | Computer Name = Otakar-PC | Source = Hewlett-Packard | ID = 0
Description = sk-SK Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 15.4.2010 12:00:35 | Computer Name = Otakar-PC | Source = Hewlett-Packard | ID = 0
Description = sk-SK Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 24.9.2010 14:05:57 | Computer Name = Otakar-PC | Source = Hewlett-Packard | ID = 0
Description = sk-SK Exception has been thrown by the target of an invocation. mscorlib

at System.RuntimeMethodHandle._InvokeMethodFast(Object target, Object[] arguments,
SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)

at System.RuntimeMethodHandle.InvokeMethodFast(Object target, Object[] arguments,
Signature sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr,
Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)

at System.Delegate.DynamicInvokeImpl(Object[] args) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Cannot
set Visibility or call Show or ShowDialog after window has closed.

[ Media Center Events ]
Error - 28.4.2010 9:15:10 | Computer Name = Otakar-PC | Source = MCUpdate | ID = 0
Description = 15:15:06 - Chyba pripájania na Internet. 15:15:06 - Nebolo možné
spojiť sa so serverom..

Error - 7.5.2010 8:22:11 | Computer Name = Otakar-PC | Source = MCUpdate | ID = 0
Description = 14:22:11 - Chyba pripájania na Internet. 14:22:11 - Nebolo možné
spojiť sa so serverom..

Error - 7.5.2010 8:22:19 | Computer Name = Otakar-PC | Source = MCUpdate | ID = 0
Description = 14:22:16 - Chyba pripájania na Internet. 14:22:16 - Nebolo možné
spojiť sa so serverom..

Error - 19.5.2010 9:19:36 | Computer Name = Otakar-PC | Source = MCUpdate | ID = 0
Description = 15:19:36 - Nepodarilo sa načítať položku Directory (chyba: The underlying
connection was closed: An unexpected error occurred on a receive.)

Error - 19.5.2010 9:20:46 | Computer Name = Otakar-PC | Source = MCUpdate | ID = 0
Description = 15:20:30 - Nepodarilo sa načítať položku MCEClientUX (chyba: The underlying
connection was closed: An unexpected error occurred on a receive.)

Error - 4.6.2010 8:58:04 | Computer Name = Otakar-PC | Source = MCUpdate | ID = 0
Description = 14:58:01 - Chyba pripájania na Internet. 14:58:01 - Nebolo možné
spojiť sa so serverom..

Error - 16.6.2010 12:54:11 | Computer Name = Otakar-PC | Source = MCUpdate | ID = 0
Description = 18:54:11 - Chyba pripájania na Internet. 18:54:11 - Nebolo možné
spojiť sa so serverom..

Error - 16.6.2010 12:54:18 | Computer Name = Otakar-PC | Source = MCUpdate | ID = 0
Description = 18:54:16 - Chyba pripájania na Internet. 18:54:16 - Nebolo možné
spojiť sa so serverom..

Error - 23.7.2010 12:28:28 | Computer Name = Otakar-PC | Source = MCUpdate | ID = 0
Description = 18:28:28 - Chyba pripájania na Internet. 18:28:28 - Nebolo možné
spojiť sa so serverom..

Error - 23.7.2010 12:29:00 | Computer Name = Otakar-PC | Source = MCUpdate | ID = 0
Description = 18:28:57 - Chyba pripájania na Internet. 18:28:57 - Nebolo možné
spojiť sa so serverom..

[ System Events ]
Error - 16.12.2010 10:08:13 | Computer Name = Otakar-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označená ako interaktívna služba. Systém
je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne
nebude pracovať správne.

Error - 16.12.2010 13:10:58 | Computer Name = Otakar-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 16.12.2010 13:11:05 | Computer Name = Otakar-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 16.12.2010 13:11:13 | Computer Name = Otakar-PC | Source = Service Control Manager | ID = 7002
Description = Nebol spustený žiadny člen skupiny Parallel arbitrator, od ktorej
závisí služba MLPTDR_N.

Error - 17.12.2010 2:36:16 | Computer Name = Otakar-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 17.12.2010 2:36:25 | Computer Name = Otakar-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 17.12.2010 2:36:31 | Computer Name = Otakar-PC | Source = Service Control Manager | ID = 7002
Description = Nebol spustený žiadny člen skupiny Parallel arbitrator, od ktorej
závisí služba MLPTDR_N.

Error - 17.12.2010 2:59:59 | Computer Name = Otakar-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 17.12.2010 3:00:09 | Computer Name = Otakar-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 17.12.2010 3:00:15 | Computer Name = Otakar-PC | Source = Service Control Manager | ID = 7002
Description = Nebol spustený žiadny člen skupiny Parallel arbitrator, od ktorej
závisí služba MLPTDR_N.


< End of report >
Blbý můžeš být,ale musíš si umět poradit...
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Nejde mi zapnout antivír AVIRA

#34 Příspěvek od motji »

:arrow: Tohle znáte?
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)[/color]



:arrow: Stáhněte SystemLook
http://jpshortstuff.247fixes.com/SystemLook.exe

- uložte ho na plochu a spustte.
- do okénka zkopírujte

Kód: Vybrat vše

:dir
C:\ProgramData\IAHBV
C:\ProgramData\384e50
- klikněte na Look, proběhne sken, na konci se zobrazí log, jehož obsah zkopírujete sem
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Uživatelský avatar
rakato11
Návštěvník
Návštěvník
Příspěvky: 286
Registrován: 02 pro 2009 15:18
Kontaktovat uživatele:
Kontaktovat uživatele rakato11

Re: Nejde mi zapnout antivír AVIRA

#35 Příspěvek od rakato11 »

Nepoznám.
Zde je log :

SystemLook 04.09.10 by jpshortstuff
Log created at 13:20 on 17/12/2010 by Otakar Vavrečka
Administrator - Elevation successful

========== dir ==========

C:\ProgramData\IAHBV - Parameters: "(none)"

---Files---
IAZPGVGRV.cfg --ahs-- 24601 bytes [17:08 11/12/2010] [17:40 11/12/2010]

---Folders---
None found.

C:\ProgramData\384e50 - Parameters: "(none)"

---Files---
64309e893796eba912e1e628fffbec32.ocx --a---- 87 bytes [17:08 11/12/2010] [17:38 11/12/2010]
IAV.ico --a---- 4286 bytes [17:08 11/12/2010] [17:38 11/12/2010]
kdgln0gvlr8z6sbkwg.dll --a---- 63 bytes [17:08 11/12/2010] [17:08 11/12/2010]
mozcrt19.dll --a---- 719832 bytes [17:08 11/12/2010] [08:34 11/12/2010]
sqlite3.dll --a---- 492504 bytes [17:08 11/12/2010] [08:34 11/12/2010]

---Folders---
BackUp d------ [17:08 11/12/2010]
IAVSys d------ [17:08 11/12/2010]
Quarantine Items d------ [17:08 11/12/2010]

-= EOF =-
Blbý můžeš být,ale musíš si umět poradit...
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Nejde mi zapnout antivír AVIRA

#36 Příspěvek od motji »

Ty dvě složky se mi ale vůbec nelíbí :D
Odkryjte si skryté a systémové soubory.

:arrow: Otestujte na www.virustotal.com

C:\ProgramData\IAHBV\IAZPGVGRV.cfg
C:\ProgramData\384e50\kdgln0gvlr8z6sbkwg.dll
C:\ProgramData\384e50\mozcrt19.dll


-Do okénka zkopírujte cestu k souboru , pokud napíše, že soubor byl už testován, dejte otestovat znovu.
-Sem vložte link s výsledky.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Uživatelský avatar
rakato11
Návštěvník
Návštěvník
Příspěvky: 286
Registrován: 02 pro 2009 15:18
Kontaktovat uživatele:
Kontaktovat uživatele rakato11

Re: Nejde mi zapnout antivír AVIRA

#37 Příspěvek od rakato11 »

Co je na těch dvou složkách k smíchu? :)

Tu je první výsledek(doufám že jsem postupoval správně.
File name:
IAZPGVGRV.cfg
Submission date:
2010-12-17 18:52:31 (UTC)
Current status:
queued (#149) queued analysing finished
Result:
0/ 43 (0.0%)

VT Community

not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2010.12.17.05 2010.12.17 -
AntiVir 7.11.0.83 2010.12.17 -
Antiy-AVL 2.0.3.7 2010.12.17 -
Avast 4.8.1351.0 2010.12.17 -
Avast5 5.0.677.0 2010.12.17 -
AVG 9.0.0.851 2010.12.17 -
BitDefender 7.2 2010.12.17 -
CAT-QuickHeal 11.00 2010.12.17 -
ClamAV 0.96.4.0 2010.12.17 -
Command 5.2.11.5 2010.12.17 -
Comodo 7097 2010.12.17 -
DrWeb 5.0.2.03300 2010.12.17 -
Emsisoft 5.1.0.1 2010.12.17 -
eSafe 7.0.17.0 2010.12.16 -
eTrust-Vet 36.1.8047 2010.12.17 -
F-Prot 4.6.2.117 2010.12.16 -
F-Secure 9.0.16160.0 2010.12.17 -
Fortinet 4.2.254.0 2010.12.17 -
GData 21 2010.12.17 -
Ikarus T3.1.1.90.0 2010.12.17 -
Jiangmin 13.0.900 2010.12.17 -
K7AntiVirus 9.73.3277 2010.12.17 -
Kaspersky 7.0.0.125 2010.12.17 -
McAfee 5.400.0.1158 2010.12.17 -
McAfee-GW-Edition 2010.1C 2010.12.17 -
Microsoft 1.6402 2010.12.17 -
NOD32 5711 2010.12.17 -
Norman 6.06.12 2010.12.17 -
nProtect 2010-12-17.01 2010.12.17 -
Panda 10.0.2.7 2010.12.17 -
PCTools 7.0.3.5 2010.12.17 -
Prevx 3.0 2010.12.17 -
Rising 22.78.04.00 2010.12.17 -
Sophos 4.60.0 2010.12.17 -
SUPERAntiSpyware 4.40.0.1006 2010.12.17 -
Symantec 20101.3.0.103 2010.12.17 -
TheHacker 6.7.0.1.101 2010.12.15 -
TrendMicro 9.120.0.1004 2010.12.17 -
TrendMicro-HouseCall 9.120.0.1004 2010.12.17 -
VBA32 3.12.14.2 2010.12.17 -
VIPRE 7692 2010.12.17 -
ViRobot 2010.12.17.4206 2010.12.17 -
VirusBuster 13.6.100.0 2010.12.17 -
Additional information
Show all
MD5 : f1e9d2b57ab2a4cfa322952830e3ea99
SHA1 : 631dd322357350bd828c09bf0f7bddc56b6c9faa
SHA256: 74645410b6c11e92d7cf25ac392451d4da943f449323d4f516be0a1e65694005
Blbý můžeš být,ale musíš si umět poradit...
Nahoru
Uživatelský avatar
rakato11
Návštěvník
Návštěvník
Příspěvky: 286
Registrován: 02 pro 2009 15:18
Kontaktovat uživatele:
Kontaktovat uživatele rakato11

Re: Nejde mi zapnout antivír AVIRA

#38 Příspěvek od rakato11 »

Druhý výsledek:

File name:
kdgln0gvlr8z6sbkwg.dll
Submission date:
2010-12-17 19:06:17 (UTC)
Current status:
queued (#161) queued (#151) analysing finished
Result:
0/ 43 (0.0%)

VT Community

not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2010.12.17.05 2010.12.17 -
AntiVir 7.11.0.83 2010.12.17 -
Antiy-AVL 2.0.3.7 2010.12.17 -
Avast 4.8.1351.0 2010.12.17 -
Avast5 5.0.677.0 2010.12.17 -
AVG 9.0.0.851 2010.12.17 -
BitDefender 7.2 2010.12.17 -
CAT-QuickHeal 11.00 2010.12.17 -
ClamAV 0.96.4.0 2010.12.17 -
Command 5.2.11.5 2010.12.17 -
Comodo 7097 2010.12.17 -
DrWeb 5.0.2.03300 2010.12.17 -
Emsisoft 5.1.0.1 2010.12.17 -
eSafe 7.0.17.0 2010.12.16 -
eTrust-Vet 36.1.8047 2010.12.17 -
F-Prot 4.6.2.117 2010.12.16 -
F-Secure 9.0.16160.0 2010.12.17 -
Fortinet 4.2.254.0 2010.12.17 -
GData 21 2010.12.17 -
Ikarus T3.1.1.90.0 2010.12.17 -
Jiangmin 13.0.900 2010.12.17 -
K7AntiVirus 9.73.3277 2010.12.17 -
Kaspersky 7.0.0.125 2010.12.17 -
McAfee 5.400.0.1158 2010.12.17 -
McAfee-GW-Edition 2010.1C 2010.12.17 -
Microsoft 1.6402 2010.12.17 -
NOD32 5712 2010.12.17 -
Norman 6.06.12 2010.12.17 -
nProtect 2010-12-17.01 2010.12.17 -
Panda 10.0.2.7 2010.12.17 -
PCTools 7.0.3.5 2010.12.17 -
Prevx 3.0 2010.12.17 -
Rising 22.78.04.00 2010.12.17 -
Sophos 4.60.0 2010.12.17 -
SUPERAntiSpyware 4.40.0.1006 2010.12.17 -
Symantec 20101.3.0.103 2010.12.17 -
TheHacker 6.7.0.1.101 2010.12.15 -
TrendMicro 9.120.0.1004 2010.12.17 -
TrendMicro-HouseCall 9.120.0.1004 2010.12.17 -
VBA32 3.12.14.2 2010.12.17 -
VIPRE 7692 2010.12.17 -
ViRobot 2010.12.17.4206 2010.12.17 -
VirusBuster 13.6.100.0 2010.12.17 -
Additional information
Show all
MD5 : 6ed398b4175cf551bfc1c4ee9bc6cc58
SHA1 : 5ff06a62a6ce427bb56a2815eb38eab913a4a8d2
SHA256: 3fc1e03579917ed23fd28d611dbd60bf6a3c30e6e379e8db42066dfe5335e392
Blbý můžeš být,ale musíš si umět poradit...
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Nejde mi zapnout antivír AVIRA

#39 Příspěvek od motji »

Nevím, mě se nelíbí ani trošku. Už jste je našel? Pokud ano, chtěla bych je smazat.Vy si je dejte do raru nebo zipu a dejte někam na bok jako zálohu a pak napište :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Uživatelský avatar
rakato11
Návštěvník
Návštěvník
Příspěvky: 286
Registrován: 02 pro 2009 15:18
Kontaktovat uživatele:
Kontaktovat uživatele rakato11

Re: Nejde mi zapnout antivír AVIRA

#40 Příspěvek od rakato11 »

A třetí výsledek:

File name:
mozcrt19.dll
Submission date:
2010-12-17 19:09:42 (UTC)
Current status:
queued queued (#150) analysing finished
Result:
0/ 43 (0.0%)

VT Community

not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2010.12.17.05 2010.12.17 -
AntiVir 7.11.0.83 2010.12.17 -
Antiy-AVL 2.0.3.7 2010.12.17 -
Avast 4.8.1351.0 2010.12.17 -
Avast5 5.0.677.0 2010.12.17 -
AVG 9.0.0.851 2010.12.17 -
BitDefender 7.2 2010.12.17 -
CAT-QuickHeal 11.00 2010.12.17 -
ClamAV 0.96.4.0 2010.12.17 -
Command 5.2.11.5 2010.12.17 -
Comodo 7097 2010.12.17 -
DrWeb 5.0.2.03300 2010.12.17 -
Emsisoft 5.1.0.1 2010.12.17 -
eSafe 7.0.17.0 2010.12.16 -
eTrust-Vet 36.1.8047 2010.12.17 -
F-Prot 4.6.2.117 2010.12.16 -
F-Secure 9.0.16160.0 2010.12.17 -
Fortinet 4.2.254.0 2010.12.17 -
GData 21 2010.12.17 -
Ikarus T3.1.1.90.0 2010.12.17 -
Jiangmin 13.0.900 2010.12.17 -
K7AntiVirus 9.73.3277 2010.12.17 -
Kaspersky 7.0.0.125 2010.12.17 -
McAfee 5.400.0.1158 2010.12.17 -
McAfee-GW-Edition 2010.1C 2010.12.17 -
Microsoft 1.6402 2010.12.17 -
NOD32 5712 2010.12.17 -
Norman 6.06.12 2010.12.17 -
nProtect 2010-12-17.01 2010.12.17 -
Panda 10.0.2.7 2010.12.17 -
PCTools 7.0.3.5 2010.12.17 -
Prevx 3.0 2010.12.17 -
Rising 22.78.04.00 2010.12.17 -
Sophos 4.60.0 2010.12.17 -
SUPERAntiSpyware 4.40.0.1006 2010.12.17 -
Symantec 20101.3.0.103 2010.12.17 -
TheHacker 6.7.0.1.101 2010.12.15 -
TrendMicro 9.120.0.1004 2010.12.17 -
TrendMicro-HouseCall 9.120.0.1004 2010.12.17 -
VBA32 3.12.14.2 2010.12.17 -
VIPRE 7693 2010.12.17 -
ViRobot 2010.12.17.4206 2010.12.17 -
VirusBuster 13.6.100.0 2010.12.17 -
Additional information
Show all
MD5 : 614c1cea5742d24415cc84073a262f8a
SHA1 : b228f3cade7efa98ad3173f8c57f533da346361d
SHA256: 6fac2e371ffe318b1dfa1a2857243673cd94caa4df4406db0621ea8e85ecd8e6
Blbý můžeš být,ale musíš si umět poradit...
Nahoru
Uživatelský avatar
rakato11
Návštěvník
Návštěvník
Příspěvky: 286
Registrován: 02 pro 2009 15:18
Kontaktovat uživatele:
Kontaktovat uživatele rakato11

Re: Nejde mi zapnout antivír AVIRA

#41 Příspěvek od rakato11 »

Tak jsem ty soubory našel.Musím je uložit,jak jste mi radila(ono to chvilku bude trvat,nejsem zdaleka tak zběhlý v PC jako Vy :) .
Potom je mám vymazat???

Tak se povedlo soubory dát do raru :clapping: .Uložil jsem si je na D-éčko.
Blbý můžeš být,ale musíš si umět poradit...
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Nejde mi zapnout antivír AVIRA

#42 Příspěvek od motji »

Ano, obě složky smažte :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Uživatelský avatar
rakato11
Návštěvník
Návštěvník
Příspěvky: 286
Registrován: 02 pro 2009 15:18
Kontaktovat uživatele:
Kontaktovat uživatele rakato11

Re: Nejde mi zapnout antivír AVIRA

#43 Příspěvek od rakato11 »

Smazáno.
Blbý můžeš být,ale musíš si umět poradit...
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Nejde mi zapnout antivír AVIRA

#44 Příspěvek od motji »

Taky jsem Vám je mohla smazat přes OTL, stejjně tam budeme něco mazat.

:arrow: Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
@Alternate Data Stream - 168 bytes -> C:\ProgramData\TEMP:1CE11B51
C:\ProgramData\ezsidmv.dat
[2010.12.11 18:08:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\IAHBV
[2010.12.11 18:07:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\384e50
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
IE - HKU\S-1-5-21-2338030867-1793448873-1332901503-1001\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
IE - HKU\S-1-5-21-2338030867-1793448873-1332901503-1001\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s

:commands
[resethosts]
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde :)



Pokud by Vám ty složky chyběli, obnovíte je z raru. Ale myslím si, že patří k šmejdovi.
Pokud už nejsou s počítačem žádné problémy, bude to vše :)


:arrow: Ještě znovu spustte OTL, klikněte na tlačítko vyčisti, uklidí po sobě :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Uživatelský avatar
rakato11
Návštěvník
Návštěvník
Příspěvky: 286
Registrován: 02 pro 2009 15:18
Kontaktovat uživatele:
Kontaktovat uživatele rakato11

Re: Nejde mi zapnout antivír AVIRA

#45 Příspěvek od rakato11 »

Zde je log z OTL:

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
ADS C:\ProgramData\TEMP:1CE11B51 deleted successfully.
Folder C:\ProgramData\IAHBV\ not found.
Folder C:\ProgramData\384e50\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//about.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Exclude.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//LanguageSelection.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Message.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyAgttryCmd.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyAgttryNag.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyNotification.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//NOCLessUpdate.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//quarantine.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//ScanNow.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//strings.vbs/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Template.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Update.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//VirFound.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\*\ deleted successfully.
Invalid CLSID key: *
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\*\ not found.
Invalid CLSID key: *
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\betavscan\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\betavscan\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\vs\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\vs\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\www\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\www\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0BF43445-2F28-4351-9252-17FE6E806AA0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BF43445-2F28-4351-9252-17FE6E806AA0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "MyAshampoo Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "Ask.com" removed from browser.search.order.1
HKU\S-1-5-21-2338030867-1793448873-1332901503-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\First Home Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2338030867-1793448873-1332901503-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\temp\~_N4F96.tmp moved successfully.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Otakar Vavrečka
->Temp folder emptied: 26545485 bytes
->Temporary Internet Files folder emptied: 314601 bytes
->Java cache emptied: 147316 bytes
->FireFox cache emptied: 84304541 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 1177119 bytes
->Flash cache emptied: 4239 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 23014 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 107,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Otakar Vavrečka
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 12182010_080226

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
Blbý můžeš být,ale musíš si umět poradit...
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“