VIRY.CZ

Na virustotalu je ok, ale combofix ho také měnil a jeho chování se mi nelíbí.
BOhužel náhradní nemůžu sehnat.

Co je to za pc, stolní nebo notebook? Máte jeden disk a systém?

S tým spustením Mbr som to zle pochopil, ako sa o tom ďalej dozvedám na fóre a nete. No už mi to tak nepáli po tých 3 dňoch

Je to notebook HP 6730b. Mám jeden disk rozdelený klasicky na C, D. Ten "G" je virtuálny cez Alkohol 120%

Zkuste přeinstalovat HP Security Suite

Preinštaloval som HP Security Suite. Vykazoval mi chybu a preto, že som ho nepoužíval som tomu ani nevenoval pozornosť. Stiahol som tam najnovšiu verziu. Aké ďalšie testy mi odporúčate vykonať?

Máte s počítačem ještě nějaké problémy?

Udělejte znovu OTL s tím samým skriptem, ale asi to už bude v pořádku.

Stahněte z mého podpisu AVPTOOl http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

-Podle návodu nainstalujte a proveďte sken
-co najde nechejte léčit, mazat
-sken může trvat několik hodin
-vložte zde log z výsledky

Prikladám log z OTL

Znova keď som chcel spustiť OTL mi vyskočilo okno, že nemám dostatočné oprávnenie na spustenie programu, aj keď som bol prihlásená ako administrátor. Musel som ho spustiť pomocou RevoUninstaller PRO. Čím to môže byť?

Prvá časť logu :

OTL logfile created on: 2. 10. 2010 21:32:01 - Run 2
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\Administrator\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 71,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 11,96 Gb Free Space | 40,82% Space Free | Partition Type: NTFS
Drive D: | 203,59 Gb Total Space | 171,46 Gb Free Space | 84,22% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 2,68 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 3,73 Gb Total Space | 2,77 Gb Free Space | 74,16% Space Free | Partition Type: FAT32

Computer Name: KOVACIK
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.10.01 15:30:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
PRC - [2010.09.28 17:01:25 | 001,901,056 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2010.09.07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.04.13 10:40:54 | 000,358,456 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
PRC - [2010.04.02 21:58:35 | 000,603,904 | ---- | M] (TuneUp Software) -- C:\WINDOWS\system32\TUProgSt.exe
PRC - [2010.03.18 19:55:25 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe
PRC - [2010.03.05 11:08:42 | 000,256,616 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2010.01.18 06:06:06 | 000,078,592 | ---- | M] (Bioscrypt Inc.) -- C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
PRC - [2009.08.29 18:42:41 | 001,074,632 | ---- | M] (C. Ghisler & Co.) -- D:\Programy\totalcmd\TOTALCMD.EXE
PRC - [2009.07.29 12:43:50 | 001,201,400 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe
PRC - [2009.06.03 16:16:42 | 000,207,400 | ---- | M] (ActivIdentity) -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
PRC - [2009.06.03 16:16:34 | 000,153,640 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\acevents.exe
PRC - [2009.06.03 16:13:28 | 000,400,936 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
PRC - [2009.02.25 22:59:06 | 001,352,960 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\system32\oodag.exe
PRC - [2009.02.25 22:58:04 | 002,553,088 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\system32\oodtray.exe
PRC - [2008.08.26 19:02:24 | 000,014,336 | ---- | M] (Agere Systems) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.04.04 19:09:56 | 001,044,480 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2008.03.31 15:32:42 | 000,576,104 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.03.31 15:32:40 | 001,440,384 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2005.04.02 01:51:48 | 000,217,600 | ---- | M] (Rocket Division Software) -- D:\Programy\Alkohol Soft\Alcohol 120\StarWind\StarWindService.exe

========== Modules (SafeList) ==========

MOD - [2010.10.01 15:30:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
MOD - [2010.09.28 17:04:56 | 000,285,480 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll
MOD - [2010.01.18 05:59:14 | 000,089,856 | ---- | M] (Bioscrypt Inc.) -- C:\Program Files\Hewlett-Packard\IAM\Bin\APSHook.dll
MOD - [2008.04.14 05:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008.03.31 15:30:22 | 000,073,728 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
MOD - [2008.03.31 15:28:26 | 000,040,960 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll

========== Win32 Services (SafeList) ==========

SRV - [2010.09.28 17:01:25 | 001,901,056 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.04.13 10:36:32 | 000,045,056 | ---- | M] (Hewlett-Packard Development Company, L.P) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2010.04.02 21:58:35 | 000,603,904 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2010.04.02 21:58:33 | 000,360,192 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.03.05 11:08:42 | 000,256,616 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2010.01.18 05:59:28 | 000,192,768 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2010.01.18 05:59:20 | 000,150,272 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll -- (ASChannel)
SRV - [2009.07.29 12:43:50 | 001,201,400 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2009.06.03 16:16:42 | 000,207,400 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe -- (ac.sharedstore)
SRV - [2009.02.25 22:59:06 | 001,352,960 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\oodag.exe -- (O&O Defrag)
SRV - [2008.12.11 13:31:36 | 000,027,904 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008.08.26 19:02:24 | 000,014,336 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2005.04.02 01:51:48 | 000,217,600 | ---- | M] (Rocket Division Software) [Auto | Running] -- D:\Programy\Alkohol Soft\Alcohol 120\StarWind\StarWindService.exe -- (StarWindService)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- D:\Programy\SuperAntispyware\SABKUTIL.sys -- (SABKUTIL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010.09.28 17:04:54 | 000,091,560 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2010.09.28 17:04:53 | 000,025,240 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2010.09.28 17:04:51 | 000,239,240 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.05.10 20:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Programy\SuperAntispyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.03.05 11:09:08 | 000,051,480 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\SbAlg.sys -- (SbAlg)
DRV - [2010.03.05 11:09:00 | 000,013,032 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2010.03.05 11:08:58 | 000,012,600 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\rsvlock.sys -- (RsvLock)
DRV - [2010.02.17 20:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Programy\SuperAntispyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009.12.30 12:20:54 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009.11.16 10:10:22 | 004,221,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel(R)
DRV - [2009.07.29 13:00:52 | 000,482,176 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2009.03.09 10:36:58 | 006,278,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2009.02.20 02:20:34 | 000,109,216 | ---- | M] (SafeBoot International) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\SafeBoot.svs -- (SafeBoot)
DRV - [2008.11.21 21:53:40 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.07.23 11:31:38 | 000,044,800 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2008.04.28 20:22:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2008.04.13 21:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008.04.13 21:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008.04.13 21:46:10 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.04.11 20:19:42 | 000,338,944 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2008.04.03 16:40:44 | 000,879,624 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008.04.03 16:40:44 | 000,539,512 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008.04.03 16:40:44 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008.04.03 16:40:44 | 000,074,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008.04.03 16:40:44 | 000,055,352 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2008.04.03 16:40:44 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008.03.28 14:14:02 | 000,024,064 | ---- | M] (Sonic Focus, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfaudio.sys -- (SFAUDIO)
DRV - [2007.05.04 20:26:12 | 000,038,448 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\hotcore3.sys -- (hotcore3)
DRV - [2006.10.17 10:59:06 | 000,022,016 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2006.10.17 10:57:58 | 000,017,920 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2005.09.23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005.04.25 10:43:58 | 000,159,616 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Vax347b.sys -- (Vax347b)
DRV - [2004.04.30 09:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\Vax347s.sys -- (Vax347s)
DRV - [2004.03.24 04:12:34 | 000,017,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\nsndis5.sys -- (NSNDIS5)
DRV - [2001.10.24 11:46:48 | 000,097,120 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-220523388-117609710-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-220523388-117609710-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://google.sk"
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.5
FF - prefs.js..extensions.enabledItems: support@super-hide-ip.com:1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.3.2
FF - prefs.js..extensions.enabledItems: csfire@cs.kuleuven.be:0.8
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010.03.06 20:56:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: D:\Programy\Firefox\components [2010.09.19 20:56:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: D:\Programy\Firefox\plugins [2010.09.19 20:56:43 | 000,000,000 | ---D | M]

[2009.08.29 11:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions
[2010.10.01 22:37:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\myd1jj65.default\extensions
[2010.04.27 21:23:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\myd1jj65.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.09.22 09:09:06 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\myd1jj65.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010.09.25 08:53:36 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\myd1jj65.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2010.09.25 08:53:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\myd1jj65.default\extensions\csfire@cs.kuleuven.be
[2009.11.01 22:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\myd1jj65.default\extensions\dave2x@download
[2010.07.20 18:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\myd1jj65.default\extensions\support@super-hide-ip.com

O1 HOSTS File: ([2010.09.30 21:48:54 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [acevents] C:\Program Files\ActivIdentity\ActivClient\acevents.exe (ActivIdentity)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CognizanceTS] C:\Program Files\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Bioscrypt Inc.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe (HP)
O4 - HKLM..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe (O&O Software GmbH)
O4 - HKLM..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-220523388-117609710-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-220523388-117609710-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Nastavení aplikace &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 1542008234 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - D:\Programy\SuperAntispyware\SASWINLO.DLL - D:\Programy\SuperAntispyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\ackpbsc: DllName - C:\Program Files\ActivIdentity\ActivClient\ackpbsc.dll - C:\Program Files\ActivIdentity\ActivClient\ackpbsc.dll (ActivIdentity)
O20 - Winlogon\Notify\acunlock: DllName - C:\Program Files\ActivIdentity\ActivClient\acunlock.dll - C:\Program Files\ActivIdentity\ActivClient\acunlock.dll (ActivIdentity)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\OneCard: DllName - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Bioscrypt Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\Programy\SuperAntispyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.08.28 14:46:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\WINDOWS\System32\ffdshow.ax ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

Druhá časť logu z

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56308606093492224)

========== Files/Folders - Created Within 30 Days ==========

[2010.10.02 20:33:22 | 000,000,000 | ---D | C] -- C:\Program Files\Fingerprint Sensor
[2010.10.02 20:33:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\hpqLog
[2010.10.02 20:32:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ActivIdentity
[2010.10.02 20:32:27 | 000,000,000 | ---D | C] -- C:\Program Files\ActivIdentity
[2010.10.02 08:42:55 | 000,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Administrator\Plocha\RootRepeal.exe
[2010.10.01 22:25:13 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.10.01 22:25:13 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.10.01 22:25:11 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.10.01 22:25:10 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.10.01 22:25:09 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.10.01 22:25:09 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.10.01 22:25:08 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.10.01 22:24:56 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010.10.01 22:24:55 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.10.01 16:53:12 | 000,230,776 | ---- | C] (Alwil Software) -- C:\Documents and Settings\Administrator\Plocha\aswclear.exe
[2010.10.01 15:31:34 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2010.10.01 12:37:10 | 000,012,568 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\drivers\PROCEXP113.SYS
[2010.10.01 12:31:38 | 000,000,000 | --SD | C] -- C:\cokoliv.com21273c
[2010.10.01 12:14:47 | 000,000,000 | --SD | C] -- C:\cokoliv.com24528c
[2010.10.01 11:54:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2010.10.01 11:01:38 | 000,000,000 | ---D | C] -- C:\cokoliv.com
[2010.10.01 01:05:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.09.30 23:53:14 | 000,000,000 | -HSD | C] -- C:\RECYCLER(3)
[2010.09.30 23:21:26 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.09.30 21:39:53 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.09.30 21:39:53 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.09.30 21:39:53 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.09.30 21:39:53 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.09.30 21:14:18 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.09.30 19:58:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.09.30 19:55:32 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.09.29 17:35:28 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.09.29 17:35:27 | 000,000,000 | ---D | C] -- C:\rsit
[2010.09.26 15:44:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\SUPERAntiSpyware.com
[2010.09.26 15:15:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
[2010.09.24 00:20:44 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2010.09.14 12:20:16 | 000,000,000 | ---D | C] -- C:\Program Files\Network Stumbler
[2010.09.13 20:45:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\Návody
[2009.09.05 00:10:10 | 000,159,616 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\Vax347b.sys
[2009.09.05 00:10:10 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\Vax347s.sys
[2004.11.24 20:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.10.02 21:29:29 | 000,004,090 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.10.02 21:00:01 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.10.02 21:00:01 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010.10.02 21:00:01 | 000,000,484 | ---- | M] () -- C:\WINDOWS\tasks\Úklid 1 kliknutím.job
[2010.10.02 20:39:10 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.10.02 20:38:40 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.10.02 20:38:37 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.10.02 20:38:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.10.02 20:38:10 | 000,660,209 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2010.10.02 20:37:12 | 006,815,744 | ---- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010.10.02 20:37:12 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010.10.02 18:11:20 | 000,077,312 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\mbr.exe
[2010.10.02 15:51:30 | 013,033,472 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\Čas a účty1.mdb
[2010.10.02 08:46:09 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Administrator\settings.dat
[2010.10.02 07:57:45 | 001,247,734 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.10.02 07:57:45 | 000,530,292 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.10.02 07:57:45 | 000,523,488 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.10.02 07:57:45 | 000,117,506 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.10.02 07:57:45 | 000,100,938 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.10.01 22:25:13 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.10.01 22:25:09 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.10.01 16:22:22 | 000,230,776 | ---- | M] (Alwil Software) -- C:\Documents and Settings\Administrator\Plocha\aswclear.exe
[2010.10.01 15:30:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2010.10.01 12:52:56 | 005,757,528 | ---- | M] () -- C:\cokoliv.com.rar
[2010.10.01 12:37:10 | 000,012,568 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\drivers\PROCEXP113.SYS
[2010.10.01 12:00:03 | 000,176,361 | ---- | M] () -- C:\Qoobox.rar
[2010.10.01 01:22:28 | 026,447,872 | ---- | M] () -- C:\WINDOWS\System32\ONX
[2010.09.30 21:49:29 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.09.30 21:48:54 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.09.30 21:23:50 | 003,858,602 | R--- | M] () -- C:\Documents and Settings\Administrator\Plocha\cokoliv.com.exe
[2010.09.30 21:14:37 | 000,000,297 | RHS- | M] () -- C:\boot.ini
[2010.09.29 20:38:51 | 000,002,581 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Microsoft Office Word 2003.lnk
[2010.09.29 09:58:08 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.09.28 17:04:56 | 000,285,480 | ---- | M] (COMODO) -- C:\WINDOWS\System32\guard32.dll
[2010.09.28 17:04:54 | 000,091,560 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2010.09.28 17:04:53 | 000,025,240 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2010.09.28 17:04:52 | 000,015,592 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmderd.sys
[2010.09.28 17:04:51 | 000,239,240 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdGuard.sys
[2010.09.26 15:44:32 | 000,000,728 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\SUPERAntiSpyware Free Edition.lnk
[2010.09.25 14:38:26 | 000,003,059 | ---- | M] () -- C:\WINDOWS\VPlayer.INI
[2010.09.25 14:38:26 | 000,000,042 | ---- | M] () -- C:\WINDOWS\VplayerINI.vpl
[2010.09.25 14:38:06 | 000,035,328 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.23 08:49:05 | 000,000,012 | ---- | M] () -- C:\Documents and Settings\Administrator\intlname.ols
[2010.09.21 11:23:25 | 000,000,386 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2010.09.16 21:27:30 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2010.09.14 12:45:05 | 004,279,394 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\IconCache.db
[2010.09.13 20:39:01 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Microsoft Office Excel 2003.lnk
[2010.09.13 20:22:50 | 000,002,173 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.09.08 20:41:45 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Skratky na klávesnici.doc
[2010.09.07 17:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010.09.07 17:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.09.07 16:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.10.02 18:11:32 | 000,077,312 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\mbr.exe
[2010.10.02 18:01:52 | 000,000,238 | ---- | C] () -- C:\Documents and Settings\Administrator\mbr.log
[2010.10.02 08:46:09 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\settings.dat
[2010.10.01 23:03:39 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\gmer.exe
[2010.10.01 22:25:13 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.10.01 12:52:50 | 005,757,528 | ---- | C] () -- C:\cokoliv.com.rar
[2010.10.01 12:00:02 | 000,176,361 | ---- | C] () -- C:\Qoobox.rar
[2010.10.01 01:22:05 | 026,447,872 | ---- | C] () -- C:\WINDOWS\System32\ONX
[2010.09.30 23:52:38 | 006,815,744 | ---- | C] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010.09.30 21:39:53 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.09.30 21:39:53 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.09.30 21:39:53 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.09.30 21:39:53 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.09.30 21:39:53 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.09.30 21:22:23 | 003,858,602 | R--- | C] () -- C:\Documents and Settings\Administrator\Plocha\cokoliv.com.exe
[2010.09.30 21:14:37 | 000,000,211 | -HS- | C] () -- C:\BOOT.BAK
[2010.09.30 21:14:34 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2010.09.26 15:44:32 | 000,000,728 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\SUPERAntiSpyware Free Edition.lnk
[2010.09.08 20:37:51 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Skratky na klávesnici.doc
[2010.09.07 20:58:29 | 013,033,472 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\Čas a účty1.mdb
[2010.07.20 18:29:14 | 001,683,460 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\SuperHideIP_2.1.1.2.Setup.exe
[2010.06.24 08:46:11 | 000,326,600 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.03.05 11:08:56 | 000,109,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\SafeBoot.sys
[2010.02.05 17:15:08 | 000,000,386 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2010.02.01 14:39:39 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\vsmon1.dll
[2010.01.09 23:38:22 | 000,005,641 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\__FileUploader.log
[2009.12.27 22:35:53 | 000,247,824 | ---- | C] () -- C:\WINDOWS\System32\prgiso.dll
[2009.12.27 14:51:15 | 004,245,008 | ---- | C] () -- C:\WINDOWS\System32\qtp-mt334.dll
[2009.12.27 14:51:15 | 000,013,840 | ---- | C] () -- C:\WINDOWS\System32\wnaspi32.dll
[2009.12.02 19:31:36 | 000,000,334 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2009.10.31 00:54:05 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.08.29 18:19:40 | 000,004,090 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.08.29 17:43:05 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2009.08.29 09:53:14 | 000,035,328 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.08.29 09:35:27 | 000,029,132 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009.08.29 09:28:21 | 000,000,880 | ---- | C] () -- C:\WINDOWS\HBCIKRNL.INI
[2009.08.29 07:55:13 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4953.dll
[2009.08.28 16:58:06 | 000,000,382 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.12.19 16:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008.12.17 18:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008.12.17 18:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008.12.17 18:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.12.17 18:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008.12.17 17:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008.12.11 12:27:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008.03.31 15:30:34 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.04.03 22:30:00 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\scardsyn.dll
[2005.02.17 13:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005.02.17 13:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2004.10.03 18:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2003.05.05 11:59:38 | 000,003,059 | ---- | C] () -- C:\WINDOWS\VPlayer.INI
[2003.04.07 11:38:32 | 000,005,746 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.11.14 14:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1998.05.07 03:10:00 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\ODMA32.dll

========== LOP Check ==========

[2010.04.17 23:11:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\eXPert PDF 5
[2010.02.13 14:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\eXPert PDF Editor
[2009.09.01 22:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Foxit
[2010.02.28 16:38:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Foxit Software
[2010.07.20 18:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\FreeHideIP
[2010.08.16 16:22:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Kaspersky_Key_Finder_(KKF
[2010.07.20 18:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SuperHideIP
[2010.04.02 20:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Thinstall
[2009.09.04 21:09:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
[2010.10.01 01:05:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.02.01 14:35:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2010.02.01 14:39:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\eXPert PDF
[2010.02.13 15:25:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\eXPert PDF 5
[2010.02.01 14:39:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\eXPert PDF Jobs
[2010.07.20 18:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FreeHideIP
[2009.11.22 23:16:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2009.11.22 23:16:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Plus
[2009.11.06 23:02:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Ultimate Collection
[2009.11.22 23:16:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Studio 14
[2010.07.24 14:14:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SuperHideIP
[2010.04.02 20:03:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Thinstall
[2010.04.02 21:03:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2010.02.01 16:55:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\visagesoft
[2009.09.04 21:08:51 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[2010.04.02 21:35:04 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.10.02 21:00:01 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2010.10.02 21:00:01 | 000,000,484 | ---- | M] () -- C:\WINDOWS\Tasks\Úklid 1 kliknutím.job

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >
[3 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2009.08.29 17:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Adobe
[2009.10.20 22:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\CyberLink
[2010.04.17 23:11:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\eXPert PDF 5
[2010.02.13 14:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\eXPert PDF Editor
[2009.09.01 22:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Foxit
[2010.02.28 16:38:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Foxit Software
[2010.07.20 18:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\FreeHideIP
[2009.08.29 18:38:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Help
[2010.10.02 20:32:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\hpqLog
[2009.08.28 14:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Identities
[2009.08.29 08:16:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\InstallShield
[2010.08.16 16:22:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Kaspersky_Key_Finder_(KKF
[2009.08.29 17:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
[2009.10.25 14:40:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
[2010.07.15 20:22:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Media Player Classic
[2010.10.01 09:52:16 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
[2009.08.29 11:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
[2010.09.28 11:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Skype
[2010.09.28 11:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\skypePM
[2009.11.02 20:52:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sun
[2010.09.26 15:44:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SUPERAntiSpyware.com
[2010.07.20 18:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SuperHideIP
[2010.04.02 20:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Thinstall
[2009.09.04 21:09:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
[2010.03.16 03:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2010.07.20 18:29:14 | 001,683,460 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\SuperHideIP_2.1.1.2.Setup.exe
[2009.11.22 01:55:15 | 000,029,926 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe

< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.08.29 13:15:06 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009.08.29 13:15:06 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.08.29 13:15:06 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.08.29 13:15:06 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.08.29 13:15:06 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009.08.29 13:15:06 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.08.29 13:15:06 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009.08.29 13:15:06 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2009.08.29 13:15:06 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2009.08.29 13:15:06 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2009.08.29 13:15:06 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2009.08.29 13:15:06 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2001.10.25 14:00:00 | 000,481,792 | R--- | M] (Microsoft Corporation) MD5=0B7569ECA93964A39BEDCF763E78E22A -- C:\cmdcons\system32\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.03.05 11:08:56 | 000,109,288 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\SafeBoot.sys

< %systemroot%\System32\config\*.sav >
[2009.08.28 16:26:13 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.08.28 16:26:13 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.08.28 16:26:13 | 000,499,712 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >
[2010.10.01 12:37:10 | 000,012,568 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\system32\drivers\PROCEXP113.SYS

< %systemroot%\system32\*.* /3 >
[2010.10.01 22:25:09 | 000,002,553 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2010.10.01 01:22:28 | 026,447,872 | ---- | M] () -- C:\WINDOWS\system32\ONX
[2010.10.02 20:38:10 | 000,660,209 | ---- | M] () -- C:\WINDOWS\system32\oodbs.lor
[2010.10.02 07:57:45 | 000,117,506 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2010.10.02 07:57:45 | 000,100,938 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2010.10.02 07:57:45 | 000,523,488 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2010.10.02 07:57:45 | 000,530,292 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2010.10.02 07:57:45 | 001,247,734 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2010.10.02 20:39:10 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >

Mě se to furt nelíbí

Počkám co ten AVPtool.

Po dohodě s kolegou Milinessem udělejte ještě screen s HxD, zajímá mě sektor 0 a 62, a pak mi nahlaste, jestli máte ještě v jiných sektorech mezi 1-62 něco jiného než 0

Stáhněte HxD portable http://mh-nexus.de/en/downloads.php?product=HxD
-uložte ho na plochu
-rozbalte ho a program uložte přímo na disk C
-spustte ho
-klikněte na otevřít disk - zvolte pevné disky(fyzické disky) (nepoplette to)
-vyberte pevný disk 1
-do nabídky napište, který sektor chcete otevřít, potvrdíte enter, a budete přímo v tom sektoru
-napište mi, co máte na sektoru 0-62
-vložte screen ze sektorů 0 a 62

Aby jste měl představu, co hledat, takto vypadá můj 60.sektor, měly by tak vypadat všechny od 1-62, ale Vy je tak mít pravděpodobně nebudete.

Obrázek

edit// použití jiných programů

Dovolím se vetřít.
Na ten ovladač Safeboot.sys pozor!
Jedná se o součást ochrany dat šifrováním zaváděcího svazku (oddíl kde máte Windows) od SafeTech
a používá ho právě HP Security Suite. (je to obdoba BitLockeru od MS)
Také nepoužívejte soft pro opravu kódu v MBR sektoru nebo boot sektoru zaváděcího svazku (FIXMBR, FIXBOOT, Bootrec /fixmbr, bootrec /fixboot, bootkit remover a pod.)
Váš disk se systémem je šifrovaný a jakmile to uděláte, už se vám nepovede nastartovat počítač.
K datům se pak dá dostat pouze z live CD se speciálním nástrojem např. od McAfee (Endpoint Enryption)
a je to docela komplikované.
Speciální kód v MBR se stará o spuštění dešifrování při startu počítače a data v bootsektoru popisují šifrovaný svazek.
Jakmile se přepíšou, už není možno zavést systém.

Osobně bych dešifroval disk a odinstaloval šifrovací utilitu od HP (pokud nutně nepotřebujete chránit svá data v případě zcizení NB)
V případě, že byste se rozhodl přejít na novější verze Windows, volil bych BitLocker.
Je v mnoha ohledech bezpečnější a je tam i lepší podpora v případě potíží.

MiliNess, vďaka za info. Mám síce nainštalovaný HP Security Suite, ale disk som nezašifroval. Zatiaľ ten soft nepoužívam.

Tu je log z AVPtool :

Ja som nechal zasunutú aj flashku a odškrtol som virtuálny disk "G".

Autoscan: completed 15 minutes ago (events: 20, objects: 979177, time: 03:19:24)
2. 10. 2010 21:59:23 Task started
2. 10. 2010 23:19:33 Processing error K:\ZZZZZZZZ.ZZZ Read error
2. 10. 2010 23:19:33 Processing error K:\KAZOALI.DOK Read error
2. 10. 2010 23:40:59 Detected: Backdoor.Win32.Hupigon.mcuc D:\Instal\Avast prof+internetsecurity\ApaAiswms.rar/APaAIS_wms/Instalace/WinRAR_3.92/WinRAR 3.92/WinRAR 3.92.rar/WinRAR 3.92/wrar-x64-392cz.exe/Zip.SFX
2. 10. 2010 23:40:59 Untreated: Backdoor.Win32.Hupigon.mcuc D:\Instal\Avast prof+internetsecurity\ApaAiswms.rar/APaAIS_wms/Instalace/WinRAR_3.92/WinRAR 3.92/WinRAR 3.92.rar/WinRAR 3.92/wrar-x64-392cz.exe/Zip.SFX Write not supported
2. 10. 2010 23:41:15 Detected: Backdoor.Win32.Hupigon.mcuc D:\Instal\Avast prof+internetsecurity\ApaAiswms.rar/APaAIS_wms/Instalace/WinRAR_3.92/WinRAR 3.92/WinRAR 3.92.rar/WinRAR 3.92/wrar392cz.exe/Zip.SFX
2. 10. 2010 23:41:15 Untreated: Backdoor.Win32.Hupigon.mcuc D:\Instal\Avast prof+internetsecurity\ApaAiswms.rar/APaAIS_wms/Instalace/WinRAR_3.92/WinRAR 3.92/WinRAR 3.92.rar/WinRAR 3.92/wrar392cz.exe/Zip.SFX Write not supported
2. 10. 2010 23:41:19 Detected: Backdoor.Win32.Hupigon.mcuc D:\Instal\Avast prof+internetsecurity\ApaAiswms.rar/APaAIS_wms/Instalace/WinRAR_3.92/WinRAR 3.92/wrar-x64-392cz.exe By hash
2. 10. 2010 23:41:19 Untreated: Backdoor.Win32.Hupigon.mcuc D:\Instal\Avast prof+internetsecurity\ApaAiswms.rar/APaAIS_wms/Instalace/WinRAR_3.92/WinRAR 3.92/wrar-x64-392cz.exe Write not supported
2. 10. 2010 23:41:23 Detected: Backdoor.Win32.Hupigon.mcuc D:\Instal\Avast prof+internetsecurity\ApaAiswms.rar/APaAIS_wms/Instalace/WinRAR_3.92/WinRAR 3.92/wrar392cz.exe By hash
2. 10. 2010 23:41:23 Untreated: Backdoor.Win32.Hupigon.mcuc D:\Instal\Avast prof+internetsecurity\ApaAiswms.rar/APaAIS_wms/Instalace/WinRAR_3.92/WinRAR 3.92/wrar392cz.exe Write not supported
2. 10. 2010 23:43:36 Detected: HackTool.MSIL.KKFinder.v D:\Instal\Kaspersky Mobile Security for Symbian\Kaspersky key finder\Kaspersky Key Finder V1.5.0d.exe
2. 10. 2010 23:43:37 Deleted: HackTool.MSIL.KKFinder.v D:\Instal\Kaspersky Mobile Security for Symbian\Kaspersky key finder\Kaspersky Key Finder V1.5.0d.exe
2. 10. 2010 23:43:38 Detected: HackTool.MSIL.KKFinder.v D:\Instal\Kaspersky Mobile Security for Symbian\Kaspersky key finder\Kaspersky.Key.Finder.v1.5.0.rar/Kaspersky Key Finder V1.5.0d.exe
2. 10. 2010 23:43:38 Untreated: HackTool.MSIL.KKFinder.v D:\Instal\Kaspersky Mobile Security for Symbian\Kaspersky key finder\Kaspersky.Key.Finder.v1.5.0.rar/Kaspersky Key Finder V1.5.0d.exe Write not supported
2. 10. 2010 23:54:40 Detected: HackTool.MSIL.KKFinder.v D:\System Volume Information\_restore{0068B98B-8DF6-42AB-B91E-4D9711482E61}\RP361\A0077026.exe
2. 10. 2010 23:55:20 Deleted: HackTool.MSIL.KKFinder.v D:\System Volume Information\_restore{0068B98B-8DF6-42AB-B91E-4D9711482E61}\RP361\A0077026.exe
3. 10. 2010 1:18:41 Processing error K:\ZZZZZZZZ.ZZZ Read error
3. 10. 2010 1:18:42 Processing error K:\KAZOALI.DOK Read error
3. 10. 2010 1:18:47 Task completed

AVPtool môžem odinštalovať?

Vidím, že som asi doplatil na zvedavosť.

Vkladám HxD portable sektor 0

Sektor 62

HD 62.JPG: (216.59 KiB) Staženo 10 x

Od sektoru 1 po 56 mám všade O,
sektor 56 je

Sektor 56.JPG: (152.23 KiB) Staženo 10 x

Potom sú od 57 do 62 všade 0

VIRY.CZ

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu