Obsah fóra
PravidláRegistrovaťPrihlásenie




Odpovedať na tému [ Príspevkov: 30 ] 
AutorSpráva
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 11.01.08
Prihlásený: 15.03.10
Príspevky: 86
Témy: 15
Príspevok NapísalOffline : 21.10.2009 21:54

pri stahovani exe suboru mi avast zachytil vírus problem bol v tom že spojenie sa nedalo prerusit .pri spusteni avastu sa mi zobrazuje hlaska-neznama chyba program nemoze nahrat skin funkcia usiGetskin skoncila chybou .hijackthis som dala skontrolovat online.poradte prosim..


Offline

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0
Príspevok NapísalOffline : 22.10.2009 19:08

Co tak vytiahnut sietovy kabel... :roll:
HJT uz nestaci, je to zastarala utilita, ktora dnes sluzi len na zaverecny fix zbytocnosti. A kontrola logu na strankach, na ktorych robia hodnotenia laici podla svojej nalady? Nie, dakujem, neprosim.

Stiahni DDS. Uloz na plochu, ukonci vsetky spustene programy a spust ho. Po skonceni scanu sa otvoria vysledky v 2 oknach - DDS.txt a Attach.txt. Obsah oboch by som rad videl.


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 11.01.08
Prihlásený: 15.03.10
Príspevky: 86
Témy: 15
Príspevok Napísal autor témyOffline : 23.10.2009 17:44

pitimir píše:
Co tak vytiahnut sietovy kabel... :roll:
HJT uz nestaci, je to zastarala utilita, ktora dnes sluzi len na zaverecny fix zbytocnosti. A kontrola logu na strankach, na ktorych robia hodnotenia laici podla svojej nalady? Nie, dakujem, neprosim.

Stiahni DDS. Uloz na plochu, ukonci vsetky spustene programy a spust ho. Po skonceni scanu sa otvoria vysledky v 2 oknach - DDS.txt a Attach.txt. Obsah oboch by som rad videl.






ahoj log som vložila až teraz skôr som nemohla dik vopred:-)
DDS (Ver_09-10-13.01) - NTFSx86
Run by pici novakova at 17:41:21,65 on pi 23.10.2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1014.534 [GMT 2:00]

AV: BitDefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
AV: avast! antivirus 4.8.1356 [VPS 091022-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
FW: BitDefender Firewall *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\pici novakova\Desktop\dds.pif

============== Pseudo HJT Report ===============

uStart Page = hxxp://google.sk/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
EB: &Zdroje informácií: {ff059e31-cc5a-4e2e-bf3b-96e929d65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
uRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [RunNarrator] Narrator.exe
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/ ... mv9VCM.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\picino~1\applic~1\mozilla\firefox\profiles\31ln2572.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Wikipédia (sk)
FF - prefs.js: browser.startup.homepage - google.sk
FF - prefs.js: keyword.URL -
FF - plugin: c:\documents and settings\all users\application data\zylom\zylomgamesplayer\npzylomgamesplayer.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\tv joj media player\np_JOJ_netscape_player.dll
FF - plugin: c:\program files\tv joj media player\npplugin_netscape.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.default.XMLHttpRequest.channel", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.jit.chrome", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("security.checkloaduri", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("bidi.characterset", 1);
c:\program files\mozilla firefox\defaults\pref\channel-prefs.js - pref("app.update.channel", "release");
c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-10-22 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-10-22 20560]
R2 BcmSqlStartupSvc;Spúšacia služba produktu Business Contact Manager SQL Server;c:\program files\microsoft small business\business contact manager\BcmSqlStartupSvc.exe [2008-1-16 30312]
S2 gupdate1c99df8691be6ba;Služba Google Update (gupdate1c99df8691be6ba);c:\program files\google\update\GoogleUpdate.exe [2009-3-6 133104]
S3 CnxEtP;Conexant AccessRunner USB ADSL Adapter Filter Driver;c:\windows\system32\drivers\CnxEtP.sys [2008-2-17 131072]
S3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;c:\windows\system32\drivers\CnxEtU.sys [2008-2-17 614272]
S3 CnxTgNP;Conexant AccessRunner ADSL WAN PPPoE Adapter Driver;c:\windows\system32\drivers\CnxTgNP.sys [2008-2-17 60416]
S3 CrystalSysInfo;CrystalSysInfo;\??\c:\program files\mediacoder\sysinfo.sys --> c:\program files\mediacoder\SysInfo.sys [?]
S3 FXDrv32;FXDrv32;\??\d:\fxdrv32.sys --> d:\FXDrv32.sys [?]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2009-5-27 29262680]

=============== Created Last 30 ================

2009-10-23 12:42 <DIR> --d----- c:\program files\Zylom Games
2009-10-21 23:17 <DIR> --d----- c:\program files\ESET
2009-10-21 21:59 236,544 a------- c:\windows\PEV.exe
2009-10-21 21:59 161,792 a------- c:\windows\SWREG.exe
2009-10-21 21:59 98,816 a------- c:\windows\sed.exe
2009-10-21 21:59 <DIR> --d----- C:\ComboFix
2009-10-21 20:42 <DIR> --d----- c:\docume~1\picino~1\applic~1\ImTOO Software Studio
2009-10-21 20:41 <DIR> --d----- c:\program files\ImTOO
2009-10-21 19:53 417,638 a------- C:\output.mp3
2009-10-21 13:07 <DIR> --d----- c:\docume~1\picino~1\applic~1\Broad Intelligence
2009-10-21 13:05 <DIR> --d----- c:\program files\common files\Memeo
2009-10-21 13:04 <DIR> --d----- c:\docume~1\picino~1\applic~1\OpenCandy
2009-10-21 13:03 <DIR> --d----- c:\program files\MediaCoder
2009-10-21 12:36 <DIR> --d----- c:\program files\K-Lite Codec Pack
2009-10-20 22:50 <DIR> --d----- C:\DVDSlideshow
2009-10-20 22:50 1,271,296 a------- c:\windows\system32\cygxml2-2.dll
2009-10-20 22:50 1,015,128 a------- c:\windows\system32\cygiconv-2.dll
2009-10-20 22:50 455,680 a------- c:\windows\system32\mkisofs.exe
2009-10-20 22:50 62,976 a------- c:\windows\system32\cygz.dll
2009-10-20 22:50 1,140,617 a------- c:\windows\system32\cygwin1.dll
2009-10-20 22:50 369,152 a------- c:\windows\system32\cygfreetype-6.dll
2009-10-20 22:50 368,640 a------- c:\windows\system32\cdrecord.exe
2009-10-20 22:50 331,008 a------- c:\windows\system32\dvdauthor.exe
2009-10-20 22:50 323,242 a------- c:\windows\system32\spumux.exe
2009-10-20 22:50 176,640 a------- c:\windows\system32\cygpng12.dll
2009-10-20 21:47 <DIR> --d----- c:\documents and settings\pici novakova\dwhelper
2009-10-20 09:32 <DIR> --d----- c:\program files\MIT Media Lab
2009-10-19 22:29 <DIR> --d----- c:\windows\DQ Tycoon
2009-10-19 20:48 <DIR> --d----- c:\docume~1\alluse~1\applic~1\MythPeople
2009-10-19 20:48 <DIR> --d----- c:\program files\ReflexiveArcade
2009-10-19 15:35 <DIR> --d----- c:\documents and settings\pici novakova\Saved Games
2009-10-19 15:35 <DIR> --d----- c:\docume~1\picino~1\applic~1\Flood Light Games
2009-10-19 15:35 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Flood Light Games
2009-10-19 10:26 <DIR> --d----- c:\docume~1\alluse~1\applic~1\MumboJumbo
2009-10-19 10:24 <DIR> --d----- c:\docume~1\picino~1\applic~1\SpinTop
2009-10-16 21:45 <DIR> --d----- c:\windows\SQL9_KB970892_ENU
2009-10-16 08:47 65 a------- c:\windows\WaterIllusion.ini
2009-10-16 08:44 <DIR> --d----- c:\program files\Nufsoft
2009-10-16 04:17 1,435,648 -c------ c:\windows\system32\dllcache\query.dll
2009-10-16 04:16 58,880 -c------ c:\windows\system32\dllcache\msasn1.dll
2009-10-14 22:38 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Fugazo
2009-10-14 21:59 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Ludia
2009-10-14 21:58 <DIR> --d----- c:\windows\Hell's Kitchen
2009-10-12 20:36 136,192 -c------ c:\windows\system32\dllcache\msv1_0.dll
2009-10-12 20:36 92,928 -c------ c:\windows\system32\dllcache\ksecdd.sys
2009-10-12 20:36 54,272 -c------ c:\windows\system32\dllcache\wdigest.dll
2009-10-12 20:36 301,568 -c------ c:\windows\system32\dllcache\kerberos.dll
2009-10-12 18:28 281,760 a------- c:\windows\system32\drivers\atksgt.sys
2009-10-12 18:28 25,888 a------- c:\windows\system32\drivers\lirsgt.sys
2009-10-02 20:30 <DIR> --d----- c:\windows\DISNEY
2009-10-02 20:29 667 a------- c:\windows\disney.ini
2009-09-27 21:32 100,343 a------- c:\windows\moj font1.zip
2009-09-27 21:23 55,500 a------- c:\windows\SCRIPTBL.TTF
2009-09-27 20:50 200,704 a------- c:\windows\system32\threed32.ocx
2009-09-27 20:50 <DIR> --d----- c:\program files\FontPage

==================== Find3M ====================

2009-10-13 20:00 85,504 a------- c:\windows\system32\ff_vfw.dll
2009-09-11 16:18 136,192 a------- c:\windows\system32\msv1_0.dll
2009-09-04 23:03 58,880 a------- c:\windows\system32\msasn1.dll
2009-08-31 12:33 172,032 a------- c:\windows\system32\cncs32.dll
2009-08-29 10:08 916,480 -------- c:\windows\system32\wininet.dll
2009-08-26 10:00 247,326 a------- c:\windows\system32\strmdll.dll
2009-08-17 23:33 1,193,832 a------- c:\windows\system32\FM20.DLL
2009-08-16 17:08 178,176 a------- c:\windows\system32\unrar.dll
2009-08-05 11:01 204,800 a------- c:\windows\system32\mswebdvd.dll
2009-08-04 20:44 2,189,184 -------- c:\windows\system32\ntoskrnl.exe
2009-08-04 16:20 2,066,048 -------- c:\windows\system32\ntkrnlpa.exe
2009-07-27 19:06 0 a------- c:\program files\uziv.dat
2008-04-16 11:41 32 a------- c:\docume~1\alluse~1\applic~1\ezsid.dat
2005-07-05 17:47 40,448 a------- c:\documents and settings\pici novakova\trial_setup.exe
2008-09-17 20:57 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008091720080918\index.dat

============= FINISH: 17:41:51,70 ===============


Offline

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0
Príspevok NapísalOffline : 23.10.2009 18:53

No takto - bud sa dohodneme, ze odteraz uz NIC nebudes robit na vlastnu past (cize nic instalovat ani spustat), alebo sa nikam nepohneme :indicare:
Vidim spusteny CF a nainstalovanych more bezpecnostnych softov - smiem vediet preco?

1) Start -> Spustit -> (napis) notepad "C:\ComboFix.txt"
Enter. Otvori sa textak, jeho obsah sem skopiruj.


2) Aky antivirus, antispyware a firewall pouzivas?

Stiahni SecurityCheck. Spust ho a postupuj podla instrukcii. Nakoniec vyhodi log, ktory skopiruj sem.


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 11.01.08
Prihlásený: 15.03.10
Príspevky: 86
Témy: 15
Príspevok Napísal autor témyOffline : 23.10.2009 20:20

pitimir píše:
No takto - bud sa dohodneme, ze odteraz uz NIC nebudes robit na vlastnu past (cize nic instalovat ani spustat), alebo sa nikam nepohneme :indicare:
Vidim spusteny CF a nainstalovanych more bezpecnostnych softov - smiem vediet preco?

1) Start -> Spustit -> (napis) notepad "C:\ComboFix.txt"
Enter. Otvori sa textak, jeho obsah sem skopiruj.


2) Aky antivirus, antispyware a firewall pouzivas?

Stiahni SecurityCheck. Spust ho a postupuj podla instrukcii. Nakoniec vyhodi log, ktory skopiruj sem.







antivír avast home antispyware spybot +adaware firewalneviem:-)







tu je log Combo fix


ComboFix 09-10-20.03 - pici novakova 21.10.2009 22:01.1.1 - NTFSx86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1014.481 [GMT 2:00]
Running from: c:\documents and settings\pici novakova\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1351 [VPS 091021-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: BitDefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: BitDefender Firewall *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\pici novakova\adobe .com
c:\documents and settings\pici novakova\Application Data\Desktopicon
c:\documents and settings\pici novakova\Application Data\Desktopicon\config.ini
c:\documents and settings\pici novakova\Application Data\Desktopicon\eBay.ico
c:\documents and settings\pici novakova\Application Data\Desktopicon\eBayShortcuts.exe
c:\documents and settings\pici novakova\Application Data\Desktopicon\uninst.exe
c:\documents and settings\pici novakova\My Documents\cc_20090930_041817 30.09..reg
c:\recycler\S-1-5-21-1030307634-3021207344-1667101242-1004
c:\windows\Installer\a626d1.msp
c:\windows\system32\logs

.
((((((((((((((((((((((((( Files Created from 2009-09-21 to 2009-10-21 )))))))))))))))))))))))))))))))
.

2009-10-21 18:42 . 2009-10-21 18:42 -------- d-----w- c:\documents and settings\pici novakova\Application Data\ImTOO Software Studio
2009-10-21 18:41 . 2009-10-21 18:41 -------- d-----w- c:\program files\ImTOO
2009-10-21 11:13 . 2009-10-21 11:13 -------- d-----w- c:\documents and settings\pici novakova\Local Settings\Application Data\temp
2009-10-21 11:07 . 2009-10-21 11:07 -------- d-----w- c:\documents and settings\pici novakova\Application Data\Broad Intelligence
2009-10-21 11:05 . 2009-10-21 11:13 -------- d-----w- c:\program files\Common Files\Memeo
2009-10-21 11:04 . 2009-10-21 11:04 -------- d-----w- c:\documents and settings\pici novakova\Application Data\OpenCandy
2009-10-21 11:03 . 2009-10-21 11:12 -------- d-----w- c:\program files\MediaCoder
2009-10-20 20:50 . 2009-10-20 20:50 -------- d-----w- C:\DVDSlideshow
2009-10-20 20:50 . 2006-12-29 09:29 62976 ----a-w- c:\windows\system32\cygz.dll
2009-10-20 20:50 . 2006-12-29 09:29 1271296 ----a-w- c:\windows\system32\cygxml2-2.dll
2009-10-20 20:50 . 2006-12-29 09:29 1015128 ----a-w- c:\windows\system32\cygiconv-2.dll
2009-10-20 20:50 . 2006-12-04 11:48 455680 ----a-w- c:\windows\system32\mkisofs.exe
2009-10-20 20:50 . 2006-12-29 09:29 369152 ----a-w- c:\windows\system32\cygfreetype-6.dll
2009-10-20 20:50 . 2006-12-29 09:29 331008 ----a-w- c:\windows\system32\dvdauthor.exe
2009-10-20 20:50 . 2006-12-29 09:29 323242 ----a-w- c:\windows\system32\spumux.exe
2009-10-20 20:50 . 2006-12-29 09:29 176640 ----a-w- c:\windows\system32\cygpng12.dll
2009-10-20 20:50 . 2006-12-29 09:29 1140617 ----a-w- c:\windows\system32\cygwin1.dll
2009-10-20 20:50 . 2006-12-04 11:48 368640 ----a-w- c:\windows\system32\cdrecord.exe
2009-10-20 19:47 . 2009-10-20 19:47 -------- d-----w- c:\documents and settings\pici novakova\dwhelper
2009-10-20 07:32 . 2009-10-20 07:32 -------- d-----w- c:\program files\MIT Media Lab
2009-10-19 20:29 . 2009-10-19 20:29 -------- d-----w- c:\windows\DQ Tycoon
2009-10-19 18:48 . 2009-10-19 18:48 -------- d-----w- c:\documents and settings\All Users\Application Data\MythPeople
2009-10-19 18:48 . 2009-10-19 18:48 -------- d-----w- c:\program files\ReflexiveArcade
2009-10-19 13:35 . 2009-10-19 13:35 -------- d-----w- c:\documents and settings\pici novakova\Saved Games
2009-10-19 13:35 . 2009-10-19 13:35 -------- d-----w- c:\documents and settings\pici novakova\Application Data\Flood Light Games
2009-10-19 13:35 . 2009-10-19 13:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Flood Light Games
2009-10-19 08:26 . 2009-10-19 08:26 -------- d-----w- c:\documents and settings\All Users\Application Data\MumboJumbo
2009-10-19 08:24 . 2009-10-19 08:24 -------- d-----w- c:\documents and settings\pici novakova\Application Data\SpinTop
2009-10-16 19:45 . 2009-10-16 19:45 -------- d-----w- c:\windows\SQL9_KB970892_ENU
2009-10-16 06:44 . 2009-10-17 06:26 -------- d-----w- c:\program files\Nufsoft
2009-10-16 02:17 . 2009-07-17 16:22 1435648 -c----w- c:\windows\system32\dllcache\query.dll
2009-10-16 02:16 . 2009-09-04 21:03 58880 -c----w- c:\windows\system32\dllcache\msasn1.dll
2009-10-14 20:38 . 2009-10-14 20:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Fugazo
2009-10-14 19:59 . 2009-10-14 19:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Ludia
2009-10-14 19:58 . 2009-10-14 19:58 -------- d-----w- c:\windows\Hell's Kitchen
2009-10-12 18:36 . 2009-09-11 14:18 136192 -c----w- c:\windows\system32\dllcache\msv1_0.dll
2009-10-12 18:36 . 2009-06-25 08:25 54272 -c----w- c:\windows\system32\dllcache\wdigest.dll
2009-10-12 18:36 . 2009-06-24 11:18 92928 -c----w- c:\windows\system32\dllcache\ksecdd.sys
2009-10-12 18:36 . 2009-06-25 08:25 301568 -c----w- c:\windows\system32\dllcache\kerberos.dll
2009-10-12 16:30 . 2009-10-12 16:30 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2009-10-12 16:28 . 2009-10-12 16:30 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-10-12 16:28 . 2009-10-12 16:30 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-10-02 18:30 . 2009-10-02 18:33 -------- d-----w- c:\windows\DISNEY
2009-09-27 19:32 . 2009-09-27 19:32 100343 ----a-w- c:\windows\moj font1.zip
2009-09-27 18:50 . 2009-09-27 18:53 -------- d-----w- c:\program files\FontPage

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-21 10:39 . 2009-10-21 10:36 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-10-20 21:23 . 2008-12-07 18:51 -------- d-----w- c:\documents and settings\pici novakova\Application Data\Thinstall
2009-10-20 20:50 . 2008-04-17 07:39 72480 ----a-w- c:\documents and settings\pici novakova\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-20 07:43 . 2008-08-04 13:40 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-10-16 19:49 . 2007-10-25 09:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-10-16 19:46 . 2007-10-25 09:21 -------- d-----w- c:\program files\Microsoft SQL Server
2009-10-15 17:04 . 2009-08-16 17:36 -------- d-----w- c:\program files\Recepty doma
2009-10-13 18:00 . 2009-10-21 10:36 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-10-12 19:56 . 2008-11-22 11:09 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-12 19:56 . 2007-10-25 08:53 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-02 16:55 . 2008-04-16 09:41 -------- d-----w- c:\documents and settings\pici novakova\Application Data\skypePM
2009-09-16 20:51 . 2009-09-16 20:45 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-09-14 13:58 . 2009-04-01 11:08 -------- d-----w- c:\documents and settings\pici novakova\Application Data\Shape games
2009-09-12 19:40 . 2009-09-12 19:40 -------- d-----w- c:\documents and settings\pici novakova\Application Data\Photo DVD Maker
2009-09-12 19:40 . 2009-09-12 19:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Anvsoft
2009-09-11 17:02 . 2009-09-11 17:02 -------- d-----w- c:\program files\AGEIA Technologies
2009-09-11 14:18 . 2006-02-28 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-08 09:58 . 2009-09-08 09:58 -------- d-----w- c:\program files\PCP
2009-09-05 02:13 . 2009-09-05 02:13 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2009-09-04 21:03 . 2006-02-28 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-31 10:33 . 2009-08-31 10:33 172032 ----a-w- c:\windows\system32\cncs32.dll
2009-08-29 08:08 . 2007-10-03 18:01 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-26 08:00 . 2007-10-03 18:01 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-17 21:33 . 2009-08-17 21:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-17 16:10 . 2008-02-17 18:25 1279456 ----a-w- c:\windows\system32\aswBoot.exe
2009-08-17 16:06 . 2008-02-17 18:25 93392 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-08-17 16:06 . 2008-02-17 18:25 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-08-17 16:05 . 2008-03-30 04:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-08-17 16:05 . 2008-03-30 04:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-08-17 16:04 . 2008-02-17 18:25 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-08-17 16:04 . 2008-02-17 18:25 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-08-17 16:03 . 2008-02-17 18:25 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-08-17 16:02 . 2008-02-17 18:25 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-08-16 15:08 . 2009-10-21 10:36 178176 ----a-w- c:\windows\system32\unrar.dll
2009-08-05 09:01 . 2006-02-28 12:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 18:44 . 2007-10-03 18:00 2189184 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-04 14:20 . 2007-02-28 07:15 2066048 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-07-27 17:06 . 2009-07-27 17:06 0 ----a-w- c:\program files\uziv.dat
2009-07-25 03:23 . 2009-05-10 20:28 411368 ----a-w- c:\windows\system32\deploytk.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-04-20 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-04-20 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-04-20 138008]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2007-04-10 16126464]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" - c:\windows\system32\narrator.exe [2008-04-14 53760]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1136:UDP"= 1136:UDP:Windows Media Format SDK (Opera.exe)
"1137:UDP"= 1137:UDP:Windows Media Format SDK (Opera.exe)

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [30.3.2008 6:55 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [30.3.2008 6:55 20560]
S2 gupdate1c99df8691be6ba;Služba Google Update (gupdate1c99df8691be6ba);c:\program files\Google\Update\GoogleUpdate.exe [6.3.2009 3:10 133104]
S3 CnxEtP;Conexant AccessRunner USB ADSL Adapter Filter Driver;c:\windows\system32\drivers\CnxEtP.sys [17.2.2008 18:43 131072]
S3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;c:\windows\system32\drivers\CnxEtU.sys [17.2.2008 18:43 614272]
S3 CnxTgNP;Conexant AccessRunner ADSL WAN PPPoE Adapter Driver;c:\windows\system32\drivers\CnxTgNP.sys [17.2.2008 18:43 60416]
S3 FXDrv32;FXDrv32;\??\d:\fxdrv32.sys --> d:\FXDrv32.sys [?]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - CRYSTALSYSINFO
.
Contents of the 'Scheduled Tasks' folder

2009-10-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-06 01:10]

2009-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-06 01:10]

2009-10-21 c:\windows\Tasks\User_Feed_Synchronization-{C68D368B-22C1-45F0-B90C-D44451CF43DE}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://eu.ask.com?o=15015&l=dis
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\pici novakova\Application Data\Mozilla\Firefox\Profiles\31ln2572.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - google.sk
FF - prefs.js: keyword.URL -
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\TV JOJ Media Player\np_JOJ_netscape_player.dll
FF - plugin: c:\program files\TV JOJ Media Player\npplugin_netscape.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
- - - - ORPHANS REMOVED - - - -

AddRemove-eBay Icon - c:\documents and settings\pici novakova\Application Data\Desktopicon\uninst.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-21 22:06
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(616)
c:\windows\system32\igfxdev.dll
.
Completion time: 2009-10-21 22:09
ComboFix-quarantined-files.txt 2009-10-21 20:08

Pre-Run: 27 359 272 960 bytes free
Post-Run: 23 adresárov, 27 352 473 600 voľných bajtov

Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - A0DAFBA10A28E7E85234BAE0A0085698


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 11.01.08
Prihlásený: 15.03.10
Príspevky: 86
Témy: 15
Príspevok Napísal autor témyOffline : 23.10.2009 20:26

Results of screen317's Security Check version 0.99.0
Windows XP Service Pack 3
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
avast! Antivirus
ESET Online Scanner v3
avast! updated!
``````````````````````````````
Anti-malware/Other Utilities Check:

Ad-Aware
Spybot - Search & Destroy
HijackThis 2.0.2
CCleaner (remove only)
Java(TM) 6 Update 15
Adobe Flash Player 10
Adobe Reader 9.1.3
``````````````````````````````
Process Check:
objlist.exe by Laurent

Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe is disabled!
``````````````````````````````
DNS Vulnerability Check:

GREAT! (Not vulnerable to DNS cache poisoning)

`````````End of Log```````````


Offline

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0
Príspevok NapísalOffline : 23.10.2009 21:07

OK, podme teda nato...

1) Pouzi >>tento<< odinstalator.


2) Pouzi >>tento<< odinstalator.


3) Stiahni MbAM. Uloz na plochu, otvor "mbam-setup.exe" a nainstaluj. Updatuj. Potom spravis kompletny scan - co program najde, zmaz. Nasledny log vloz sem.


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 11.01.08
Prihlásený: 15.03.10
Príspevky: 86
Témy: 15
Príspevok Napísal autor témyOffline : 23.10.2009 21:48

pitimir píše:
OK, podme teda nato...

1) Pouzi >>tento<< odinstalator.


2) Pouzi >>tento<< odinstalator.


3) Stiahni MbAM. Uloz na plochu, otvor "mbam-setup.exe" a nainstaluj. Updatuj. Potom spravis kompletny scan - co program najde, zmaz. Nasledny log vloz sem.



















tu je log mbam
Malwarebytes' Anti-Malware 1.41
Verzia databázy: 3019
Windows 5.1.2600 Service Pack 3

23.10.2009 21:46:59
mbam-log-2009-10-23 (21-46-59).txt

Typ kontroly: Rýchla
Objektov kontrolovaných: 105940
Uplynutý cas: 6 minute(s), 17 second(s)

Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 0
Infikovaných súborov: 0

Infikovaných procesov pamäte:
(Žiadne škodlivé položky)

Infikovaných modulov pamäte:
(Žiadne škodlivé položky)

Infikovaných registracných klúcov:
(Žiadne škodlivé položky)

Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)

Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)

Infikovaných priecinkov:
(Žiadne škodlivé položky)

Infikovaných súborov:
(Žiadne škodlivé položky)


Offline

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0
Príspevok NapísalOffline : 24.10.2009 15:22

pitimir píše:
...Potom spravis kompletny scan...

biba5 píše:
Typ kontroly: Rýchla


Takze spravit komplet scan a potom log sem ;)


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 11.01.08
Prihlásený: 15.03.10
Príspevky: 86
Témy: 15
Príspevok Napísal autor témyOffline : 24.10.2009 21:42

Malwarebytes' Anti-Malware 1.41
Verzia databázy: 3019
Windows 5.1.2600 Service Pack 3

24.10.2009 21:29:02
mbam-log-2009-10-24 (21-29-02).txt

Typ kontroly: Úplná (C:\|)
Objektov kontrolovaných: 405837
Uplynutý cas: 3 hour(s), 44 minute(s), 2 second(s)

Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 0
Infikovaných súborov: 2

Infikovaných procesov pamäte:
(Žiadne škodlivé položky)

Infikovaných modulov pamäte:
(Žiadne škodlivé položky)

Infikovaných registracných klúcov:
(Žiadne škodlivé položky)

Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)

Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)

Infikovaných priecinkov:
(Žiadne škodlivé položky)

Infikovaných súborov:
C:\Qoobox\Quarantine\C\Documents and Settings\pici novakova\Application Data\Desktopicon\eBayShortcuts.exe.vir (Adware.ADON) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7B22510A-65D9-4808-A738-F149C4E82CF2}\RP1046\A0114813.exe (Adware.ADON) -> Quarantine


Offline

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0
Príspevok NapísalOffline : 25.10.2009 14:22

Zaloha CF a SVI - cize de facto nijaky nalez...Dalsie 2 kroky:

1) Stiahni a spust AVPTool. Vypracuj log podla navodu a vloz ho.


2) Stiahni RootRepeal. Spustis program, kliknes na "Report" -> "Scan" a zafajknes vsetky polozky. Stlac "OK" a spusti sa scan. Po jeho dokonceni klik na "Save Report" a vzniknuty log skopiruj sem.


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 11.01.08
Prihlásený: 15.03.10
Príspevky: 86
Témy: 15
Príspevok Napísal autor témyOffline : 25.10.2009 17:43

ok idem na to...


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 11.01.08
Prihlásený: 15.03.10
Príspevky: 86
Témy: 15
Príspevok Napísal autor témyOffline : 27.10.2009 5:49

mam to log root repeal avt tool som musela odinstalovat pretoze po scane som nevedela vytvorit log a znova nainstalovat kedze to trva niekolko hodin dufam že sa mi to dnes uz podari





ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2009/10/27 05:44
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: Aavmker4.SYS
Image Path: C:\WINDOWS\System32\Drivers\Aavmker4.SYS
Address: 0xF77EC000 Size: 19520 File Visible: - Signed: -
Status: -

Name: acig17r4.SYS
Image Path: C:\WINDOWS\System32\Drivers\acig17r4.SYS
Address: 0xF6877000 Size: 221184 File Visible: - Signed: -
Status: -

Name: ACPI.sys
Image Path: ACPI.sys
Address: 0xF7275000 Size: 187776 File Visible: - Signed: -
Status: -

Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -

Name: afd.sys
Image Path: C:\WINDOWS\System32\drivers\afd.sys
Address: 0xAA181000 Size: 138496 File Visible: - Signed: -
Status: -

Name: ajhojmtn.SYS
Image Path: C:\WINDOWS\System32\Drivers\ajhojmtn.SYS
Address: 0xF6A2A000 Size: 413696 File Visible: - Signed: -
Status: -

Name: aswFsBlk.sys
Image Path: C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys
Address: 0xF785C000 Size: 32768 File Visible: - Signed: -
Status: -

Name: aswMon2.SYS
Image Path: C:\WINDOWS\System32\Drivers\aswMon2.SYS
Address: 0xA9C9B000 Size: 87424 File Visible: - Signed: -
Status: -

Name: aswRdr.SYS
Image Path: C:\WINDOWS\System32\Drivers\aswRdr.SYS
Address: 0xA971D000 Size: 15136 File Visible: - Signed: -
Status: -

Name: aswSP.SYS
Image Path: C:\WINDOWS\System32\Drivers\aswSP.SYS
Address: 0xAA09F000 Size: 135168 File Visible: - Signed: -
Status: -

Name: aswTdi.SYS
Image Path: C:\WINDOWS\System32\Drivers\aswTdi.SYS
Address: 0xF75BC000 Size: 42592 File Visible: - Signed: -
Status: -

Name: atapi.sys
Image Path: atapi.sys
Address: 0xF722D000 Size: 98304 File Visible: - Signed: -
Status: -

Name: atapi.sys
Image Path: atapi.sys
Address: 0x00000000 Size: 0 File Visible: - Signed: -
Status: -

Name: atksgt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\atksgt.sys
Address: 0xA99AB000 Size: 274432 File Visible: - Signed: -
Status: -

Name: ATMFD.DLL
Image Path: C:\WINDOWS\System32\ATMFD.DLL
Address: 0xBFFA0000 Size: 286720 File Visible: - Signed: -
Status: -

Name: audstub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\audstub.sys
Address: 0xF7B71000 Size: 3072 File Visible: - Signed: -
Status: -

Name: Beep.SYS
Image Path: C:\WINDOWS\System32\Drivers\Beep.SYS
Address: 0xF7A02000 Size: 4224 File Visible: - Signed: -
Status: -

Name: BOOTVID.dll
Image Path: C:\WINDOWS\system32\BOOTVID.dll
Address: 0xF78CC000 Size: 12288 File Visible: - Signed: -
Status: -

Name: Cdfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Address: 0xF763C000 Size: 63744 File Visible: - Signed: -
Status: -

Name: cdrom.sys
Image Path: C:\WINDOWS\system32\DRIVERS\cdrom.sys
Address: 0xF76FC000 Size: 62976 File Visible: - Signed: -
Status: -

Name: CLASSPNP.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Address: 0xF74FC000 Size: 53248 File Visible: - Signed: -
Status: -

Name: disk.sys
Image Path: disk.sys
Address: 0xF74EC000 Size: 36352 File Visible: - Signed: -
Status: -

Name: drmk.sys
Image Path: C:\WINDOWS\system32\drivers\drmk.sys
Address: 0xF758C000 Size: 61440 File Visible: - Signed: -
Status: -

Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xA9FBF000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF7A22000 Size: 8192 File Visible: No Signed: -
Status: -

Name: Dxapi.sys
Image Path: C:\WINDOWS\System32\drivers\Dxapi.sys
Address: 0xAA297000 Size: 12288 File Visible: - Signed: -
Status: -

Name: dxg.sys
Image Path: C:\WINDOWS\System32\drivers\dxg.sys
Address: 0xBF000000 Size: 73728 File Visible: - Signed: -
Status: -

Name: dxgthk.sys
Image Path: C:\WINDOWS\System32\drivers\dxgthk.sys
Address: 0xF7AF9000 Size: 4096 File Visible: - Signed: -
Status: -

Name: fdc.sys
Image Path: C:\WINDOWS\system32\DRIVERS\fdc.sys
Address: 0xF780C000 Size: 27392 File Visible: - Signed: -
Status: -

Name: Fips.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fips.SYS
Address: 0xF75DC000 Size: 44544 File Visible: - Signed: -
Status: -

Name: fltmgr.sys
Image Path: fltmgr.sys
Address: 0xF720D000 Size: 129792 File Visible: - Signed: -
Status: -

Name: Fs_Rec.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Address: 0xF7A00000 Size: 7936 File Visible: - Signed: -
Status: -

Name: ftdisk.sys
Image Path: ftdisk.sys
Address: 0xF7245000 Size: 125056 File Visible: - Signed: -
Status: -

Name: hal.dll
Image Path: C:\WINDOWS\system32\hal.dll
Address: 0x806D0000 Size: 131840 File Visible: - Signed: -
Status: -

Name: HDAudBus.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
Address: 0xF6AFF000 Size: 151552 File Visible: - Signed: -
Status: -

Name: HIDCLASS.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS
Address: 0xF764C000 Size: 36864 File Visible: - Signed: -
Status: -

Name: HIDPARSE.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS
Address: 0xF77CC000 Size: 28672 File Visible: - Signed: -
Status: -

Name: hidusb.sys
Image Path: C:\WINDOWS\system32\DRIVERS\hidusb.sys
Address: 0xF67B5000 Size: 10368 File Visible: - Signed: -
Status: -

Name: HTTP.sys
Image Path: C:\WINDOWS\System32\Drivers\HTTP.sys
Address: 0xA92C3000 Size: 264832 File Visible: - Signed: -
Status: -

Name: i8042prt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Address: 0xF76DC000 Size: 52480 File Visible: - Signed: -
Status: -

Name: igxpdv32.DLL
Image Path: C:\WINDOWS\System32\igxpdv32.DLL
Address: 0xBF04E000 Size: 1720320 File Visible: - Signed: -
Status: -

Name: igxpdx32.DLL
Image Path: C:\WINDOWS\System32\igxpdx32.DLL
Address: 0xBF1F2000 Size: 2732032 File Visible: - Signed: -
Status: -

Name: igxpgd32.dll
Image Path: C:\WINDOWS\System32\igxpgd32.dll
Address: 0xBF024000 Size: 172032 File Visible: - Signed: -
Status: -

Name: igxpmp32.sys
Image Path: C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
Address: 0xF6B38000 Size: 5760096 File Visible: - Signed: -
Status: -

Name: igxprd32.dll
Image Path: C:\WINDOWS\System32\igxprd32.dll
Address: 0xBF012000 Size: 73728 File Visible: - Signed: -
Status: -

Name: imapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\imapi.sys
Address: 0xF76EC000 Size: 42112 File Visible: - Signed: -
Status: -

Name: intelppm.sys
Image Path: C:\WINDOWS\system32\DRIVERS\intelppm.sys
Address: 0xF76BC000 Size: 36352 File Visible: - Signed: -
Status: -

Name: ipnat.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipnat.sys
Address: 0xAA0C0000 Size: 152832 File Visible: - Signed: -
Status: -

Name: ipsec.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipsec.sys
Address: 0xAA24C000 Size: 75264 File Visible: - Signed: -
Status: -

Name: irda.sys
Image Path: C:\WINDOWS\system32\DRIVERS\irda.sys
Address: 0xA9DF1000 Size: 88192 File Visible: - Signed: -
Status: -

Name: irenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\irenum.sys
Address: 0xF7994000 Size: 11264 File Visible: - Signed: -
Status: -

Name: irsir.sys
Image Path: C:\WINDOWS\system32\DRIVERS\irsir.sys
Address: 0xF7814000 Size: 18688 File Visible: - Signed: -
Status: -

Name: isapnp.sys
Image Path: isapnp.sys
Address: 0xF74BC000 Size: 37248 File Visible: - Signed: -
Status: -

Name: kbdclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Address: 0xF781C000 Size: 24576 File Visible: - Signed: -
Status: -

Name: KDCOM.DLL
Image Path: C:\WINDOWS\system32\KDCOM.DLL
Address: 0xF79BC000 Size: 8192 File Visible: - Signed: -
Status: -

Name: kmixer.sys
Image Path: C:\WINDOWS\system32\drivers\kmixer.sys
Address: 0xA8F53000 Size: 172416 File Visible: - Signed: -
Status: -

Name: ks.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ks.sys
Address: 0xF6A8F000 Size: 143360 File Visible: - Signed: -
Status: -

Name: KSecDD.sys
Image Path: KSecDD.sys
Address: 0xF71E4000 Size: 92928 File Visible: - Signed: -
Status: -

Name: lirsgt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\lirsgt.sys
Address: 0xA9F67000 Size: 18560 File Visible: - Signed: -
Status: -

Name: mnmdd.SYS
Image Path: C:\WINDOWS\System32\Drivers\mnmdd.SYS
Address: 0xF7A04000 Size: 4224 File Visible: - Signed: -
Status: -

Name: mouclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mouclass.sys
Address: 0xF77A4000 Size: 23040 File Visible: - Signed: -
Status: -

Name: mouhid.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mouhid.sys
Address: 0xF67A5000 Size: 12160 File Visible: - Signed: -
Status: -

Name: MountMgr.sys
Image Path: MountMgr.sys
Address: 0xF74CC000 Size: 42368 File Visible: - Signed: -
Status: -

Name: mrxdav.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Address: 0xA9AB6000 Size: 180608 File Visible: - Signed: -
Status: -

Name: mrxsmb.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Address: 0xAA0E6000 Size: 455296 File Visible: - Signed: -
Status: -

Name: Msfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Msfs.SYS
Address: 0xF77DC000 Size: 19072 File Visible: - Signed: -
Status: -

Name: msgpc.sys
Image Path: C:\WINDOWS\system32\DRIVERS\msgpc.sys
Address: 0xF754C000 Size: 35072 File Visible: - Signed: -
Status: -

Name: mssmbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Address: 0xF7968000 Size: 15488 File Visible: - Signed: -
Status: -

Name: Mup.sys
Image Path: Mup.sys
Address: 0xF70FF000 Size: 105344 File Visible: - Signed: -
Status: -

Name: NDIS.sys
Image Path: NDIS.sys
Address: 0xF712A000 Size: 182656 File Visible: - Signed: -
Status: -

Name: ndistapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Address: 0xF795C000 Size: 10112 File Visible: - Signed: -
Status: -

Name: ndisuio.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Address: 0xA9F03000 Size: 14592 File Visible: - Signed: -
Status: -

Name: ndiswan.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Address: 0xF6860000 Size: 91520 File Visible: - Signed: -
Status: -

Name: NDProxy.SYS
Image Path: C:\WINDOWS\System32\Drivers\NDProxy.SYS
Address: 0xF756C000 Size: 40576 File Visible: - Signed: -
Status: -

Name: netbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbios.sys
Address: 0xF75CC000 Size: 34688 File Visible: - Signed: -
Status: -

Name: netbt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbt.sys
Address: 0xAA1A3000 Size: 162816 File Visible: - Signed: -
Status: -

Name: Npfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Npfs.SYS
Address: 0xF77E4000 Size: 30848 File Visible: - Signed: -
Status: -

Name: Ntfs.sys
Image Path: Ntfs.sys
Address: 0xF7157000 Size: 574976 File Visible: - Signed: -
Status: -

Name: ntkrnlpa.exe
Image Path: C:\WINDOWS\system32\ntkrnlpa.exe
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -

Name: Null.SYS
Image Path: C:\WINDOWS\System32\Drivers\Null.SYS
Address: 0xF7B8D000 Size: 2944 File Visible: - Signed: -
Status: -

Name: parport.sys
Image Path: C:\WINDOWS\system32\DRIVERS\parport.sys
Address: 0xF6AB2000 Size: 80128 File Visible: - Signed: -
Status: -

Name: PartMgr.sys
Image Path: PartMgr.sys
Address: 0xF7744000 Size: 19712 File Visible: - Signed: -
Status: -

Name: ParVdm.SYS
Image Path: C:\WINDOWS\System32\Drivers\ParVdm.SYS
Address: 0xF7A38000 Size: 6784 File Visible: - Signed: -
Status: -

Name: pci.sys
Image Path: pci.sys
Address: 0xF7264000 Size: 68224 File Visible: - Signed: -
Status: -

Name: PCI_PNP1056
Image Path: \Driver\PCI_PNP1056
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Name: pciide.sys
Image Path: pciide.sys
Address: 0xF7A84000 Size: 3328 File Visible: - Signed: -
Status: -

Name: PCIIDEX.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Address: 0xF773C000 Size: 28672 File Visible: - Signed: -
Status: -

Name: pclepci.sys
Image Path: C:\WINDOWS\system32\drivers\pclepci.sys
Address: 0xF6827000 Size: 14112 File Visible: - Signed: -
Status: -

Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -

Name: portcls.sys
Image Path: C:\WINDOWS\system32\drivers\portcls.sys
Address: 0xAA2A7000 Size: 147456 File Visible: - Signed: -
Status: -

Name: psched.sys
Image Path: C:\WINDOWS\system32\DRIVERS\psched.sys
Address: 0xF684F000 Size: 69120 File Visible: - Signed: -
Status: -

Name: ptilink.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ptilink.sys
Address: 0xF7794000 Size: 17792 File Visible: - Signed: -
Status: -

Name: PxHelp20.sys
Image Path: PxHelp20.sys
Address: 0xF750C000 Size: 35712 File Visible: - Signed: -
Status: -

Name: rasacd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasacd.sys
Address: 0xF6843000 Size: 8832 File Visible: - Signed: -
Status: -

Name: rasirda.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasirda.sys
Address: 0xF78C4000 Size: 19584 File Visible: - Signed: -
Status: -

Name: rasl2tp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Address: 0xF771C000 Size: 51328 File Visible: - Signed: -
Status: -

Name: raspppoe.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Address: 0xF772C000 Size: 41472 File Visible: - Signed: -
Status: -

Name: raspptp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspptp.sys
Address: 0xF753C000 Size: 48384 File Visible: - Signed: -
Status: -

Name: raspti.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspti.sys
Address: 0xF779C000 Size: 16512 File Visible: - Signed: -
Status: -

Name: RAW
Image Path: \FileSystem\RAW
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -

Name: rdbss.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdbss.sys
Address: 0xAA156000 Size: 175744 File Visible: - Signed: -
Status: -

Name: RDPCDD.sys
Image Path: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Address: 0xF7A06000 Size: 4224 File Visible: - Signed: -
Status: -

Name: redbook.sys
Image Path: C:\WINDOWS\system32\DRIVERS\redbook.sys
Address: 0xF770C000 Size: 57600 File Visible: - Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xA918B000 Size: 49152 File Visible: No Signed: -
Status: -

Name: rspndr.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rspndr.sys
Address: 0xA9FF7000 Size: 62336 File Visible: - Signed: -
Status: -

Name: RtkHDAud.sys
Image Path: C:\WINDOWS\system32\drivers\RtkHDAud.sys
Address: 0xAA2CB000 Size: 4542464 File Visible: - Signed: -
Status: -

Name: Rtnicxp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
Address: 0xF6AC6000 Size: 85120 File Visible: - Signed: -
Status: -

Name: SCSIPORT.SYS
Image Path: C:\WINDOWS\System32\Drivers\SCSIPORT.SYS
Address: 0xF72A3000 Size: 98304 File Visible: - Signed: -
Status: -

Name: secdrv.sys
Image Path: C:\WINDOWS\system32\DRIVERS\secdrv.sys
Address: 0xA9B2B000 Size: 40960 File Visible: - Signed: -
Status: -

Name: serenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\serenum.sys
Address: 0xF7990000 Size: 15744 File Visible: - Signed: -
Status: -

Name: serial.sys
Image Path: C:\WINDOWS\system32\DRIVERS\serial.sys
Address: 0xF76CC000 Size: 64512 File Visible: - Signed: -
Status: -

Name: sfdrv01.sys
Image Path: sfdrv01.sys
Address: 0xF7119000 Size: 69632 File Visible: - Signed: -
Status: -

Name: sfhlp02.sys
Image Path: sfhlp02.sys
Address: 0xF7754000 Size: 32768 File Visible: - Signed: -
Status: -

Name: sfsync02.sys
Image Path: sfsync02.sys
Address: 0xF774C000 Size: 20544 File Visible: - Signed: -
Status: -

Name: spjy.sys
Image Path: spjy.sys
Address: 0xF72BB000 Size: 1048576 File Visible: No Signed: -
Status: -

Name: sptd
Image Path: \Driver\sptd
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Name: sr.sys
Image Path: sr.sys
Address: 0xF71FB000 Size: 73472 File Visible: - Signed: -
Status: -

Name: srv.sys
Image Path: C:\WINDOWS\system32\DRIVERS\srv.sys
Address: 0xA9841000 Size: 333952 File Visible: - Signed: -
Status: -

Name: swenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\swenum.sys
Address: 0xF79F8000 Size: 4352 File Visible: - Signed: -
Status: -

Name: sysaudio.sys
Image Path: C:\WINDOWS\system32\drivers\sysaudio.sys
Address: 0xA95C9000 Size: 60800 File Visible: - Signed: -
Status: -

Name: tcpip.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tcpip.sys
Address: 0xAA1F3000 Size: 361600 File Visible: - Signed: -
Status: -

Name: TDI.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\TDI.SYS
Address: 0xF775C000 Size: 20480 File Visible: - Signed: -
Status: -

Name: termdd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\termdd.sys
Address: 0xF755C000 Size: 40704 File Visible: - Signed: -
Status: -

Name: update.sys
Image Path: C:\WINDOWS\system32\DRIVERS\update.sys
Address: 0xF67C9000 Size: 384768 File Visible: - Signed: -
Status: -

Name: USBD.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBD.SYS
Address: 0xF79FE000 Size: 8192 File Visible: - Signed: -
Status: -

Name: usbehci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbehci.sys
Address: 0xF7804000 Size: 30208 File Visible: - Signed: -
Status: -

Name: usbhub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbhub.sys
Address: 0xF759C000 Size: 59520 File Visible: - Signed: -
Status: -

Name: USBPORT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS
Address: 0xF6ADB000 Size: 147456 File Visible: - Signed: -
Status: -

Name: USBSTOR.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
Address: 0xF7824000 Size: 26368 File Visible: - Signed: -
Status: -

Name: usbuhci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbuhci.sys
Address: 0xF77FC000 Size: 20608 File Visible: - Signed: -
Status: -

Name: vga.sys
Image Path: C:\WINDOWS\System32\drivers\vga.sys
Address: 0xF77D4000 Size: 20992 File Visible: - Signed: -
Status: -

Name: VIDEOPRT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS
Address: 0xF6B24000 Size: 81920 File Visible: - Signed: -
Status: -

Name: VolSnap.sys
Image Path: VolSnap.sys
Address: 0xF74DC000 Size: 52352 File Visible: - Signed: -
Status: -

Name: wanarp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\wanarp.sys
Address: 0xF75EC000 Size: 34560 File Visible: - Signed: -
Status: -

Name: watchdog.sys
Image Path: C:\WINDOWS\System32\watchdog.sys
Address: 0xF783C000 Size: 20480 File Visible: - Signed: -
Status: -

Name: wdmaud.sys
Image Path: C:\WINDOWS\system32\drivers\wdmaud.sys
Address: 0xA950C000 Size: 83072 File Visible: - Signed: -
Status: -

Name: Win32k
Image Path: \Driver\Win32k
Address: 0xBF800000 Size: 1847296 File Visible: - Signed: -
Status: -

Name: win32k.sys
Image Path: C:\WINDOWS\System32\win32k.sys
Address: 0xBF800000 Size: 1847296 File Visible: - Signed: -
Status: -

Name: WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\WMILIB.SYS
Address: 0xF79BE000 Size: 8192 File Visible: - Signed: -
Status: -

Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 11.01.08
Prihlásený: 15.03.10
Príspevky: 86
Témy: 15
Príspevok Napísal autor témyOffline : 27.10.2009 6:04

jej sa ospravedlnujem tu je spravny log root




ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2009/10/27 06:01
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xAA087000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF7A04000 Size: 8192 File Visible: No Signed: -
Status: -

Name: PCI_PNP2688
Image Path: \Driver\PCI_PNP2688
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xA9D11000 Size: 49152 File Visible: No Signed: -
Status: -

Name: sppo.sys
Image Path: sppo.sys
Address: 0xF72BB000 Size: 1048576 File Visible: No Signed: -
Status: -

Name: sptd
Image Path: \Driver\sptd
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

SSDT
-------------------
#: 025 Function Name: NtClose
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xaa0a76b8

#: 041 Function Name: NtCreateKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xaa0a7574

#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xaa0a7a52

#: 068 Function Name: NtDuplicateObject
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xaa0a714c

#: 071 Function Name: NtEnumerateKey
Status: Hooked by "sppo.sys" at address 0xf72daca2

#: 073 Function Name: NtEnumerateValueKey
Status: Hooked by "sppo.sys" at address 0xf72db030

#: 119 Function Name: NtOpenKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xaa0a764e

#: 122 Function Name: NtOpenProcess
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xaa0a708c

#: 128 Function Name: NtOpenThread
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xaa0a70f0

#: 160 Function Name: NtQueryKey
Status: Hooked by "sppo.sys" at address 0xf72db108

#: 177 Function Name: NtQueryValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xaa0a776e

#: 204 Function Name: NtRestoreKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xaa0a772e

#: 247 Function Name: NtSetValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xaa0a78ae

Stealth Objects
-------------------
Object: Hidden Code [Driver: Ntfs, IRP_MJ_CREATE]
Process: System Address: 0x86fd91f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLOSE]
Process: System Address: 0x86fd91f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_READ]
Process: System Address: 0x86fd91f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_WRITE]
Process: System Address: 0x86fd91f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x86fd91f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x86fd91f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_EA]
Process: System Address: 0x86fd91f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_EA]
Process: System Address: 0x86fd91f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x86fd91f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x86fd91f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x86fd91f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x86fd91f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x86fd91f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x86fd91f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SHUTDOWN]
Process: System Address: 0x86fd91f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x86fd91f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLEANUP]
Process: System Address: 0x86fd91f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x86fd91f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_SECURITY]
Process: System Address: 0x86fd91f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x86fd91f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_QUOTA]
Process: System Address: 0x86fd91f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_PNP]
Process: System Address: 0x86fd91f8 Size: 121

Object: Hidden Code [Driver: aemxb52gЅ౨瑎晦܂Èੈ, IRP_MJ_CREATE]
Process: System Address: 0x86ceb500 Size: 121

Object: Hidden Code [Driver: aemxb52gЅ౨瑎晦܂Èੈ, IRP_MJ_CLOSE]
Process: System Address: 0x86ceb500 Size: 121

Object: Hidden Code [Driver: aemxb52gЅ౨瑎晦܂Èੈ, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x86ceb500 Size: 121

Object: Hidden Code [Driver: aemxb52gЅ౨瑎晦܂Èੈ, IRP_MJ_POWER]
Process: System Address: 0x86ceb500 Size: 121

Object: Hidden Code [Driver: aemxb52gЅ౨瑎晦܂Èੈ, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x86ceb500 Size: 121

Object: Hidden Code [Driver: aemxb52gЅ౨瑎晦܂Èੈ, IRP_MJ_PNP]
Process: System Address: 0x86ceb500 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE]
Process: System Address: 0x86d801f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLOSE]
Process: System Address: 0x86d801f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_READ]
Process: System Address: 0x86d801f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_WRITE]
Process: System Address: 0x86d801f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x86d801f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x86d801f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x86d801f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SHUTDOWN]
Process: System Address: 0x86d801f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_POWER]
Process: System Address: 0x86d801f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x86d801f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_PNP]
Process: System Address: 0x86d801f8 Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_CREATE]
Process: System Address: 0x86d6e1f8 Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_CLOSE]
Process: System Address: 0x86d6e1f8 Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_READ]
Process: System Address: 0x86d6e1f8 Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_WRITE]
Process: System Address: 0x86d6e1f8 Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x86d6e1f8 Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_POWER]
Process: System Address: 0x86d6e1f8 Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x86d6e1f8 Size: 121

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_PNP]
Process: System Address: 0x86d6e1f8 Size: 121

Object: Hidden Code [Driver: usbuhci, IRP_MJ_CREATE]
Process: System Address: 0x86de61f8 Size: 121

Object: Hidden Code [Driver: usbuhci, IRP_MJ_CLOSE]
Process: System Address: 0x86de61f8 Size: 121

Object: Hidden Code [Driver: usbuhci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x86de61f8 Size: 121

Object: Hidden Code [Driver: usbuhci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x86de61f8 Size: 121

Object: Hidden Code [Driver: usbuhci, IRP_MJ_POWER]
Process: System Address: 0x86de61f8 Size: 121

Object: Hidden Code [Driver: usbuhci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x86de61f8 Size: 121

Object: Hidden Code [Driver: usbuhci, IRP_MJ_PNP]
Process: System Address: 0x86de61f8 Size: 121

Object: Hidden Code [Driver: i804, IRP_MJ_CREATE]
Process: System Address: 0x86bca1f8 Size: 121

Object: Hidden Code [Driver: i804, IRP_MJ_CLOSE]
Process: System Address: 0x86bca1f8 Size: 121

Object: Hidden Code [Driver: i804, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x86bca1f8 Size: 121

Object: Hidden Code [Driver: i804, IRP_MJ_POWER]
Process: System Address: 0x86bca1f8 Size: 121

Object: Hidden Code [Driver: i804, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x86bca1f8 Size: 121

Object: Hidden Code [Driver: i804, IRP_MJ_PNP]
Process: System Address: 0x86bca1f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CREATE]
Process: System Address: 0x86f6e1f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_READ]
Process: System Address: 0x86f6e1f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_WRITE]
Process: System Address: 0x86f6e1f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x86f6e1f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x86f6e1f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x86f6e1f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SHUTDOWN]
Process: System Address: 0x86f6e1f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CLEANUP]
Process: System Address: 0x86f6e1f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_POWER]
Process: System Address: 0x86f6e1f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x86f6e1f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_PNP]
Process: System Address: 0x86f6e1f8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_CREATE]
Process: System Address: 0x8667b1f8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_CLOSE]
Process: System Address: 0x8667b1f8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8667b1f8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8667b1f8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_CLEANUP]
Process: System Address: 0x8667b1f8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_PNP]
Process: System Address: 0x8667b1f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_CREATE]
Process: System Address: 0x86df91f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_CLOSE]
Process: System Address: 0x86df91f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x86df91f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x86df91f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_POWER]
Process: System Address: 0x86df91f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x86df91f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_PNP]
Process: System Address: 0x86df91f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_NAMED_PIPE]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLOSE]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_READ]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_WRITE]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_EA]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_EA]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SHUTDOWN]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLEANUP]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_MAILSLOT]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_SECURITY]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_POWER]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CHANGE]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_QUOTA]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_PNP]
Process: System Address: 0x866611f8 Size: 121

Object: Hidden Code [Driver: CdfsЅ捃䙐視곈Ђఅ䵃䥖˜ꠙ, IRP_MJ_CREATE]
Process: System Address: 0x86a6d500 Size: 121

Object: Hidden Code [Driver: CdfsЅ捃䙐視곈Ђఅ䵃䥖˜ꠙ, IRP_MJ_CLOSE]
Process: System Address: 0x86a6d500 Size: 121

Object: Hidden Code [Driver: CdfsЅ捃䙐視곈Ђఅ䵃䥖˜ꠙ, IRP_MJ_READ]
Process: System Address: 0x86a6d500 Size: 121

Object: Hidden Code [Driver: CdfsЅ捃䙐視곈Ђఅ䵃䥖˜ꠙ, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x86a6d500 Size: 121

Object: Hidden Code [Driver: CdfsЅ捃䙐視곈Ђఅ䵃䥖˜ꠙ, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x86a6d500 Size: 121

Object: Hidden Code [Driver: CdfsЅ捃䙐視곈Ђఅ䵃䥖˜ꠙ, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x86a6d500 Size: 121

Object: Hidden Code [Driver: CdfsЅ捃䙐視곈Ђఅ䵃䥖˜ꠙ, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x86a6d500 Size: 121

Object: Hidden Code [Driver: CdfsЅ捃䙐視곈Ђఅ䵃䥖˜ꠙ, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x86a6d500 Size: 121

Object: Hidden Code [Driver: CdfsЅ捃䙐視곈Ђఅ䵃䥖˜ꠙ, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x86a6d500 Size: 121

Object: Hidden Code [Driver: CdfsЅ捃䙐視곈Ђఅ䵃䥖˜ꠙ, IRP_MJ_SHUTDOWN]
Process: System Address: 0x86a6d500 Size: 121

Object: Hidden Code [Driver: CdfsЅ捃䙐視곈Ђఅ䵃䥖˜ꠙ, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x86a6d500 Size: 121

Object: Hidden Code [Driver: CdfsЅ捃䙐視곈Ђఅ䵃䥖˜ꠙ, IRP_MJ_CLEANUP]
Process: System Address: 0x86a6d500 Size: 121

Object: Hidden Code [Driver: CdfsЅ捃䙐視곈Ђఅ䵃䥖˜ꠙ, IRP_MJ_PNP]
Process: System Address: 0x86a6d500 Size: 121

==EOF==


Offline

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0
Príspevok NapísalOffline : 27.10.2009 15:49

OK, teraz ta poprosim o novy log z ComboFixu a domazeme posledne zvysky.


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 11.01.08
Prihlásený: 15.03.10
Príspevky: 86
Témy: 15
Príspevok Napísal autor témyOffline : 27.10.2009 17:12

ComboFix 09-10-26.06 - pici novakova 27.10.2009 17:01.4.1 - NTFSx86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1014.606 [GMT 1:00]
Running from: c:\documents and settings\pici novakova\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1356 [VPS 091026-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: BitDefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: BitDefender Firewall *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-09-27 to 2009-10-27 )))))))))))))))))))))))))))))))
.

2009-10-27 15:44 . 2008-04-13 18:40 96512 -c--a-w- c:\windows\system32\dllcache\atapi.sys
2009-10-27 15:44 . 2008-04-13 18:40 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
2009-10-25 17:29 . 2009-10-27 09:36 38518816 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-10-23 19:22 . 2009-10-23 19:22 -------- d-----w- c:\documents and settings\pici novakova\Application Data\Malwarebytes
2009-10-23 19:22 . 2009-10-23 19:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-23 10:42 . 2009-10-23 10:42 -------- d-----w- c:\program files\Zylom Games
2009-10-22 17:35 . 2009-09-15 10:54 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-10-22 17:35 . 2009-09-15 10:54 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-10-22 17:35 . 2009-09-15 10:53 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-10-22 17:35 . 2009-09-15 10:53 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-10-22 17:35 . 2009-09-15 10:56 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-10-22 17:35 . 2009-09-15 10:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-10-22 17:35 . 2009-09-15 10:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-10-22 17:35 . 2009-09-15 10:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-10-22 17:35 . 2009-09-15 10:59 1279968 ----a-w- c:\windows\system32\aswBoot.exe
2009-10-21 18:42 . 2009-10-21 18:42 -------- d-----w- c:\documents and settings\pici novakova\Application Data\ImTOO Software Studio
2009-10-21 18:41 . 2009-10-21 18:41 -------- d-----w- c:\program files\ImTOO
2009-10-21 11:13 . 2009-10-21 11:13 -------- d-----w- c:\documents and settings\pici novakova\Local Settings\Application Data\temp
2009-10-21 11:07 . 2009-10-21 11:12 -------- d-----w- c:\documents and settings\pici novakova\Application Data\Broad Intelligence
2009-10-21 11:05 . 2009-10-21 11:13 -------- d-----w- c:\program files\Common Files\Memeo
2009-10-21 11:04 . 2009-10-21 11:04 -------- d-----w- c:\documents and settings\pici novakova\Application Data\OpenCandy
2009-10-21 11:03 . 2009-10-21 11:12 -------- d-----w- c:\program files\MediaCoder
2009-10-20 20:50 . 2009-10-20 20:50 -------- d-----w- C:\DVDSlideshow
2009-10-20 20:50 . 2006-12-29 09:29 62976 ----a-w- c:\windows\system32\cygz.dll
2009-10-20 20:50 . 2006-12-29 09:29 1271296 ----a-w- c:\windows\system32\cygxml2-2.dll
2009-10-20 20:50 . 2006-12-29 09:29 1015128 ----a-w- c:\windows\system32\cygiconv-2.dll
2009-10-20 20:50 . 2006-12-04 11:48 455680 ----a-w- c:\windows\system32\mkisofs.exe
2009-10-20 20:50 . 2006-12-29 09:29 369152 ----a-w- c:\windows\system32\cygfreetype-6.dll
2009-10-20 20:50 . 2006-12-29 09:29 331008 ----a-w- c:\windows\system32\dvdauthor.exe
2009-10-20 20:50 . 2006-12-29 09:29 323242 ----a-w- c:\windows\system32\spumux.exe
2009-10-20 20:50 . 2006-12-29 09:29 176640 ----a-w- c:\windows\system32\cygpng12.dll
2009-10-20 20:50 . 2006-12-29 09:29 1140617 ----a-w- c:\windows\system32\cygwin1.dll
2009-10-20 20:50 . 2006-12-04 11:48 368640 ----a-w- c:\windows\system32\cdrecord.exe
2009-10-20 19:47 . 2009-10-20 19:47 -------- d-----w- c:\documents and settings\pici novakova\dwhelper
2009-10-20 07:32 . 2009-10-20 07:32 -------- d-----w- c:\program files\MIT Media Lab
2009-10-19 20:29 . 2009-10-19 20:29 -------- d-----w- c:\windows\DQ Tycoon
2009-10-19 18:48 . 2009-10-19 18:48 -------- d-----w- c:\documents and settings\All Users\Application Data\MythPeople
2009-10-19 18:48 . 2009-10-19 18:48 -------- d-----w- c:\program files\ReflexiveArcade
2009-10-19 13:35 . 2009-10-19 13:35 -------- d-----w- c:\documents and settings\pici novakova\Saved Games
2009-10-19 13:35 . 2009-10-19 13:35 -------- d-----w- c:\documents and settings\pici novakova\Application Data\Flood Light Games
2009-10-19 13:35 . 2009-10-19 13:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Flood Light Games
2009-10-19 08:26 . 2009-10-19 08:26 -------- d-----w- c:\documents and settings\All Users\Application Data\MumboJumbo
2009-10-19 08:24 . 2009-10-19 08:24 -------- d-----w- c:\documents and settings\pici novakova\Application Data\SpinTop
2009-10-16 19:45 . 2009-10-16 19:45 -------- d-----w- c:\windows\SQL9_KB970892_ENU
2009-10-16 06:44 . 2009-10-17 06:26 -------- d-----w- c:\program files\Nufsoft
2009-10-16 02:17 . 2009-07-17 16:22 1435648 -c----w- c:\windows\system32\dllcache\query.dll
2009-10-16 02:16 . 2009-09-04 21:03 58880 -c----w- c:\windows\system32\dllcache\msasn1.dll
2009-10-14 20:38 . 2009-10-14 20:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Fugazo
2009-10-14 19:59 . 2009-10-14 19:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Ludia
2009-10-14 19:58 . 2009-10-14 19:58 -------- d-----w- c:\windows\Hell's Kitchen
2009-10-12 18:36 . 2009-09-11 14:18 136192 -c----w- c:\windows\system32\dllcache\msv1_0.dll
2009-10-12 18:36 . 2009-06-25 08:25 54272 -c----w- c:\windows\system32\dllcache\wdigest.dll
2009-10-12 18:36 . 2009-06-24 11:18 92928 -c----w- c:\windows\system32\dllcache\ksecdd.sys
2009-10-12 18:36 . 2009-06-25 08:25 301568 -c----w- c:\windows\system32\dllcache\kerberos.dll
2009-10-12 16:30 . 2009-10-12 16:30 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2009-10-12 16:28 . 2009-10-12 16:30 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-10-12 16:28 . 2009-10-12 16:30 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-10-02 18:30 . 2009-10-02 18:33 -------- d-----w- c:\windows\DISNEY
2009-09-27 19:32 . 2009-09-27 19:32 100343 ----a-w- c:\windows\moj font1.zip
2009-09-27 18:50 . 2009-09-27 18:53 -------- d-----w- c:\program files\FontPage

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-27 09:36 . 2009-10-25 17:29 223028 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-10-23 10:42 . 2008-11-28 18:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Zylom
2009-10-21 10:39 . 2009-10-21 10:36 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-10-20 21:23 . 2008-12-07 18:51 -------- d-----w- c:\documents and settings\pici novakova\Application Data\Thinstall
2009-10-20 20:50 . 2008-04-17 07:39 72480 ----a-w- c:\documents and settings\pici novakova\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-20 07:43 . 2008-08-04 13:40 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-10-16 19:49 . 2007-10-25 09:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-10-16 19:46 . 2007-10-25 09:21 -------- d-----w- c:\program files\Microsoft SQL Server
2009-10-15 17:04 . 2009-08-16 17:36 -------- d-----w- c:\program files\Recepty doma
2009-10-13 18:00 . 2009-10-21 10:36 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-10-12 19:56 . 2008-11-22 11:09 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-12 19:56 . 2007-10-25 08:53 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-02 16:55 . 2008-04-16 09:41 -------- d-----w- c:\documents and settings\pici novakova\Application Data\skypePM
2009-09-16 20:51 . 2009-09-16 20:45 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-09-14 13:58 . 2009-04-01 11:08 -------- d-----w- c:\documents and settings\pici novakova\Application Data\Shape games
2009-09-12 19:40 . 2009-09-12 19:40 -------- d-----w- c:\documents and settings\pici novakova\Application Data\Photo DVD Maker
2009-09-12 19:40 . 2009-09-12 19:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Anvsoft
2009-09-11 17:02 . 2009-09-11 17:02 -------- d-----w- c:\program files\AGEIA Technologies
2009-09-11 14:18 . 2006-02-28 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-08 09:58 . 2009-09-08 09:58 -------- d-----w- c:\program files\PCP
2009-09-05 02:13 . 2009-09-05 02:13 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2009-09-04 21:03 . 2006-02-28 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-31 10:33 . 2009-08-31 10:33 172032 ----a-w- c:\windows\system32\cncs32.dll
2009-08-29 08:08 . 2007-10-03 18:01 916480 ------w- c:\windows\system32\wininet.dll
2009-08-26 08:00 . 2007-10-03 18:01 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-17 21:33 . 2009-08-17 21:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-16 15:08 . 2009-10-21 10:36 178176 ----a-w- c:\windows\system32\unrar.dll
2009-08-06 18:24 . 2007-10-25 08:35 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 18:24 . 2007-10-25 08:35 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 18:24 . 2007-10-25 08:35 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 18:24 . 2007-10-03 18:02 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 18:24 . 2007-10-25 08:35 53472 ------w- c:\windows\system32\wuauclt.exe
2009-08-06 18:24 . 2007-10-03 17:59 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 18:23 . 2007-10-25 08:35 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 18:23 . 2007-10-25 08:35 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:01 . 2006-02-28 12:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 18:44 . 2007-10-03 18:00 2189184 ------w- c:\windows\system32\ntoskrnl.exe
2009-08-04 14:20 . 2007-02-28 07:15 2066048 ------w- c:\windows\system32\ntkrnlpa.exe
2009-07-27 17:06 . 2009-07-27 17:06 0 ----a-w- c:\program files\uziv.dat
.

((((((((((((((((((((((((((((( SnapShot@2009-10-21_20.06.44 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-10-27 15:53 . 2009-10-27 15:53 16384 c:\windows\Temp\Perflib_Perfdata_570.dat
+ 2009-10-27 10:18 . 2009-08-06 18:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2009-10-27 10:18 . 2009-08-06 18:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
+ 2006-02-28 12:00 . 2009-10-25 02:26 89666 c:\windows\system32\perfc009.dat
+ 2007-10-25 08:35 . 2009-08-06 18:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2007-10-25 08:35 . 2009-08-06 18:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2007-10-03 17:59 . 2009-08-06 18:24 96480 c:\windows\system32\dllcache\cdm.dll
+ 2006-02-28 12:00 . 2009-10-25 02:26 490594 c:\windows\system32\perfh009.dat
+ 2007-10-25 08:35 . 2009-08-06 18:24 209632 c:\windows\system32\dllcache\wuweb.dll
+ 2007-10-25 08:35 . 2009-08-06 18:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2007-10-25 08:35 . 2009-08-06 18:23 575704 c:\windows\system32\dllcache\wuapi.dll
+ 2007-10-25 08:35 . 2009-08-06 18:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-04-20 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-04-20 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-04-20 138008]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2007-04-10 16126464]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" - c:\windows\system32\narrator.exe [2008-04-14 53760]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1136:UDP"= 1136:UDP:Windows Media Format SDK (Opera.exe)
"1137:UDP"= 1137:UDP:Windows Media Format SDK (Opera.exe)

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [22.10.2009 18:35 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22.10.2009 18:35 20560]
S1 is-5EJ9Ldrv;is-5EJ9Ldrv;c:\windows\system32\DRIVERS\50338710.sys --> c:\windows\system32\DRIVERS\50338710.sys [?]
S2 gupdate1c99df8691be6ba;Služba Google Update (gupdate1c99df8691be6ba);c:\program files\Google\Update\GoogleUpdate.exe [6.3.2009 2:10 133104]
S3 CnxEtP;Conexant AccessRunner USB ADSL Adapter Filter Driver;c:\windows\system32\drivers\CnxEtP.sys [17.2.2008 17:43 131072]
S3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;c:\windows\system32\drivers\CnxEtU.sys [17.2.2008 17:43 614272]
S3 CnxTgNP;Conexant AccessRunner ADSL WAN PPPoE Adapter Driver;c:\windows\system32\drivers\CnxTgNP.sys [17.2.2008 17:43 60416]
S3 FXDrv32;FXDrv32;\??\d:\fxdrv32.sys --> d:\FXDrv32.sys [?]

--- Other Services/Drivers In Memory ---

*Deregistered* - mbr
.
Contents of the 'Scheduled Tasks' folder

2009-10-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-06 01:10]

2009-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-06 01:10]

2009-10-27 c:\windows\Tasks\User_Feed_Synchronization-{C68D368B-22C1-45F0-B90C-D44451CF43DE}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\pici novakova\Application Data\Mozilla\Firefox\Profiles\31ln2572.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Wikipédia (sk)
FF - prefs.js: browser.startup.homepage - google.sk
FF - prefs.js: keyword.URL -
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\TV JOJ Media Player\np_JOJ_netscape_player.dll
FF - plugin: c:\program files\TV JOJ Media Player\npplugin_netscape.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-27 17:07
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3856)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-10-27 17:10
ComboFix-quarantined-files.txt 2009-10-27 16:09
ComboFix2.txt 2009-10-27 15:40
ComboFix3.txt 2009-10-21 20:09

Pre-Run: 26 694 148 096 bytes free
Post-Run: 23 adresárov, 26 655 850 496 voľných bajtov

- - End Of File - - 6749987B7B9058FB3C45D7756F2FA608


Offline

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0
Príspevok NapísalOffline : 27.10.2009 20:18

Presun ikonu CF na plochu, vypni vsetky otvorene aplikacie, ako aj rezidenty antiviru, antispywaru a firewall a otvor poznamkovy blok. Donho skopiruj:

Kód:
KillAll::
SecCenter::
{6C4BB89C-B0ED-4F41-A29C-4373888923BB}
{4055920F-2E99-48A8-A270-4243D2B8F242}
{990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

Uloz na plochu ako CFScript.txt a mysou pretiahni nad ikonou CF.

avast problem ..

Program script spracuje a spravi novy log.


Pozor: Ak po aplikacii skriptu nenabehne Windows, restartuj PC, stlac F8 a zvol Poslednu znamu funkcnu konfiguraciu.


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 11.01.08
Prihlásený: 15.03.10
Príspevky: 86
Témy: 15
Príspevok Napísal autor témyOffline : 27.10.2009 20:56

uz som vykonala ale neviem ci spravne pretože windows mi nabehol:-)



ComboFix 09-10-26.06 - pici novakova 27.10.2009 20:42.5.1 - NTFSx86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1014.557 [GMT 1:00]
Running from: c:\documents and settings\pici novakova\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\pici novakova\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1356 [VPS 091026-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-09-27 to 2009-10-27 )))))))))))))))))))))))))))))))
.

2009-10-27 15:44 . 2008-04-13 18:40 96512 -c--a-w- c:\windows\system32\dllcache\atapi.sys
2009-10-27 15:44 . 2008-04-13 18:40 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
2009-10-25 17:29 . 2009-10-27 09:36 38518816 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-10-23 19:22 . 2009-10-23 19:22 -------- d-----w- c:\documents and settings\pici novakova\Application Data\Malwarebytes
2009-10-23 19:22 . 2009-10-23 19:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-23 10:42 . 2009-10-23 10:42 -------- d-----w- c:\program files\Zylom Games
2009-10-22 17:35 . 2009-09-15 10:54 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-10-22 17:35 . 2009-09-15 10:54 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-10-22 17:35 . 2009-09-15 10:53 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-10-22 17:35 . 2009-09-15 10:53 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-10-22 17:35 . 2009-09-15 10:56 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-10-22 17:35 . 2009-09-15 10:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-10-22 17:35 . 2009-09-15 10:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-10-22 17:35 . 2009-09-15 10:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-10-22 17:35 . 2009-09-15 10:59 1279968 ----a-w- c:\windows\system32\aswBoot.exe
2009-10-21 18:42 . 2009-10-21 18:42 -------- d-----w- c:\documents and settings\pici novakova\Application Data\ImTOO Software Studio
2009-10-21 18:41 . 2009-10-21 18:41 -------- d-----w- c:\program files\ImTOO
2009-10-21 11:13 . 2009-10-21 11:13 -------- d-----w- c:\documents and settings\pici novakova\Local Settings\Application Data\temp
2009-10-21 11:07 . 2009-10-21 11:12 -------- d-----w- c:\documents and settings\pici novakova\Application Data\Broad Intelligence
2009-10-21 11:05 . 2009-10-21 11:13 -------- d-----w- c:\program files\Common Files\Memeo
2009-10-21 11:04 . 2009-10-21 11:04 -------- d-----w- c:\documents and settings\pici novakova\Application Data\OpenCandy
2009-10-21 11:03 . 2009-10-21 11:12 -------- d-----w- c:\program files\MediaCoder
2009-10-20 20:50 . 2009-10-20 20:50 -------- d-----w- C:\DVDSlideshow
2009-10-20 20:50 . 2006-12-29 09:29 62976 ----a-w- c:\windows\system32\cygz.dll
2009-10-20 20:50 . 2006-12-29 09:29 1271296 ----a-w- c:\windows\system32\cygxml2-2.dll
2009-10-20 20:50 . 2006-12-29 09:29 1015128 ----a-w- c:\windows\system32\cygiconv-2.dll
2009-10-20 20:50 . 2006-12-04 11:48 455680 ----a-w- c:\windows\system32\mkisofs.exe
2009-10-20 20:50 . 2006-12-29 09:29 369152 ----a-w- c:\windows\system32\cygfreetype-6.dll
2009-10-20 20:50 . 2006-12-29 09:29 331008 ----a-w- c:\windows\system32\dvdauthor.exe
2009-10-20 20:50 . 2006-12-29 09:29 323242 ----a-w- c:\windows\system32\spumux.exe
2009-10-20 20:50 . 2006-12-29 09:29 176640 ----a-w- c:\windows\system32\cygpng12.dll
2009-10-20 20:50 . 2006-12-29 09:29 1140617 ----a-w- c:\windows\system32\cygwin1.dll
2009-10-20 20:50 . 2006-12-04 11:48 368640 ----a-w- c:\windows\system32\cdrecord.exe
2009-10-20 19:47 . 2009-10-20 19:47 -------- d-----w- c:\documents and settings\pici novakova\dwhelper
2009-10-20 07:32 . 2009-10-20 07:32 -------- d-----w- c:\program files\MIT Media Lab
2009-10-19 20:29 . 2009-10-19 20:29 -------- d-----w- c:\windows\DQ Tycoon
2009-10-19 18:48 . 2009-10-19 18:48 -------- d-----w- c:\documents and settings\All Users\Application Data\MythPeople
2009-10-19 18:48 . 2009-10-19 18:48 -------- d-----w- c:\program files\ReflexiveArcade
2009-10-19 13:35 . 2009-10-19 13:35 -------- d-----w- c:\documents and settings\pici novakova\Saved Games
2009-10-19 13:35 . 2009-10-19 13:35 -------- d-----w- c:\documents and settings\pici novakova\Application Data\Flood Light Games
2009-10-19 13:35 . 2009-10-19 13:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Flood Light Games
2009-10-19 08:26 . 2009-10-19 08:26 -------- d-----w- c:\documents and settings\All Users\Application Data\MumboJumbo
2009-10-19 08:24 . 2009-10-19 08:24 -------- d-----w- c:\documents and settings\pici novakova\Application Data\SpinTop
2009-10-16 19:45 . 2009-10-16 19:45 -------- d-----w- c:\windows\SQL9_KB970892_ENU
2009-10-16 06:44 . 2009-10-17 06:26 -------- d-----w- c:\program files\Nufsoft
2009-10-16 02:17 . 2009-07-17 16:22 1435648 -c----w- c:\windows\system32\dllcache\query.dll
2009-10-16 02:16 . 2009-09-04 21:03 58880 -c----w- c:\windows\system32\dllcache\msasn1.dll
2009-10-14 20:38 . 2009-10-14 20:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Fugazo
2009-10-14 19:59 . 2009-10-14 19:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Ludia
2009-10-14 19:58 . 2009-10-14 19:58 -------- d-----w- c:\windows\Hell's Kitchen
2009-10-12 18:36 . 2009-09-11 14:18 136192 -c----w- c:\windows\system32\dllcache\msv1_0.dll
2009-10-12 18:36 . 2009-06-25 08:25 54272 -c----w- c:\windows\system32\dllcache\wdigest.dll
2009-10-12 18:36 . 2009-06-24 11:18 92928 -c----w- c:\windows\system32\dllcache\ksecdd.sys
2009-10-12 18:36 . 2009-06-25 08:25 301568 -c----w- c:\windows\system32\dllcache\kerberos.dll
2009-10-12 16:30 . 2009-10-12 16:30 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2009-10-12 16:28 . 2009-10-12 16:30 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-10-12 16:28 . 2009-10-12 16:30 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-10-02 18:30 . 2009-10-02 18:33 -------- d-----w- c:\windows\DISNEY

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-27 09:36 . 2009-10-25 17:29 223028 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-10-23 10:42 . 2008-11-28 18:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Zylom
2009-10-21 10:39 . 2009-10-21 10:36 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-10-20 21:23 . 2008-12-07 18:51 -------- d-----w- c:\documents and settings\pici novakova\Application Data\Thinstall
2009-10-20 20:50 . 2008-04-17 07:39 72480 ----a-w- c:\documents and settings\pici novakova\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-20 07:43 . 2008-08-04 13:40 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-10-16 19:49 . 2007-10-25 09:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-10-16 19:46 . 2007-10-25 09:21 -------- d-----w- c:\program files\Microsoft SQL Server
2009-10-15 17:04 . 2009-08-16 17:36 -------- d-----w- c:\program files\Recepty doma
2009-10-13 18:00 . 2009-10-21 10:36 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-10-12 19:56 . 2008-11-22 11:09 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-12 19:56 . 2007-10-25 08:53 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-02 16:55 . 2008-04-16 09:41 -------- d-----w- c:\documents and settings\pici novakova\Application Data\skypePM
2009-09-27 19:32 . 2009-09-27 19:32 100343 ----a-w- c:\windows\moj font1.zip
2009-09-27 18:53 . 2009-09-27 18:50 -------- d-----w- c:\program files\FontPage
2009-09-16 20:51 . 2009-09-16 20:45 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-09-14 13:58 . 2009-04-01 11:08 -------- d-----w- c:\documents and settings\pici novakova\Application Data\Shape games
2009-09-12 19:40 . 2009-09-12 19:40 -------- d-----w- c:\documents and settings\pici novakova\Application Data\Photo DVD Maker
2009-09-12 19:40 . 2009-09-12 19:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Anvsoft
2009-09-11 17:02 . 2009-09-11 17:02 -------- d-----w- c:\program files\AGEIA Technologies
2009-09-11 14:18 . 2006-02-28 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-08 09:58 . 2009-09-08 09:58 -------- d-----w- c:\program files\PCP
2009-09-05 02:13 . 2009-09-05 02:13 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2009-09-04 21:03 . 2006-02-28 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-31 10:33 . 2009-08-31 10:33 172032 ----a-w- c:\windows\system32\cncs32.dll
2009-08-29 08:08 . 2007-10-03 18:01 916480 ------w- c:\windows\system32\wininet.dll
2009-08-26 08:00 . 2007-10-03 18:01 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-17 21:33 . 2009-08-17 21:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-16 15:08 . 2009-10-21 10:36 178176 ----a-w- c:\windows\system32\unrar.dll
2009-08-06 18:24 . 2007-10-25 08:35 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 18:24 . 2007-10-25 08:35 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 18:24 . 2007-10-25 08:35 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 18:24 . 2007-10-03 18:02 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 18:24 . 2007-10-25 08:35 53472 ------w- c:\windows\system32\wuauclt.exe
2009-08-06 18:24 . 2007-10-03 17:59 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 18:23 . 2007-10-25 08:35 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 18:23 . 2007-10-25 08:35 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:01 . 2006-02-28 12:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 18:44 . 2007-10-03 18:00 2189184 ------w- c:\windows\system32\ntoskrnl.exe
2009-08-04 14:20 . 2007-02-28 07:15 2066048 ------w- c:\windows\system32\ntkrnlpa.exe
2009-07-27 17:06 . 2009-07-27 17:06 0 ----a-w- c:\program files\uziv.dat
.

((((((((((((((((((((((((((((( SnapShot@2009-10-21_20.06.44 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-10-27 19:50 . 2009-10-27 19:50 16384 c:\windows\Temp\Perflib_Perfdata_580.dat
+ 2009-10-27 19:50 . 2009-10-27 19:50 16384 c:\windows\Temp\Perflib_Perfdata_2cc.dat
+ 2009-10-27 10:18 . 2009-08-06 18:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2009-10-27 10:18 . 2009-08-06 18:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
+ 2006-02-28 12:00 . 2009-10-25 02:26 89666 c:\windows\system32\perfc009.dat
+ 2007-10-25 08:35 . 2009-08-06 18:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2007-10-25 08:35 . 2009-08-06 18:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2007-10-03 17:59 . 2009-08-06 18:24 96480 c:\windows\system32\dllcache\cdm.dll
+ 2006-02-28 12:00 . 2009-10-25 02:26 490594 c:\windows\system32\perfh009.dat
+ 2007-10-25 08:35 . 2009-08-06 18:24 209632 c:\windows\system32\dllcache\wuweb.dll
+ 2007-10-25 08:35 . 2009-08-06 18:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2007-10-25 08:35 . 2009-08-06 18:23 575704 c:\windows\system32\dllcache\wuapi.dll
+ 2007-10-25 08:35 . 2009-08-06 18:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-04-20 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-04-20 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-04-20 138008]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2007-04-10 16126464]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" - c:\windows\system32\narrator.exe [2008-04-14 53760]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1136:UDP"= 1136:UDP:Windows Media Format SDK (Opera.exe)
"1137:UDP"= 1137:UDP:Windows Media Format SDK (Opera.exe)

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [22.10.2009 18:35 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22.10.2009 18:35 20560]
S1 is-5EJ9Ldrv;is-5EJ9Ldrv;c:\windows\system32\DRIVERS\50338710.sys --> c:\windows\system32\DRIVERS\50338710.sys [?]
S2 gupdate1c99df8691be6ba;Služba Google Update (gupdate1c99df8691be6ba);c:\program files\Google\Update\GoogleUpdate.exe [6.3.2009 2:10 133104]
S3 CnxEtP;Conexant AccessRunner USB ADSL Adapter Filter Driver;c:\windows\system32\drivers\CnxEtP.sys [17.2.2008 17:43 131072]
S3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;c:\windows\system32\drivers\CnxEtU.sys [17.2.2008 17:43 614272]
S3 CnxTgNP;Conexant AccessRunner ADSL WAN PPPoE Adapter Driver;c:\windows\system32\drivers\CnxTgNP.sys [17.2.2008 17:43 60416]
S3 FXDrv32;FXDrv32;\??\d:\fxdrv32.sys --> d:\FXDrv32.sys [?]

--- Other Services/Drivers In Memory ---

*Deregistered* - mbr
.
Contents of the 'Scheduled Tasks' folder

2009-10-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-06 01:10]

2009-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-06 01:10]

2009-10-27 c:\windows\Tasks\User_Feed_Synchronization-{C68D368B-22C1-45F0-B90C-D44451CF43DE}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\pici novakova\Application Data\Mozilla\Firefox\Profiles\31ln2572.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Wikipédia (sk)
FF - prefs.js: browser.startup.homepage - google.sk
FF - prefs.js: keyword.URL -
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\TV JOJ Media Player\np_JOJ_netscape_player.dll
FF - plugin: c:\program files\TV JOJ Media Player\npplugin_netscape.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-27 20:50
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1776)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\combofix\CF26069.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wscntfy.exe
c:\program files\Alwil Software\Avast4\setup\avast.setup
c:\combofix\PEV.cfxxe
.
**************************************************************************
.
Completion time: 2009-10-27 20:54 - machine was rebooted
ComboFix-quarantined-files.txt 2009-10-27 19:54
ComboFix2.txt 2009-10-27 16:10
ComboFix3.txt 2009-10-27 15:40
ComboFix4.txt 2009-10-21 20:09

Pre-Run: 26 616 082 432 bytes free
Post-Run: 23 adresárov, 26 586 173 440 voľných bajtov

- - End Of File - - 954097BD1B7CEC0F109F0E09E6218719


Offline

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0
Príspevok NapísalOffline : 28.10.2009 17:33

OK, co PC? Ako sa sprava?


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 11.01.08
Prihlásený: 15.03.10
Príspevky: 86
Témy: 15
Príspevok Napísal autor témyOffline : 28.10.2009 18:18

pitimir píše:
OK, co PC? Ako sa sprava?





pc je v celkom v pohode velka vdaka Ti: ;) zda sa mi aj trosicka vykonnejsi,iba s prac plochou mam problem ,ikonky mám obtiahnute na modro a názvy su oznacene v modr ramcekoch...myslím že problem bude v aplikaciach .check fix mi vyhodil log data-aplikacie boli infikovane...este raz vdaka ,darmo..skus uzivatel :rolleyes:


Offline

Správca fóra
Správca fóra
avast problem ..

Registrovaný: 17.04.08
Prihlásený: 28.03.24
Príspevky: 13258
Témy: 420
Bydlisko: Myjava
Príspevok NapísalOffline : 28.10.2009 18:25

biba - kliknime si na ikonku Tento pocitac pravym tlacitkom, dajme Vlastnosti. (Alternativa Start - Ovladaci panel - System)

Presunme sa na zalozku Pokrocile, alebo Dalsie (neviem presny slovensky nazov,anglicky je to Advanced) a v kolonke Vykon klikneme na Nastavenia (Moznosti).

Tam zafajkneme (spravidla) predposlednu moznost (Use drop shadows, alebo Show shadows under menus...), teda po slovensky to bude to,co odstrani tie modre ramceky.

mam anglicky windows, teda neviem, ako je to presne napisane v slovenskom.







_________________
PC: MSI B450 GAMING PLUS / AMD Ryzen 5 2600 / SilentiumPC Fera 3 HE1224 / ADATA XPG Spectrix D40 DDR4 2x8GB / Gainward GeForce GTX 1060 Phoenix 6GB / Adata XPG Gammix S11 M.2 SSD 480GB NVMe / Seagate BarraCuda HDD 2TB / WD Green 4TB / WD My Book Essential 3.0 2000GB / WD Elements 2000GB / ASUS BW-16D1HT / Creative Sound Blaster Audigy RX / Corsair CX450M / SilentiumPC Regnum RG4T / Dell P2719H / Microsoft Natural Ergonomic Keyboard 4000 / Logitech G102 Prodigy Gaming Mouse / Microlab SOLO9C / Microlab B77 / SONY WH-1000XM4 / Koss Porta Pro / Microsoft Windows 10 64-bit FPP
PC (history): ASUS M4A785TD-V EVO / Athlon II X4 640 / Hynix 8GB (2x4GB) DDR3 1600 MHz / Sapphire HD7750 1GB Ultimate Silent Series / AMD Radeon R3 120GB / Seagate 7200.12 500GB / Samsung SH-S223L / Creative Sound Blaster X-Fi XtremeMusic / Axago PCEU-43R USB3.0 / TP-LINK TG-3269 / Corsair VS450 / 24" BenQ G2420HDBL / Gigabyte GT-U8300
NTB: Huawei MateBook D15 NTB2: Alcatel PLUS 10 LTE NTB3: MSI M670X-091SK / Transcend 2x1GB DDR2 667MHz
Phone: Samsung Galaxy S9 Phone2: Samsung Galaxy S20+
Turntable: Tesla NC 470 / Ortofon OM 5E
Offline

Skúsený užívateľ
Skúsený užívateľ
avast problem ..

Registrovaný: 27.12.07
Prihlásený: 17.02.16
Príspevky: 5446
Témy: 0
Bydlisko: Opičí ostro...
Príspevok NapísalOffline : 28.10.2009 18:56

Tento počítač - vlastnosti - spresnenie - výkon nastavenie - vizuálne efekty - buď zaškrtni "Nastaviť s cieľom dosiahnutia najlepšieho vzhľadu" alebo ti stačí "Používať tiene na menovkách ikon..."


Offline

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0
Príspevok NapísalOffline : 28.10.2009 19:02

A pridam aj ja svoju trosku :)
1) Docistime to:

  • Odinstaluj Combofix:
    Start -> Spustit -> (napis) combofix /uninstall
  • Pouzi T-Cleaner (ak by ho antivirus hlasil ako smejda, nic sa netreba bat, ide len o paranoju AV programu).
  • Pouzi TFC (spust program a klikni na "Start". Pozor, PC moze byt restartovane).



2) Vloz log z HJT.

V pripade nezrovnalosti sa >>tu<< nachadza navod.


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 11.01.08
Prihlásený: 15.03.10
Príspevky: 86
Témy: 15
Príspevok Napísal autor témyOffline : 28.10.2009 19:28

ac.milan píše:
biba - kliknime si na ikonku Tento pocitac pravym tlacitkom, dajme Vlastnosti. (Alternativa Start - Ovladaci panel - System)

Presunme sa na zalozku Pokrocile, alebo Dalsie (neviem presny slovensky nazov,anglicky je to Advanced) a v kolonke Vykon klikneme na Nastavenia (Moznosti).

Tam zafajkneme (spravidla) predposlednu moznost (Use drop shadows, alebo Show shadows under menus...), teda po slovensky to bude to,co odstrani tie modre ramceky.

mam anglicky windows, teda neviem, ako je to presne napisane v slovenskom.









našla som to pod vizual efektami ..cokolvek zafajknem ci odfajknem nejde to odstranit samozrejme velak vdaka


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 11.01.08
Prihlásený: 15.03.10
Príspevky: 86
Témy: 15
Príspevok Napísal autor témyOffline : 28.10.2009 19:49

pitimir píše:
A pridam aj ja svoju trosku :)
1) Docistime to:

  • Odinstaluj Combofix:
    Start -> Spustit -> (napis) combofix /uninstall
  • Pouzi T-Cleaner (ak by ho antivirus hlasil ako smejda, nic sa netreba bat, ide len o paranoju AV programu).
  • Pouzi TFC (spust program a klikni na "Start". Pozor, PC moze byt restartovane).


2) Vloz log z HJT.

V pripade nezrovnalosti sa >>tu<< nachadza navod.















Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:47:48, on 28.10.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\pici novakova\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate1c99df8691be6ba) (gupdate1c99df8691be6ba) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 6830 bytes


Offline

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0
Príspevok NapísalOffline : 28.10.2009 21:47

Fixni v HJT (zasrktni stvorcek pri danom riadku a stlac "Fix Checked"):

Kód:
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab


2) Odinstaluj SpyBot/Ad-Aware (Start -> Ovl. Panel -> Pridat/Odstranit Programy).
Ak by to neslo, pouzi Revo Uninstaller.


3) Doinstaluj firewall.


4) Updatuj Adobe Reader (poslednu verziu najdes >>tu<<).


5) Pouzi JavaRa, mas staru Javu.

A hotovo ;)


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 11.01.08
Prihlásený: 15.03.10
Príspevky: 86
Témy: 15
Príspevok Napísal autor témyOffline : 29.10.2009 16:19

pitimir píše:
Fixni v HJT (zasrktni stvorcek pri danom riadku a stlac "Fix Checked"):

Kód:
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab


2) Odinstaluj SpyBot/Ad-Aware (Start -> Ovl. Panel -> Pridat/Odstranit Programy).
Ak by to neslo, pouzi Revo Uninstaller.


3) Doinstaluj firewall.


4) Updatuj Adobe Reader (poslednu verziu najdes >>tu<<).


5) Pouzi JavaRa, mas staru Javu.

A hotovo ;)








vykonala som srdecna vdaka :)


Offline

Správca fóra
Správca fóra
avast problem ..

Registrovaný: 17.04.08
Prihlásený: 28.03.24
Príspevky: 13258
Témy: 420
Bydlisko: Myjava
Príspevok NapísalOffline : 29.10.2009 16:28

biba5 píše:
našla som to pod vizual efektami ..cokolvek zafajknem ci odfajknem nejde to odstranit samozrejme velak vdaka

ani rada od prandof nejde?
prandof píše:
Tento počítač - vlastnosti - spresnenie - výkon nastavenie - vizuálne efekty - buď zaškrtni "Nastaviť s cieľom dosiahnutia najlepšieho vzhľadu" alebo ti stačí "Používať tiene na menovkách ikon..."







_________________
PC: MSI B450 GAMING PLUS / AMD Ryzen 5 2600 / SilentiumPC Fera 3 HE1224 / ADATA XPG Spectrix D40 DDR4 2x8GB / Gainward GeForce GTX 1060 Phoenix 6GB / Adata XPG Gammix S11 M.2 SSD 480GB NVMe / Seagate BarraCuda HDD 2TB / WD Green 4TB / WD My Book Essential 3.0 2000GB / WD Elements 2000GB / ASUS BW-16D1HT / Creative Sound Blaster Audigy RX / Corsair CX450M / SilentiumPC Regnum RG4T / Dell P2719H / Microsoft Natural Ergonomic Keyboard 4000 / Logitech G102 Prodigy Gaming Mouse / Microlab SOLO9C / Microlab B77 / SONY WH-1000XM4 / Koss Porta Pro / Microsoft Windows 10 64-bit FPP
PC (history): ASUS M4A785TD-V EVO / Athlon II X4 640 / Hynix 8GB (2x4GB) DDR3 1600 MHz / Sapphire HD7750 1GB Ultimate Silent Series / AMD Radeon R3 120GB / Seagate 7200.12 500GB / Samsung SH-S223L / Creative Sound Blaster X-Fi XtremeMusic / Axago PCEU-43R USB3.0 / TP-LINK TG-3269 / Corsair VS450 / 24" BenQ G2420HDBL / Gigabyte GT-U8300
NTB: Huawei MateBook D15 NTB2: Alcatel PLUS 10 LTE NTB3: MSI M670X-091SK / Transcend 2x1GB DDR2 667MHz
Phone: Samsung Galaxy S9 Phone2: Samsung Galaxy S20+
Turntable: Tesla NC 470 / Ortofon OM 5E
Offline

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0
Príspevok NapísalOffline : 29.10.2009 19:07

Z mojej strany sa rado stalo :)
Este dories s panmi dalsi problem a prajem vela presurfovanych kilometrov bez nehody :D


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 11.01.08
Prihlásený: 15.03.10
Príspevky: 86
Témy: 15
Príspevok Napísal autor témyOffline : 30.10.2009 19:09

[quote="ac.milan"][/quote]



vyskusala som vase rady a nic,



:(


Odpovedať na tému [ Príspevkov: 30 ] 


Podobné témy

 Témy  Odpovede  Zobrazenia  Posledný príspevok 
V tomto fóre nie sú ďalšie neprečítané témy. Problem s Avast!

v Antivíry a antispywary

12

1464

03.09.2007 14:21

Telik Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Avast problém s RPC

v Antivíry a antispywary

5

2586

29.01.2007 23:29

shaggy Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Antivir Avast

v Antivíry a antispywary

5

450

04.12.2013 22:14

dabert Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Avast! error

v Antivíry a antispywary

1

484

08.03.2012 19:02

pocok5 Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Avast! 5

v Novinky

2

1426

11.12.2009 19:45

amd Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. AVAST sa zblaznil?

v Antivíry a antispywary

4

851

25.05.2007 21:25

Tomas1 Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. AVAST VS NOD32

[ Choď na stránku:Choď na stránku: 1, 2 ]

v Antivíry a antispywary

47

9828

25.01.2010 15:27

don jebot Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. AVAST webovy stit

v Antivíry a antispywary

4

831

10.09.2011 21:11

mrbobko Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Avast stale restartuje

v Antivíry a antispywary

8

757

02.01.2008 17:46

Tomas1 Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. avast- neznama chyba

v Antivíry a antispywary

2

546

06.09.2007 17:10

Marx911 Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. avg vs avast

[ Choď na stránku:Choď na stránku: 1, 2 ]

v Antivíry a antispywary

37

2802

18.10.2009 23:28

ac.milan Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. avast nemoze otvorit

v Antivíry a antispywary

4

574

08.07.2008 21:29

McDog Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. avast a avira

v Antivíry a antispywary

4

761

09.06.2009 20:03

ac.milan Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. AVAST:zablokovany skodlivy URL

v Antivíry a antispywary

10

2402

14.07.2011 13:35

RapidFire Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Avast 4.7 pro

v Antivíry a antispywary

15

1615

27.07.2007 19:26

Rbot Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Avast ! Antivirus 7 neaktualizuje

v Bezpečnosť a firewally

1

706

16.03.2013 10:13

personal compuper Zobrazenie posledných príspevkov


Nemôžete zakladať nové témy v tomto fóre
Nemôžete odpovedať na témy v tomto fóre
Nemôžete upravovať svoje príspevky v tomto fóre
Nemôžete mazať svoje príspevky v tomto fóre

Skočiť na:  

Powered by phpBB Jarvis © 2005 - 2024 PCforum, webhosting by WebSupport, secured by GeoTrust, edited by JanoF
Ako väčšina webových stránok aj my používame cookies. Zotrvaním na webovej stránke súhlasíte, že ich môžeme používať.
Všeobecné podmienky, spracovanie osobných údajov a pravidlá fóra