prosím o kontrolu logu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Mata.
nováček
Příspěvky: 42
Registrován: říjen 09
Pohlaví: Nespecifikováno
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod Mata. » 29 říj 2009 17:03

GMER 1.0.15.15163 - http://www.gmer.net
Rootkit scan 2009-10-29 16:55:35
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\Vista\AppData\Local\Temp\uglcypow.sys


---- System - GMER 1.0.15 ----

INT 0x51 ? 873CBF00
INT 0x52 ? 873CBF00
INT 0x72 ? 873CBF00
INT 0x72 ? 873CBF00
INT 0x82 ? 8592ABF8
INT 0x92 ? 84F9BBF8
INT 0xA2 ? 84F9BBF8
INT 0xB3 ? 873CBF00

---- Kernel code sections - GMER 1.0.15 ----

? System32\Drivers\spbs.sys Systém nemůže nalézt uvedenou cestu. !
.text USBPORT.SYS!DllUnload 8F03641B 5 Bytes JMP 873CB4E0
.text a21br4zj.SYS 8F58F000 22 Bytes [82, 73, 5C, 82, 6C, 72, 5C, ...]
.text a21br4zj.SYS 8F58F017 45 Bytes [00, 32, C7, 79, 8A, 3D, C5, ...]
.text a21br4zj.SYS 8F58F045 135 Bytes [DA, 2A, 82, FD, 59, 24, 82, ...]
.text a21br4zj.SYS 8F58F0CE 10 Bytes [00, 00, 00, 00, 00, 00, 66, ...]
.text a21br4zj.SYS 8F58F0DA 12 Bytes [00, 00, 02, 00, 00, 00, 25, ...]
.text ...

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\ESET\ESET Smart Security\ekrn.exe[940] kernel32.dll!SetUnhandledExceptionFilter 76C0A84F 4 Bytes [C2, 04, 00, 00]

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [8A6936D2] \SystemRoot\System32\Drivers\spbs.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [8A693040] \SystemRoot\System32\Drivers\spbs.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [8A6937FC] \SystemRoot\System32\Drivers\spbs.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort] [8A6930BE] \SystemRoot\System32\Drivers\spbs.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [8A69313C] \SystemRoot\System32\Drivers\spbs.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [8A6A3048] \SystemRoot\System32\Drivers\spbs.sys
IAT \SystemRoot\System32\Drivers\a21br4zj.SYS[ataport.SYS!AtaPortNotification] 24488B66
IAT \SystemRoot\System32\Drivers\a21br4zj.SYS[ataport.SYS!AtaPortWritePortUchar] E84D8966
IAT \SystemRoot\System32\Drivers\a21br4zj.SYS[ataport.SYS!AtaPortWritePortUlong] 83E84D8B
IAT \SystemRoot\System32\Drivers\a21br4zj.SYS[ataport.SYS!AtaPortGetPhysicalAddress] 896602C1
IAT \SystemRoot\System32\Drivers\a21br4zj.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong] 488BEA4D
IAT \SystemRoot\System32\Drivers\a21br4zj.SYS[ataport.SYS!AtaPortGetScatterGatherList] 8DC80320
IAT \SystemRoot\System32\Drivers\a21br4zj.SYS[ataport.SYS!AtaPortReadPortUchar] 57500845
IAT \SystemRoot\System32\Drivers\a21br4zj.SYS[ataport.SYS!AtaPortStallExecution] F0458D57
IAT \SystemRoot\System32\Drivers\a21br4zj.SYS[ataport.SYS!AtaPortGetParentBusType] 00006850
IAT \SystemRoot\System32\Drivers\a21br4zj.SYS[ataport.SYS!AtaPortRequestCallback] 458DB002
IAT \SystemRoot\System32\Drivers\a21br4zj.SYS[ataport.SYS!AtaPortWritePortBufferUshort] 35FF50E8
IAT \SystemRoot\System32\Drivers\a21br4zj.SYS[ataport.SYS!AtaPortGetUnCachedExtension] [8F5B4FBC] \SystemRoot\System32\Drivers\a21br4zj.SYS (ATAPI IDE Miniport Driver/Microsoft Corporation)
IAT \SystemRoot\System32\Drivers\a21br4zj.SYS[ataport.SYS!AtaPortCompleteRequest] 57EC4D89
IAT \SystemRoot\System32\Drivers\a21br4zj.SYS[ataport.SYS!AtaPortMoveMemory] 01F045C7
IAT \SystemRoot\System32\Drivers\a21br4zj.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests] E8000000
IAT \SystemRoot\System32\Drivers\a21br4zj.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb] 0001E4E4
IAT \SystemRoot\System32\Drivers\a21br4zj.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb] 4675C73B
IAT \SystemRoot\System32\Drivers\a21br4zj.SYS[ataport.SYS!AtaPortReadPortUshort] 5B4FC8A1
IAT \SystemRoot\System32\Drivers\a21br4zj.SYS[ataport.SYS!AtaPortReadPortBufferUshort] 8D526A8F
IAT \SystemRoot\System32\Drivers\a21br4zj.SYS[ataport.SYS!AtaPortInitialize] 00009A88
IAT \SystemRoot\System32\Drivers\a21br4zj.SYS[ataport.SYS!AtaPortGetDeviceBase] 48C08300
IAT \SystemRoot\System32\Drivers\a21br4zj.SYS[ataport.SYS!AtaPortDeviceStateChange] 8D076A50

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8592D1F8

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)

Device \FileSystem\fastfat \FatCdrom 8935A1F8

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

Device \Driver\volmgr \Device\VolMgrControl 859281F8

---- Threads - GMER 1.0.15 ----

Thread System [4:440] 890AF790

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001e37b3a595
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001e37b3a595@001979cea2fd 0x2A 0x65 0x7F 0x4A ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x2C 0xB2 0xA8 0x51 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xED 0x10 0xF4 0x39 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x1C 0xC6 0xA7 0xD3 ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001e37b3a595 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001e37b3a595@001979cea2fd 0x2A 0x65 0x7F 0x4A ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x2C 0xB2 0xA8 0x51 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xED 0x10 0xF4 0x39 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x1C 0xC6 0xA7 0xD3 ...

---- Disk sectors - GMER 1.0.15 ----

Disk \Device\Harddisk0\DR0 sector 01: rootkit-like behavior; copy of MBR
Disk \Device\Harddisk0\DR0 sector 02: rootkit-like behavior; copy of MBR
Disk \Device\Harddisk0\DR0 sector 03: copy of MBR
Disk \Device\Harddisk0\DR0 sector 04: rootkit-like behavior; copy of MBR
Disk \Device\Harddisk0\DR0 sector 05: copy of MBR
Disk \Device\Harddisk0\DR0 sector 06: copy of MBR
Disk \Device\Harddisk0\DR0 sector 07: copy of MBR
Disk \Device\Harddisk0\DR0 sector 08: copy of MBR
Disk \Device\Harddisk0\DR0 sector 09: copy of MBR
Disk \Device\Harddisk0\DR0 sector 10: copy of MBR
Disk \Device\Harddisk0\DR0 sector 11: copy of MBR
Disk \Device\Harddisk0\DR0 sector 12: copy of MBR
Disk \Device\Harddisk0\DR0 sector 13: copy of MBR
Disk \Device\Harddisk0\DR0 sector 14: copy of MBR
Disk \Device\Harddisk0\DR0 sector 15: copy of MBR
Disk \Device\Harddisk0\DR0 sector 16: copy of MBR
Disk \Device\Harddisk0\DR0 sector 17: copy of MBR
Disk \Device\Harddisk0\DR0 sector 18: copy of MBR
Disk \Device\Harddisk0\DR0 sector 19: copy of MBR
Disk \Device\Harddisk0\DR0 sector 20: copy of MBR
Disk \Device\Harddisk0\DR0 sector 21: copy of MBR
Disk \Device\Harddisk0\DR0 sector 22: copy of MBR
Disk \Device\Harddisk0\DR0 sector 23: copy of MBR
Disk \Device\Harddisk0\DR0 sector 24: copy of MBR
Disk \Device\Harddisk0\DR0 sector 25: copy of MBR
Disk \Device\Harddisk0\DR0 sector 26: copy of MBR
Disk \Device\Harddisk0\DR0 sector 27: copy of MBR
Disk \Device\Harddisk0\DR0 sector 28: copy of MBR
Disk \Device\Harddisk0\DR0 sector 29: copy of MBR
Disk \Device\Harddisk0\DR0 sector 30: copy of MBR
Disk \Device\Harddisk0\DR0 sector 31: copy of MBR
Disk \Device\Harddisk0\DR0 sector 32: copy of MBR
Disk \Device\Harddisk0\DR0 sector 33: copy of MBR
Disk \Device\Harddisk0\DR0 sector 34: copy of MBR
Disk \Device\Harddisk0\DR0 sector 35: copy of MBR
Disk \Device\Harddisk0\DR0 sector 36: copy of MBR
Disk \Device\Harddisk0\DR0 sector 37: copy of MBR
Disk \Device\Harddisk0\DR0 sector 38: copy of MBR
Disk \Device\Harddisk0\DR0 sector 39: copy of MBR
Disk \Device\Harddisk0\DR0 sector 40: copy of MBR
Disk \Device\Harddisk0\DR0 sector 41: copy of MBR
Disk \Device\Harddisk0\DR0 sector 42: copy of MBR
Disk \Device\Harddisk0\DR0 sector 43: copy of MBR
Disk \Device\Harddisk0\DR0 sector 44: copy of MBR
Disk \Device\Harddisk0\DR0 sector 45: copy of MBR
Disk \Device\Harddisk0\DR0 sector 46: copy of MBR
Disk \Device\Harddisk0\DR0 sector 47: copy of MBR
Disk \Device\Harddisk0\DR0 sector 48: copy of MBR
Disk \Device\Harddisk0\DR0 sector 49: copy of MBR
Disk \Device\Harddisk0\DR0 sector 50: copy of MBR
Disk \Device\Harddisk0\DR0 sector 51: copy of MBR
Disk \Device\Harddisk0\DR0 sector 52: copy of MBR
Disk \Device\Harddisk0\DR0 sector 53: copy of MBR
Disk \Device\Harddisk0\DR0 sector 54: copy of MBR
Disk \Device\Harddisk0\DR0 sector 55: copy of MBR
Disk \Device\Harddisk0\DR0 sector 56: copy of MBR
Disk \Device\Harddisk0\DR0 sector 57: copy of MBR
Disk \Device\Harddisk0\DR0 sector 58: copy of MBR
Disk \Device\Harddisk0\DR0 sector 59: copy of MBR
Disk \Device\Harddisk0\DR0 sector 60: copy of MBR
Disk \Device\Harddisk0\DR0 sector 61: copy of MBR
Disk \Device\Harddisk0\DR0 sector 62: copy of MBR
Disk \Device\Harddisk0\DR0 sector 63: rootkit-like behavior; copy of MBR

---- EOF - GMER 1.0.15 ----

Reklama
pitimir
Level 3.5
Level 3.5
Příspěvky: 850
Registrován: srpen 09
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod pitimir » 29 říj 2009 19:42

Mas tam MBR rootkit, tazku formu infekcie. Odporucam zalohu dolezitych dat a zmenu vsetkych hesiel pisanych z PC (hlavne ak bol robeny Internet Banking),

Stiahni MBR. Uloz na disk C:\ a spust dvojklikom. Vytvori sa log (mbr.log), vloz ho cely sem.
Nemam rad amaterizmus...

A adresat odkazu to vie :)

Mata.
nováček
Příspěvky: 42
Registrován: říjen 09
Pohlaví: Nespecifikováno
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod Mata. » 29 říj 2009 19:54

já vubec netusim, jak se zalohuje disk, a co je to internet banking? takze zmenit hesla na vsech serverech, na kterych jsem se zaregistrovala nebo hesla nekde v pc?


Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: error reading MBR
kernel: error reading MBR

pitimir
Level 3.5
Level 3.5
Příspěvky: 850
Registrován: srpen 09
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod pitimir » 29 říj 2009 20:04

Nemusis zalohovat uplne vsetko, proste si pre istotu napal na CD/DVD alebo skopiruj na flashku dolezite dokumenty.


Skopiruj program mbr.exe do zlozky Windows. Klik na Start -> Spustit a napis cmd. Do otvoreneho okna napis mbr -f. Enter.

Restart a znova spustit MBR. Vytvori sa log mbr.log, ktory sem vloz.
Nemam rad amaterizmus...

A adresat odkazu to vie :)

Mata.
nováček
Příspěvky: 42
Registrován: říjen 09
Pohlaví: Nespecifikováno
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod Mata. » 29 říj 2009 21:33

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: error reading MBR
kernel: error reading MBR

pitimir
Level 3.5
Level 3.5
Příspěvky: 850
Registrován: srpen 09
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod pitimir » 31 říj 2009 15:52

Pouzi:
- Mebroot Fixtool
- EMebRemover

Daj vediet, co najdu.
Nemam rad amaterizmus...

A adresat odkazu to vie :)

Mata.
nováček
Příspěvky: 42
Registrován: říjen 09
Pohlaví: Nespecifikováno
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod Mata. » 01 lis 2009 19:06

tak u toho membroot fix mi to napsalo, ze to bezi jen ve Windows XP a u toho druhyho programu mi to napsalo, ze MBR rootkin nebyl nalezen v mym pc systemu..

Mata.
nováček
Příspěvky: 42
Registrován: říjen 09
Pohlaví: Nespecifikováno
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod Mata. » 01 lis 2009 22:06

a ted se mi udelal pravidelny avg test a zadny rootkin se nenasel, jen nejaka varování, tak jsem je hned vylecila..

pitimir
Level 3.5
Level 3.5
Příspěvky: 850
Registrován: srpen 09
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod pitimir » 02 lis 2009 11:59

To bude tym, ze AVG je na tieto veci proste slabe...

Start -> Spustit -> (napis) ComboFix /StepDel
Enter.

Mal by sa spustit ComboFix, uvidime, ci si stym poradi. Ak by znova ukazal hlasenie, ze boli najdene rootkity, tak si ich nazvy (ako sa pise v tom okne) opis na papier (PRESNE, podotykam. Ja viem, otrasna robota, ale potrebujeme to vyliecit) a potom mi ich sem hod.
Nemam rad amaterizmus...

A adresat odkazu to vie :)

Mata.
nováček
Příspěvky: 42
Registrován: říjen 09
Pohlaví: Nespecifikováno
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod Mata. » 04 lis 2009 13:53

tak mi vyjelo tohle
ComboFix 09-10-24.03 - Vista 04.11.2009 13:32.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3070.1604 [GMT 1:00]
Spuštěný z: c:\users\Vista\Desktop\Programy\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
- REŽIM S OMEZENOU FUNKČNOSTÍ -
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-545812794-2383777145-3001047551-500
c:\$recycle.bin\S-1-5-21-545812794-2383777145-3001047551-500\desktop.ini
c:\$recycle.bin\S-1-5-21-6029514-184543935-3270543413-500
c:\$recycle.bin\S-1-5-21-6029514-184543935-3270543413-500\desktop.ini

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-10-04 do 2009-11-04 )))))))))))))))))))))))))))))))
.

2009-11-04 12:34 . 2009-11-04 12:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-10-29 20:11 . 2009-10-29 18:52 77312 ----a-w- c:\windows\mbr.exe
2009-10-28 18:57 . 2009-10-28 18:57 87040 ----a-w- C:\uglcypow.sys
2009-10-28 10:14 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe
2009-10-28 10:14 . 2009-09-10 14:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-10-27 14:12 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-10-27 14:12 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-10-27 14:12 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-10-27 14:12 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-10-27 14:11 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2009-10-27 14:11 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-10-27 14:11 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-10-27 14:11 . 2009-08-06 18:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-10-27 14:11 . 2009-08-06 17:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-10-23 14:05 . 2009-10-23 14:05 -------- d-----w- C:\_OTL
2009-10-20 20:47 . 2009-10-21 10:57 1 ----a-w- c:\users\Vista\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-10-20 20:46 . 2009-10-20 20:46 -------- d-----w- c:\users\Vista\AppData\Roaming\OpenOffice.org
2009-10-20 20:23 . 2009-10-20 20:23 -------- d-----w- c:\program files\OpenOffice.org 3
2009-10-14 19:35 . 2009-09-10 16:48 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-10-14 19:35 . 2009-08-04 12:34 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-10-14 19:35 . 2009-08-04 12:34 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-10-14 19:35 . 2009-08-27 12:40 834048 ----a-w- c:\windows\system32\wininet.dll
2009-10-14 19:34 . 2009-08-27 13:29 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-10-14 19:31 . 2009-09-14 09:29 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-10-14 19:31 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-10-14 19:31 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-10-08 12:17 . 2009-10-08 12:18 -------- d-----w- c:\users\Vista\KBCertifikat
2009-10-08 12:10 . 2009-10-08 12:11 -------- d-----w- c:\users\Vista\kbpki

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-04 12:35 . 2009-04-20 16:23 -------- d-----w- c:\users\Vista\AppData\Roaming\Skype
2009-11-04 07:05 . 2009-04-20 16:26 -------- d-----w- c:\users\Vista\AppData\Roaming\skypePM
2009-11-04 05:30 . 2007-11-28 10:44 598838 ----a-w- c:\windows\system32\perfh005.dat
2009-11-04 05:30 . 2007-11-28 10:44 115014 ----a-w- c:\windows\system32\perfc005.dat
2009-11-03 22:44 . 2008-02-27 02:45 2140 ----a-w- c:\windows\bthservsdp.dat
2009-11-01 21:44 . 2008-04-25 15:02 158387 ----a-w- c:\users\Vista\AppData\Roaming\nvModes.dat
2009-10-30 17:00 . 2007-11-28 02:11 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-10-29 16:34 . 2008-05-16 10:53 -------- d-----w- c:\program files\BSPlayer
2009-10-20 20:31 . 2008-04-25 10:44 109312 ----a-w- c:\users\Vista\AppData\Local\GDIPFONTCACHEV1.DAT
2009-10-20 20:22 . 2008-05-22 16:06 -------- d-----w- c:\program files\OpenOffice.org 2.4
2009-10-18 11:23 . 2009-02-25 20:02 -------- d-----w- c:\programdata\Microsoft Help
2009-10-15 05:10 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-10-07 18:12 . 2009-03-15 11:53 -------- d-----w- c:\program files\Valve
2009-10-01 17:57 . 2008-09-07 11:00 -------- d-----w- c:\program files\rajce
2009-10-01 13:58 . 2009-10-01 13:58 -------- d-----w- c:\program files\Common Files\Skype
2009-10-01 13:58 . 2009-10-01 13:58 -------- d-----r- c:\program files\Skype
2009-10-01 13:58 . 2009-04-20 16:22 -------- d-----w- c:\programdata\Skype
2009-10-01 08:29 . 2009-10-03 00:24 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-09-29 15:12 . 2009-09-29 15:12 -------- d-----w- c:\users\Vista\AppData\Roaming\Nero
2009-09-29 15:11 . 2009-09-29 15:09 -------- d-----w- c:\program files\Common Files\Nero
2009-09-29 15:09 . 2009-09-29 15:09 -------- d-----w- c:\programdata\Nero
2009-09-29 15:09 . 2008-04-30 13:14 -------- d-----w- c:\program files\Nero
2009-09-29 14:25 . 2009-09-29 14:25 -------- d-----w- c:\program files\Samsung SpeedPlus
2009-09-29 14:15 . 2008-04-30 13:14 -------- d-----w- c:\program files\Common Files\Ahead
2009-09-17 12:00 . 2008-07-14 06:07 7592 ----a-w- c:\users\Vista\AppData\Local\d3d9caps.dat
2009-08-29 00:27 . 2009-09-03 08:15 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 00:14 . 2009-09-03 08:16 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-16 09:42 . 2009-07-16 14:00 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-16 09:42 . 2009-07-16 13:59 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-16 09:42 . 2009-07-16 13:59 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-14 16:27 . 2009-09-10 04:56 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-08-14 15:53 . 2009-09-10 04:56 17920 ----a-w- c:\windows\system32\netevent.dll
2009-08-14 13:49 . 2009-09-10 04:56 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-08-14 13:49 . 2009-09-10 04:56 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-08-14 13:49 . 2009-09-10 04:56 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-08-14 13:49 . 2009-09-10 04:56 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-08-14 13:49 . 2009-09-10 04:56 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-08-14 13:49 . 2009-09-10 04:56 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-08-14 13:49 . 2009-09-10 04:56 10240 ----a-w- c:\windows\system32\finger.exe
2009-08-14 13:48 . 2009-09-10 04:56 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-08-14 13:48 . 2009-09-10 04:56 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-08-07 11:08 . 2009-08-07 11:08 10134 ----a-r- c:\users\Vista\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
2008-04-25 12:18 . 2008-04-25 12:18 22 --sha-w- c:\windows\SMINST\HPCD.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-09-02 09:58 1107200 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968]
"EPSON Stylus DX8400 Series"="c:\windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE" [2007-04-12 182272]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"Google Update"="c:\users\Vista\AppData\Local\Google\Update\GoogleUpdate.exe" [2008-12-23 133104]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-03 39408]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-09-03 3342336]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-09-02 25623336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-01-17 634880]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-07-25 174616]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-09-30 181544]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-16 218408]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2007-09-20 671744]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-06-13 528384]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-03-09 37888]
"RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-02-16 87336]
"PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2008-10-13 50472]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-11-04 2028312]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-09-19 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-19 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-19 81920]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-08-17 4702208]

c:\users\Vista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-9-5 727592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):41,56,89,e0,a1,1e,ca,01

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [16.7.2009 14:59 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [16.7.2009 15:00 108552]
R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [6.2.2009 13:23 106208]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service;c:\program files\ABBYY FineReader 9.0\NetworkLicenseServer.exe [24.9.2007 18:11 566560]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [16.7.2009 14:59 297752]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [6.2.2009 13:23 727720]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\System32\regedt32.exe [2.11.2006 9:32 9216]
S2 TeamViewer;TeamViewer 3;c:\program files\TeamViewer3\TeamViewer_Host.exe [19.2.2008 11:22 176128]
S3 INIDVD;Initio USB DVD Filter Driver;c:\windows\System32\drivers\inidvd.sys [29.9.2009 15:25 7936]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
\shell\AutoRun\command - wd_windows_tools\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{918adb8f-16ad-11dd-8f05-001e37b3a595}]
\shell\AutoRun\command - wd_windows_tools\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cc742bfe-b7b8-11de-9338-001e37b3a595}]
\shell\AutoRun\command - g:\recycler.exe e:\
\shell\Explore\command - g:\recycler.exe e:\
\shell\Open\command - g:\recycler.exe e:\

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Obsah adresáře 'Naplánované úlohy'

2009-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-545812794-2383777145-3001047551-1000Core.job
- c:\users\Vista\AppData\Local\Google\Update\GoogleUpdate.exe [2008-12-23 21:23]

2009-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-545812794-2383777145-3001047551-1000UA.job
- c:\users\Vista\AppData\Local\Google\Update\GoogleUpdate.exe [2008-12-23 21:23]

2009-11-01 c:\windows\Tasks\Norton Security Scan for Vista.job
- c:\program files\Norton Security Scan\Norton Security Scan\Engine\2.3.0.44\Nss.exe [2009-07-15 17:58]

2009-11-04 c:\windows\Tasks\User_Feed_Synchronization-{1C4355AD-D823-4597-B0FD-4A3F72F4ACF2}.job
- c:\windows\system32\msfeedssync.exe [2008-04-30 07:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/skinit/icq/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
mLocal Page =
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: {4C9B5CBD-E035-4A78-8014-BCB4721F2096} = 192.168.3.1
FF - ProfilePath - c:\users\Vista\AppData\Roaming\Mozilla\Firefox\Profiles\7rcybf6p.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: keyword.URL - hxxp://www.webhledani.cz/results.aspx?i=39&tp=ab&q=
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\users\Vista\AppData\Local\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-OEXPRESS - (no file)
HKLM-Run-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-04 13:34
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\INIDVD]
"ImagePath"=multi:"system32\DRIVERS\inidvd.sys\00"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\INIDVD]
"ImagePath"=multi:"system32\DRIVERS\inidvd.sys\00"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-545812794-2383777145-3001047551-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:9f,4f,5d,61,cd,0e,de,96,fe,bf,c0,f6,ef,f4,aa,0a,30,21,4c,1a,8f,0f,99,
be,67,6a,02,fb,14,4d,7b,49,b9,1a,e0,b2,61,bb,12,e9,b7,89,c4,a3,ee,df,ff,d6,\
"??"=hex:ca,34,d3,10,fc,81,86,70,b7,01,37,08,2b,32,3e,63

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(784)
c:\windows\system32\DPPWDFLT.dll
.
Celkový čas: 2009-11-04 13:37
ComboFix-quarantined-files.txt 2009-11-04 12:37

Před spuštěním: Volných bajtů: 50 311 892 992
Po spuštění: Volných bajtů: 51 139 649 536

- - End Of File - - 65A426ACCE81B215258722BB5C5619B6

pitimir
Level 3.5
Level 3.5
Příspěvky: 850
Registrován: srpen 09
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod pitimir » 04 lis 2009 17:55

Aky AV pouzivas? Nod, AVG alebo Symantec?

Inak ten crack na Noda sa mi nepaci :evil:
Nemam rad amaterizmus...

A adresat odkazu to vie :)

Mata.
nováček
Příspěvky: 42
Registrován: říjen 09
Pohlaví: Nespecifikováno
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod Mata. » 05 lis 2009 12:55

AVG, jakej crack na noda? já mám prave nainstalovany i nod 23, ale uz vyprsela platnost a nejde mi to odinstalovat..


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 9 hostů