VIRY.CZ

HKU\S-1-5-21-1482476501-1659004503-682003330-1005\Console 30.7.2011 9:29 0 bytes Security mismatch.
HKLM\SECURITY\Policy\Secrets\SAC* 20.8.2009 13:03 0 bytes Key name contains embedded nulls (*)
HKLM\SECURITY\Policy\Secrets\SAI* 20.8.2009 13:03 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Microsoft\SchedulingAgent\LastTaskRun 31.7.2011 12:30 16 bytes Data mismatch between Windows API and raw hive data.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\DelegateFolders\{E211B736-43FD-11D1-9EFB-0000F8757FCD}\ 10.6.2011 8:34 19 bytes Data mismatch between Windows API and raw hive data.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN 6.8.2010 19:32 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\CertMapping 6.8.2010 19:32 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Client 6.8.2010 19:32 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Listener 6.8.2010 19:32 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin 6.8.2010 19:32 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Service 6.8.2010 19:32 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\WinRS 6.8.2010 19:32 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\WinRS\CustomRemoteShell 6.8.2010 19:32 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\NameSpace_Catalog5 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\Protocol_Catalog9 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SOFTWARE\Swearware\backup\winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015 2.2.2010 16:58 0 bytes Security mismatch.
HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg 27.6.2011 8:50 0 bytes Access is denied.
C:\## aswSnx private storage 30.7.2011 16:51 0 bytes Hidden from Windows API.
C:\## aswSnx private storage\snx_rhive 30.7.2011 10:35 256.00 KB Hidden from Windows API.
C:\## aswSnx private storage\snx_rhive.LOG 30.7.2011 10:35 1.00 KB Hidden from Windows API.
C:\## aswSnx private storage\webStorage 9.7.2011 17:54 0 bytes Hidden from Windows API.
C:\## aswSnx private storage\webStorage\attrib 9.7.2011 17:54 0 bytes Hidden from Windows API.
C:\## aswSnx private storage\webStorage\image 9.7.2011 17:54 0 bytes Hidden from Windows API.
C:\## aswSnx private storage\webStorage\snx_fs.dat 9.7.2011 17:54 180 bytes Hidden from Windows API.

Log vypadá OK.

dik moc

Nemáte zač!

VIRY.CZ

pls. o ko. logu z RootkitRevealer

pls. o ko. logu z RootkitRevealer

Re: pls. o ko. logu z RootkitRevealer

Re: pls. o ko. logu z RootkitRevealer

Re: pls. o ko. logu z RootkitRevealer