Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

ekrn.exe+ zamezeni pripojeni k internetu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Parkoslav1992
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 20 bře 2009 21:27

Re: ekrn.exe+ zamezeni pripojeni k internetu

#16 Příspěvek od Parkoslav1992 »

vyosek píše:v nouzovem rezimu nejde ten uninstaller jejich spustit :o :???:
no nejde...
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: ekrn.exe+ zamezeni pripojeni k internetu

#17 Příspěvek od vyosek »

Tak jej tedy odpalime rucne pres ComboFix
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
:arrow: Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
  • Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
  • Pokud mate Win XP spustte pod uctem Spravce\Administratora
  • Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
  • Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
  • Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
  • Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
  • Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
  • Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
  • Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Parkoslav1992
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 20 bře 2009 21:27

Re: ekrn.exe+ zamezeni pripojeni k internetu

#18 Příspěvek od Parkoslav1992 »

http://imgup.cz/images/beznzvuuhu.png
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: ekrn.exe+ zamezeni pripojeni k internetu

#19 Příspěvek od vyosek »

Hlasku odkliknete a ignorujte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Parkoslav1992
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 20 bře 2009 21:27

Re: ekrn.exe+ zamezeni pripojeni k internetu

#20 Příspěvek od Parkoslav1992 »

ComboFix 11-07-27.01 - Jarda 27.07.2011 10:43:40.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2814.1781 [GMT 2:00]
Spuštěný z: c:\users\Jarda\Downloads\ComboFix.exe
AV: ESET Smart Security 4.0 *Enabled/Outdated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.0 *Enabled/Outdated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\RegGenie
c:\program files\RegGenie\Backups\40750,4596269444
c:\program files\RegGenie\RegGenie.ini
c:\users\Jarda\AppData\Roaming\Desktopicon
c:\users\Jarda\AppData\Roaming\Desktopicon\eBay.ico
c:\users\Jarda\AppData\Roaming\Desktopicon\uninst.exe
c:\users\Jarda\AppData\Roaming\inst.exe
c:\windows\system32\detoured.dll
c:\windows\system32\no
c:\windows\system32\no\AuthFWSnapIn.Resources.dll
c:\windows\system32\no\AuthFWWizFwk.Resources.dll
c:\windows\system32\no\Narrator.resources.dll
c:\windows\system32\SV
c:\windows\system32\SV\AuthFWSnapIn.Resources.dll
c:\windows\system32\SV\AuthFWWizFwk.Resources.dll
c:\windows\system32\SV\Narrator.resources.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-27 do 2011-07-27 )))))))))))))))))))))))))))))))
.
.
2011-07-27 08:59 . 2011-07-27 08:59 -------- dc----w- c:\users\Jarda\AppData\Local\temp
2011-07-27 06:53 . 2011-07-27 06:56 -------- d-----w- C:\rsit
2011-07-26 09:22 . 2011-07-26 09:22 -------- dc----w- c:\users\Jarda\AppData\Local\VS Revo Group
2011-07-26 09:21 . 2009-12-30 09:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys
2011-07-26 09:05 . 2011-07-26 09:05 -------- dc----w- c:\users\Jarda\AppData\Roaming\RegGenie
2011-07-26 08:37 . 2011-03-08 01:30 299544 ----a-w- c:\windows\RegGenieOnUninstall.exe
2011-07-17 19:02 . 2011-07-17 19:04 -------- d-----w- c:\programdata\AutoPowerOn
2011-07-17 19:02 . 2011-07-17 19:02 -------- dc----w- c:\program files\AutoPowerOn
2011-07-13 18:56 . 2011-04-22 23:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-13 18:56 . 2011-04-25 15:29 141104 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2011-07-13 18:56 . 2011-04-22 23:35 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-07-13 18:24 . 2011-05-04 02:43 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-07-13 18:24 . 2011-05-04 02:43 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-07-13 18:24 . 2011-05-04 02:43 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-12 04:40 . 2011-07-12 04:40 -------- dc----w- c:\program files\Common Files\Java
2011-07-11 17:23 . 2010-12-18 05:31 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-07-11 17:23 . 2011-05-03 04:50 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-07-10 10:28 . 2011-07-10 10:29 -------- dc----w- c:\program files\AIMP2
2011-07-10 10:17 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{82ADDF5B-D466-48B1-B872-6ECBDE327D83}\mpengine.dll
2011-07-02 14:14 . 2011-07-02 14:14 -------- dc----w- c:\program files\City Interactive
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-01 12:50 . 2010-09-02 19:51 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-07-01 12:50 . 2010-09-02 19:51 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-11 11:53 . 2011-06-11 11:53 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-06-11 11:53 . 2011-06-11 11:53 161792 ----a-w- c:\windows\system32\msls31.dll
2011-06-11 11:53 . 2011-06-11 11:53 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-06-11 11:53 . 2011-06-11 11:53 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-06-11 11:53 . 2011-06-11 11:53 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-06-11 11:53 . 2011-06-11 11:53 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-06-11 11:53 . 2011-06-11 11:53 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-06-11 11:53 . 2011-06-11 11:53 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-06-11 11:53 . 2011-06-11 11:53 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-06-11 11:53 . 2011-06-11 11:53 367104 ----a-w- c:\windows\system32\html.iec
2011-06-11 11:53 . 2011-06-11 11:53 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-06-11 11:53 . 2011-06-11 11:53 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-11 11:53 . 2011-06-11 11:53 152064 ----a-w- c:\windows\system32\wextract.exe
2011-06-11 11:53 . 2011-06-11 11:53 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-06-11 11:53 . 2011-06-11 11:53 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-06-11 11:53 . 2011-06-11 11:53 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-11 11:53 . 2011-06-11 11:53 11776 ----a-w- c:\windows\system32\mshta.exe
2011-06-11 11:53 . 2011-06-11 11:53 101888 ----a-w- c:\windows\system32\admparse.dll
2011-06-11 11:53 . 2011-06-11 11:53 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-06-11 11:51 . 2011-06-11 11:51 801792 ----a-w- c:\windows\system32\FntCache.dll
2011-06-11 11:51 . 2011-06-11 11:51 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-06-11 11:51 . 2011-06-11 11:51 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-06-11 11:51 . 2011-06-11 11:51 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-06-11 11:51 . 2011-06-11 11:51 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2011-06-11 11:51 . 2011-06-11 11:51 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-06-11 11:51 . 2011-06-11 11:51 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2011-06-11 11:51 . 2011-06-11 11:51 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-06-11 11:51 . 2011-06-11 11:51 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2011-06-11 11:51 . 2011-06-11 11:51 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-06-11 11:51 . 2011-06-11 11:51 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-06-11 11:51 . 2011-06-11 11:51 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-06-11 11:51 . 2011-06-11 11:51 107520 ----a-w- c:\windows\system32\cdd.dll
2011-06-11 11:51 . 2011-06-11 11:51 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-06-11 11:51 . 2011-06-11 11:51 3181568 ----a-w- c:\windows\system32\mf.dll
2011-06-11 11:51 . 2011-06-11 11:51 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-06-01 16:01 . 2011-06-01 16:01 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-04 02:52 . 2011-05-17 10:55 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-29 02:57 . 2011-06-25 10:59 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 02:57 . 2011-06-25 10:59 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 02:57 . 2011-06-25 10:58 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-07-06 18:05 . 2010-07-06 18:04 19495102 -c--a-w- c:\program files\vlc-1.1.0-win32.exe
2006-01-23 09:32 . 2006-01-23 09:32 131072 -c--a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2007-02-08 09:48 . 2007-02-08 09:48 133920 -c--a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AIMP2"="c:\program files\AIMP2\AIMP2.exe" [2010-08-07 1262592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-03 281768]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\C\0autocheck autochk /p \??\C\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2009-06-18 19:11 1537320 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-01-07 38224]
R3 netr73;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-06 34064]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2010-03-11 25088]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-26 1343400]
R3 XDva327;XDva327;c:\windows\system32\XDva327.sys [x]
R4 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2010-01-07 380928]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-01-05 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-05-16 136360]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-05-14 38240]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 NAUpdate;Aktualizace Nero;c:\program files\Nero\Update\NASvc.exe [2010-02-18 462632]
S2 PStrip;PStrip;c:\windows\system32\drivers\pstrip.sys [2007-07-15 27992]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-01-28 68200]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
HsfXAudioService REG_MULTI_SZ HsfXAudioService
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 10:11 451872 -c--a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001Core.job
- c:\users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-15 18:23]
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001UA.job
- c:\users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-15 18:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.facebook.com/
uInternet Settings,ProxyOverride = *.local
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
Trusted Zone: kuaiche.com\software
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\6xuvccdq.default\
FF - prefs.js: browser.startup.homepage - hxxp://ahoolly.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-Adobe Photoshop 7.0 - c:\program files\Adobe\Photoshop 7.0\Uninst.isu
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1231980872-3630433492-3231682891-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:8c,e6,08,c5,46,1a,2c,ff,94,57,e5,ea,d9,cf,7e,e4,cd,f9,b3,b3,05,0f,ff,
e9,7a,93,ac,f2,71,df,f4,17,14,eb,12,a4,90,cc,fd,88,d7,67,83,3b,45,a1,15,e4,\
"??"=hex:2f,19,2e,25,8f,93,2b,24,e8,c1,3a,76,bb,2e,82,2f
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-07-27 11:05:00
ComboFix-quarantined-files.txt 2011-07-27 09:04
.
Před spuštěním: 6 913 617 920
Po spuštění: 9 717 551 104
.
- - End Of File - - B7F0AFB1D91B8EAC76E8573770491232
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: ekrn.exe+ zamezeni pripojeni k internetu

#21 Příspěvek od vyosek »

:arrow: Pokud nemate, tak presunte Combofix na plochu
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    KillAll::

Driver::
XDva327
ehdrv
ekrn
epfwwfp

File::
c:\windows\system32\XDva327.sys
c:\windows\system32\DRIVERS\ehdrv.sys
c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe
c:\windows\system32\DRIVERS\epfwwfp.sys

SecCenter::
AV: ESET Smart Security 4.0 *Enabled/Outdated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.0 *Enabled/Outdated* {706E6083-750B-B597-533E-5FF310EF4B18}

Folder::
c:\program files\ESET\ESET NOD32 Antivirus
C:\Program Data\ESET

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]

Reboot::
  • Ulozte vytvoreny TXT jako CFScript.txt
  • Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
    Obrázek
  • Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
:arrow: Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Parkoslav1992
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 20 bře 2009 21:27

Re: ekrn.exe+ zamezeni pripojeni k internetu

#22 Příspěvek od Parkoslav1992 »

ComboFix 11-07-27.01 - Jarda 27.07.2011 11:52:11.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2814.970 [GMT 2:00]
Spuštěný z: c:\users\Jarda\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jarda\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
FILE ::
"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe"
"c:\windows\system32\DRIVERS\ehdrv.sys"
"c:\windows\system32\DRIVERS\epfwwfp.sys"
"c:\windows\system32\XDva327.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jarda\AppData\Roaming\chrtmp
c:\windows\RegGenieOnUninstall.exe
c:\windows\system32\Config.ini
c:\windows\system32\logs.dat
c:\program files\ESET\ESET NOD32 Antivirus . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\callmsi.exe . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\DMON.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ecls.exe . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eclsLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ecmd.exe . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eeclnt.exe . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\egui.exe . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiAmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiAmonLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiDmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiDmonLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiEmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiEmonLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiEpfwLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiMailPluginsLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiProduct.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiScan.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiScanLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiSmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiSmonLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiUpdateLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnAmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnDmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnDmonLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnEmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnEpfwLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnMailPlugins.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnMailPluginsLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnScan.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnScanLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnSmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnSmonEngine.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnSmonLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnUpdate.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnUpdateLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\em000_32.dat . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\em001_32.dat . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\em002_32.dat . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\em003_32.dat . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\em004_32.dat . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\em005_32.dat . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\em006_32.dat . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\em008_32.dat . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\em009_32.dat . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\em010_32.dat . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\em013_32.dat . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgHooks.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgOE.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgOEEmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgOELang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgOESmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgOESmonLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgOutlook.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgOutlookEmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgOutlookEmonLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgOutlookLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgOutlookSmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgOutlookSmonLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgTbEmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgTbLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgTbSmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgTbSmonLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eset.chm . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eula.rtf . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\http_dll.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\mfc80.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\mfc80u.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\Microsoft.VC80.CRT.manifest . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\Microsoft.VC80.MFC.manifest . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\Microsoft.VC80.MFCLOC.manifest . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird\Components\eplgTb.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird\Components\eplgTb.xpt . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird\install.rdf . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\msvcp80.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\msvcr80.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\PPESET.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\PPEset.inf . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\shellExt.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ShellExtLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\SysInspector.exe . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\SysInspectorLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\SysRescue.exe . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\SysRescueLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\updater.dll . . . . nemohl být smazán
c:\windows\system32\DRIVERS\ehdrv.sys . . . . nemohl být smazán
c:\windows\system32\DRIVERS\epfwwfp.sys . . . . nemohl být smazán
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_EHDRV
-------\Legacy_EPFWWFP
-------\Legacy_XDVA327
-------\Service_ehdrv
-------\Service_ekrn
-------\Service_epfwwfp
-------\Service_XDva327
-------\Service_EhttpSrv
-------\Service_EhttpSrv
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-27 do 2011-07-27 )))))))))))))))))))))))))))))))
.
.
2011-07-27 10:23 . 2011-07-27 10:37 -------- dc----w- c:\users\Jarda\AppData\Local\temp
2011-07-27 10:23 . 2011-07-27 10:23 -------- dc----w- c:\users\Guest\AppData\Local\temp
2011-07-27 10:23 . 2011-07-27 10:23 -------- dc----w- c:\users\Default\AppData\Local\temp
2011-07-27 06:53 . 2011-07-27 06:56 -------- d-----w- C:\rsit
2011-07-26 09:22 . 2011-07-26 09:22 -------- dc----w- c:\users\Jarda\AppData\Local\VS Revo Group
2011-07-26 09:21 . 2009-12-30 09:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys
2011-07-26 09:05 . 2011-07-26 09:05 -------- dc----w- c:\users\Jarda\AppData\Roaming\RegGenie
2011-07-17 19:02 . 2011-07-17 19:04 -------- d-----w- c:\programdata\AutoPowerOn
2011-07-17 19:02 . 2011-07-17 19:02 -------- dc----w- c:\program files\AutoPowerOn
2011-07-13 18:56 . 2011-04-22 23:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-13 18:56 . 2011-04-25 15:29 141104 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2011-07-13 18:56 . 2011-04-22 23:35 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-07-13 18:24 . 2011-05-04 02:43 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-07-13 18:24 . 2011-05-04 02:43 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-07-13 18:24 . 2011-05-04 02:43 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-12 04:40 . 2011-07-12 04:40 -------- dc----w- c:\program files\Common Files\Java
2011-07-11 17:23 . 2010-12-18 05:31 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-07-11 17:23 . 2011-05-03 04:50 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-07-10 10:28 . 2011-07-10 10:29 -------- dc----w- c:\program files\AIMP2
2011-07-10 10:17 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{82ADDF5B-D466-48B1-B872-6ECBDE327D83}\mpengine.dll
2011-07-02 14:14 . 2011-07-02 14:14 -------- dc----w- c:\program files\City Interactive
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-27 09:51 . 2009-05-14 13:49 38240 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2011-07-27 09:51 . 2009-05-14 13:47 107256 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2011-07-01 12:50 . 2010-09-02 19:51 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-07-01 12:50 . 2010-09-02 19:51 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-11 11:53 . 2011-06-11 11:53 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-06-11 11:53 . 2011-06-11 11:53 161792 ----a-w- c:\windows\system32\msls31.dll
2011-06-11 11:53 . 2011-06-11 11:53 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-06-11 11:53 . 2011-06-11 11:53 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-06-11 11:53 . 2011-06-11 11:53 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-06-11 11:53 . 2011-06-11 11:53 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-06-11 11:53 . 2011-06-11 11:53 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-06-11 11:53 . 2011-06-11 11:53 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-06-11 11:53 . 2011-06-11 11:53 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-06-11 11:53 . 2011-06-11 11:53 367104 ----a-w- c:\windows\system32\html.iec
2011-06-11 11:53 . 2011-06-11 11:53 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-06-11 11:53 . 2011-06-11 11:53 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-11 11:53 . 2011-06-11 11:53 152064 ----a-w- c:\windows\system32\wextract.exe
2011-06-11 11:53 . 2011-06-11 11:53 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-06-11 11:53 . 2011-06-11 11:53 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-06-11 11:53 . 2011-06-11 11:53 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-11 11:53 . 2011-06-11 11:53 11776 ----a-w- c:\windows\system32\mshta.exe
2011-06-11 11:53 . 2011-06-11 11:53 101888 ----a-w- c:\windows\system32\admparse.dll
2011-06-11 11:53 . 2011-06-11 11:53 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-06-11 11:51 . 2011-06-11 11:51 801792 ----a-w- c:\windows\system32\FntCache.dll
2011-06-11 11:51 . 2011-06-11 11:51 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-06-11 11:51 . 2011-06-11 11:51 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-06-11 11:51 . 2011-06-11 11:51 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-06-11 11:51 . 2011-06-11 11:51 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2011-06-11 11:51 . 2011-06-11 11:51 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-06-11 11:51 . 2011-06-11 11:51 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2011-06-11 11:51 . 2011-06-11 11:51 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-06-11 11:51 . 2011-06-11 11:51 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2011-06-11 11:51 . 2011-06-11 11:51 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-06-11 11:51 . 2011-06-11 11:51 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-06-11 11:51 . 2011-06-11 11:51 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-06-11 11:51 . 2011-06-11 11:51 107520 ----a-w- c:\windows\system32\cdd.dll
2011-06-11 11:51 . 2011-06-11 11:51 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-06-11 11:51 . 2011-06-11 11:51 3181568 ----a-w- c:\windows\system32\mf.dll
2011-06-11 11:51 . 2011-06-11 11:51 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-06-01 16:01 . 2011-06-01 16:01 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-04 02:52 . 2011-05-17 10:55 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-29 02:57 . 2011-06-25 10:59 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 02:57 . 2011-06-25 10:59 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 02:57 . 2011-06-25 10:58 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-07-06 18:05 . 2010-07-06 18:04 19495102 -c--a-w- c:\program files\vlc-1.1.0-win32.exe
2006-01-23 09:32 . 2006-01-23 09:32 131072 -c--a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2007-02-08 09:48 . 2007-02-08 09:48 133920 -c--a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AIMP2"="c:\program files\AIMP2\AIMP2.exe" [2010-08-07 1262592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-03 281768]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\C\0autocheck autochk /p \??\C\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2009-06-18 19:11 1537320 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-01-07 38224]
R3 netr73;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-06 34064]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2010-03-11 25088]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-26 1343400]
R4 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2010-01-07 380928]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-01-05 691696]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-05-16 136360]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 NAUpdate;Aktualizace Nero;c:\program files\Nero\Update\NASvc.exe [2010-02-18 462632]
S2 PStrip;PStrip;c:\windows\system32\drivers\pstrip.sys [2007-07-15 27992]
S3 CFcatchme;CFcatchme;c:\users\Jarda\AppData\Local\Temp\CFcatchme.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-01-28 68200]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
HsfXAudioService REG_MULTI_SZ HsfXAudioService
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 10:11 451872 -c--a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001Core.job
- c:\users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-15 18:23]
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001UA.job
- c:\users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-15 18:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.facebook.com/
uInternet Settings,ProxyOverride = *.local
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
Trusted Zone: kuaiche.com\software
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\6xuvccdq.default\
FF - prefs.js: browser.startup.homepage - hxxp://ahoolly.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1231980872-3630433492-3231682891-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:8c,e6,08,c5,46,1a,2c,ff,94,57,e5,ea,d9,cf,7e,e4,cd,f9,b3,b3,05,0f,ff,
e9,7a,93,ac,f2,71,df,f4,17,14,eb,12,a4,90,cc,fd,88,d7,67,83,3b,45,a1,15,e4,\
"??"=hex:2f,19,2e,25,8f,93,2b,24,e8,c1,3a,76,bb,2e,82,2f
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\windows\system32\lkcitdl.exe
c:\windows\system32\lkads.exe
c:\windows\system32\lktsrv.exe
c:\program files\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\system32\nisvcloc.exe
c:\windows\system32\sppsvc.exe
c:\program files\NVIDIA Corporation\System Update\UpdateCenterService.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Celkový čas: 2011-07-27 12:45:17 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-27 10:45
ComboFix2.txt 2011-07-27 09:05
.
Před spuštěním: 9 413 693 440
Po spuštění: 8 659 660 800
.
- - End Of File - - 2D770FA720D6F37743BDE63D70543ADB




Internet normalne funguje... vse je OK.. jen mi avira zacala nachazet malware....

jeste by ste mi prosim mohli poradit proc mi SVCHost.exe "zere" tolik procesoru.... je to des......
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: ekrn.exe+ zamezeni pripojeni k internetu

#23 Příspěvek od vyosek »

:arrow: NOD je tam vsak stale, vezmem ho krumpacem

:arrow: Stahnete Avenger (viz muj podpis)
  • Pokud pouzivate Win Vista ci W7, kliknete na Avenger pravym a dejte Run As Administrator ci Spustit jako spravce
  • Po spusteni Vas program upozorni, ze vse co delate, delate na vlastni riziko - Dejte OK
  • Po potvrzeni uz na Vas koukne hlavni okno, kam vlozite skript, ktery mate nize

  • Kód: Vybrat vše

    Files to delete:
c:\windows\system32\XDva327.sys
c:\windows\system32\DRIVERS\ehdrv.sys
c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe
c:\windows\system32\DRIVERS\epfwwfp.sys

Folders to delete:
c:\program files\ESET\ESET NOD32 Antivirus
C:\Program Data\ESET

Drivers to delete:
ehdrv
ekrn
epfwwfp
  • Do ctverecku u Scan for rootkits a Automatically disable any rootkits found dejte fajecku
  • Nyni uz kliknete na Execute a potvrdte Yes v nasledujicim okne - timto potvrdite spusteni skriptu
  • Na otazku Reboot now odpovezte opet OK - timto se PC restartuje
  • Po restartu by se mel otevrit poznamkovy blok s logem a jeho obsah vlozte sem. Pokud se tak nestane, naleznete pozadovany dokument v C:\avenger.txt
:arrow: Kde Avira ukazuje havet :???:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Parkoslav1992
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 20 bře 2009 21:27

Re: ekrn.exe+ zamezeni pripojeni k internetu

#24 Příspěvek od Parkoslav1992 »

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!


Error: file "c:\windows\system32\XDva327.sys" not found!
Deletion of file "c:\windows\system32\XDva327.sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

File "c:\windows\system32\DRIVERS\ehdrv.sys" deleted successfully.

Error: file "c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" not found!
Deletion of file "c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

File "c:\windows\system32\DRIVERS\epfwwfp.sys" deleted successfully.
Folder "c:\program files\ESET\ESET NOD32 Antivirus" deleted successfully.

Error: could not open folder "C:\Program Data\ESET"
Deletion of folder "C:\Program Data\ESET" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\ehdrv" not found!
Deletion of driver "ehdrv" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\ekrn" not found!
Deletion of driver "ekrn" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\epfwwfp" not found!
Deletion of driver "epfwwfp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Completed script processing.

*******************

Finished! Terminate.

rekl bych ze se skoro nic neodstranilo....
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: ekrn.exe+ zamezeni pripojeni k internetu

#25 Příspěvek od vyosek »

Odstranilo to, co CF ne...

Co ta Avira, kde nachazi havet :???:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Parkoslav1992
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 20 bře 2009 21:27

Re: ekrn.exe+ zamezeni pripojeni k internetu

#26 Příspěvek od Parkoslav1992 »

Sami ESET.... dnes 88 objektu...... c>program files> eset...vsechno tam..
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: ekrn.exe+ zamezeni pripojeni k internetu

#27 Příspěvek od vyosek »

Top bude karantena nebo se ji to nelibi...tam nebezpeceni nehrozi...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Parkoslav1992
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 20 bře 2009 21:27

Re: ekrn.exe+ zamezeni pripojeni k internetu

#28 Příspěvek od Parkoslav1992 »

Kód: Vybrat vše



Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\SysRescue.exe
Status:	Infected
Quarantine object:	23bbbe16.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\SysRescueLang.dll
Status:	Infected
Quarantine object:	52e9e253.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\Mozilla Thunderbird\Components\eplgTb.dll
Status:	Infected
Quarantine object:	2231c848.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\SysInspectorLang.dll
Status:	Infected
Quarantine object:	590a84df.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\http_dll.dll
Status:	Infected
Quarantine object:	2aa2d8ab.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\mfc80.dll
Status:	Infected
Quarantine object:	5f06a080.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\mfc80u.dll
Status:	Infected
Quarantine object:	7451fc80.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\SysInspector.exe
Status:	Infected
Quarantine object:	312ea3e7.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Drop.Softomat.AN Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\msvcp80.dll
Status:	Infected
Quarantine object:	1303b402.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\shellExt.dll
Status:	Infected
Quarantine object:	1211d26e.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgTbSmonLang.dll
Status:	Infected
Quarantine object:	08988a2b.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgTbSmon.dll
Status:	Infected
Quarantine object:	7cc39258.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\PPESET.dll
Status:	Infected
Quarantine object:	585e8766.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\ShellExtLang.dll
Status:	Infected
Quarantine object:	7c38fda6.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgTbLang.dll
Status:	Infected
Quarantine object:	59cee84c.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\msvcr80.dll
Status:	Infected
Quarantine object:	58738d14.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiUpdate.dll
Status:	Infected
Quarantine object:	30cb82df.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\ekrnEpfwLang.dll
Status:	Infected
Quarantine object:	295d9f5a.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiScanLang.dll
Status:	Infected
Quarantine object:	2ed29219.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\ekrnDmonLang.dll
Status:	Infected
Quarantine object:	24cbee72.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgOutlookEmonLang.dll
Status:	Infected
Quarantine object:	70368de6.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgOEEmon.dll
Status:	Infected
Quarantine object:	4b888101.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\ekrnScanLang.dll
Status:	Infected
Quarantine object:	6885d2ab.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgOELang.dll
Status:	Infected
Quarantine object:	69f8d675.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\ekrnLang.dll
Status:	Infected
Quarantine object:	35008b53.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgOutlook.dll
Status:	Infected
Quarantine object:	74baeed2.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Drop.Softomat.AN Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\EHttpSrv.exe
Status:	Infected
Quarantine object:	71b5eadc.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiSmonLang.dll
Status:	Infected
Quarantine object:	3a8ea9a1.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgOutlookSmonLang.dll
Status:	Infected
Quarantine object:	14bcb969.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgTbEmon.dll
Status:	Infected
Quarantine object:	03ecdadb.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Drop.Softomat.AN Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgOutlookEmon.dll
Status:	Infected
Quarantine object:	159acf6d.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Drop.Softomat.AN Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgOESmon.dll
Status:	Infected
Quarantine object:	01e8ace3.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiSmon.dll
Status:	Infected
Quarantine object:	081ad204.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiUpdateLang.dll
Status:	Infected
Quarantine object:	0f98e69a.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\ekrnMailPluginsLang.dll
Status:	Infected
Quarantine object:	04d3c69d.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgOutlookSmon.dll
Status:	Infected
Quarantine object:	0605c5d4.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\ekrnSmonLang.dll
Status:	Infected
Quarantine object:	211ff7ac.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgOESmonLang.dll
Status:	Infected
Quarantine object:	219ea866.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgOE.dll
Status:	Infected
Quarantine object:	1c06f3a9.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Drop.Softomat.AN Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgOutlookLang.dll
Status:	Infected
Quarantine object:	15e1f947.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgHooks.dll
Status:	Infected
Quarantine object:	7ab4ff40.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiScan.dll
Status:	Infected
Quarantine object:	4ddcb969.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\callmsi.exe
Status:	Infected
Quarantine object:	5216932f.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Drop.Softomat.AN Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiAmon.dll
Status:	Infected
Quarantine object:	6c78f54a.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiEmonLang.dll
Status:	Infected
Quarantine object:	4bb5c4ff.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\ecmd.exe
Status:	Infected
Quarantine object:	5ce0995c.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\ecls.exe
Status:	Infected
Quarantine object:	667e8603.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiDmon.dll
Status:	Infected
Quarantine object:	584ae19d.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\DMON.dll
Status:	Infected
Quarantine object:	00aac9ab.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiMailPlugins.dll
Status:	Infected
Quarantine object:	5fd6a07f.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiEpfwLang.dll
Status:	Infected
Quarantine object:	0797b916.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiAmonLang.dll
Status:	Infected
Quarantine object:	4122da07.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiEmon.dll
Status:	Infected
Quarantine object:	45aff438.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiMailPluginsLang.dll
Status:	Infected
Quarantine object:	7322d9b3.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eclsLang.dll
Status:	Infected
Quarantine object:	23faab3d.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiDmonLang.dll
Status:	Infected
Quarantine object:	3416cdad.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eeclnt.exe
Status:	Infected
Quarantine object:	1056b514.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\epfwwfp.sys
Status:	Infected
Quarantine object:	4a8bbcb9.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Drop.Softomat.AN Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiEpfw.dll
Status:	Infected
Quarantine object:	0e9cbdbd.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ehdrv.sys
Status:	Infected
Quarantine object:	4a65b5de.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Drop.Softomat.AN Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\eguiProduct.dll
Status:	Infected
Quarantine object:	3d6bb613.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\eguiProduct.dll
Status:	Infected
Quarantine object:	372ea299.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\eguiLang.dll
Status:	Infected
Quarantine object:	0ffff248.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\eguiLang.dll
Status:	Infected
Quarantine object:	29378da1.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnUpdateLang.dll
Status:	Infected
Quarantine object:	4a3e9925.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnUpdateLang.dll
Status:	Infected
Quarantine object:	74c0c60b.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnMailPlugins.dll
Status:	Infected
Quarantine object:	0075a6d4.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnMailPlugins.dll
Status:	Infected
Quarantine object:	58348049.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEmon.dll
Status:	Infected
Quarantine object:	097e9d85.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEmon.dll
Status:	Infected
Quarantine object:	4c57db33.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnDmon.dll
Status:	Infected
Quarantine object:	424dd41a.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnDmon.dll
Status:	Infected
Quarantine object:	33f4d27b.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
Status:	Infected
Quarantine object:	5fafc1b2.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:48


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
Status:	Infected
Quarantine object:	46c7c5dc.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:48


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnAmon.dll
Status:	Infected
Quarantine object:	6b9ad55a.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:48


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnAmon.dll
Status:	Infected
Quarantine object:	1782aafe.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:48


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnScan.dll
Status:	Infected
Quarantine object:	5b3ab958.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:48


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnScan.dll
Status:	Infected
Quarantine object:	2421b4cc.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:48


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnUpdate.dll
Status:	Infected
Quarantine object:	61a5a6f4.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:48


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnUpdate.dll
Status:	Infected
Quarantine object:	0792d6c0.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:48


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnSmon.dll
Status:	Infected
Quarantine object:	4d5aa39c.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:47


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnSmon.dll
Status:	Infected
Quarantine object:	55cdb3cf.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:47


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll
Status:	Infected
Quarantine object:	61cba7c4.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:47


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll
Status:	Infected
Quarantine object:	07fcd5f2.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:47


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\updater.dll
Status:	Infected
Quarantine object:	5595b2ee.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:47


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\updater.dll
Status:	Infected
Quarantine object:	4d02a0be.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:47


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Status:	Infected
Quarantine object:	538a53e3.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 12:39


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Status:	Infected
Quarantine object:	4b1d47b1.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 12:39
vypis z aviry...
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: ekrn.exe+ zamezeni pripojeni k internetu

#29 Příspěvek od vyosek »

Zaloha NODu a jeho soubory - je to konkurence takze ji nema rad :D
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Parkoslav1992
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 20 bře 2009 21:27

Re: ekrn.exe+ zamezeni pripojeni k internetu

#30 Příspěvek od Parkoslav1992 »

takze NOD je fuc jo?? no a co se da delas t tim SVCHost???
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“