VIRY.CZ

vyosek píše:v nouzovem rezimu nejde ten uninstaller jejich spustit

no nejde...

Tak jej tedy odpalime rucne pres ComboFix
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

http://imgup.cz/images/beznzvuuhu.png

Hlasku odkliknete a ignorujte

ComboFix 11-07-27.01 - Jarda 27.07.2011 10:43:40.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2814.1781 [GMT 2:00]
Spuštěný z: c:\users\Jarda\Downloads\ComboFix.exe
AV: ESET Smart Security 4.0 *Enabled/Outdated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.0 *Enabled/Outdated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\RegGenie
c:\program files\RegGenie\Backups\40750,4596269444
c:\program files\RegGenie\RegGenie.ini
c:\users\Jarda\AppData\Roaming\Desktopicon
c:\users\Jarda\AppData\Roaming\Desktopicon\eBay.ico
c:\users\Jarda\AppData\Roaming\Desktopicon\uninst.exe
c:\users\Jarda\AppData\Roaming\inst.exe
c:\windows\system32\detoured.dll
c:\windows\system32\no
c:\windows\system32\no\AuthFWSnapIn.Resources.dll
c:\windows\system32\no\AuthFWWizFwk.Resources.dll
c:\windows\system32\no\Narrator.resources.dll
c:\windows\system32\SV
c:\windows\system32\SV\AuthFWSnapIn.Resources.dll
c:\windows\system32\SV\AuthFWWizFwk.Resources.dll
c:\windows\system32\SV\Narrator.resources.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-27 do 2011-07-27 )))))))))))))))))))))))))))))))
.
.
2011-07-27 08:59 . 2011-07-27 08:59 -------- dc----w- c:\users\Jarda\AppData\Local\temp
2011-07-27 06:53 . 2011-07-27 06:56 -------- d-----w- C:\rsit
2011-07-26 09:22 . 2011-07-26 09:22 -------- dc----w- c:\users\Jarda\AppData\Local\VS Revo Group
2011-07-26 09:21 . 2009-12-30 09:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys
2011-07-26 09:05 . 2011-07-26 09:05 -------- dc----w- c:\users\Jarda\AppData\Roaming\RegGenie
2011-07-26 08:37 . 2011-03-08 01:30 299544 ----a-w- c:\windows\RegGenieOnUninstall.exe
2011-07-17 19:02 . 2011-07-17 19:04 -------- d-----w- c:\programdata\AutoPowerOn
2011-07-17 19:02 . 2011-07-17 19:02 -------- dc----w- c:\program files\AutoPowerOn
2011-07-13 18:56 . 2011-04-22 23:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-13 18:56 . 2011-04-25 15:29 141104 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2011-07-13 18:56 . 2011-04-22 23:35 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-07-13 18:24 . 2011-05-04 02:43 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-07-13 18:24 . 2011-05-04 02:43 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-07-13 18:24 . 2011-05-04 02:43 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-12 04:40 . 2011-07-12 04:40 -------- dc----w- c:\program files\Common Files\Java
2011-07-11 17:23 . 2010-12-18 05:31 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-07-11 17:23 . 2011-05-03 04:50 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-07-10 10:28 . 2011-07-10 10:29 -------- dc----w- c:\program files\AIMP2
2011-07-10 10:17 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{82ADDF5B-D466-48B1-B872-6ECBDE327D83}\mpengine.dll
2011-07-02 14:14 . 2011-07-02 14:14 -------- dc----w- c:\program files\City Interactive
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-01 12:50 . 2010-09-02 19:51 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-07-01 12:50 . 2010-09-02 19:51 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-11 11:53 . 2011-06-11 11:53 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-06-11 11:53 . 2011-06-11 11:53 161792 ----a-w- c:\windows\system32\msls31.dll
2011-06-11 11:53 . 2011-06-11 11:53 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-06-11 11:53 . 2011-06-11 11:53 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-06-11 11:53 . 2011-06-11 11:53 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-06-11 11:53 . 2011-06-11 11:53 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-06-11 11:53 . 2011-06-11 11:53 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-06-11 11:53 . 2011-06-11 11:53 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-06-11 11:53 . 2011-06-11 11:53 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-06-11 11:53 . 2011-06-11 11:53 367104 ----a-w- c:\windows\system32\html.iec
2011-06-11 11:53 . 2011-06-11 11:53 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-06-11 11:53 . 2011-06-11 11:53 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-11 11:53 . 2011-06-11 11:53 152064 ----a-w- c:\windows\system32\wextract.exe
2011-06-11 11:53 . 2011-06-11 11:53 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-06-11 11:53 . 2011-06-11 11:53 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-06-11 11:53 . 2011-06-11 11:53 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-11 11:53 . 2011-06-11 11:53 11776 ----a-w- c:\windows\system32\mshta.exe
2011-06-11 11:53 . 2011-06-11 11:53 101888 ----a-w- c:\windows\system32\admparse.dll
2011-06-11 11:53 . 2011-06-11 11:53 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-06-11 11:51 . 2011-06-11 11:51 801792 ----a-w- c:\windows\system32\FntCache.dll
2011-06-11 11:51 . 2011-06-11 11:51 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-06-11 11:51 . 2011-06-11 11:51 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-06-11 11:51 . 2011-06-11 11:51 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-06-11 11:51 . 2011-06-11 11:51 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2011-06-11 11:51 . 2011-06-11 11:51 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-06-11 11:51 . 2011-06-11 11:51 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2011-06-11 11:51 . 2011-06-11 11:51 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-06-11 11:51 . 2011-06-11 11:51 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2011-06-11 11:51 . 2011-06-11 11:51 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-06-11 11:51 . 2011-06-11 11:51 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-06-11 11:51 . 2011-06-11 11:51 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-06-11 11:51 . 2011-06-11 11:51 107520 ----a-w- c:\windows\system32\cdd.dll
2011-06-11 11:51 . 2011-06-11 11:51 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-06-11 11:51 . 2011-06-11 11:51 3181568 ----a-w- c:\windows\system32\mf.dll
2011-06-11 11:51 . 2011-06-11 11:51 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-06-01 16:01 . 2011-06-01 16:01 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-04 02:52 . 2011-05-17 10:55 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-29 02:57 . 2011-06-25 10:59 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 02:57 . 2011-06-25 10:59 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 02:57 . 2011-06-25 10:58 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-07-06 18:05 . 2010-07-06 18:04 19495102 -c--a-w- c:\program files\vlc-1.1.0-win32.exe
2006-01-23 09:32 . 2006-01-23 09:32 131072 -c--a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2007-02-08 09:48 . 2007-02-08 09:48 133920 -c--a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AIMP2"="c:\program files\AIMP2\AIMP2.exe" [2010-08-07 1262592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-03 281768]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\C\0autocheck autochk /p \??\C\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2009-06-18 19:11 1537320 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-01-07 38224]
R3 netr73;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-06 34064]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2010-03-11 25088]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-26 1343400]
R3 XDva327;XDva327;c:\windows\system32\XDva327.sys [x]
R4 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2010-01-07 380928]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-01-05 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-05-16 136360]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-05-14 38240]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 NAUpdate;Aktualizace Nero;c:\program files\Nero\Update\NASvc.exe [2010-02-18 462632]
S2 PStrip;PStrip;c:\windows\system32\drivers\pstrip.sys [2007-07-15 27992]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-01-28 68200]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
HsfXAudioService REG_MULTI_SZ HsfXAudioService
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 10:11 451872 -c--a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001Core.job
- c:\users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-15 18:23]
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001UA.job
- c:\users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-15 18:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.facebook.com/
uInternet Settings,ProxyOverride = *.local
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
Trusted Zone: kuaiche.com\software
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\6xuvccdq.default\
FF - prefs.js: browser.startup.homepage - hxxp://ahoolly.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-Adobe Photoshop 7.0 - c:\program files\Adobe\Photoshop 7.0\Uninst.isu
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1231980872-3630433492-3231682891-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:8c,e6,08,c5,46,1a,2c,ff,94,57,e5,ea,d9,cf,7e,e4,cd,f9,b3,b3,05,0f,ff,
e9,7a,93,ac,f2,71,df,f4,17,14,eb,12,a4,90,cc,fd,88,d7,67,83,3b,45,a1,15,e4,\
"??"=hex:2f,19,2e,25,8f,93,2b,24,e8,c1,3a,76,bb,2e,82,2f
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-07-27 11:05:00
ComboFix-quarantined-files.txt 2011-07-27 09:04
.
Před spuštěním: 6 913 617 920
Po spuštění: 9 717 551 104
.
- - End Of File - - B7F0AFB1D91B8EAC76E8573770491232

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Driver::
XDva327
ehdrv
ekrn
epfwwfp

File::
c:\windows\system32\XDva327.sys
c:\windows\system32\DRIVERS\ehdrv.sys
c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe
c:\windows\system32\DRIVERS\epfwwfp.sys

SecCenter::
AV: ESET Smart Security 4.0 *Enabled/Outdated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.0 *Enabled/Outdated* {706E6083-750B-B597-533E-5FF310EF4B18}

Folder::
c:\program files\ESET\ESET NOD32 Antivirus
C:\Program Data\ESET

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

ComboFix 11-07-27.01 - Jarda 27.07.2011 11:52:11.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2814.970 [GMT 2:00]
Spuštěný z: c:\users\Jarda\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jarda\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
FILE ::
"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe"
"c:\windows\system32\DRIVERS\ehdrv.sys"
"c:\windows\system32\DRIVERS\epfwwfp.sys"
"c:\windows\system32\XDva327.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jarda\AppData\Roaming\chrtmp
c:\windows\RegGenieOnUninstall.exe
c:\windows\system32\Config.ini
c:\windows\system32\logs.dat
c:\program files\ESET\ESET NOD32 Antivirus . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\callmsi.exe . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\DMON.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ecls.exe . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eclsLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ecmd.exe . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eeclnt.exe . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\egui.exe . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiAmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiAmonLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiDmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiDmonLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiEmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiEmonLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiEpfwLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiMailPluginsLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiProduct.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiScan.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiScanLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiSmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiSmonLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eguiUpdateLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnAmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnDmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnDmonLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnEmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnEpfwLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnMailPlugins.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnMailPluginsLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnScan.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnScanLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnSmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnSmonEngine.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnSmonLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnUpdate.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ekrnUpdateLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\em000_32.dat . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\em001_32.dat . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\em002_32.dat . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\em003_32.dat . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\em004_32.dat . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\em005_32.dat . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\em006_32.dat . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\em008_32.dat . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\em009_32.dat . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\em010_32.dat . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\em013_32.dat . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgHooks.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgOE.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgOEEmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgOELang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgOESmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgOESmonLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgOutlook.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgOutlookEmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgOutlookEmonLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgOutlookLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgOutlookSmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgOutlookSmonLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgTbEmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgTbLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgTbSmon.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eplgTbSmonLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eset.chm . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\eula.rtf . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\http_dll.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\mfc80.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\mfc80u.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\Microsoft.VC80.CRT.manifest . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\Microsoft.VC80.MFC.manifest . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\Microsoft.VC80.MFCLOC.manifest . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird\Components\eplgTb.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird\Components\eplgTb.xpt . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird\install.rdf . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\msvcp80.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\msvcr80.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\PPESET.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\PPEset.inf . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\shellExt.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\ShellExtLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\SysInspector.exe . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\SysInspectorLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\SysRescue.exe . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\SysRescueLang.dll . . . . nemohl být smazán
c:\program files\ESET\ESET NOD32 Antivirus\updater.dll . . . . nemohl být smazán
c:\windows\system32\DRIVERS\ehdrv.sys . . . . nemohl být smazán
c:\windows\system32\DRIVERS\epfwwfp.sys . . . . nemohl být smazán
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_EHDRV
-------\Legacy_EPFWWFP
-------\Legacy_XDVA327
-------\Service_ehdrv
-------\Service_ekrn
-------\Service_epfwwfp
-------\Service_XDva327
-------\Service_EhttpSrv
-------\Service_EhttpSrv
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-27 do 2011-07-27 )))))))))))))))))))))))))))))))
.
.
2011-07-27 10:23 . 2011-07-27 10:37 -------- dc----w- c:\users\Jarda\AppData\Local\temp
2011-07-27 10:23 . 2011-07-27 10:23 -------- dc----w- c:\users\Guest\AppData\Local\temp
2011-07-27 10:23 . 2011-07-27 10:23 -------- dc----w- c:\users\Default\AppData\Local\temp
2011-07-27 06:53 . 2011-07-27 06:56 -------- d-----w- C:\rsit
2011-07-26 09:22 . 2011-07-26 09:22 -------- dc----w- c:\users\Jarda\AppData\Local\VS Revo Group
2011-07-26 09:21 . 2009-12-30 09:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys
2011-07-26 09:05 . 2011-07-26 09:05 -------- dc----w- c:\users\Jarda\AppData\Roaming\RegGenie
2011-07-17 19:02 . 2011-07-17 19:04 -------- d-----w- c:\programdata\AutoPowerOn
2011-07-17 19:02 . 2011-07-17 19:02 -------- dc----w- c:\program files\AutoPowerOn
2011-07-13 18:56 . 2011-04-22 23:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-13 18:56 . 2011-04-25 15:29 141104 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2011-07-13 18:56 . 2011-04-22 23:35 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-07-13 18:24 . 2011-05-04 02:43 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-07-13 18:24 . 2011-05-04 02:43 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-07-13 18:24 . 2011-05-04 02:43 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-12 04:40 . 2011-07-12 04:40 -------- dc----w- c:\program files\Common Files\Java
2011-07-11 17:23 . 2010-12-18 05:31 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-07-11 17:23 . 2011-05-03 04:50 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-07-10 10:28 . 2011-07-10 10:29 -------- dc----w- c:\program files\AIMP2
2011-07-10 10:17 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{82ADDF5B-D466-48B1-B872-6ECBDE327D83}\mpengine.dll
2011-07-02 14:14 . 2011-07-02 14:14 -------- dc----w- c:\program files\City Interactive
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-27 09:51 . 2009-05-14 13:49 38240 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2011-07-27 09:51 . 2009-05-14 13:47 107256 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2011-07-01 12:50 . 2010-09-02 19:51 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-07-01 12:50 . 2010-09-02 19:51 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-11 11:53 . 2011-06-11 11:53 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-06-11 11:53 . 2011-06-11 11:53 161792 ----a-w- c:\windows\system32\msls31.dll
2011-06-11 11:53 . 2011-06-11 11:53 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-06-11 11:53 . 2011-06-11 11:53 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-06-11 11:53 . 2011-06-11 11:53 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-06-11 11:53 . 2011-06-11 11:53 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-06-11 11:53 . 2011-06-11 11:53 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-06-11 11:53 . 2011-06-11 11:53 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-06-11 11:53 . 2011-06-11 11:53 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-06-11 11:53 . 2011-06-11 11:53 367104 ----a-w- c:\windows\system32\html.iec
2011-06-11 11:53 . 2011-06-11 11:53 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-06-11 11:53 . 2011-06-11 11:53 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-11 11:53 . 2011-06-11 11:53 152064 ----a-w- c:\windows\system32\wextract.exe
2011-06-11 11:53 . 2011-06-11 11:53 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-06-11 11:53 . 2011-06-11 11:53 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-06-11 11:53 . 2011-06-11 11:53 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-11 11:53 . 2011-06-11 11:53 11776 ----a-w- c:\windows\system32\mshta.exe
2011-06-11 11:53 . 2011-06-11 11:53 101888 ----a-w- c:\windows\system32\admparse.dll
2011-06-11 11:53 . 2011-06-11 11:53 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-06-11 11:51 . 2011-06-11 11:51 801792 ----a-w- c:\windows\system32\FntCache.dll
2011-06-11 11:51 . 2011-06-11 11:51 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-06-11 11:51 . 2011-06-11 11:51 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-06-11 11:51 . 2011-06-11 11:51 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-06-11 11:51 . 2011-06-11 11:51 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2011-06-11 11:51 . 2011-06-11 11:51 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-06-11 11:51 . 2011-06-11 11:51 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2011-06-11 11:51 . 2011-06-11 11:51 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-06-11 11:51 . 2011-06-11 11:51 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2011-06-11 11:51 . 2011-06-11 11:51 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-06-11 11:51 . 2011-06-11 11:51 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-06-11 11:51 . 2011-06-11 11:51 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-06-11 11:51 . 2011-06-11 11:51 107520 ----a-w- c:\windows\system32\cdd.dll
2011-06-11 11:51 . 2011-06-11 11:51 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-06-11 11:51 . 2011-06-11 11:51 3181568 ----a-w- c:\windows\system32\mf.dll
2011-06-11 11:51 . 2011-06-11 11:51 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-06-01 16:01 . 2011-06-01 16:01 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-04 02:52 . 2011-05-17 10:55 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-29 02:57 . 2011-06-25 10:59 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 02:57 . 2011-06-25 10:59 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 02:57 . 2011-06-25 10:58 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-07-06 18:05 . 2010-07-06 18:04 19495102 -c--a-w- c:\program files\vlc-1.1.0-win32.exe
2006-01-23 09:32 . 2006-01-23 09:32 131072 -c--a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2007-02-08 09:48 . 2007-02-08 09:48 133920 -c--a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AIMP2"="c:\program files\AIMP2\AIMP2.exe" [2010-08-07 1262592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-03 281768]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\C\0autocheck autochk /p \??\C\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2009-06-18 19:11 1537320 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-01-07 38224]
R3 netr73;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-06 34064]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2010-03-11 25088]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-26 1343400]
R4 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2010-01-07 380928]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-01-05 691696]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-05-16 136360]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 NAUpdate;Aktualizace Nero;c:\program files\Nero\Update\NASvc.exe [2010-02-18 462632]
S2 PStrip;PStrip;c:\windows\system32\drivers\pstrip.sys [2007-07-15 27992]
S3 CFcatchme;CFcatchme;c:\users\Jarda\AppData\Local\Temp\CFcatchme.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-01-28 68200]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
HsfXAudioService REG_MULTI_SZ HsfXAudioService
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 10:11 451872 -c--a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001Core.job
- c:\users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-15 18:23]
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1231980872-3630433492-3231682891-1001UA.job
- c:\users\Jarda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-15 18:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.facebook.com/
uInternet Settings,ProxyOverride = *.local
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
Trusted Zone: kuaiche.com\software
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\6xuvccdq.default\
FF - prefs.js: browser.startup.homepage - hxxp://ahoolly.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1231980872-3630433492-3231682891-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:8c,e6,08,c5,46,1a,2c,ff,94,57,e5,ea,d9,cf,7e,e4,cd,f9,b3,b3,05,0f,ff,
e9,7a,93,ac,f2,71,df,f4,17,14,eb,12,a4,90,cc,fd,88,d7,67,83,3b,45,a1,15,e4,\
"??"=hex:2f,19,2e,25,8f,93,2b,24,e8,c1,3a,76,bb,2e,82,2f
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\windows\system32\lkcitdl.exe
c:\windows\system32\lkads.exe
c:\windows\system32\lktsrv.exe
c:\program files\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\system32\nisvcloc.exe
c:\windows\system32\sppsvc.exe
c:\program files\NVIDIA Corporation\System Update\UpdateCenterService.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Celkový čas: 2011-07-27 12:45:17 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-27 10:45
ComboFix2.txt 2011-07-27 09:05
.
Před spuštěním: 9 413 693 440
Po spuštění: 8 659 660 800
.
- - End Of File - - 2D770FA720D6F37743BDE63D70543ADB

Internet normalne funguje... vse je OK.. jen mi avira zacala nachazet malware....

jeste by ste mi prosim mohli poradit proc mi SVCHost.exe "zere" tolik procesoru.... je to des......

NOD je tam vsak stale, vezmem ho krumpacem

Stahnete Avenger (viz muj podpis)

Pokud pouzivate Win Vista ci W7, kliknete na Avenger pravym a dejte Run As Administrator ci Spustit jako spravce
Po spusteni Vas program upozorni, ze vse co delate, delate na vlastni riziko - Dejte OK
Po potvrzeni uz na Vas koukne hlavni okno, kam vlozite skript, ktery mate nize

Kód: Vybrat vše

Files to delete:
c:\windows\system32\XDva327.sys
c:\windows\system32\DRIVERS\ehdrv.sys
c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe
c:\windows\system32\DRIVERS\epfwwfp.sys

Folders to delete:
c:\program files\ESET\ESET NOD32 Antivirus
C:\Program Data\ESET

Drivers to delete:
ehdrv
ekrn
epfwwfp

Do ctverecku u Scan for rootkits a Automatically disable any rootkits found dejte fajecku
Nyni uz kliknete na Execute a potvrdte Yes v nasledujicim okne - timto potvrdite spusteni skriptu
Na otazku Reboot now odpovezte opet OK - timto se PC restartuje
Po restartu by se mel otevrit poznamkovy blok s logem a jeho obsah vlozte sem. Pokud se tak nestane, naleznete pozadovany dokument v C:\avenger.txt

Kde Avira ukazuje havet

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

Error: file "c:\windows\system32\XDva327.sys" not found!
Deletion of file "c:\windows\system32\XDva327.sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

File "c:\windows\system32\DRIVERS\ehdrv.sys" deleted successfully.

Error: file "c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" not found!
Deletion of file "c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

File "c:\windows\system32\DRIVERS\epfwwfp.sys" deleted successfully.
Folder "c:\program files\ESET\ESET NOD32 Antivirus" deleted successfully.

Error: could not open folder "C:\Program Data\ESET"
Deletion of folder "C:\Program Data\ESET" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist

Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\ehdrv" not found!
Deletion of driver "ehdrv" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\ekrn" not found!
Deletion of driver "ekrn" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\epfwwfp" not found!
Deletion of driver "epfwwfp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Completed script processing.

*******************

Finished! Terminate.

rekl bych ze se skoro nic neodstranilo....

Odstranilo to, co CF ne...

Co ta Avira, kde nachazi havet

Sami ESET.... dnes 88 objektu...... c>program files> eset...vsechno tam..

Top bude karantena nebo se ji to nelibi...tam nebezpeceni nehrozi...

Kód: Vybrat vše



Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\SysRescue.exe
Status:	Infected
Quarantine object:	23bbbe16.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\SysRescueLang.dll
Status:	Infected
Quarantine object:	52e9e253.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\Mozilla Thunderbird\Components\eplgTb.dll
Status:	Infected
Quarantine object:	2231c848.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\SysInspectorLang.dll
Status:	Infected
Quarantine object:	590a84df.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\http_dll.dll
Status:	Infected
Quarantine object:	2aa2d8ab.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\mfc80.dll
Status:	Infected
Quarantine object:	5f06a080.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\mfc80u.dll
Status:	Infected
Quarantine object:	7451fc80.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\SysInspector.exe
Status:	Infected
Quarantine object:	312ea3e7.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Drop.Softomat.AN Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\msvcp80.dll
Status:	Infected
Quarantine object:	1303b402.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\shellExt.dll
Status:	Infected
Quarantine object:	1211d26e.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgTbSmonLang.dll
Status:	Infected
Quarantine object:	08988a2b.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgTbSmon.dll
Status:	Infected
Quarantine object:	7cc39258.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\PPESET.dll
Status:	Infected
Quarantine object:	585e8766.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\ShellExtLang.dll
Status:	Infected
Quarantine object:	7c38fda6.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgTbLang.dll
Status:	Infected
Quarantine object:	59cee84c.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\msvcr80.dll
Status:	Infected
Quarantine object:	58738d14.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiUpdate.dll
Status:	Infected
Quarantine object:	30cb82df.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\ekrnEpfwLang.dll
Status:	Infected
Quarantine object:	295d9f5a.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiScanLang.dll
Status:	Infected
Quarantine object:	2ed29219.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\ekrnDmonLang.dll
Status:	Infected
Quarantine object:	24cbee72.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgOutlookEmonLang.dll
Status:	Infected
Quarantine object:	70368de6.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgOEEmon.dll
Status:	Infected
Quarantine object:	4b888101.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\ekrnScanLang.dll
Status:	Infected
Quarantine object:	6885d2ab.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgOELang.dll
Status:	Infected
Quarantine object:	69f8d675.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\ekrnLang.dll
Status:	Infected
Quarantine object:	35008b53.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgOutlook.dll
Status:	Infected
Quarantine object:	74baeed2.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Drop.Softomat.AN Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\EHttpSrv.exe
Status:	Infected
Quarantine object:	71b5eadc.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiSmonLang.dll
Status:	Infected
Quarantine object:	3a8ea9a1.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgOutlookSmonLang.dll
Status:	Infected
Quarantine object:	14bcb969.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgTbEmon.dll
Status:	Infected
Quarantine object:	03ecdadb.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Drop.Softomat.AN Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgOutlookEmon.dll
Status:	Infected
Quarantine object:	159acf6d.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Drop.Softomat.AN Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgOESmon.dll
Status:	Infected
Quarantine object:	01e8ace3.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiSmon.dll
Status:	Infected
Quarantine object:	081ad204.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiUpdateLang.dll
Status:	Infected
Quarantine object:	0f98e69a.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\ekrnMailPluginsLang.dll
Status:	Infected
Quarantine object:	04d3c69d.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgOutlookSmon.dll
Status:	Infected
Quarantine object:	0605c5d4.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\ekrnSmonLang.dll
Status:	Infected
Quarantine object:	211ff7ac.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgOESmonLang.dll
Status:	Infected
Quarantine object:	219ea866.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgOE.dll
Status:	Infected
Quarantine object:	1c06f3a9.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Drop.Softomat.AN Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgOutlookLang.dll
Status:	Infected
Quarantine object:	15e1f947.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eplgHooks.dll
Status:	Infected
Quarantine object:	7ab4ff40.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiScan.dll
Status:	Infected
Quarantine object:	4ddcb969.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\callmsi.exe
Status:	Infected
Quarantine object:	5216932f.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Drop.Softomat.AN Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiAmon.dll
Status:	Infected
Quarantine object:	6c78f54a.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiEmonLang.dll
Status:	Infected
Quarantine object:	4bb5c4ff.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\ecmd.exe
Status:	Infected
Quarantine object:	5ce0995c.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\ecls.exe
Status:	Infected
Quarantine object:	667e8603.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiDmon.dll
Status:	Infected
Quarantine object:	584ae19d.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\DMON.dll
Status:	Infected
Quarantine object:	00aac9ab.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiMailPlugins.dll
Status:	Infected
Quarantine object:	5fd6a07f.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiEpfwLang.dll
Status:	Infected
Quarantine object:	0797b916.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiAmonLang.dll
Status:	Infected
Quarantine object:	4122da07.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiEmon.dll
Status:	Infected
Quarantine object:	45aff438.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiMailPluginsLang.dll
Status:	Infected
Quarantine object:	7322d9b3.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eclsLang.dll
Status:	Infected
Quarantine object:	23faab3d.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiDmonLang.dll
Status:	Infected
Quarantine object:	3416cdad.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eeclnt.exe
Status:	Infected
Quarantine object:	1056b514.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\epfwwfp.sys
Status:	Infected
Quarantine object:	4a8bbcb9.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Drop.Softomat.AN Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ESET NOD32 Antivirus\eguiEpfw.dll
Status:	Infected
Quarantine object:	0e9cbdbd.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Avenger\ehdrv.sys
Status:	Infected
Quarantine object:	4a65b5de.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Drop.Softomat.AN Trojan
Date/Time:	27.7.2011, 16:08


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\eguiProduct.dll
Status:	Infected
Quarantine object:	3d6bb613.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\eguiProduct.dll
Status:	Infected
Quarantine object:	372ea299.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\eguiLang.dll
Status:	Infected
Quarantine object:	0ffff248.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\eguiLang.dll
Status:	Infected
Quarantine object:	29378da1.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnUpdateLang.dll
Status:	Infected
Quarantine object:	4a3e9925.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnUpdateLang.dll
Status:	Infected
Quarantine object:	74c0c60b.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnMailPlugins.dll
Status:	Infected
Quarantine object:	0075a6d4.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnMailPlugins.dll
Status:	Infected
Quarantine object:	58348049.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEmon.dll
Status:	Infected
Quarantine object:	097e9d85.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEmon.dll
Status:	Infected
Quarantine object:	4c57db33.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnDmon.dll
Status:	Infected
Quarantine object:	424dd41a.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnDmon.dll
Status:	Infected
Quarantine object:	33f4d27b.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:49


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
Status:	Infected
Quarantine object:	5fafc1b2.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:48


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
Status:	Infected
Quarantine object:	46c7c5dc.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:48


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnAmon.dll
Status:	Infected
Quarantine object:	6b9ad55a.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:48


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnAmon.dll
Status:	Infected
Quarantine object:	1782aafe.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:48


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnScan.dll
Status:	Infected
Quarantine object:	5b3ab958.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:48


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnScan.dll
Status:	Infected
Quarantine object:	2421b4cc.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:48


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnUpdate.dll
Status:	Infected
Quarantine object:	61a5a6f4.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:48


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnUpdate.dll
Status:	Infected
Quarantine object:	0792d6c0.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:48


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnSmon.dll
Status:	Infected
Quarantine object:	4d5aa39c.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:47


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnSmon.dll
Status:	Infected
Quarantine object:	55cdb3cf.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:47


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll
Status:	Infected
Quarantine object:	61cba7c4.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:47


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll
Status:	Infected
Quarantine object:	07fcd5f2.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:47


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\updater.dll
Status:	Infected
Quarantine object:	5595b2ee.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:47


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\updater.dll
Status:	Infected
Quarantine object:	4d02a0be.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 14:47


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Status:	Infected
Quarantine object:	538a53e3.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 12:39


Type:	File
Source:	C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Status:	Infected
Quarantine object:	4b1d47b1.qua
Restored:	NO
Uploaded to Avira:	NO
Operating System:	Windows 2000/XP/VISTA Workstation
Search engine:	8.02.06.18
Virus definition file:	7.11.12.107
Detection:	Is the TR/Trash.Gen Trojan
Date/Time:	27.7.2011, 12:39

vypis z aviry...

Zaloha NODu a jeho soubory - je to konkurence takze ji nema rad

takze NOD je fuc jo?? no a co se da delas t tim SVCHost???

VIRY.CZ

ekrn.exe+ zamezeni pripojeni k internetu

Re: ekrn.exe+ zamezeni pripojeni k internetu

Re: ekrn.exe+ zamezeni pripojeni k internetu

Re: ekrn.exe+ zamezeni pripojeni k internetu

Re: ekrn.exe+ zamezeni pripojeni k internetu

Re: ekrn.exe+ zamezeni pripojeni k internetu

Re: ekrn.exe+ zamezeni pripojeni k internetu

Re: ekrn.exe+ zamezeni pripojeni k internetu

Re: ekrn.exe+ zamezeni pripojeni k internetu

Re: ekrn.exe+ zamezeni pripojeni k internetu

Re: ekrn.exe+ zamezeni pripojeni k internetu

Re: ekrn.exe+ zamezeni pripojeni k internetu

Re: ekrn.exe+ zamezeni pripojeni k internetu

Re: ekrn.exe+ zamezeni pripojeni k internetu

Re: ekrn.exe+ zamezeni pripojeni k internetu

Re: ekrn.exe+ zamezeni pripojeni k internetu