[ Príspevkov: 6 ] 
AutorSpráva
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 26.10.10
Prihlásený: 27.10.10
Príspevky: 3
Témy: 1 | 1
NapísalOffline : 26.10.2010 14:43 | Trojan.Agent/Gen-BanLoad

dnes mi tento virus nasiel Superantispyware pro. je v karantene,. ale aj tak kompik mi ide neak pomaly, sem tam mi preblikava obrazovka, aa v eset sysinspector mam strasne vela cervenych policok, beziace procesy ukazuje cervenym na modul chrome.exe kriticke subori system.ini a win ini neviem co stym kedze som len predsa iba zaciatocnik,, aa ked som spustil sysinspektor procesor isiel na stopercent co sa mi nestavalo ,, co stym prosim


Offline

Užívateľ
Užívateľ
Trojan.Agent/Gen-BanLoad

Registrovaný: 04.06.09
Príspevky: 2637
Témy: 39 | 39
Bydlisko: Rožňava/Brz...
Vek: 24
NapísalOffline : 26.10.2010 17:54 | Trojan.Agent/Gen-BanLoad

Skus to prejst Mbam-om http://www.malwarebytes.org/
Plus vymazat cache v prehliadaci - ccleaner ( http://www.softmania.sk/Ccleaner.html ) - potom rr systemu (Windows)


_________________
Auto - Fiat Stilo 1.9JTD 3DV 16v 150 Michael Schumacher n°0945 Limited Edition /2006 ✔
Mobil telefon - Samsung S4 mini (nikdy viac samsung!)
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 26.10.10
Prihlásený: 27.10.10
Príspevky: 3
Témy: 1 | 1
Napísal autor témyOffline : 27.10.2010 1:59 | Trojan.Agent/Gen-BanLoad

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verzia databázy: 4934

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

24. 10. 2010 16:49:27
mbam-log-2010-10-24 (16-49-27).txt

Typ kontroly: Rýchla kontrola
Objektov kontrolovaných: 135476
Uplynulý čas: 4 min, 5 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 0

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
(Škodlivé položky neboli zistené)

Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
(Škodlivé položky neboli zistené)

tak toto bol vysledok kontroly malware.. dal som vymazat , ze vsetko, inak nevadi ze popri tom pouzivam a mam nainstalovany eset ccleaner plus este aj Superantiware? nebojuju neak medzi sebou?

// pridané po 7 minútach od posledného príspevku

`soryy v;astne tento vysledok je aktualnejsie

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verzia databázy: 4953

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

27. 10. 2010 1:33:27
mbam-log-2010-10-27 (01-33-27).txt

Typ kontroly: Úplná kontrola (C:\|D:\|E:\|)
Objektov kontrolovaných: 279024
Uplynulý čas: 38 min, 11 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 3

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
(Škodlivé položky neboli zistené)

Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
D:\MAFIA 2 + crack + cz\Mafia2CZby_Mazarini\Phx_data\Res\EmuCfg.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\MAFIA 2 + crack + cz\Mafia2CZby_Mazarini\Phx_data\Res\GCFMgr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\hry\Crack\loader.dll (Riskware.Tool.CK) -> Quarantined and deleted successfully.


dal som to v tom programe ze vymazat vsetko, to by malo stacot?? a este chcem sa spytat, nemohli by ste sa, prosim pozriet na moj,, hmm ako sa
to povie, systemovy log?


Offline

Užívateľ
Užívateľ
Trojan.Agent/Gen-BanLoad

Registrovaný: 04.06.09
Príspevky: 2637
Témy: 39 | 39
Bydlisko: Rožňava/Brz...
Vek: 24
NapísalOffline : 27.10.2010 7:42 | Trojan.Agent/Gen-BanLoad

Este to precisti ccleanerom a restartuj system ;) Vymaz vsecky cache
Ako som pozeral tento log mbam nasiel len akoze cracky z Mafie :roll: :)


_________________
Auto - Fiat Stilo 1.9JTD 3DV 16v 150 Michael Schumacher n°0945 Limited Edition /2006 ✔
Mobil telefon - Samsung S4 mini (nikdy viac samsung!)
Offline

Užívateľ
Užívateľ
Trojan.Agent/Gen-BanLoad

Registrovaný: 03.04.08
Prihlásený: 14.09.16
Príspevky: 4707
Témy: 37 | 37
Bydlisko: Trnava
NapísalOffline : 27.10.2010 10:34 | Trojan.Agent/Gen-BanLoad

pozri sa do programov pri spusteni mozno sa ti ich vela spusta a preto sa ti zda byt pc spomaleny ..
start > run > msconfig [ENTER] > pri spusteni ...


_________________
Hmmm .... Hrošíček ... [Homer]
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 26.10.10
Prihlásený: 27.10.10
Príspevky: 3
Témy: 1 | 1
Napísal autor témyOffline : 27.10.2010 13:23 | Trojan.Agent/Gen-BanLoad

no ani ich tam nieje vela, je tam len realtek, eset, malwarebytes anti-malware, MSwindows operating system, device detection, carambis driver update, tak ja neviem co sa snim deje, :( nieje to strasne ale no nieje to ani to ani to prave orechove ,

// pridané po 1 hodine 38 minútach od posledného príspevku

Logfile of random's system information tool 1.08 (written by random/random)
Run by patrik at 2010-10-27 13:13:45
Microsoft Windows 7 Ultimate
System drive C: has 27 GB (54%) free of 50 GB
Total RAM: 3070 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:13:46, on 27. 10. 2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\FUJIFILM\MyFinePix Studio\dd.exe
C:\Windows\system32\wuauclt.exe
C:\Users\patrik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\patrik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\patrik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\patrik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\CounterPath\X-Lite\x-lite.exe
C:\Users\patrik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\patrik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\patrik\Downloads\RSIT (1).exe
C:\Program Files\trend micro\patrik.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: YouTubeUploaderLib.YouTubeUploaderLib - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Device Detection] C:\Program Files\FUJIFILM\MyFinePix Studio\dd.exe
O4 - HKCU\..\Run: [Driver Updater] "C:\Program Files\Carambis\Driver Updater\dupdater.exe" /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

--
End of file - 5354 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3892172656-989301815-4191589665-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3892172656-989301815-4191589665-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-01-13 6711840]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-01-13 1833504]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-08-12 2215064]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"Device Detection"=C:\Program Files\FUJIFILM\MyFinePix Studio\dd.exe [2010-10-04 401592]
"Driver Updater"=C:\Program Files\Carambis\Driver Updater\dupdater.exe [2010-06-08 4973056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2010-10-27 13:04:19 ----D---- C:\Program Files\trend micro
2010-10-27 11:23:04 ----A---- C:\Windows\system32\wmploc.DLL
2010-10-27 11:23:04 ----A---- C:\Windows\system32\wmp.dll
2010-10-27 11:23:03 ----A---- C:\Windows\system32\mfc40u.dll
2010-10-27 11:23:03 ----A---- C:\Windows\system32\mfc40.dll
2010-10-27 11:23:02 ----A---- C:\Windows\system32\t2embed.dll
2010-10-27 11:23:00 ----A---- C:\Windows\system32\ole32.dll
2010-10-27 11:22:59 ----A---- C:\Windows\system32\win32k.sys
2010-10-27 11:22:53 ----A---- C:\Windows\system32\wmpmde.dll
2010-10-27 11:22:53 ----A---- C:\Windows\system32\comctl32.dll
2010-10-27 11:22:29 ----A---- C:\Windows\system32\StructuredQuery.dll
2010-10-27 10:37:09 ----SHD---- C:\Config.Msi
2010-10-26 19:41:57 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-10-26 19:41:56 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-10-26 19:41:55 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-10-26 19:39:39 ----D---- C:\Program Files\CCleaner
2010-10-26 13:16:24 ----D---- C:\Users\patrik\AppData\Roaming\SUPERAntiSpyware.com
2010-10-26 13:16:24 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2010-10-26 13:16:05 ----D---- C:\Program Files\SUPERAntiSpyware
2010-10-26 11:53:39 ----A---- C:\Windows\system32\iertutil.dll
2010-10-26 11:53:38 ----A---- C:\Windows\system32\mshtml.dll
2010-10-26 11:53:36 ----A---- C:\Windows\system32\ieframe.dll
2010-10-26 11:53:35 ----A---- C:\Windows\system32\wininet.dll
2010-10-26 11:53:35 ----A---- C:\Windows\system32\urlmon.dll
2010-10-26 11:53:35 ----A---- C:\Windows\system32\msfeeds.dll
2010-10-26 11:53:35 ----A---- C:\Windows\system32\licmgr10.dll
2010-10-26 11:53:35 ----A---- C:\Windows\system32\iedkcs32.dll
2010-10-26 11:53:34 ----A---- C:\Windows\system32\mstime.dll
2010-10-26 11:53:34 ----A---- C:\Windows\system32\mshtmled.dll
2010-10-26 11:53:34 ----A---- C:\Windows\system32\msfeedssync.exe
2010-10-26 11:53:34 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-10-26 11:53:34 ----A---- C:\Windows\system32\jsproxy.dll
2010-10-26 11:53:34 ----A---- C:\Windows\system32\ieui.dll
2010-10-26 11:53:34 ----A---- C:\Windows\system32\iepeers.dll
2010-10-26 11:53:23 ----A---- C:\Windows\system32\srvsvc.dll
2010-10-26 11:53:23 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-10-26 11:53:23 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-10-26 11:53:23 ----A---- C:\Windows\system32\drivers\srv.sys
2010-10-25 18:15:57 ----D---- C:\Users\patrik\AppData\Roaming\GlarySoft
2010-10-25 18:06:47 ----D---- C:\Users\patrik\AppData\Roaming\ParetoLogic
2010-10-25 18:06:47 ----D---- C:\Users\patrik\AppData\Roaming\DriverCure
2010-10-25 14:48:22 ----A---- C:\Windows\isRS-000.tmp
2010-10-25 14:26:57 ----A---- C:\Windows\system32\schannel.dll
2010-10-25 10:13:43 ----ASH---- C:\pagefile.sys
2010-10-25 10:13:42 ----ASH---- C:\hiberfil.sys
2010-10-24 18:37:53 ----D---- C:\ProgramData\ParetoLogic
2010-10-24 18:37:53 ----D---- C:\ProgramData\FileCure
2010-10-24 16:44:32 ----D---- C:\Users\patrik\AppData\Roaming\Malwarebytes
2010-10-24 16:44:19 ----D---- C:\ProgramData\Malwarebytes
2010-10-24 09:03:57 ----D---- C:\rsit
2010-10-23 14:32:09 ----D---- C:\Program Files\Common Files\Intel
2010-10-23 14:32:06 ----D---- C:\Program Files\CounterPath
2010-10-23 01:32:05 ----D---- C:\Users\patrik\AppData\Roaming\VeskrnaMartin
2010-10-17 17:30:20 ----D---- C:\Windows\system32\AGEIA
2010-10-17 17:30:20 ----D---- C:\Program Files\AGEIA Technologies
2010-10-17 17:30:10 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-10-12 14:29:45 ----D---- C:\ProgramData\ESET
2010-10-12 14:29:45 ----D---- C:\Program Files\ESET
2010-10-10 15:22:44 ----D---- C:\Program Files\Common Files\Adobe
2010-10-10 15:22:44 ----D---- C:\Program Files\Adobe
2010-10-05 12:47:02 ----A---- C:\Windows\system32\tzres.dll
2010-10-05 12:46:59 ----A---- C:\Windows\system32\spoolsv.exe
2010-10-04 14:05:55 ----D---- C:\Users\patrik\AppData\Roaming\FontCreator
2010-09-14 12:50:27 ----D---- C:\Program Files\MSXML 4.0
2010-09-07 16:34:07 ----D---- C:\Users\patrik\AppData\Roaming\WinRAR
2010-09-07 16:29:05 ----D---- C:\Program Files\WinRAR
2010-08-31 20:53:07 ----D---- C:\Program Files\DAEMON Tools Toolbar
2010-08-31 20:52:47 ----D---- C:\Program Files\DAEMON Tools Lite
2010-08-31 20:47:33 ----D---- C:\ProgramData\NVIDIA Corporation
2010-08-30 01:04:54 ----D---- C:\Program Files\PLANstudio
2010-08-28 15:36:54 ----D---- C:\Users\patrik\AppData\Roaming\VitySoft
2010-08-28 15:36:21 ----D---- C:\ProgramData\Sun
2010-08-28 15:34:06 ----A---- C:\Windows\system32\deployJava1.dll
2010-08-24 22:24:54 ----D---- C:\Users\patrik\AppData\Roaming\Nero
2010-08-24 21:12:08 ----D---- C:\ProgramData\Nero
2010-08-24 21:12:02 ----D---- C:\Program Files\Common Files\Nero
2010-08-24 21:11:57 ----D---- C:\Program Files\Nero
2010-08-24 10:53:56 ----D---- C:\Program Files\Microsoft Silverlight
2010-08-23 21:37:12 ----D---- C:\Users\patrik\AppData\Roaming\vlc
2010-08-23 16:25:37 ----D---- C:\Temp
2010-08-23 16:21:28 ----D---- C:\Program Files\Carambis
2010-08-23 15:17:33 ----D---- C:\Windows\system32\appmgmt
2010-08-16 18:57:52 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-08-16 18:57:41 ----D---- C:\ProgramData\FUJIFILM
2010-08-16 18:57:37 ----D---- C:\Program Files\FUJIFILM
2010-08-16 18:55:56 ----D---- C:\ProgramData\Apple
2010-08-15 17:37:54 ----D---- C:\Users\patrik\AppData\Roaming\skypePM
2010-08-15 17:23:18 ----D---- C:\Users\patrik\AppData\Roaming\Skype
2010-08-15 17:23:04 ----D---- C:\Program Files\Common Files\Skype
2010-08-15 17:23:02 ----RD---- C:\Program Files\Skype
2010-08-15 17:23:00 ----D---- C:\ProgramData\Skype
2010-08-13 08:55:15 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-13 08:55:12 ----A---- C:\Windows\system32\rtutils.dll
2010-08-13 08:55:12 ----A---- C:\Windows\system32\ir32_32.dll
2010-08-13 08:55:12 ----A---- C:\Windows\system32\iccvid.dll
2010-08-13 08:55:11 ----A---- C:\Windows\system32\msxml3.dll
2010-08-13 08:55:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-13 08:55:08 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-05 20:08:18 ----D---- C:\Users\patrik\AppData\Roaming\dvdcss
2010-08-03 12:13:49 ----A---- C:\Windows\system32\shell32.dll
2010-08-02 20:13:07 ----D---- C:\Windows\Minidump
2010-07-31 09:05:33 ----D---- C:\Users\patrik\AppData\Roaming\Mozilla
2010-07-31 09:05:33 ----D---- C:\ProgramData\ICQ
2010-07-29 13:31:26 ----A---- C:\Windows\system32\drivers\epfwwfpr.sys
2010-07-29 13:31:26 ----A---- C:\Windows\system32\drivers\ehdrv.sys
2010-07-29 13:31:26 ----A---- C:\Windows\system32\drivers\eamonm.sys
2010-07-29 13:15:30 ----D---- C:\Program Files\VideoLAN

======List of files/folders modified in the last 3 months======

2010-10-27 13:13:46 ----D---- C:\Windows\Temp
2010-10-27 13:04:23 ----D---- C:\Windows\Prefetch
2010-10-27 13:04:19 ----RD---- C:\Program Files
2010-10-27 12:39:55 ----D---- C:\Windows\system32\config
2010-10-27 11:30:09 ----D---- C:\Windows\System32
2010-10-27 11:30:09 ----D---- C:\Windows\inf
2010-10-27 11:30:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-10-27 11:26:07 ----D---- C:\Windows\winsxs
2010-10-27 11:25:58 ----D---- C:\Windows
2010-10-27 11:25:34 ----D---- C:\Program Files\Windows Media Player
2010-10-27 11:23:18 ----SHD---- C:\System Volume Information
2010-10-27 11:22:57 ----D---- C:\Windows\system32\catroot2
2010-10-27 11:22:57 ----D---- C:\Windows\system32\catroot
2010-10-27 10:39:36 ----SHD---- C:\Windows\Installer
2010-10-27 10:37:11 ----D---- C:\Windows\system32\Tasks
2010-10-27 10:36:53 ----D---- C:\Program Files\Common Files
2010-10-26 19:43:44 ----D---- C:\Windows\debug
2010-10-26 19:41:57 ----D---- C:\Windows\system32\drivers
2010-10-26 13:16:24 ----HD---- C:\ProgramData
2010-10-26 12:51:10 ----D---- C:\Windows\system32\LogFiles
2010-10-26 11:54:29 ----D---- C:\Windows\system32\migration
2010-10-26 11:54:29 ----D---- C:\Program Files\Internet Explorer
2010-10-25 22:38:12 ----D---- C:\Windows\Tasks
2010-10-25 20:47:29 ----D---- C:\Windows\system32\wbem
2010-10-25 20:46:07 ----D---- C:\Windows\system32\DriverStore
2010-10-25 20:46:07 ----D---- C:\Program Files\Ask.com
2010-10-25 20:46:06 ----D---- C:\Windows\registration
2010-10-25 14:27:45 ----D---- C:\ProgramData\Microsoft Help
2010-10-25 14:27:38 ----D---- C:\Windows\SoftwareDistribution
2010-10-25 11:31:59 ----SD---- C:\Users\patrik\AppData\Roaming\Microsoft
2010-10-25 11:28:02 ----D---- C:\Windows\system32\NDF
2010-10-25 11:11:29 ----D---- C:\Windows\system32\Msdtc
2010-10-25 10:21:33 ----D---- C:\Windows\Microsoft.NET
2010-10-25 10:20:56 ----RSD---- C:\Windows\assembly
2010-10-25 10:14:11 ----SHD---- C:\Recovery
2010-10-25 10:14:10 ----D---- C:\Windows\system32\Recovery
2010-10-25 10:13:46 ----D---- C:\Windows\CSC
2010-10-24 00:40:46 ----A---- C:\Windows\system32\MRT.exe
2010-10-23 01:32:03 ----RSD---- C:\Windows\Fonts
2010-10-20 08:27:45 ----SD---- C:\ProgramData\Microsoft
2010-10-20 07:58:56 ----D---- C:\Windows\system32\wfp
2010-10-20 07:58:56 ----D---- C:\Users\patrik\AppData\Roaming\uTorrent
2010-10-20 07:57:42 ----D---- C:\Users\patrik\AppData\Roaming\GHISLER
2010-10-19 11:41:44 ----N---- C:\Windows\system32\MpSigStub.exe
2010-10-10 15:22:46 ----D---- C:\ProgramData\Adobe
2010-10-06 13:57:34 ----D---- C:\Windows\rescache
2010-10-05 12:51:10 ----D---- C:\Windows\system32\sk-SK
2010-09-20 18:57:17 ----D---- C:\Windows\AppCompat
2010-08-31 20:50:21 ----D---- C:\ProgramData\NVIDIA
2010-08-31 20:47:55 ----D---- C:\Program Files\NVIDIA Corporation
2010-08-30 13:16:38 ----D---- C:\Program Files\uTorrent
2010-08-30 01:11:53 ----D---- C:\Windows\twain_32
2010-08-30 01:11:53 ----D---- C:\Windows\system
2010-08-24 10:52:39 ----D---- C:\Program Files\Common Files\microsoft shared
2010-08-23 16:29:33 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-16 19:02:09 ----D---- C:\Windows\system32\drivers\UMDF
2010-08-16 00:43:37 ----SHD---- C:\$Recycle.Bin
2010-08-15 14:46:24 ----D---- C:\Windows\Logs
2010-08-07 18:22:40 ----D---- C:\Windows\system32\wdi
2010-07-31 03:19:29 ----D---- C:\Program Files\Microsoft Works
2010-07-31 03:18:56 ----D---- C:\Program Files\Common Files\System
2010-07-31 03:18:56 ----A---- C:\Windows\win.ini
2010-07-31 02:35:25 ----D---- C:\Users\patrik\AppData\Roaming\Adobe
2010-07-29 13:51:01 ----D---- C:\Users\patrik\AppData\Roaming\DAEMON Tools Lite
2010-07-28 19:31:16 ----D---- C:\fotky

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-27 691696]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 96920]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-01-13 2304928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 av942tyk;av942tyk; C:\Windows\system32\drivers\av942tyk.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-07-27 16608]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-08-12 33584]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------
je tam niaco zle?


 [ Príspevkov: 6 ] 


Trojan.Agent/Gen-BanLoad




© 2005 - 2017 PCforum, edited by JanoF