Virus přesměrování Yahoo
Napsal: 16 dub 2014 14:07
Ahoj,
prosím o pomoc. Asi před týdnem se mi z nějakých stránek automaticky mozilla přesměrovala na stránku, která vypadala jako Yahoo! Až včera mi napadlo, že je to divné a je to virus. Nějakým stylem jsem dogoolila program YAC, který tento "vir" blokoval, ale neodstranil.
Dnes jsem aktualizovala Avast a našlo mi to WIN32:NextLive-A a pak win32:Mindspark-A, sám Avast smazal infikované soubory.
Vymazala jsem program YAC, restartovala, spustila Avast znovu, tentokrát to už nic nenašlo.
Po nastartování opět mozilla přesměrovávala na Yahoo, takže jsem obnovila Mozillu. Teď nepřesměrovává, Avast hlásí 0infikovaných, ale procesor stále běží na 100%
Mám Acer Aspire 1410
Díky
Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2014-04-16 14:51:36
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 872 MB (6%) free of 15 GB
Total RAM: 750 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:52:24, on 16.4.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\TeamViewer\Version8\tv_w32.exe
c:\program files\mozilla firefox\firefox.exe
C:\Documents and Settings\Administrator\Dokumenty\Stažené soubory\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Administrator.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [acerWireless] C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
--
End of file - 4878 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\fufq7kc7.default-1397651562180
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@popularscreensavers.com/Plugin]
"Description"=Popular Screensavers Plugin
"Path"=C:\Program Files\PopularScreensavers\NPp5Stub.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@PopularScreensavers_7i.com/Plugin]
"Description"=PopularScreensavers Plugin
"Path"=C:\Program Files\PopularScreensavers_7i\bar\1.bin\NP7iStub.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2004-02-10 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-02-10 118784]
"acerWireless"=C:\Program Files\acer\Wireless\Utility\WlanUtil.exe [2004-06-09 417792]
"LManager"=C:\Program Files\Launch Manager\QtZgAcer.EXE [2004-07-30 319488]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-05-20 98304]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-05-20 532480]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-04-16 3854640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Administrator\Local Settings\Temp\TeamViewer\Version8\TeamViewer.exe"="C:\Documents and Settings\Administrator\Local Settings\Temp\TeamViewer\Version8\TeamViewer.exe:*:Enabled:TeamViewer 8"
"C:\Program Files\TeamViewer\Version8\TeamViewer.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\GameforgeLive\gfl_client.exe"="C:\Program Files\GameforgeLive\gfl_client.exe:*:Enabled:Gameforge Live"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.ac3filter"=ac3filter.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.scr - open - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2014-04-16 14:51:43 ----D---- C:\Program Files\trend micro
2014-04-16 14:51:36 ----D---- C:\rsit
2014-04-16 07:29:57 ----A---- C:\WINDOWS\system32\drivers\aswNdis2.sys
2014-04-16 07:29:57 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2014-04-16 07:29:29 ----A---- C:\WINDOWS\avastSS.scr
2014-04-16 07:27:49 ----A---- C:\WINDOWS\system32\drivers\aswNdis.sys
2014-04-15 20:21:28 ----D---- C:\WINDOWS\system32\PreInstall
2014-04-15 20:21:26 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2014-04-15 20:21:25 ----HD---- C:\WINDOWS\$hf_mig$
2014-04-15 18:05:03 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2014-04-15 17:54:17 ----D---- C:\Program Files\GUMF7.tmp
2014-04-15 17:54:17 ----A---- C:\Program Files\GUTF8.tmp
2014-04-15 17:38:32 ----D---- C:\Documents and Settings\Administrator\Data aplikací\eCyber
2014-04-15 17:37:28 ----A---- C:\WINDOWS\system32\drivers\iSafeKrnlBoot.sys
2014-04-15 17:36:52 ----D---- C:\Program Files\iSafe
2014-04-15 17:36:44 ----D---- C:\Documents and Settings\Administrator\Data aplikací\iSafe
2014-04-13 10:05:46 ----A---- C:\WINDOWS\system32\d3d8caps.dat
2014-04-10 21:03:42 ----D---- C:\Program Files\Common Files\PDF Architect
2014-04-08 18:39:20 ----D---- C:\Program Files\Common Files\Spigot
2014-04-03 18:47:43 ----D---- C:\Program Files\Common Files\Borland Shared
2014-04-03 18:47:43 ----A---- C:\WINDOWS\system32\DBCLIENT.DLL
2014-04-03 18:46:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\eXmind
2014-04-01 13:57:33 ----D---- C:\Documents and Settings\Administrator\Data aplikací\PDF Architect
2014-04-01 13:33:45 ----D---- C:\Documents and Settings\Administrator\Data aplikací\pdfforge
2014-04-01 13:33:34 ----A---- C:\WINDOWS\system32\pdfcmon.dll
2014-04-01 13:33:28 ----A---- C:\WINDOWS\system32\MSMPIDE.DLL
2014-04-01 13:33:27 ----D---- C:\Program Files\PDFCreator
2014-03-29 21:06:43 ----N---- C:\WINDOWS\system32\spmsg.dll
2014-03-29 21:06:37 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2014-03-29 21:05:54 ----D---- C:\Program Files\Windows Media Connect 2
2014-03-29 21:02:47 ----D---- C:\WINDOWS\system32\drivers\UMDF
2014-03-29 21:02:37 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2014-03-29 21:02:35 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2014-03-29 21:01:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2014-03-29 20:58:00 ----A---- C:\WINDOWS\system32\ptpusb.dll
2014-03-29 20:57:57 ----A---- C:\WINDOWS\system32\ptpusd.dll
2014-03-29 20:57:56 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2014-03-29 11:46:02 ----D---- C:\Program Files\Mozilla Firefox
2014-03-17 14:41:31 ----A---- C:\WINDOWS\system32\drivers\USBAUDIO.sys
2014-03-17 14:41:24 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
======List of files/folders modified in the last 1 month======
2014-04-16 14:51:43 ----RD---- C:\Program Files
2014-04-16 14:51:42 ----D---- C:\WINDOWS\Prefetch
2014-04-16 13:15:50 ----D---- C:\WINDOWS\Temp
2014-04-16 11:09:00 ----D---- C:\WINDOWS\system32\CatRoot2
2014-04-16 11:08:40 ----D---- C:\WINDOWS
2014-04-16 10:39:20 ----D---- C:\WINDOWS\system32
2014-04-16 10:19:15 ----D---- C:\Program Files\PopularScreensavers
2014-04-16 09:49:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-04-16 08:26:22 ----HD---- C:\WINDOWS\inf
2014-04-16 08:24:15 ----D---- C:\WINDOWS\system32\CatRoot
2014-04-16 07:30:24 ----D---- C:\WINDOWS\system32\drivers
2014-04-16 07:30:04 ----SD---- C:\WINDOWS\Tasks
2014-04-16 07:29:29 ----A---- C:\WINDOWS\system32\aswBoot.exe
2014-04-16 06:47:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-04-15 18:05:24 ----D---- C:\WINDOWS\SoftwareDistribution
2014-04-15 18:05:15 ----D---- C:\WINDOWS\Help
2014-04-15 18:03:48 ----SHD---- C:\WINDOWS\Installer
2014-04-15 17:37:25 ----RSD---- C:\WINDOWS\Fonts
2014-04-10 21:13:38 ----D---- C:\Program Files\GameforgeLive
2014-04-10 21:08:19 ----A---- C:\WINDOWS\win.ini
2014-04-10 21:07:56 ----D---- C:\Program Files\Windows Media Player
2014-04-10 21:04:48 ----SHD---- C:\Config.Msi
2014-04-10 21:03:42 ----D---- C:\Program Files\Common Files
2014-04-10 20:59:27 ----D---- C:\Program Files\xerox
2014-04-04 06:57:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-29 21:06:46 ----A---- C:\WINDOWS\imsins.BAK
2014-03-29 21:02:47 ----D---- C:\WINDOWS\system32\LogFiles
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswNdis;avast! Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\aswNdis.sys [2014-04-16 12112]
R0 aswNdis2;avast! Firewall NDIS Driver; C:\WINDOWS\system32\drivers\aswNdis2.sys [2014-04-16 252208]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-04-16 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-04-16 180760]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2014-04-16 26136]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2014-04-16 54832]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-04-16 776976]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-04-16 411552]
R1 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2014-04-16 57672]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 iSafeNetFilter;iSafeNetFilter; \??\C:\Program Files\iSafe\iSafeNetFilter.sys []
R1 SMBHC;Microsoft SM Bus Host Controller Driver; C:\WINDOWS\system32\DRIVERS\SMBHC.sys [2001-08-17 6784]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-04-16 67824]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R3 CAMCAUD;Conexant AMC Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2004-04-29 292352]
R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2004-04-29 274688]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2002-11-20 17983]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-03-10 1041536]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-03-10 199552]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-02-10 681469]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-14 28672]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2013-11-22 637952]
R3 SMBBATT;Microsoft Smart Battery Driver; C:\WINDOWS\system32\DRIVERS\SMBBATT.sys [2008-04-14 16000]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-05-20 184768]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-03-10 682624]
S2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
S2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 b57w2k;BCM5701 Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2001-10-24 97120]
S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2003-09-26 44032]
S3 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\Drivers\epm-shd.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 IPN2220;acer IPN2220 Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\i2220ntx.sys [2004-03-29 140288]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2004-05-26 67584]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-07-05 1286144]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-16 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-04-16 109048]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2014-02-07 5093216]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-15 116648]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2014-01-16 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-15 116648]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
prosím o pomoc. Asi před týdnem se mi z nějakých stránek automaticky mozilla přesměrovala na stránku, která vypadala jako Yahoo! Až včera mi napadlo, že je to divné a je to virus. Nějakým stylem jsem dogoolila program YAC, který tento "vir" blokoval, ale neodstranil.
Dnes jsem aktualizovala Avast a našlo mi to WIN32:NextLive-A a pak win32:Mindspark-A, sám Avast smazal infikované soubory.
Vymazala jsem program YAC, restartovala, spustila Avast znovu, tentokrát to už nic nenašlo.
Po nastartování opět mozilla přesměrovávala na Yahoo, takže jsem obnovila Mozillu. Teď nepřesměrovává, Avast hlásí 0infikovaných, ale procesor stále běží na 100%
Mám Acer Aspire 1410
Díky
Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2014-04-16 14:51:36
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 872 MB (6%) free of 15 GB
Total RAM: 750 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:52:24, on 16.4.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\TeamViewer\Version8\tv_w32.exe
c:\program files\mozilla firefox\firefox.exe
C:\Documents and Settings\Administrator\Dokumenty\Stažené soubory\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Administrator.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [acerWireless] C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
--
End of file - 4878 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\fufq7kc7.default-1397651562180
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@popularscreensavers.com/Plugin]
"Description"=Popular Screensavers Plugin
"Path"=C:\Program Files\PopularScreensavers\NPp5Stub.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@PopularScreensavers_7i.com/Plugin]
"Description"=PopularScreensavers Plugin
"Path"=C:\Program Files\PopularScreensavers_7i\bar\1.bin\NP7iStub.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2004-02-10 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-02-10 118784]
"acerWireless"=C:\Program Files\acer\Wireless\Utility\WlanUtil.exe [2004-06-09 417792]
"LManager"=C:\Program Files\Launch Manager\QtZgAcer.EXE [2004-07-30 319488]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-05-20 98304]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-05-20 532480]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-04-16 3854640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Administrator\Local Settings\Temp\TeamViewer\Version8\TeamViewer.exe"="C:\Documents and Settings\Administrator\Local Settings\Temp\TeamViewer\Version8\TeamViewer.exe:*:Enabled:TeamViewer 8"
"C:\Program Files\TeamViewer\Version8\TeamViewer.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\GameforgeLive\gfl_client.exe"="C:\Program Files\GameforgeLive\gfl_client.exe:*:Enabled:Gameforge Live"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.ac3filter"=ac3filter.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.scr - open - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2014-04-16 14:51:43 ----D---- C:\Program Files\trend micro
2014-04-16 14:51:36 ----D---- C:\rsit
2014-04-16 07:29:57 ----A---- C:\WINDOWS\system32\drivers\aswNdis2.sys
2014-04-16 07:29:57 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2014-04-16 07:29:29 ----A---- C:\WINDOWS\avastSS.scr
2014-04-16 07:27:49 ----A---- C:\WINDOWS\system32\drivers\aswNdis.sys
2014-04-15 20:21:28 ----D---- C:\WINDOWS\system32\PreInstall
2014-04-15 20:21:26 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2014-04-15 20:21:25 ----HD---- C:\WINDOWS\$hf_mig$
2014-04-15 18:05:03 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2014-04-15 17:54:17 ----D---- C:\Program Files\GUMF7.tmp
2014-04-15 17:54:17 ----A---- C:\Program Files\GUTF8.tmp
2014-04-15 17:38:32 ----D---- C:\Documents and Settings\Administrator\Data aplikací\eCyber
2014-04-15 17:37:28 ----A---- C:\WINDOWS\system32\drivers\iSafeKrnlBoot.sys
2014-04-15 17:36:52 ----D---- C:\Program Files\iSafe
2014-04-15 17:36:44 ----D---- C:\Documents and Settings\Administrator\Data aplikací\iSafe
2014-04-13 10:05:46 ----A---- C:\WINDOWS\system32\d3d8caps.dat
2014-04-10 21:03:42 ----D---- C:\Program Files\Common Files\PDF Architect
2014-04-08 18:39:20 ----D---- C:\Program Files\Common Files\Spigot
2014-04-03 18:47:43 ----D---- C:\Program Files\Common Files\Borland Shared
2014-04-03 18:47:43 ----A---- C:\WINDOWS\system32\DBCLIENT.DLL
2014-04-03 18:46:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\eXmind
2014-04-01 13:57:33 ----D---- C:\Documents and Settings\Administrator\Data aplikací\PDF Architect
2014-04-01 13:33:45 ----D---- C:\Documents and Settings\Administrator\Data aplikací\pdfforge
2014-04-01 13:33:34 ----A---- C:\WINDOWS\system32\pdfcmon.dll
2014-04-01 13:33:28 ----A---- C:\WINDOWS\system32\MSMPIDE.DLL
2014-04-01 13:33:27 ----D---- C:\Program Files\PDFCreator
2014-03-29 21:06:43 ----N---- C:\WINDOWS\system32\spmsg.dll
2014-03-29 21:06:37 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2014-03-29 21:05:54 ----D---- C:\Program Files\Windows Media Connect 2
2014-03-29 21:02:47 ----D---- C:\WINDOWS\system32\drivers\UMDF
2014-03-29 21:02:37 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2014-03-29 21:02:35 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2014-03-29 21:01:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2014-03-29 20:58:00 ----A---- C:\WINDOWS\system32\ptpusb.dll
2014-03-29 20:57:57 ----A---- C:\WINDOWS\system32\ptpusd.dll
2014-03-29 20:57:56 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2014-03-29 11:46:02 ----D---- C:\Program Files\Mozilla Firefox
2014-03-17 14:41:31 ----A---- C:\WINDOWS\system32\drivers\USBAUDIO.sys
2014-03-17 14:41:24 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
======List of files/folders modified in the last 1 month======
2014-04-16 14:51:43 ----RD---- C:\Program Files
2014-04-16 14:51:42 ----D---- C:\WINDOWS\Prefetch
2014-04-16 13:15:50 ----D---- C:\WINDOWS\Temp
2014-04-16 11:09:00 ----D---- C:\WINDOWS\system32\CatRoot2
2014-04-16 11:08:40 ----D---- C:\WINDOWS
2014-04-16 10:39:20 ----D---- C:\WINDOWS\system32
2014-04-16 10:19:15 ----D---- C:\Program Files\PopularScreensavers
2014-04-16 09:49:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-04-16 08:26:22 ----HD---- C:\WINDOWS\inf
2014-04-16 08:24:15 ----D---- C:\WINDOWS\system32\CatRoot
2014-04-16 07:30:24 ----D---- C:\WINDOWS\system32\drivers
2014-04-16 07:30:04 ----SD---- C:\WINDOWS\Tasks
2014-04-16 07:29:29 ----A---- C:\WINDOWS\system32\aswBoot.exe
2014-04-16 06:47:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-04-15 18:05:24 ----D---- C:\WINDOWS\SoftwareDistribution
2014-04-15 18:05:15 ----D---- C:\WINDOWS\Help
2014-04-15 18:03:48 ----SHD---- C:\WINDOWS\Installer
2014-04-15 17:37:25 ----RSD---- C:\WINDOWS\Fonts
2014-04-10 21:13:38 ----D---- C:\Program Files\GameforgeLive
2014-04-10 21:08:19 ----A---- C:\WINDOWS\win.ini
2014-04-10 21:07:56 ----D---- C:\Program Files\Windows Media Player
2014-04-10 21:04:48 ----SHD---- C:\Config.Msi
2014-04-10 21:03:42 ----D---- C:\Program Files\Common Files
2014-04-10 20:59:27 ----D---- C:\Program Files\xerox
2014-04-04 06:57:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-29 21:06:46 ----A---- C:\WINDOWS\imsins.BAK
2014-03-29 21:02:47 ----D---- C:\WINDOWS\system32\LogFiles
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswNdis;avast! Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\aswNdis.sys [2014-04-16 12112]
R0 aswNdis2;avast! Firewall NDIS Driver; C:\WINDOWS\system32\drivers\aswNdis2.sys [2014-04-16 252208]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-04-16 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-04-16 180760]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2014-04-16 26136]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2014-04-16 54832]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-04-16 776976]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-04-16 411552]
R1 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2014-04-16 57672]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 iSafeNetFilter;iSafeNetFilter; \??\C:\Program Files\iSafe\iSafeNetFilter.sys []
R1 SMBHC;Microsoft SM Bus Host Controller Driver; C:\WINDOWS\system32\DRIVERS\SMBHC.sys [2001-08-17 6784]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-04-16 67824]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R3 CAMCAUD;Conexant AMC Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2004-04-29 292352]
R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2004-04-29 274688]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2002-11-20 17983]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-03-10 1041536]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-03-10 199552]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-02-10 681469]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-14 28672]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2013-11-22 637952]
R3 SMBBATT;Microsoft Smart Battery Driver; C:\WINDOWS\system32\DRIVERS\SMBBATT.sys [2008-04-14 16000]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-05-20 184768]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-03-10 682624]
S2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
S2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 b57w2k;BCM5701 Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2001-10-24 97120]
S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2003-09-26 44032]
S3 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\Drivers\epm-shd.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 IPN2220;acer IPN2220 Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\i2220ntx.sys [2004-03-29 140288]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2004-05-26 67584]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-07-05 1286144]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-16 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-04-16 109048]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2014-02-07 5093216]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-15 116648]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2014-01-16 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-15 116648]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Stáhni Junkware Removal Tool 
