VIRY.CZ

Dobrý den. V posledních 3 dnech mi internet začal často padat, doted padal nepravidelně třeba jednou za 2měsice... Když kontruluju ping přes spustit, tak mi to píše vypršel časový limit žadosti.

Logfile of random's system information tool 1.07 (written by random/random)
Run by Timur at 2010-10-29 13:13:28
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 144 GB (47%) free of 305 GB
Total RAM: 1918 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:13:32, on 29.10.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\ICQ7.1\ICQ.exe
C:\Users\Timur\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Timur.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=14542
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Timur\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Timur\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ESL Wire] "C:\Program Files\EslWire\wire.exe" --tray
O4 - HKCU\..\Run: [NVIDIA driver monitor] C:\Users\Public\nvsvc32.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9474 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2010-05-03 321312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\Timur\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-04-12 149968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-05-03 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806}
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-06-03 1144104]
"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2010-05-05 111928]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"ESL Wire"=C:\Program Files\EslWire\wire.exe [2010-10-12 11919360]
"NVIDIA driver monitor"=C:\Users\Public\nvsvc32.exe []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\SysWOW64\Notepad.exe %1
.js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-10-29 13:03:29 ----RD---- C:\32788R22FWJFW
2010-10-29 12:36:53 ----D---- C:\Users\Timur\AppData\Roaming\Malwarebytes
2010-10-29 12:36:35 ----D---- C:\ProgramData\Malwarebytes
2010-10-29 12:36:34 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-10-27 01:58:56 ----A---- C:\Windows\SysWOW64\gameux.dll
2010-10-27 01:58:52 ----A---- C:\Windows\SysWOW64\Apphlpdm.dll
2010-10-27 01:58:50 ----A---- C:\Windows\SysWOW64\GameUXLegacyGDFs.dll
2010-10-25 22:34:07 ----D---- C:\Windows\cs
2010-10-20 23:02:22 ----D---- C:\Program Files (x86)\Microsoft
2010-10-20 23:02:17 ----D---- C:\Program Files (x86)\MSN Toolbar
2010-10-20 23:01:44 ----D---- C:\Program Files (x86)\Bing Bar Installer
2010-10-20 23:01:08 ----A---- C:\Windows\SysWOW64\XAudio2_5.dll
2010-10-20 23:01:08 ----A---- C:\Windows\SysWOW64\XAPOFX1_3.dll
2010-10-20 23:01:08 ----A---- C:\Windows\SysWOW64\d3dx10_42.dll
2010-10-20 22:59:29 ----A---- C:\Windows\SysWOW64\webservices.dll
2010-10-13 10:13:20 ----A---- C:\Windows\SysWOW64\ole32.dll
2010-10-13 10:13:18 ----A---- C:\Windows\SysWOW64\mfc40.dll
2010-10-13 10:13:17 ----A---- C:\Windows\SysWOW64\mfc40u.dll
2010-10-13 10:13:15 ----A---- C:\Windows\SysWOW64\t2embed.dll
2010-10-13 10:13:11 ----A---- C:\Windows\SysWOW64\comctl32.dll
2010-10-13 10:13:09 ----A---- C:\Windows\SysWOW64\msshsq.dll
2010-10-13 10:12:54 ----A---- C:\Windows\SysWOW64\mshtml.dll
2010-10-13 10:12:51 ----A---- C:\Windows\SysWOW64\ieframe.dll
2010-10-13 10:12:50 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2010-10-13 10:12:49 ----A---- C:\Windows\SysWOW64\licmgr10.dll
2010-10-13 10:12:48 ----A---- C:\Windows\SysWOW64\wininet.dll
2010-10-13 10:12:48 ----A---- C:\Windows\SysWOW64\urlmon.dll
2010-10-13 10:12:48 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2010-10-13 10:12:46 ----A---- C:\Windows\SysWOW64\mstime.dll
2010-10-13 10:12:46 ----A---- C:\Windows\SysWOW64\iertutil.dll
2010-10-13 10:12:45 ----A---- C:\Windows\SysWOW64\occache.dll
2010-10-13 10:12:45 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2010-10-13 10:12:45 ----A---- C:\Windows\SysWOW64\ieui.dll
2010-10-13 10:12:45 ----A---- C:\Windows\SysWOW64\iesysprep.dll
2010-10-13 10:12:45 ----A---- C:\Windows\SysWOW64\iepeers.dll
2010-10-13 10:12:45 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2010-10-13 10:12:44 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2010-10-13 10:12:44 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2010-10-13 10:12:44 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2010-10-13 10:12:44 ----A---- C:\Windows\SysWOW64\iesetup.dll
2010-10-13 10:12:44 ----A---- C:\Windows\SysWOW64\iernonce.dll
2010-10-13 10:12:44 ----A---- C:\Windows\SysWOW64\ie4uinit.exe
2010-10-13 10:12:27 ----A---- C:\Windows\SysWOW64\wmp.dll
2010-10-13 10:12:19 ----A---- C:\Windows\SysWOW64\wmploc.DLL
2010-10-13 10:12:06 ----A---- C:\Windows\SysWOW64\sscore.dll
2010-10-13 10:12:06 ----A---- C:\Windows\SysWOW64\netevent.dll
2010-10-13 10:12:01 ----A---- C:\Windows\SysWOW64\schannel.dll
2010-10-13 10:11:58 ----A---- C:\Windows\SysWOW64\wmpmde.dll
2010-10-05 17:28:40 ----D---- C:\Program Files (x86)\GrPing
2010-10-05 17:19:48 ----D---- C:\Program Files (x86)\Tsarfin Computing
2010-10-05 17:09:12 ----D---- C:\USR
2010-10-05 17:08:34 ----D---- C:\Program Files (x86)\Magneto Software
2010-10-05 17:08:33 ----D---- C:\Program Files (x86)\Common Files\Magneto Software
2010-10-05 16:59:58 ----A---- C:\Windows\SysWOW64\gdiplus.dll
2010-10-05 16:59:24 ----D---- C:\Program Files (x86)\Axence
2010-10-05 16:53:24 ----D---- C:\Program Files (x86)\pinger
2010-10-02 17:20:14 ----D---- C:\Users\Timur\AppData\Roaming\GHISLER
2010-09-30 14:39:10 ----D---- C:\Program Files (x86)\Microsoft.NET

======List of files/folders modified in the last 1 months======

2010-10-29 13:13:31 ----D---- C:\Program Files (x86)\trend micro
2010-10-29 13:13:29 ----D---- C:\Windows\Temp
2010-10-29 12:49:36 ----D---- C:\Users\Timur\AppData\Roaming\ICQ
2010-10-29 12:48:16 ----D---- C:\Windows\Prefetch
2010-10-29 12:36:36 ----D---- C:\Windows\SysWOW64\drivers
2010-10-29 12:36:35 ----HD---- C:\ProgramData
2010-10-29 12:36:34 ----RD---- C:\Program Files (x86)
2010-10-29 11:59:10 ----D---- C:\Program Files (x86)\Steam
2010-10-28 15:35:18 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-10-27 20:22:21 ----SHD---- C:\System Volume Information
2010-10-27 18:47:05 ----SD---- C:\Users\Timur\AppData\Roaming\Microsoft
2010-10-27 18:33:23 ----SHD---- C:\$Recycle.Bin
2010-10-27 18:30:47 ----RD---- C:\Users
2010-10-27 03:01:40 ----D---- C:\Windows\winsxs
2010-10-27 03:01:40 ----D---- C:\Windows\SysWOW64
2010-10-27 03:01:40 ----D---- C:\Windows\System32
2010-10-27 03:01:39 ----D---- C:\Windows\AppPatch
2010-10-26 22:56:49 ----D---- C:\Users\Timur\AppData\Roaming\Skype
2010-10-26 22:30:11 ----D---- C:\Users\Timur\AppData\Roaming\skypePM
2010-10-26 12:22:06 ----D---- C:\Windows\Microsoft.NET
2010-10-26 12:21:18 ----RSD---- C:\Windows\assembly
2010-10-26 08:58:38 ----D---- C:\ProgramData\TrackMania
2010-10-25 23:18:27 ----SHD---- C:\Windows\Installer
2010-10-25 23:18:25 ----SHD---- C:\Config.Msi
2010-10-25 22:34:20 ----D---- C:\Program Files (x86)\Windows Live
2010-10-25 22:34:07 ----D---- C:\Windows
2010-10-25 22:29:46 ----SD---- C:\ProgramData\Microsoft
2010-10-25 22:27:53 ----RD---- C:\Program Files
2010-10-25 22:27:29 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2010-10-25 15:50:44 ----D---- C:\Users\Timur\AppData\Roaming\TS3Client
2010-10-25 13:34:54 ----D---- C:\Windows\Minidump
2010-10-25 13:34:54 ----D---- C:\Windows\Debug
2010-10-23 12:35:05 ----D---- C:\Users\Timur\AppData\Roaming\Xfire
2010-10-21 19:51:44 ----D---- C:\Windows\rescache
2010-10-21 16:10:39 ----D---- C:\ProgramData\Xfire
2010-10-20 23:05:45 ----RSD---- C:\Windows\Fonts
2010-10-20 23:00:05 ----D---- C:\Windows\SysWOW64\cs-CZ
2010-10-18 20:03:39 ----D---- C:\ProgramData\boost_interprocess
2010-10-13 12:08:13 ----D---- C:\Program Files (x86)\Internet Explorer
2010-10-13 12:08:11 ----D---- C:\Windows\SysWOW64\migration
2010-10-13 12:08:06 ----D---- C:\Program Files (x86)\Windows Media Player
2010-10-13 12:08:05 ----D---- C:\Windows\inf
2010-10-05 17:08:33 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-10-05 17:08:33 ----D---- C:\Program Files (x86)\Common Files
2010-10-05 17:08:26 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2010-10-05 14:53:58 ----D---- C:\Program Files (x86)\Common Files\Steam
2010-10-02 17:20:16 ----D---- C:\totalcmd
2010-09-30 14:39:51 ----D---- C:\Windows\SysWOW64\en-US

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys []
R1 epfwtdir;epfwtdir; C:\Windows\system32\DRIVERS\epfwtdir.sys []
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
R2 ESLWireAC;ESLWireAC; \??\C:\Windows\system32\drivers\ESLWireACD.sys []
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x64.sys []
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 ESLvnic1;ESLvnic Virtual Network 64 Bit; C:\Windows\system32\DRIVERS\ESLvnic.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys []
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe []
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-03-31 810120]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-16 135664]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-03-31 42336]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-19 19968]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-10-05 411432]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-03-30 89920]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

V logu nevidím nic nebezpečného. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4990

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975

29.10.2010 19:04:56
mbam-log-2010-10-29 (19-04-56).txt

Typ skenu: Úplný sken (C:\|)
Skenované objekty: 80802
Uplynulý čas: 28 minuta(y), 48 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Users\Timur\AppData\Local\VirtualStore\Windows\SysWOW64\28463\LUDR.007 (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.

Položka byla smazána. Nastala nějaká změna?