VIRY.CZ

Dobrý den, jsem tady na fóru nový, proto prosím o trpělivost pokud něco nezvládnu na poprvé nebo nebudu vědět o co de. Objevila se u mě taková záhadná věc. Zhruba každých 5 vteřin až 1 minutu mi vypadne internet a během pár vteřin znova naběhne. Prohlížet webovky se s tím jakž takž dá, pokud stránka nenaběhne, nechám to opakovat a nakonec naběhne. Viz nyní, kdy jsem se zaregistroval a dostal na toto fórum. Největší problém je při hraní Counter-Strike 1.6, tam jsou ty výpadky fakt znatelné. Zkoušel jsem projet PC antivirem i antispywarem, který jsem čerstvě stáhl a nic nepomáhá, disky mám zdefragmentované. Správce sítě, říká, že je u mě vše v pořádku a nevidí problém s mým internetem. Všiml jsem si, že zde cosi čtete z jakýchsi RSIT logů, tak jsem si ho podle návodu udělal a přikládám jej. Předem děkuji za pomoc.

log:

Logfile of random's system information tool 1.08 (written by random/random)
Run by správce at 2010-12-31 17:57:38
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 11 GB (14%) free of 76 GB
Total RAM: 1023 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:57:48, on 31.12.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Users\správce\Desktop\RSIT.exe
C:\Program Files\trend micro\správce.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: eSnipBHO - {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - (no file)
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Windows Update] C:\Users\správce\AppData\Local\Temp\IXP005.TMP\ZYNGA-~1.EXE
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe

--
End of file - 6792 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-12-10 1254136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-11-29 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-11-29 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-11-29 3908192]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-11-29 3908192]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-12-10 1254136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-09-07 2838912]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2009-04-14 604704]
"MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2009-09-18 2412032]
"NPSStartup"= []
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-09-08 421888]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-09-30 500208]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Update"=C:\Users\správce\AppData\Local\Temp\IXP005.TMP\ZYNGA-~1.EXE [2010-08-17 245760]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-12-31 3037696]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-12-31 17:57:39 ----D---- C:\Program Files\trend micro
2010-12-31 17:57:38 ----D---- C:\rsit
2010-12-31 17:21:18 ----D---- C:\Program Files\SDHelper (Spybot - Search & Destroy)
2010-12-31 17:21:18 ----D---- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
2010-12-31 17:21:17 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
2010-12-31 17:21:16 ----D---- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
2010-12-31 16:43:16 ----D---- C:\Program Files\Crawler
2010-12-31 16:43:06 ----A---- C:\Windows\system32\drivers\sp_rsdrv2.sys
2010-12-31 16:43:05 ----D---- C:\Users\správce\AppData\Roaming\Spyware Terminator
2010-12-31 16:42:35 ----D---- C:\ProgramData\Spyware Terminator
2010-12-31 16:42:32 ----D---- C:\Program Files\Spyware Terminator
2010-12-31 16:41:38 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-12-31 16:41:26 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-12-31 16:40:25 ----D---- C:\Users\správce\AppData\Roaming\GetRightToGo
2010-12-31 16:38:35 ----D---- C:\Program Files\CCleaner
2010-12-29 14:30:43 ----D---- C:\Program Files\VentriloMIX
2010-12-27 14:42:10 ----D---- C:\Users\správce\AppData\Roaming\Ventrilo
2010-12-26 23:37:53 ----D---- C:\Users\správce\AppData\Roaming\Apple Computer
2010-12-26 17:34:37 ----D---- C:\ProgramData\Nokia
2010-12-26 17:30:59 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys
2010-12-26 17:22:10 ----D---- C:\Program Files\Common Files\Nokia
2010-12-26 17:22:09 ----D---- C:\Program Files\Nokia
2010-12-26 17:20:28 ----D---- C:\ProgramData\Installations
2010-12-19 22:41:59 ----D---- C:\Program Files\Common Files\Skype
2010-12-17 23:12:20 ----D---- C:\Program Files\Conduit
2010-12-17 23:12:13 ----D---- C:\Program Files\ConduitEngine
2010-12-17 23:12:07 ----D---- C:\Program Files\uTorrentBar
2010-12-16 07:14:54 ----A---- C:\Windows\system32\win32k.sys
2010-12-16 07:14:49 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-16 07:14:48 ----A---- C:\Windows\system32\taskschd.dll
2010-12-16 07:14:47 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-16 07:14:46 ----A---- C:\Windows\system32\taskeng.exe
2010-12-16 07:14:46 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-16 07:14:41 ----A---- C:\Windows\system32\consent.exe
2010-12-16 07:14:38 ----A---- C:\Windows\system32\atmlib.dll
2010-12-16 07:14:38 ----A---- C:\Windows\system32\atmfd.dll
2010-12-16 07:14:37 ----A---- C:\Windows\system32\fontsub.dll
2010-12-16 07:14:19 ----A---- C:\Windows\system32\iertutil.dll
2010-12-16 07:14:17 ----A---- C:\Windows\system32\mshtml.dll
2010-12-16 07:14:16 ----A---- C:\Windows\system32\mstime.dll
2010-12-16 07:14:16 ----A---- C:\Windows\system32\ieframe.dll
2010-12-16 07:14:05 ----A---- C:\Windows\system32\ie4uinit.exe
2010-12-16 07:14:04 ----A---- C:\Windows\system32\wininet.dll
2010-12-16 07:14:04 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-16 07:14:03 ----A---- C:\Windows\system32\urlmon.dll
2010-12-16 07:14:03 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-16 07:14:03 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-16 07:14:02 ----A---- C:\Windows\system32\occache.dll
2010-12-16 07:14:02 ----A---- C:\Windows\system32\ieUnatt.exe
2010-12-16 07:14:02 ----A---- C:\Windows\system32\ieui.dll
2010-12-16 07:14:02 ----A---- C:\Windows\system32\iesysprep.dll
2010-12-16 07:14:02 ----A---- C:\Windows\system32\iepeers.dll
2010-12-16 07:14:01 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-16 07:14:01 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-16 07:14:01 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-16 07:14:01 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-16 07:14:01 ----A---- C:\Windows\system32\iesetup.dll
2010-12-16 07:14:01 ----A---- C:\Windows\system32\iernonce.dll
2010-12-16 07:13:46 ----A---- C:\Windows\system32\tzres.dll

======List of files/folders modified in the last 1 months======

2010-12-31 17:57:46 ----D---- C:\Windows\Temp
2010-12-31 17:57:39 ----RD---- C:\Program Files
2010-12-31 17:32:11 ----D---- C:\Windows\System32
2010-12-31 17:32:10 ----D---- C:\Windows\inf
2010-12-31 17:32:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-31 17:21:41 ----D---- C:\Windows
2010-12-31 17:16:17 ----D---- C:\Users\správce\AppData\Roaming\vlc
2010-12-31 17:14:23 ----D---- C:\Windows\Debug
2010-12-31 17:02:45 ----SHD---- C:\System Volume Information
2010-12-31 16:43:11 ----D---- C:\Windows\system32\drivers
2010-12-31 16:42:35 ----HD---- C:\ProgramData
2010-12-31 16:42:13 ----D---- C:\Install
2010-12-31 10:54:59 ----D---- C:\Windows\Prefetch
2010-12-31 00:17:59 ----D---- C:\Users\správce\AppData\Roaming\uTorrent
2010-12-31 00:13:42 ----D---- C:\Program Files\Metin2
2010-12-30 18:54:10 ----SD---- C:\Users\správce\AppData\Roaming\Microsoft
2010-12-30 18:52:43 ----D---- C:\Windows\system32\WDI
2010-12-30 14:58:16 ----SHD---- C:\Windows\Installer
2010-12-30 14:58:05 ----HD---- C:\Config.Msi
2010-12-29 16:12:20 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-12-29 16:09:34 ----D---- C:\Program Files\CDex
2010-12-29 14:30:20 ----D---- C:\Windows\system32\Tasks
2010-12-28 11:04:05 ----D---- C:\Windows\system32\catroot2
2010-12-26 17:32:38 ----D---- C:\Windows\system32\catroot
2010-12-26 17:31:12 ----D---- C:\Program Files\DIFX
2010-12-26 17:30:59 ----DC---- C:\Windows\system32\DRVSTORE
2010-12-26 17:30:05 ----D---- C:\Program Files\PC Connectivity Solution
2010-12-26 17:23:47 ----D---- C:\Windows\winsxs
2010-12-26 17:22:10 ----D---- C:\Program Files\Common Files
2010-12-24 21:23:42 ----D---- C:\Program Files\Fraps
2010-12-23 21:42:43 ----D---- C:\Users\správce\AppData\Roaming\Skype
2010-12-23 21:39:10 ----D---- C:\Users\správce\AppData\Roaming\skypePM
2010-12-22 19:11:33 ----D---- C:\Users\správce\AppData\Roaming\ICQ
2010-12-19 22:42:00 ----RD---- C:\Program Files\Skype
2010-12-19 22:41:18 ----D---- C:\ProgramData\Skype
2010-12-16 13:04:59 ----D---- C:\Windows\rescache
2010-12-16 12:17:05 ----D---- C:\Program Files\Windows Mail
2010-12-16 12:17:04 ----D---- C:\Windows\system32\migration
2010-12-16 12:17:04 ----D---- C:\Program Files\Internet Explorer
2010-12-16 10:26:38 ----D---- C:\Windows\system32\cs-CZ
2010-12-16 10:24:01 ----A---- C:\Windows\system32\mrt.exe
2010-12-12 20:51:22 ----D---- C:\Program Files\Mozilla Firefox
2010-12-08 13:42:34 ----D---- C:\Program Files\Common Files\Steam
2010-12-02 16:34:42 ----D---- C:\Program Files\Logia

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-16 691696]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2010-12-31 142592]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-07-25 278984]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-07-25 25416]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC.SYS [2009-06-18 4172832]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-01-18 2314752]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S3 aipzgoq2;aipzgoq2; C:\Windows\system32\drivers\aipzgoq2.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2009-07-23 112128]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-07-23 102912]
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys [2009-07-23 100736]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-12-31 496128]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-18 9216]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-10-20 630272]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-12-03 403240]

-----------------EOF-----------------

info:

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Projel jsem to rychlým skenem, 2 soubory jsem dal prozatím ignorovat, pak jsem to projel hloubkovým skenem a znovu rychlým skenem a už to nic nenašlo. Příkládám výsledek prvního rychlého skenu.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 5434

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

1.1.2011 13:47:40
mbam-log-2011-01-01 (13-47-28).txt

Typ kontroly: Rychlý test
Testované objekty: 130884
Uplynulý čas: 6 minut, 37 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 1
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Update (Trojan.Downloader) -> Value: Windows Update -> No action taken.

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\Users\správce\AppData\Local\Temp\IXP005.TMP\ZYNGA-~1.EXE (Trojan.Downloader) -> No action taken.

Obě nalezené položky smažte.