Prestava fungovat internet (ping)

Zpráva

P_Cherry · #1 Příspěvek od **P_Cherry** » 16 srp 2010 15:12

Zdravím,

měl jsem v notebooku s WIN7 všelijakou havěť. Pomocí AVG, Aviry, SUPERAntiSpyware, Ad-aware, Malwarebytes a Hijackthis jsem zdá se vše úspěšně vyřešil. Bohužel přetrvává stále jeden problém a to, že internet po krátké chvíli přestává fungovat (i ping dané adresy). Dokonce se pak nedostanu ani na administraci routeru. Na ostatní zařízení v síti ale přístup funguje. Někdy internet funguje chvíli, častější je ovšem, že nefunguje po spuštění vůbec. Na ostatních zařízeních v síti (NAS, wifi mobil) internet funguje.

Má smysl zkoušet ještě třeba Combofix nebo to může být způsobené něčím úplně jiným?
Díky za rady
Petr

#2 Příspěvek od **Rudy** » 16 srp 2010 19:32

Nejdřív dejte log z RSIT: http://viry.cz/forum/viewtopic.php?f=24&t=81939 a pak uvidíme.

P_Cherry · #3 Příspěvek od **P_Cherry** » 16 srp 2010 21:19

Logfile of random's system information tool 1.08 (written by random/random)
Run by Petr at 2010-08-16 22:15:16
Microsoft Windows 7 Ultimate
System drive C: has 31 GB (10%) free of 305 GB
Total RAM: 2046 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:15:54, on 16.8.2010
Platform: Windows 7 (WinNT 6.00.3004)
MSIE: Internet Explorer v8.00 (8.00.7100.0000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Users\Petr\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\My Dropbox\FirefoxPortableNew\FirefoxPortable.exe
C:\My Dropbox\FirefoxPortableNew\App\firefox\firefox.exe
C:\Program Files\Total Commander\TOTALCMD.EXE
C:\0\RSIT.exe
C:\Program Files\trend micro\Petr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\Petr\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

--
End of file - 3253 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-13 35840]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2009-01-21 377248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-07-19 2403568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files\AcronisTrueImageHome\TrueImageMonitor.exe [2009-01-21 4359600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LoopBe1 Monitor.lnk]
C:\PROGRA~1\LoopBe1\LOOPBE~1.EXE [2008-01-27 266240]

C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Petr\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\Windows\system32\VESWinlogon.dll [2006-11-24 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll [2009-04-22 236032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmadmin]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmboot.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmload.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmserver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ip6fw.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NtLmSsp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpcdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpwd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SRService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tdpipe.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tdtcp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\termservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2010-08-16 22:09:53 ----D---- C:\Program Files\trend micro
2010-08-16 22:09:52 ----D---- C:\rsit
2010-08-16 21:05:33 ----D---- C:\Windows\temp
2010-08-16 21:05:31 ----A---- C:\ComboFix.txt
2010-08-16 20:59:23 ----D---- C:\$RECYCLE.BIN
2010-08-16 20:46:14 ----D---- C:\Device
2010-08-16 20:14:04 ----A---- C:\Windows\NIRCMD.exe
2010-08-16 20:14:04 ----A---- C:\Windows\MBR.exe
2010-08-16 20:14:03 ----A---- C:\Windows\zip.exe
2010-08-16 20:14:03 ----A---- C:\Windows\SWSC.exe
2010-08-16 20:14:03 ----A---- C:\Windows\SWREG.exe
2010-08-16 20:14:03 ----A---- C:\Windows\sed.exe
2010-08-16 20:14:03 ----A---- C:\Windows\PEV.exe
2010-08-16 20:14:03 ----A---- C:\Windows\grep.exe
2010-08-16 20:13:02 ----A---- C:\Windows\SWXCACLS.exe
2010-08-16 20:12:20 ----D---- C:\Windows\ERDNT
2010-08-16 20:11:49 ----D---- C:\Qoobox
2010-08-16 20:11:12 ----D---- C:\0
2010-08-11 20:36:08 ----D---- C:\Users\Petr\AppData\Roaming\Avira
2010-08-11 20:29:11 ----A---- C:\Windows\system32\drivers\ssmdrv.sys
2010-08-11 20:29:09 ----A---- C:\Windows\system32\drivers\avipbb.sys
2010-08-11 20:29:09 ----A---- C:\Windows\system32\drivers\avgntmgr.sys
2010-08-11 20:29:09 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2010-08-11 20:29:09 ----A---- C:\Windows\system32\drivers\avgntdd.sys
2010-08-11 20:29:07 ----D---- C:\ProgramData\Avira
2010-08-11 20:29:07 ----D---- C:\Program Files\Avira
2010-08-10 19:30:03 ----D---- C:\Users\Petr\AppData\Roaming\URSoft
2010-08-10 19:30:03 ----AD---- C:\ProgramData\TEMP
2010-08-10 19:29:59 ----D---- C:\Program Files\Your Uninstaller 2010
2010-08-10 19:20:31 ----D---- C:\Program Files\SUPERAntiSpyware
2010-08-09 19:54:28 ----D---- C:\Users\Petr\AppData\Roaming\SUPERAntiSpyware.com
2010-08-09 19:54:28 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2010-08-09 19:49:03 ----D---- C:\Users\Petr\AppData\Roaming\Malwarebytes
2010-08-09 19:48:55 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-08-09 19:48:54 ----D---- C:\ProgramData\Malwarebytes
2010-08-09 19:48:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-08-09 19:48:54 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-07-27 21:36:25 ----A---- C:\Windows\system32\drivers\SBREDrv.sys
2010-07-26 22:31:46 ----DC---- C:\Windows\system32\DRVSTORE
2010-07-26 22:29:56 ----D---- C:\ProgramData\Lavasoft
2010-07-25 20:03:10 ----A---- C:\Windows\system32\avgrsstx.dll
2010-07-21 00:10:42 ----A---- C:\Windows\system32\drivers\jdkglx.sys
2010-07-21 00:09:28 ----D---- C:\Users\Petr\AppData\Roaming\6D0D003BE198F16606A6643AC81AE27A

======List of files/folders modified in the last 1 months======

2010-08-16 22:15:53 ----D---- C:\Users\Petr\AppData\Roaming\Dropbox
2010-08-16 22:09:53 ----RD---- C:\Program Files
2010-08-16 22:09:30 ----RD---- C:\Temp
2010-08-16 21:39:34 ----D---- C:\Users\Petr\AppData\Roaming\Mozilla
2010-08-16 21:39:32 ----D---- C:\Windows\System32
2010-08-16 21:39:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-16 21:31:17 ----D---- C:\Windows\system32\config
2010-08-16 21:29:26 ----D---- C:\Windows\system32\NDF
2010-08-16 21:05:34 ----D---- C:\Windows\system32\drivers
2010-08-16 21:05:33 ----D---- C:\Windows
2010-08-16 21:04:19 ----D---- C:\Windows\Tasks
2010-08-16 20:59:26 ----A---- C:\Windows\system.ini
2010-08-16 20:59:19 ----D---- C:\Windows\system32\drivers\etc
2010-08-16 20:53:56 ----D---- C:\Windows\AppPatch
2010-08-16 20:53:55 ----D---- C:\Program Files\Common Files
2010-08-16 20:53:37 ----D---- C:\Windows\system32\wbem
2010-08-16 20:15:32 ----D---- C:\Windows\Prefetch
2010-08-16 20:07:40 ----RD---- C:\My Dropbox
2010-08-15 02:38:48 ----SHD---- C:\System Volume Information
2010-08-11 20:29:07 ----D---- C:\ProgramData
2010-08-11 20:27:31 ----SHD---- C:\Windows\Installer
2010-08-11 20:27:29 ----D---- C:\Windows\winsxs
2010-08-10 19:32:00 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2010-08-10 19:32:00 ----D---- C:\Windows\system32\drivers\Avg
2010-08-10 19:31:54 ----D---- C:\ProgramData\avg8
2010-08-10 19:25:29 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent
2010-08-10 07:20:09 ----D---- C:\Windows\system32\Tasks
2010-08-09 20:01:30 ----D---- C:\Windows\CSC
2010-08-08 18:12:04 ----D---- C:\Windows\system32\catroot2
2010-08-03 20:09:01 ----RD---- C:\Music
2010-08-03 20:07:42 ----RD---- C:\Pictures
2010-07-27 23:55:40 ----D---- C:\Program Files\GomPlayer
2010-07-26 22:31:46 ----D---- C:\Windows\system32\catroot
2010-07-25 22:37:44 ----D---- C:\Program Files\Google Picasa
2010-07-19 22:59:40 ----RD---- C:\Documents
2010-07-18 11:12:55 ----D---- C:\Program Files\NMT Community Software Installer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-04-22 173648]
R0 snapman380;Acronis Snapshots Manager (Build 380); C:\Windows\system32\DRIVERS\snman380.sys [2009-05-09 134272]
R0 tdrpman174;Acronis Try&Decide and Restore Points filter (build 174); C:\Windows\system32\DRIVERS\tdrpm174.sys [2009-05-09 971552]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2009-05-09 540000]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-07-25 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-07-25 29584]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-07-25 243024]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-04-22 387584]
R1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys [2006-10-18 10216]
R1 Ext2fs;Ext2fs; C:\Windows\system32\DRIVERS\ext2fs.sys [2008-09-25 189888]
R1 Ext2Fsd;Linux ext2 file system driver; C:\Windows\system32\DRIVERS\Ext2Fsd.sys [2009-07-26 651264]
R1 IfsMount;IfsMount; C:\Windows\system32\DRIVERS\ifsmount.sys [2008-08-28 60352]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2009-06-01 217536]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2009-05-09 44704]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-22 34816]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-22 58880]
R3 ESI_PTMIDICHIP;ESI MIDI-CHIP driver service; C:\Windows\system32\drivers\esiptmid.sys [2007-04-02 21504]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-08-18 2752352]
R3 LoopBeMidi1;nerds.de LoopBe1 - Internal Midi Port SvcDesc(WDM); C:\Windows\system32\drivers\loopbe1.sys [2008-01-27 10880]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-09-15 6000640]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-22 129536]
R3 SNC;Sony Firmware Extension Parser Device; C:\Windows\System32\Drivers\SonyNC.sys [2006-10-13 27520]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-04-22 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-04-22 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-04-22 661504]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-01-24 290304]
S1 zkiaoctj7;zkiaoctj7.sys; C:\Windows\system32\drivers\zkiaoctj7.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-04-22 8704]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2009-04-22 46976]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-04-22 70736]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-04-22 53328]
S3 Avc;AVC Device; C:\Windows\system32\DRIVERS\avc.sys [2009-04-22 40320]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-04-22 229888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-04-22 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-04-22 392704]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 gpslc;gpslc; C:\Windows\System32\Drivers\gpslc.sys [2009-03-16 56832]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2009-04-22 52480]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-04-22 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-04-22 133120]
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\Windows\system32\DRIVERS\s116bus.sys [2007-04-03 83336]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-04-22 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-04-22 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-04-22 28240]
S3 ti21sony;ti21sony; C:\Windows\system32\drivers\ti21sony.sys [2006-11-06 227328]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-04-22 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-04-22 52736]
S3 vmbus;vmbus; C:\Windows\system32\DRIVERS\vmbus.sys [2009-04-22 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-04-22 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-04-22 34944]
S3 ZMGHPAudioSrv;ZOOM G Series High Performance Audio Driver Service; C:\Windows\system32\drivers\zmghpau.sys [2010-04-16 35584]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-09-21 858384]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-09-21 473360]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [2006-11-24 182392]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S4 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2009-01-21 618944]
S4 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\avgemc.exe []
S4 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\avgwdsvc.exe []

-----------------EOF-----------------

#4 Příspěvek od **Rudy** » 16 srp 2010 22:07

ComboFix jste zkoušel. Mohl jste to říci rovnou. Dejte z něj log: C:\combofix.txt .

P_Cherry · #5 Příspěvek od **P_Cherry** » 17 srp 2010 08:36

Takze log je v poradku? Combofix jsem zkousel vcera, neco nasel a odstranil (log muzu dat az vecer). Jedinym vysledkem bylo, ze behem vecera nachvili zacal fungovat pomalu internet.

#6 Příspěvek od **Rudy** » 17 srp 2010 08:48

OK. Log potřebuji vidět, abych věděl, zda tam něco nezbylo.

P_Cherry · #7 Příspěvek od **P_Cherry** » 19 srp 2010 08:29

Posilam tedy jeste log z Combofixu. Ale nevim nevim, jestli nebude spis znicena nejaka vrstva ve WIN7. Zkousel jsem resetovat a fixovat Winsock ale nepomohlo to. Internet na notebooku stale obcas par sekund jde a pak zas nejde. Kdyz to nejakou dobu necham tak zase pak jednu stranku zobrazi a pak zase konec. Pripominam, ze na ostatni zarizeni v siti se z neho dostanu i internet na ostatnich zarizenich funguje.

ComboFix 10-08-15.04 - Petr 16.08.2010 20:48:17.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7100.0.1250.420.1033.18.2046.1188 [GMT 2:00]
SpuÜt∞n² z: c:\0\ComboFix.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
* Vytvo°en nov² Bod Obnovenφ
.

((((((((((((((((((((((((((((((((((((((( Ostatnφ v²mazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\msvcsv60.dll

Naka₧enß kopie c:\windows\system32\DRIVERS\DMICall.sys byla nalezena a vylΘΦena.
Obnovena kopie z - Kitty ate it :p
.
((((((((((((((((((((((((((((((((((((((( OvladaΦe/Slu₧by )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_ndisrd

((((((((((((((((((((((((( Soubory vytvo°enΘ od 2010-07-16 do 2010-08-16 )))))))))))))))))))))))))))))))
.

2010-08-16 18:56 . 2010-08-16 18:59 -------- d-----w- c:\users\Petr\AppData\Local\temp
2010-08-16 18:56 . 2010-08-16 18:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-16 18:46 . 2010-08-16 18:46 -------- d-----w- C:\Device
2010-08-16 18:11 . 2010-08-16 18:12 -------- d-----w- C:\0
2010-08-11 18:36 . 2010-08-11 18:36 -------- d-----w- c:\users\Petr\AppData\Roaming\Avira
2010-08-11 18:29 . 2010-03-01 08:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-08-11 18:29 . 2010-02-16 12:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-08-11 18:29 . 2009-05-11 10:49 51992 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-08-11 18:29 . 2009-05-11 10:49 17016 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-08-11 18:29 . 2010-08-11 18:29 -------- d-----w- c:\programdata\Avira
2010-08-11 18:29 . 2010-08-11 18:29 -------- d-----w- c:\program files\Avira
2010-08-11 18:25 . 2010-08-11 18:26 44089904 ----a-w- c:\temp\avira_antivir_personal_en.exe
2010-08-11 18:15 . 2010-08-13 09:52 -------- d-----w- c:\temp\backups
2010-08-10 17:30 . 2010-08-10 17:30 -------- d-----w- c:\users\Petr\AppData\Roaming\URSoft
2010-08-10 17:29 . 2010-08-10 17:30 -------- d-----w- c:\program files\Your Uninstaller 2010
2010-08-10 17:20 . 2010-08-10 17:20 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-08-09 17:54 . 2010-08-09 17:54 -------- d-----w- c:\users\Petr\AppData\Roaming\SUPERAntiSpyware.com
2010-08-09 17:54 . 2010-08-09 17:54 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-08-09 17:49 . 2010-08-09 17:49 -------- d-----w- c:\users\Petr\AppData\Roaming\Malwarebytes
2010-08-09 17:48 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-09 17:48 . 2010-08-09 17:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-09 17:48 . 2010-08-09 17:48 -------- d-----w- c:\programdata\Malwarebytes
2010-08-09 17:48 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-09 17:46 . 2010-08-09 17:46 6153352 ----a-w- c:\temp\mbam-setup-1.46.exe
2010-08-09 17:44 . 2010-08-09 17:44 396288 ----a-w- c:\temp\hijackthis.exe
2010-08-09 17:27 . 2010-08-09 17:27 9099340 ----a-w- c:\temp\defs(2).zip
2010-08-09 17:24 . 2010-08-09 17:24 9099340 ----a-w- c:\temp\defs.zip
2010-07-27 19:36 . 2010-07-27 19:36 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-07-26 20:31 . 2010-08-10 17:25 -------- dc----w- c:\windows\system32\DRVSTORE
2010-07-26 20:29 . 2010-08-10 17:25 -------- d-----w- c:\programdata\Lavasoft
2010-07-26 18:35 . 2010-07-26 20:19 128750008 ----a-w- c:\temp\Ad-AwareInstall.exe
2010-07-26 18:22 . 2010-07-26 18:22 -------- d-----w- c:\temp\_Router Backup
2010-07-25 18:03 . 2010-07-25 18:03 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-20 22:09 . 2010-07-20 22:09 -------- d-----w- c:\users\Petr\AppData\Roaming\6D0D003BE198F16606A6643AC81AE27A

.
(((((((((((((((((((((((((((((((((((((((( Find3M v²pis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-16 19:01 . 2009-05-10 11:09 -------- d-----w- c:\users\Petr\AppData\Roaming\Dropbox
2010-08-15 18:52 . 2010-08-10 17:22 63488 ----a-w- c:\users\Petr\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-08-15 18:52 . 2010-08-10 17:22 117760 ----a-w- c:\users\Petr\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-08-10 17:31 . 2009-05-11 18:14 -------- d-----w- c:\programdata\avg8
2010-08-10 17:25 . 2009-06-02 19:06 -------- d-----w- c:\users\Petr\AppData\Roaming\uTorrent
2010-08-10 17:22 . 2010-08-10 17:22 52224 ----a-w- c:\users\Petr\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-07-27 21:55 . 2009-05-10 21:07 -------- d-----w- c:\program files\GomPlayer
2010-07-26 18:07 . 2010-07-26 18:07 10240 ----a-w- c:\users\Petr\AppData\Roaming\GRETECH\GomPlayer\GrLauncherTempSetup.exe
2010-07-25 20:37 . 2009-06-01 18:32 -------- d-----w- c:\program files\Google Picasa
2010-07-25 18:03 . 2009-05-11 18:14 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-25 18:03 . 2009-05-11 18:14 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-07-25 18:03 . 2009-05-11 18:14 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-07-18 13:51 . 2009-09-24 21:36 16 ----a-w- c:\windows\msocreg32.dat
2010-07-18 09:12 . 2010-03-09 18:38 -------- d-----w- c:\program files\NMT Community Software Installer
2010-07-15 17:26 . 2010-07-15 17:04 -------- d-----w- c:\program files\ZOOM
2010-06-27 17:33 . 2010-06-27 17:32 -------- d-----w- c:\users\Petr\AppData\Roaming\Download Manager
2010-06-03 02:41 . 2010-06-03 02:41 3600384 ----a-w- c:\windows\system32\GPhotos.scr
2009-03-27 04:24 . 2009-04-22 05:58 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-04-22 05:19 . 2009-04-22 03:40 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7100.0_none_624b25e9a4cb0444\WinMail.exe
.

(((((((((((((((((((((((((((((((((( SpouÜt∞cφ body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznßmka* prßzdnΘ zßznamy a legitimnφ v²chozφ ·daje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2009-04-22 05:21 441856 ----a-w- c:\windows\System32\ntshrui.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]

c:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Petr\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-2-26 21979992]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2006-11-24 08:36 73728 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LoopBe1 Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\LoopBe1 Monitor.lnk
backup=c:\windows\pss\LoopBe1 Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2009-01-21 00:04 377248 ----a-w- c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 15:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2010-07-19 17:50 2403568 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
2009-01-20 23:59 4359600 ----a-w- c:\program files\AcronisTrueImageHome\TrueImageMonitor.exe

R1 zkiaoctj7;zkiaoctj7.sys;c:\windows\system32\drivers\zkiaoctj7.sys [x]
R3 AcpiPmi;ACPI Power Meter Driver;c:\windows\system32\DRIVERS\acpipmi.sys [2009-04-22 9728]
R3 adp94xx;adp94xx;c:\windows\system32\DRIVERS\adp94xx.sys [2009-04-22 422992]
R3 adpahci;adpahci;c:\windows\system32\DRIVERS\adpahci.sys [2009-04-22 297552]
R3 amdsata;amdsata;c:\windows\system32\DRIVERS\amdsata.sys [2009-04-22 77904]
R3 amdsbs;amdsbs;c:\windows\system32\DRIVERS\amdsbs.sys [2009-04-22 159312]
R3 AppID;AppID Driver;c:\windows\system32\drivers\appid.sys [2009-04-22 50176]
R3 AppIDSvc;Application Identity;c:\windows\system32\svchost.exe [2009-04-22 20992]
R3 Appinfo;Application Information;c:\windows\system32\svchost.exe [2009-04-22 20992]
R3 arcsas;arcsas;c:\windows\system32\DRIVERS\arcsas.sys [2009-04-22 86608]
R3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\system32\DRIVERS\bxvbdx.sys [2009-04-22 430080]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2009-04-22 229888]
R3 BDESVC;BitLocker Drive Encryption Service;c:\windows\System32\svchost.exe [2009-04-22 20992]
R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\DRIVERS\BrFiltLo.sys [2009-04-22 13568]
R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\DRIVERS\BrFiltUp.sys [2009-04-22 5248]
R3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\Drivers\Brserid.sys [2009-04-22 272128]
R3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\Drivers\BrSerWdm.sys [2009-04-22 62336]
R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\Drivers\BrUsbMdm.sys [2009-04-22 12160]
R3 CertPropSvc;Certificate Propagation;c:\windows\system32\svchost.exe [2009-04-22 20992]
R3 circlass;Consumer IR Devices;c:\windows\system32\DRIVERS\circlass.sys [2009-04-22 37888]
R3 defragsvc;Disk Defragmenter;c:\windows\system32\svchost.exe [2009-04-22 20992]
R3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\system32\DRIVERS\evbdx.sys [2009-04-22 3100160]
R3 elxstor;elxstor;c:\windows\system32\DRIVERS\elxstor.sys [2009-04-22 453712]
R3 Filetrace;Filetrace;c:\windows\system32\drivers\filetrace.sys [2009-04-22 28160]
R3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe [2009-04-22 20992]
R3 FsDepends;File System Dependency Minifilter;c:\windows\system32\drivers\FsDepends.sys [2009-04-22 45648]
R3 gpslc;gpslc;c:\windows\system32\Drivers\gpslc.sys [2009-03-16 56832]
R3 hcw85cir;Hauppauge Consumer Infrared Receiver;c:\windows\system32\drivers\hcw85cir.sys [2009-04-22 26624]
R3 HpSAMD;HpSAMD;c:\windows\system32\DRIVERS\HpSAMD.sys [2009-04-22 67152]
R3 iaStorV;iaStorV;c:\windows\system32\DRIVERS\iaStorV.sys [2009-04-22 332368]
R3 IPBusEnum;PnP-X IP Bus Enumerator;c:\windows\system32\svchost.exe [2009-04-22 20992]
R3 IPMIDRV;IPMIDRV;c:\windows\system32\DRIVERS\IPMIDrv.sys [2009-04-22 65536]
R3 iScsiPrt;iScsiPort Driver;c:\windows\system32\DRIVERS\msiscsi.sys [2009-04-22 186960]
R3 KtmRm;KtmRm for Distributed Transaction Coordinator;c:\windows\System32\svchost.exe [2009-04-22 20992]
R3 lltdsvc;Link-Layer Topology Discovery Mapper;c:\windows\System32\svchost.exe [2009-04-22 20992]
R3 LSI_FC;LSI_FC;c:\windows\system32\DRIVERS\lsi_fc.sys [2009-04-22 95824]
R3 LSI_SAS;LSI_SAS;c:\windows\system32\DRIVERS\lsi_sas.sys [2009-04-22 89168]
R3 LSI_SAS2;LSI_SAS2;c:\windows\system32\DRIVERS\lsi_sas2.sys [2009-04-22 54864]
R3 LSI_SCSI;LSI_SCSI;c:\windows\system32\DRIVERS\lsi_scsi.sys [2009-04-22 96848]
R3 megasas;megasas;c:\windows\system32\DRIVERS\megasas.sys [2009-04-22 30800]
R3 mpio;mpio;c:\windows\system32\DRIVERS\mpio.sys [2009-04-22 130640]
R3 msahci;msahci;c:\windows\system32\DRIVERS\msahci.sys [2009-04-22 27728]
R3 msdsm;msdsm;c:\windows\system32\DRIVERS\msdsm.sys [2009-04-22 115792]
R3 mshidkmdf;Pass-through HID to KMDF Filter Driver;c:\windows\System32\drivers\mshidkmdf.sys [2009-04-22 4096]
R3 MSiSCSI;Microsoft iSCSI Initiator Service;c:\windows\system32\svchost.exe [2009-04-22 20992]
R3 MsRPC;MsRPC; [x]
R3 MTConfig;Microsoft Input Configuration Driver;c:\windows\system32\DRIVERS\MTConfig.sys [2009-04-22 12288]
R3 NdisCap;NDIS Capture LightWeight Filter;c:\windows\system32\DRIVERS\ndiscap.sys [2009-04-22 27136]
R3 nfrd960;nfrd960;c:\windows\system32\DRIVERS\nfrd960.sys [2009-04-22 44624]
R3 nvstor;nvstor;c:\windows\system32\DRIVERS\nvstor.sys [2009-04-22 142416]
R3 PcaSvc;Program Compatibility Assistant Service;c:\windows\system32\svchost.exe [2009-04-22 20992]
R3 PeerDistSvc;BranchCache;c:\windows\System32\svchost.exe [2009-04-22 20992]
R3 pla;Performance Logs & Alerts;c:\windows\System32\svchost.exe [2009-04-22 20992]
R3 PNRPAutoReg;PNRP Machine Name Publication Service;c:\windows\System32\svchost.exe [2009-04-22 20992]
R3 ql2300;ql2300;c:\windows\system32\DRIVERS\ql2300.sys [2009-04-22 1383504]
R3 ql40xx;ql40xx;c:\windows\system32\DRIVERS\ql40xx.sys [2009-04-22 105552]
R3 s3cap;s3cap;c:\windows\system32\DRIVERS\vms3cap.sys [2009-04-22 5632]
R3 scfilter;Smart card PnP Class Filter Driver;c:\windows\system32\DRIVERS\scfilter.sys [2009-04-22 26624]
R3 SCPolicySvc;Smart Card Removal Policy;c:\windows\system32\svchost.exe [2009-04-22 20992]
R3 SDRSVC;Windows Backup;c:\windows\system32\svchost.exe [2009-04-22 20992]
R3 SensrSvc;Adaptive Brightness;c:\windows\system32\svchost.exe [2009-04-22 20992]
R3 SessionEnv;Remote Desktop Configuration;c:\windows\System32\svchost.exe [2009-04-22 20992]
R3 sffp_mmc;SFF Storage Protocol Driver for MMC;c:\windows\system32\DRIVERS\sffp_mmc.sys [2009-04-22 12288]
R3 SiSRaid4;SiSRaid4;c:\windows\system32\DRIVERS\sisraid4.sys [2009-04-22 77904]
R3 Smb;Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session);c:\windows\system32\DRIVERS\smb.sys [2009-04-22 71168]
R3 sppuinotify;SPP Notification Service;c:\windows\system32\svchost.exe [2009-04-22 20992]
R3 stexstor;stexstor;c:\windows\system32\DRIVERS\stexstor.sys [2009-04-22 21072]
R3 storvsc;storvsc;c:\windows\system32\DRIVERS\storvsc.sys [2009-04-22 28240]
R3 TabletInputService;Tablet PC Input Service;c:\windows\System32\svchost.exe [2009-04-22 20992]
R3 TBS;TPM Base Services;c:\windows\System32\svchost.exe [2009-04-22 20992]
R3 THREADORDER;Thread Ordering Server;c:\windows\system32\svchost.exe [2009-04-22 20992]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2006-11-06 227328]
R3 TrustedInstaller;Windows Modules Installer;c:\windows\servicing\TrustedInstaller.exe [2009-04-22 204800]
R3 tssecsrv;Remote Desktop Services Security Filter Driver;c:\windows\system32\DRIVERS\tssecsrv.sys [2009-04-22 30208]
R3 UI0Detect;Interactive Services Detection;c:\windows\system32\UI0Detect.exe [2009-04-22 35840]
R3 uliagpkx;Uli AGP Bus Filter;c:\windows\system32\DRIVERS\uliagpkx.sys [2009-04-22 57424]
R3 UmRdpService;Remote Desktop Services UserMode Port Redirector;c:\windows\System32\svchost.exe [2009-04-22 20992]
R3 usbcir;eHome Infrared Receiver (USBCIR);c:\windows\system32\DRIVERS\usbcir.sys [2009-04-22 86016]
R3 VaultSvc;Credential Manager;c:\windows\system32\lsass.exe [2009-04-22 22528]
R3 vhdmp;vhdmp;c:\windows\system32\DRIVERS\vhdmp.sys [2009-04-22 158288]
R3 ViaC7;VIA C7 Processor Driver;c:\windows\system32\DRIVERS\viac7.sys [2009-04-22 52736]
R3 vmbus;vmbus;c:\windows\system32\DRIVERS\vmbus.sys [2009-04-22 175824]
R3 VMBusHID;VMBusHID;c:\windows\system32\DRIVERS\VMBusHID.sys [2009-04-22 17920]
R3 vsmraid;vsmraid;c:\windows\system32\DRIVERS\vsmraid.sys [2009-04-22 141904]
R3 vwifibus;Virtual WiFi Bus Driver;c:\windows\System32\drivers\vwifibus.sys [2009-04-22 19968]
R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\DRIVERS\wacompen.sys [2009-04-22 21632]
R3 wbengine;Block Level Backup Engine Service;c:\windows\system32\wbengine.exe [2009-04-22 1203200]
R3 WbioSrvc;Windows Biometric Service;c:\windows\system32\svchost.exe [2009-04-22 20992]
R3 wcncsvc;Windows Connect Now - Config Registrar;c:\windows\System32\svchost.exe [2009-04-22 20992]
R3 WcsPlugInService;Windows Color System;c:\windows\system32\svchost.exe [2009-04-22 20992]
R3 Wd;Wd;c:\windows\system32\DRIVERS\wd.sys [2009-04-22 19024]
R3 Wecsvc;Windows Event Collector;c:\windows\system32\svchost.exe [2009-04-22 20992]
R3 wercplsupport;Problem Reports and Solutions Control Panel Support;c:\windows\System32\svchost.exe [2009-04-22 20992]
R3 WerSvc;Windows Error Reporting Service;c:\windows\System32\svchost.exe [2009-04-22 20992]
R3 WIMMount;WIMMount;c:\windows\system32\drivers\wimmount.sys [2009-04-22 19024]
R3 WinRM;Windows Remote Management (WS-Management);c:\windows\System32\svchost.exe [2009-04-22 20992]
R3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe [2009-04-22 20992]
R3 WwanSvc;WWAN AutoConfig;c:\windows\system32\svchost.exe [2009-04-22 20992]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-04-22 311296]
R3 ZMGHPAudioSrv;ZOOM G Series High Performance Audio Driver Service;c:\windows\system32\drivers\zmghpau.sys [2010-04-16 35584]
R4 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\avgemc.exe [x]
R4 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\avgwdsvc.exe [x]
S0 amdxata;amdxata;c:\windows\system32\DRIVERS\amdxata.sys [2009-04-22 23120]
S0 CLFS;Common Log (CLFS);c:\windows\System32\CLFS.sys [2009-04-22 249424]
S0 CNG;CNG;c:\windows\System32\Drivers\cng.sys [2009-04-22 369056]
S0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys [2009-04-22 58448]
S0 fvevol;Bitlocker Drive Encryption Filter Driver;c:\windows\System32\DRIVERS\fvevol.sys [2009-04-22 194488]
S0 hwpolicy;Hardware Policy Driver;c:\windows\System32\drivers\hwpolicy.sys [2009-04-22 13904]
S0 KSecPkg;KSecPkg;c:\windows\System32\Drivers\ksecpkg.sys [2009-04-22 133200]
S0 msisadrv;msisadrv;c:\windows\system32\DRIVERS\msisadrv.sys [2009-04-22 13904]
S0 pcw;Performance Counters for Windows Driver;c:\windows\System32\drivers\pcw.sys [2009-04-22 42576]
S0 rdyboost;ReadyBoost;c:\windows\System32\drivers\rdyboost.sys [2009-04-22 173648]
S0 spldr;Security Processor Loader Driver; [x]
S0 storflt;Disk Virtual Machine Bus Acceleration Filter Driver;c:\windows\system32\DRIVERS\vmstorfl.sys [2009-04-22 40912]
S0 vdrvroot;Microsoft Virtual Drive Enumerator Driver;c:\windows\system32\DRIVERS\vdrvroot.sys [2009-04-22 32848]
S0 volmgr;Volume Manager Driver;c:\windows\system32\DRIVERS\volmgr.sys [2009-04-22 52304]
S0 volmgrx;Dynamic Volume Manager;c:\windows\System32\drivers\volmgrx.sys [2009-04-22 297040]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-07-25 216400]
S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-07-25 243024]
S1 blbdrive;blbdrive;c:\windows\system32\DRIVERS\blbdrive.sys [2009-04-22 35328]
S1 CSC;Offline Files Driver;c:\windows\system32\drivers\csc.sys [2009-04-22 387584]
S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys [2009-04-22 78336]
S1 discache;System Attribute Cache;c:\windows\system32\drivers\discache.sys [2009-04-22 32768]
S1 Ext2fs;Ext2fs;c:\windows\system32\DRIVERS\ext2fs.sys [2008-09-25 189888]
S1 Ext2Fsd;Linux ext2 file system driver;c:\windows\system32\DRIVERS\Ext2Fsd.sys [2009-07-26 651264]
S1 IfsMount;IfsMount;c:\windows\system32\DRIVERS\ifsmount.sys [2008-08-28 60352]
S1 nsiproxy;NSI proxy service driver.;c:\windows\system32\drivers\nsiproxy.sys [2009-04-22 16896]
S1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\rdpencdd.sys [2009-04-22 6656]
S1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;c:\windows\system32\drivers\rdprefmp.sys [2009-04-22 7168]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
S1 tdx;NetIO Legacy TDI Support Driver;c:\windows\system32\DRIVERS\tdx.sys [2009-04-22 74240]
S1 Wanarpv6;Remote Access IPv6 ARP Driver;c:\windows\system32\DRIVERS\wanarp.sys [2009-04-22 63488]
S1 WfpLwf;WFP Lightweight Filter;c:\windows\system32\DRIVERS\wfplwf.sys [2009-04-22 9728]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
S2 AudioEndpointBuilder;Windows Audio Endpoint Builder;c:\windows\System32\svchost.exe [2009-04-22 20992]
S2 BFE;Base Filtering Engine;c:\windows\system32\svchost.exe [2009-04-22 20992]
S2 CscService;Offline Files;c:\windows\System32\svchost.exe [2009-04-22 20992]
S2 DPS;Diagnostic Policy Service;c:\windows\System32\svchost.exe [2009-04-22 20992]
S2 gpsvc;Group Policy Client;c:\windows\system32\svchost.exe [2009-04-22 20992]
S2 IKEEXT;IKE and AuthIP IPsec Keying Modules;c:\windows\system32\svchost.exe [2009-04-22 20992]
S2 iphlpsvc;IP Helper;c:\windows\System32\svchost.exe [2009-04-22 20992]
S2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\system32\DRIVERS\lltdio.sys [2009-04-22 48128]
S2 luafv;UAC File Virtualization;c:\windows\system32\drivers\luafv.sys [2009-04-22 86528]
S2 MMCSS;Multimedia Class Scheduler;c:\windows\system32\svchost.exe [2009-04-22 20992]
S2 MpsSvc;Windows Firewall;c:\windows\system32\svchost.exe [2009-04-22 20992]
S2 NlaSvc;Network Location Awareness;c:\windows\System32\svchost.exe [2009-04-22 20992]
S2 nsi;Network Store Interface Service;c:\windows\system32\svchost.exe [2009-04-22 20992]
S2 PEAUTH;PEAUTH;c:\windows\system32\drivers\peauth.sys [2009-04-22 586752]
S2 Power;Power;c:\windows\system32\svchost.exe [2009-04-22 20992]
S2 ProfSvc;User Profile Service;c:\windows\system32\svchost.exe [2009-04-22 20992]
S2 RpcEptMapper;RPC Endpoint Mapper;c:\windows\system32\svchost.exe [2009-04-22 20992]
S2 sppsvc;Software Protection;c:\windows\system32\sppsvc.exe [2009-04-22 3179520]
S2 SysMain;Superfetch;c:\windows\system32\svchost.exe [2009-04-22 20992]
S2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys [2009-04-22 34816]
S2 UxSms;Desktop Window Manager Session Manager;c:\windows\System32\svchost.exe [2009-04-22 20992]
S2 WinDefend;Windows Defender;c:\windows\System32\svchost.exe [2009-04-22 20992]
S2 Wlansvc;WLAN AutoConfig;c:\windows\system32\svchost.exe [2009-04-22 20992]
S3 1394ohci;1394 OHCI Compliant Host Controller;c:\windows\system32\DRIVERS\1394ohci.sys [2009-04-22 162816]
S3 bowser;Browser Support Driver;c:\windows\system32\DRIVERS\bowser.sys [2009-04-22 69632]
S3 CompositeBus;Composite Bus Enumerator Driver;c:\windows\system32\DRIVERS\CompositeBus.sys [2009-04-22 31232]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [2009-04-22 720384]
S3 ESI_PTMIDICHIP;ESI MIDI-CHIP driver service;c:\windows\system32\drivers\esiptmid.sys [2007-04-02 21504]
S3 fdPHost;Function Discovery Provider Host;c:\windows\system32\svchost.exe [2009-04-22 20992]
S3 FDResPub;Function Discovery Resource Publication;c:\windows\system32\svchost.exe [2009-04-22 20992]
S3 HomeGroupListener;HomeGroup Listener;c:\windows\System32\svchost.exe [2009-04-22 20992]
S3 HomeGroupProvider;HomeGroup Provider;c:\windows\System32\svchost.exe [2009-04-22 20992]
S3 KeyIso;CNG Key Isolation;c:\windows\system32\lsass.exe [2009-04-22 22528]
S3 monitor;Microsoft Monitor Class Function Driver Service;c:\windows\system32\DRIVERS\monitor.sys [2009-04-22 23552]
S3 mpsdrv;Windows Firewall Authorization Driver;c:\windows\system32\drivers\mpsdrv.sys [2009-04-22 60416]
S3 mrxsmb10;SMB 1.x MiniRedirector;c:\windows\system32\DRIVERS\mrxsmb10.sys [2009-04-22 220672]
S3 mrxsmb20;SMB 2.0 MiniRedirector;c:\windows\system32\DRIVERS\mrxsmb20.sys [2009-04-22 94720]
S3 NativeWifiP;NativeWiFi Filter;c:\windows\system32\DRIVERS\nwifi.sys [2009-04-22 267264]
S3 netprofm;Network List Service;c:\windows\System32\svchost.exe [2009-04-22 20992]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-09-15 6000640]
S3 RasAgileVpn;WAN Miniport (IKEv2);c:\windows\system32\DRIVERS\AgileVpn.sys [2009-04-22 49152]
S3 rdpbus;Remote Desktop Device Redirector Bus Driver;c:\windows\system32\DRIVERS\rdpbus.sys [2009-04-22 18432]
S3 srv2;Server SMB 2.xxx Driver;c:\windows\system32\DRIVERS\srv2.sys [2009-09-10 306688]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-04-22 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-04-22 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-04-22 661504]
S3 srvnet;srvnet;c:\windows\system32\DRIVERS\srvnet.sys [2009-04-22 113664]
S3 tunnel;Microsoft Tunnel Miniport Adapter Driver;c:\windows\system32\DRIVERS\tunnel.sys [2009-04-22 108032]
S3 umbus;UMBus Enumerator Driver;c:\windows\system32\DRIVERS\umbus.sys [2009-04-22 39936]
S3 WdiServiceHost;Diagnostic Service Host;c:\windows\System32\svchost.exe [2009-04-22 20992]
S3 WdiSystemHost;Diagnostic System Host;c:\windows\System32\svchost.exe [2009-04-22 20992]
S3 WPDBusEnum;Portable Device Enumerator Service;c:\windows\system32\svchost.exe [2009-04-22 20992]

--- Ostatnφ slu₧by/ovladaΦe v pam∞ti ---

*Deregistered* - jdkglx

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
RPCSS REG_MULTI_SZ RpcEptMapper RpcSs
defragsvc REG_MULTI_SZ defragsvc
WerSvcGroup REG_MULTI_SZ wersvc
LocalServiceNoNetwork REG_MULTI_SZ DPS PLA BFE mpssvc WwanSvc
swprv REG_MULTI_SZ swprv
LocalServicePeerNet REG_MULTI_SZ PNRPSvc p2pimsvc p2psvc PnrpAutoReg
NetworkServiceAndNoImpersonation REG_MULTI_SZ KtmRm
regsvc REG_MULTI_SZ RemoteRegistry
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS AppIDSvc FontCache fdrespub QWAVE wcncsvc SensrSvc
DcomLaunch REG_MULTI_SZ Power PlugPlay DcomLaunch
NetworkServiceNetworkRestricted REG_MULTI_SZ PolicyAgent
sdrsvc REG_MULTI_SZ sdrsvc
WbioSvcGroup REG_MULTI_SZ WbioSrvc
wcssvc REG_MULTI_SZ WcsPlugInService
secsvcs REG_MULTI_SZ WinDefend
AxInstSVGroup REG_MULTI_SZ AxInstSV
PeerDist REG_MULTI_SZ PeerDistSvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
IKEEXT
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
seclogon
AppInfo
msiscsi
MMCSS
EapHost
wercplsupport
ProfSvc
hkmsvc
winmgmt
SessionEnv
schedule
browser
BDESVC
Themes
AppMgmt

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
homegrouplistener

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
WdiServiceHost
sppuinotify

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetworkService
lanmanworkstation

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceNetworkRestricted
BthHFSrv
homegroupprovider

.
Obsah adresß°e 'NaplßnovanΘ ·lohy'
.
.
------- Dopl≥kov² sken -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
.
- - - - NEPLATN╔ POLOÄKY ODSTRAN╠N╔ Z REGISTRU - - - -

SafeBoot-WudfPf
SafeBoot-WudfRd
SafeBoot-sacsvr
SafeBoot-vmms
MSConfigStartUp-13611 - c:\users\Petr\AppData\Local\Temp\xvsfym.exe
AddRemove-Adobe Flash Player ActiveX - c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
AddRemove-Studio Devil AMP_is1 - c:\windows\unins000.exe
AddRemove-Voxengo CurveEQ VST - c:\program files\Ableton\Plug-Ins\Voxengo CurveEQ\Voxengo CurveEQ VST\uninstall.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-16 20:59
Windows 6.1.7100 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-16 20:59
Windows 6.1.7100 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-16 20:59
Windows 6.1.7100 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-16 20:59
Windows 6.1.7100 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-16 20:59
Windows 6.1.7100 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-16 20:59
Windows 6.1.7100 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-16 20:59
Windows 6.1.7100 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-16 20:59
Windows 6.1.7100 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-16 20:59
Windows 6.1.7100 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-16 20:59
Windows 6.1.7100 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-16 20:59
Windows 6.1.7100 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
skenovßnφ skryt²ch proces∙ ...

skenovßnφ skryt²ch polo₧ek 'Po spuÜt∞nφ' ...

skenovßnφ skryt²ch soubor∙ ...

sken byl ·speÜn∞ dokonΦen
skrytΘ soubory:

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\jdkglx]

.
--------------------- ZAMKNUT╔ KL═╚E V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1170031453-2101478269-3666206039-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8520C8F2-D08B-C716-685F-A820E799BF72}*]
@Allowed: (Read) (RestrictedCode)
"jamjljgcocmlinhcjmbk"=hex:6d,61,65,70,68,61,6b,64,6b,70,6c,68,69,65,6e,64,66,
6f,61,6b,69,6e,64,69,66,69,00,00
"jamjljecpgdjlhpmpdph"=hex:68,62,70,6d,64,64,67,64,70,6f,64,6c,70,63,6a,64,66,
6b,67,66,69,62,6f,66,6b,62,6d,6a,68,6a,6d,6f,61,6b,6e,69,62,67,63,66,6c,70,\

[HKEY_USERS\S-1-5-21-1170031453-2101478269-3666206039-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8DDF1DFA-F1D8-FAF8-400C-39A2F86C124A}*]
@Allowed: (Read) (RestrictedCode)
"jabhonkcnbomakkdcloi"=hex:69,61,6a,6f,65,6f,67,6e,6f,63,62,66,6c,63,6d,6d,62,
70,00,00
"jabhonmccnfolldfmikf"=hex:68,62,66,70,6e,6f,69,68,69,61,63,6a,6e,66,65,6f,70,
6d,6a,61,6b,62,70,6e,63,66,62,64,63,6c,6a,67,6f,64,6e,66,61,61,68,64,63,6e,\

[HKEY_USERS\S-1-5-21-1170031453-2101478269-3666206039-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A98EC7AB-0BD8-5F18-48F2-60623B43070F}*]
"hajlohofenjngcma"=hex:6a,61,70,65,66,63,68,6f,68,6a,6e,66,70,65,70,6b,66,6a,
63,69,00,cf
"iadkihkaffbeilgepe"=hex:6a,61,6d,65,66,63,6e,6c,6d,6d,67,6c,67,69,70,6e,65,6e,
6d,70,00,fb

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navßzanΘ na b∞₧φcφ procesy ---------------------

- - - - - - - > 'Explorer.exe'(2604)
c:\users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
.
------------------------ JinΘ spuÜtenΘ procesy ------------------------
.
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\program files\Sony\VAIO Event Service\VESMgr.exe
c:\program files\Sony\VAIO Event Service\VESMgrSub.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkov² Φas: 2010-08-16 21:05:31 - poΦφtaΦ byl restartovßn
ComboFix-quarantined-files.txt 2010-08-16 19:05

P°ed spuÜt∞nφm: 31á180á509á184 bytes free
Po spuÜt∞nφ: 32á915á914á752 bytes free

- - End Of File - - 13B5DB62A0AE132C9F65C973AC57274B

#8 Příspěvek od **Rudy** » 19 srp 2010 08:59

Ještě dočistíme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Collect::
c:\windows\system32\drivers\zkiaoctj7.sys

Driver::
jdkglx
zkiaoctj7

Regnull::
[HKEY_USERS\S-1-5-21-1170031453-2101478269-3666206039-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8520C8F2-D08B-C716-685F-A820E799BF72}*]
[HKEY_USERS\S-1-5-21-1170031453-2101478269-3666206039-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8DDF1DFA-F1D8-FAF8-400C-39A2F86C124A}*]
[HKEY_USERS\S-1-5-21-1170031453-2101478269-3666206039-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A98EC7AB-0BD8-5F18-48F2-60623B43070F}*]

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

P_Cherry · #9 Příspěvek od **P_Cherry** » 27 srp 2010 12:49

Moc diky. Nechci to zakriknout, ale po finalnim docisteni uz internet funguje tyden spolehlive:)

#10 Příspěvek od **Rudy** » 27 srp 2010 17:22

To jsem rád.

Nemáte zač!

VIRY.CZ

Prestava fungovat internet (ping)

Prestava fungovat internet (ping)

Re: Prestava fungovat internet (ping)

Re: Prestava fungovat internet (ping)

Re: Prestava fungovat internet (ping)

Re: Prestava fungovat internet (ping)

Re: Prestava fungovat internet (ping)

Re: Prestava fungovat internet (ping)

Re: Prestava fungovat internet (ping)

Re: Prestava fungovat internet (ping)

Re: Prestava fungovat internet (ping)