VIRY.CZ

po spuštění softwaru k připojení na internet(cca 20vteřin) se zobrazí okno s :Program Host Process for Windows Services přestal fungovat a byl ukončen.Nevite,jestli by to nějaký program zjistil.Děkuji

K přiojení k internetu, není třeba žádný speciální program. Stačí, když máte nakonfigurovanou síť přesně podle smlouvy o připojení, zapnutý a připojený modem (nebo jiný síť prvek, třeba AP) a musí to fungovat.

Záskok:

Záleží na tom, zda-li člověk nepoužívá například 3G internet přes USB modem, k tomu je pak potřeba software. Můžete to více specifikovat?

Sestra má modem anydata gprs/cdma s dobrým signálem.Do pátku jí fungoval normal.Pak chtěla abych jí odinstaloval antivir Panda,místo toho jsem jí nainstaloval comodo.Ovšem při instalaci se jí nelíbilo,že by mělo dojít ke změně IP,tak jsme to odmítli a pokračovali dále v inst.Instalace skončila a po restartu začala inicializace antiviru,neúspěšně.Tak jsem ho odinstaloval,jenže při odinst. se to v půlce zastavilo,objevila se modrá obrazovka.Pak už se to neopakovalo.Od té doby se připojí a za 20sekund se software odpojí a nic.Na liště oba monitory svítí,že je připojení aktivní a to je asi všechno.Prohlížeče nereagují.Při opětovném připojení softwaru to hlásí,že modem je již připojen,zkontrolujte připojení kabelu.Vzpomínám,že jsem měl jednou v minulosti ten samý problém,ale už si to nepamatuji,jak na to.

OK. Dejte log z RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 . Dál uvidíme.

bohužel dnes asi ne,mám ale log z combo fix,jestli stačí



ComboFix 11-03-19.06 - Markéta 21.03.2011 15:01:47.1.1 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2943.1914 [GMT 1:00]
Spuštěný z: c:\users\Markéta\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-21 do 2011-03-21 )))))))))))))))))))))))))))))))
.
.
2011-03-21 14:07 . 2011-03-21 14:07 -------- d-----w- c:\users\Markéta\AppData\Local\temp
2011-03-21 14:07 . 2011-03-21 14:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-21 13:12 . 2011-03-21 13:12 -------- d-----w- c:\program files\CCleaner
2011-03-21 13:00 . 2011-01-13 08:37 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-03-21 13:00 . 2011-01-13 08:41 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-03-21 13:00 . 2011-01-13 08:37 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-03-21 13:00 . 2011-01-13 08:40 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-03-21 13:00 . 2011-01-13 08:37 51280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-03-21 12:59 . 2011-01-13 08:47 38848 ----a-w- c:\windows\avastSS.scr
2011-03-21 12:59 . 2011-01-13 08:47 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-03-21 12:59 . 2011-03-21 12:59 -------- d-----w- c:\programdata\Alwil Software
2011-03-21 12:59 . 2011-03-21 12:59 -------- d-----w- c:\program files\Alwil Software
2011-03-18 10:35 . 2011-03-18 10:35 -------- d-----w- C:\VritualRoot
2011-03-18 10:34 . 2011-03-18 10:51 111872 ----a-w- c:\windows\system32\drivers\sfi.dat
2011-03-18 10:31 . 2011-03-18 10:36 -------- d-----w- c:\programdata\Comodo
2011-03-18 10:00 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{05AA7A98-30BC-43B7-A05B-7918C8E2599A}\mpengine.dll
2011-03-13 18:53 . 2011-03-16 11:47 -------- d-----w- c:\users\Markéta\AppData\Roaming\FashionCrazeChech
2011-03-13 18:53 . 2011-03-13 18:53 -------- d-----w- c:\program files\Módní salón
2011-03-13 18:50 . 2011-03-13 18:50 -------- d-----w- c:\program files\Moje farma
2011-03-10 07:05 . 2010-12-29 18:28 322560 ----a-w- c:\windows\system32\sbe.dll
2011-03-10 07:05 . 2010-12-29 18:28 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-03-10 07:05 . 2010-12-29 18:28 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-03-10 07:05 . 2010-12-29 18:26 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-10 07:05 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll
2011-03-10 07:05 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-03-04 12:15 . 2011-03-04 12:15 -------- d-----w- c:\program files\Common Files\Skype
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-02 16:11 . 2010-05-30 13:40 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-20 16:37 . 2011-02-11 07:40 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-20 16:08 . 2011-02-11 07:40 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:08 . 2011-02-11 07:40 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:08 . 2011-02-11 07:40 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:08 . 2011-02-11 07:40 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:08 . 2011-02-11 07:40 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:07 . 2011-02-11 07:40 37376 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:07 . 2011-02-11 07:40 258048 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:07 . 2011-02-11 07:40 586240 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:06 . 2011-02-11 07:40 2873344 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:06 . 2011-02-11 07:40 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04 . 2011-02-11 07:40 209920 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 16:04 . 2011-02-11 07:40 98816 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 14:28 . 2011-02-11 07:40 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 14:27 . 2011-02-11 07:40 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:26 . 2011-02-11 07:40 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25 . 2011-02-11 07:40 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:24 . 2011-02-11 07:40 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-01-20 14:24 . 2011-02-11 07:40 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:15 . 2011-02-11 07:41 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:14 . 2011-02-11 07:40 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14 . 2011-02-11 07:40 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:14 . 2011-02-11 07:40 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:12 . 2011-02-11 07:41 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:11 . 2011-02-11 07:40 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 13:47 . 2011-02-11 07:40 683008 ----a-w- c:\windows\system32\d2d1.dll
2011-01-20 13:44 . 2011-02-11 07:41 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-01-20 13:44 . 2011-02-11 07:41 797184 ----a-w- c:\windows\system32\FntCache.dll
2011-01-08 08:47 . 2011-02-11 07:40 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-01-08 06:28 . 2011-02-11 07:40 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:57 . 2011-02-11 07:41 2039808 ----a-w- c:\windows\system32\win32k.sys
2010-12-28 15:55 . 2011-01-23 15:08 413696 ----a-w- c:\windows\system32\odbc32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-31 39408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-26 15026056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2008-01-14 13996032]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-28 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-28 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-28 81920]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-06-01 202256]
"Adobe Reader Speed Launcher"="c:\markéta\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]
.
c:\users\Mark‚ta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-01 136176]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [2006-12-20 97920]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2008-01-02 241664]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 13:21]
.
2011-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-01 17:20]
.
2011-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-01 17:20]
.
2011-03-21 c:\windows\Tasks\User_Feed_Synchronization-{E3669FE3-E462-4DCC-8660-C24EA9FCD919}.job
- c:\windows\system32\msfeedssync.exe [2011-02-11 04:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
TCP: {4D3287FB-6B75-44B1-94C4-9017FB77128A} = 160.218.161.60 160.218.167.5
TCP: {A1F095F3-08A8-4FD6-8AA9-A7DAD51275AE} = 160.218.161.60 160.218.167.5
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-21 15:07
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\VDeck\VDeck.exe????????????????????????????????????????????
.
skenování skrytých souborů ...
.
.
c:\users\MARKTA~1\AppData\Local\Temp\catchme.dll 53248 bytes executable
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2011-03-21 15:11:25
ComboFix-quarantined-files.txt 2011-03-21 14:11
.
Před spuštěním: Volných bajtů: 369 149 030 400
Po spuštění: Volných bajtů: 368 027 942 912
.
- - End Of File - - 09937681B78FE1A2903A56518BD56BE9

Tak přidávám ten log z RSIT.Snad to pomůže.Zatím díky

Logfile of random's system information tool 1.08 (written by random/random)
Run by Markéta at 2011-03-22 15:17:30
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 348 GB (73%) free of 477 GB
Total RAM: 2943 MB (66% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\AppleSoftwareUpdate.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{DC3973E4-B3E0-4103-92BD-802E43791D27}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-06-01 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-02-25 298160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll [2011-02-25 848952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-02-25 298160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [2008-01-14 13996032]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-11-28 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-11-28 8497696]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-11-28 81920]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]
"NeroFilterCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-06-01 202256]
"Adobe Reader Speed Launcher"=C:\Markéta\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-05-31 39408]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-01-26 15026056]

C:\Users\Markéta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-03-22 15:08:21 ----D---- C:\rsit
2011-03-22 15:08:21 ----D---- C:\Program Files\trend micro
2011-03-21 22:29:00 ----A---- C:\Windows\red_dialer.ini
2011-03-21 15:11:27 ----D---- C:\Windows\temp
2011-03-21 15:10:45 ----SHD---- C:\$RECYCLE.BIN
2011-03-21 15:00:10 ----A---- C:\Windows\zip.exe
2011-03-21 15:00:10 ----A---- C:\Windows\SWSC.exe
2011-03-21 15:00:10 ----A---- C:\Windows\SWREG.exe
2011-03-21 15:00:10 ----A---- C:\Windows\sed.exe
2011-03-21 15:00:10 ----A---- C:\Windows\PEV.exe
2011-03-21 15:00:10 ----A---- C:\Windows\NIRCMD.exe
2011-03-21 15:00:10 ----A---- C:\Windows\MBR.exe
2011-03-21 15:00:10 ----A---- C:\Windows\grep.exe
2011-03-21 14:59:54 ----D---- C:\Windows\ERDNT
2011-03-21 14:59:26 ----D---- C:\Qoobox
2011-03-21 14:59:10 ----A---- C:\Windows\SWXCACLS.exe
2011-03-21 14:12:26 ----D---- C:\Program Files\CCleaner
2011-03-21 14:00:11 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-03-21 14:00:10 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-03-21 14:00:09 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-03-21 14:00:08 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-03-21 14:00:07 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-03-21 13:59:29 ----A---- C:\Windows\system32\aswBoot.exe
2011-03-21 13:59:16 ----D---- C:\ProgramData\Alwil Software
2011-03-21 13:59:16 ----D---- C:\Program Files\Alwil Software
2011-03-18 11:58:02 ----D---- C:\Windows\Minidump
2011-03-18 11:35:31 ----D---- C:\VritualRoot
2011-03-18 11:31:31 ----D---- C:\ProgramData\Comodo
2011-03-16 11:53:17 ----A---- C:\Windows\system32\shsvcs.dll
2011-03-13 19:53:37 ----D---- C:\Users\Markéta\AppData\Roaming\FashionCrazeChech
2011-03-13 19:53:03 ----D---- C:\Program Files\Módní salón
2011-03-13 19:50:09 ----D---- C:\Program Files\Moje farma
2011-03-10 08:05:48 ----A---- C:\Windows\system32\sbeio.dll
2011-03-10 08:05:48 ----A---- C:\Windows\system32\sbe.dll
2011-03-10 08:05:48 ----A---- C:\Windows\system32\EncDec.dll
2011-03-10 08:05:46 ----A---- C:\Windows\system32\mstscax.dll
2011-03-10 08:05:46 ----A---- C:\Windows\system32\mstsc.exe
2011-03-04 13:15:07 ----D---- C:\Program Files\Common Files\Skype
2011-02-24 23:52:13 ----D---- C:\Windows\system32\WindowsPowerShell
2011-02-24 23:50:43 ----A---- C:\Windows\system32\winrsmgr.dll
2011-02-24 23:50:35 ----A---- C:\Windows\system32\wsmprovhost.exe
2011-02-24 23:50:35 ----A---- C:\Windows\system32\winrshost.exe
2011-02-24 23:50:35 ----A---- C:\Windows\system32\winrs.exe
2011-02-24 23:50:34 ----A---- C:\Windows\system32\wsmplpxy.dll
2011-02-24 23:50:34 ----A---- C:\Windows\system32\winrssrv.dll
2011-02-24 23:50:33 ----A---- C:\Windows\system32\WsmRes.dll
2011-02-24 23:50:33 ----A---- C:\Windows\system32\wevtfwd.dll
2011-02-24 23:50:33 ----A---- C:\Windows\system32\wecutil.exe
2011-02-24 23:50:33 ----A---- C:\Windows\system32\wecsvc.dll
2011-02-24 23:50:33 ----A---- C:\Windows\system32\wecapi.dll
2011-02-24 23:50:33 ----A---- C:\Windows\system32\pwrshplugin.dll
2011-02-24 23:50:31 ----A---- C:\Windows\system32\winrm.vbs
2011-02-24 23:50:30 ----A---- C:\Windows\system32\WsmWmiPl.dll
2011-02-24 23:50:30 ----A---- C:\Windows\system32\WsmSvc.dll
2011-02-24 23:50:30 ----A---- C:\Windows\system32\WsmAuto.dll
2011-02-24 23:50:30 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2011-02-24 23:50:30 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2011-02-24 23:50:30 ----A---- C:\Windows\system32\winrscmd.dll

======List of files/folders modified in the last 1 months======

2011-03-22 15:15:35 ----D---- C:\Windows\Prefetch
2011-03-22 15:09:52 ----D---- C:\Windows\System32
2011-03-22 15:09:52 ----D---- C:\Windows\inf
2011-03-22 15:09:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-03-22 15:08:21 ----RD---- C:\Program Files
2011-03-22 15:04:20 ----D---- C:\Users\Markéta\AppData\Roaming\skypePM
2011-03-22 15:04:17 ----D---- C:\Users\Markéta\AppData\Roaming\Skype
2011-03-22 15:03:53 ----D---- C:\Windows\tracing
2011-03-21 22:29:00 ----D---- C:\Windows
2011-03-21 22:28:57 ----D---- C:\Program Files\AnyDATA
2011-03-21 22:22:38 ----D---- C:\Windows\Tasks
2011-03-21 22:22:38 ----D---- C:\Windows\system32\Tasks
2011-03-21 15:07:54 ----A---- C:\Windows\system.ini
2011-03-21 15:05:31 ----D---- C:\Windows\system32\drivers
2011-03-21 15:05:31 ----D---- C:\Windows\AppPatch
2011-03-21 15:05:30 ----D---- C:\Program Files\Common Files
2011-03-21 14:17:19 ----D---- C:\Windows\Debug
2011-03-21 14:14:02 ----SHD---- C:\System Volume Information
2011-03-21 14:00:04 ----SHD---- C:\Windows\Installer
2011-03-21 14:00:03 ----D---- C:\Windows\winsxs
2011-03-21 13:59:36 ----D---- C:\Program Files\Common Files\microsoft shared
2011-03-21 13:59:16 ----D---- C:\ProgramData
2011-03-21 13:59:15 ----D---- C:\Windows\system32\catroot2
2011-03-18 12:59:40 ----D---- C:\Windows\ModemLogs
2011-03-18 12:48:38 ----SD---- C:\Users\Markéta\AppData\Roaming\Microsoft
2011-03-18 11:33:12 ----D---- C:\Windows\system32\catroot
2011-03-18 11:13:04 ----RSD---- C:\Windows\assembly
2011-03-18 00:18:12 ----D---- C:\Program Files\Microsoft SQL Server
2011-03-18 00:17:50 ----D---- C:\Windows\Registration
2011-03-10 23:05:48 ----A---- C:\Windows\system32\mrt.exe
2011-03-10 23:05:39 ----D---- C:\ProgramData\Microsoft Help
2011-02-25 10:17:08 ----D---- C:\Windows\Microsoft.NET
2011-02-25 10:11:04 ----D---- C:\Windows\rescache
2011-02-24 23:52:15 ----D---- C:\Windows\system32\cs-CZ
2011-02-24 23:52:15 ----D---- C:\Windows\PolicyDefinitions

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-01-13 47440]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2010-09-10 78504]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
R2 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2006-04-22 8064]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\adusbser.sys [2006-12-20 97920]
R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-11-17 1040544]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-11-28 7629632]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2008-01-02 241664]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 catchme;catchme; \??\C:\Users\MARKTA~1\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2007-11-29 16896]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2007-11-29 19328]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2007-11-29 8064]
S3 usbser;Nokia USB Serial Port; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2007-11-29 8064]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 BcmSqlStartupSvc;Služba spouštění serveru SQL Server aplikace Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2009-02-23 30312]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-01 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-05-31 182768]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]

-----------------EOF-----------------

Nikde není nic nebezpečného vidět. Máte všechny systémové aktualizace?

Ano,aktualizace Windows jsou nastaveny zapnuty.O příspěvek výše jsem vložil log z combo fix,tam taky nic?

Nikde nic. Neptám se, zda máte aktualizace zapnuty, ale zda jste všechny nainstaloval.

Ne nic,kromě odinstalace Pandy a instalace a odinstalace Comoda.Včera jsem nainstaloval Avast.To je vše

Hláška "Host Process for Windows Services přestal fungovat a byl ukončen" v prxi znamená buď vir (vyloučili jsme), nebo neaktuální systém, nebo systémovou chybu. Pro jistotu ještě zkuste kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Dobře.Po odinstalaci těch antivirů jsem otevřel prefetch a odstranil zbytky těch souborů.Nebyla tahle ta zákl. chyba?

I to by mohlo být možné. Připojení již funguje?

Já bydlím trochu dál od sestry,tak nemám přístup k pc.Připojení funguje,po každé se připojí,ale po dvaceti vteřinách nse samo odpojí.Ještě jsem nainstaloval ccleaner-zadal čištění a čištění registrů a nic,pořád stejné.