Nieco ma stale odpaja od internetu.

Zpráva

radokub · #1 Příspěvek od **radokub** » 22 pro 2011 23:19

Dobry den. Nieco ma stale odpaja od internetu. V lubovolnom case stratim pristup na internet pricom do siete ostavam pripojeny. Je nutne restartovat modem. Nikdy predtym som takyto problem nemal, zo dna na den to zacalo a trva asi mesiac. Skusal som Winsockfix, LSP, ale tie sa nevedia dostat k suborom na 64 bit. Neviem si s tym poradit.
S pozdravom Rado

info.txt logfile of random's system information tool 1.09 2011-12-22 21:23:23

======Uninstall list======

µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
Acronis True Image Home 2012-->MsiExec.exe /X{47A0C382-35D7-4A3A-B9AF-B2D38827A8A7}
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_Plugin.exe -maintain plugin
Adobe Reader X (10.1.0) MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001}
AMD APP SDK Runtime-->MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441}
Atheros Driver Installation Program-->"C:\Program Files (x86)\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\Setup.exe" -runfromtemp -l0x0409
ATI Catalyst Install Manager-->msiexec /q/x{64C0356C-C3E0-032C-3A3D-341FD4623165} REBOOT=ReallySuppress
AVG 2012-->"C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe" /AppMode=SETUP /Uninstall
AVG 2012-->MsiExec.exe /I{65510247-DAA8-4161-9898-42C78EAF1BC5}
AVG 2012-->MsiExec.exe /I{6D830209-41C2-4D6B-BA25-4EF98807D9FB}
Bluetooth Win7 Suite (64)-->MsiExec.exe /X{230D1595-57DA-4933-8C4E-375797EBB7E1}
BMW M3 E46 Street Racing v1.1-->"E:\hry\rFactor\unins000.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{737DCE46-824C-40BA-8776-81D9D1DB04AB}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Cisco EAP-FAST Module-->MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
Cisco LEAP Module-->MsiExec.exe /I{51C7AD07-C3F6-4635-8E8A-231306D810FE}
Cisco PEAP Module-->MsiExec.exe /I{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
DAEMON Tools Toolbar-->C:\Program Files (x86)\DAEMON Tools Toolbar\uninst.exe
Fraps (remove only)-->"C:\Program Files (x86)\fraps\uninstall.exe"
GIMP 2.6.11-->"C:\Program Files (x86)\GIMP-2.0\setup\unins000.exe"
HP HotKey Support-->MsiExec.exe /X{DF170D46-F393-4705-BA1C-B580E062252E}
HP Webcam Driver-->C:\Program Files (x86)\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x001b -removeonly
HyperLobby client-->MsiExec.exe /I{333F3B34-0374-4B2C-9A23-EA6294D82772}
Intel(R) Display Audio Driver-->C:\Program Files (x86)\Intel\Intel(R) Display Audio Driver\Uninstall\setup.exe -uninstall
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Java(TM) 6 Update 29-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216029FF}
JMicron Flash Media Controller Driver-->"C:\Program Files (x86)\JMicron\JMCR_DIR\setup.exe" delpkg
LibreOffice 3.4-->MsiExec.exe /I{7821C7B2-7E21-4CF3-925B-58B6A8BC6311}
LockHunter version 1.0 beta 3, 64 bit edition-->"C:\Program Files\LockHunter\unins000.exe"
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Mozilla Firefox 7.0.1 (x86 sk)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSVCRT Redists-->MsiExec.exe /I{7032B400-11EC-11E0-A9BF-0013D3D69929}
MSVCRT Redists-->MsiExec.exe /I{C9608300-11F5-11E0-A64B-0013D3D69929}
Realtek Ethernet Controller All-In-One Windows Driver-->C:\Program Files (x86)\InstallShield Installation Information\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}\setup.exe -runfromtemp -removeonly
Renesas Electronics USB 3.0 Host Controller Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{5442DAB8-7177-49E1-8B22-09A049EA5996}\setup.exe" -runfromtemp -l0x041b -removeonly
Renesas Electronics USB 3.0 Host Controller Driver-->MsiExec.exe /X{5442DAB8-7177-49E1-8B22-09A049EA5996}
rFactor (remove only)-->"E:\hry\rFactor\Uninstall.exe"
SAMSUNG USB Driver for Mobile Phones-->E:\1NonSystemData\HRY\samsung kies\USB Drivers\Uninstall.exe
save2pc Ultimate 4.25-->"C:\Program Files (x86)\FDRLab\save2pc\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"
Spyware Terminator 2012-->"C:\Program Files (x86)\Spyware Terminator\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TeamSpeak 3 Client-->"C:\Program Files\TeamSpeak 3 Client\uninstall.exe"
Total Commander (Remove or Repair)-->C:\Program Files (x86)\totalcmd7.56\tcuninst.exe
uTorrentBar Toolbar-->C:\Program Files (x86)\uTorrentBar\uninstall.exe toolbar
UxStyle Core Beta-->MsiExec.exe /X{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}
Vegas Pro 10.0-->MsiExec.exe /X{6D592E30-11EC-11E0-859C-0013D3D69929}
Visual Studio 2008 x64 Redistributables-->MsiExec.exe /I{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}
WinRAR 4.01 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
WMV9/VC-1 Video Playback-->MsiExec.exe /X{E63C9DDB-74E0-5A5F-7979-32905406D899}

Hosts File Missing
======System event log======

Computer Name: karol-PC
Event Code: 11
Message: The driver detected a controller error on \Device\Harddisk1\DR1.
Record Number: 499
Source Name: Disk
Time Written: 20111103031125.027185-000
Event Type: Error
User:

Computer Name: karol-PC
Event Code: 11
Message: The driver detected a controller error on \Device\Harddisk1\DR1.
Record Number: 498
Source Name: Disk
Time Written: 20111103031124.512384-000
Event Type: Error
User:

Computer Name: karol-PC
Event Code: 11
Message: The driver detected a controller error on \Device\Harddisk1\DR1.
Record Number: 496
Source Name: Disk
Time Written: 20111103031123.997583-000
Event Type: Error
User:

Computer Name: karol-PC
Event Code: 11
Message: The driver detected a controller error on \Device\Harddisk1\DR1.
Record Number: 491
Source Name: Disk
Time Written: 20111103031121.220778-000
Event Type: Error
User:

Computer Name: karol-PC
Event Code: 11
Message: The driver detected a controller error on \Device\Harddisk1\DR1.
Record Number: 482
Source Name: Disk
Time Written: 20111103031118.443973-000
Event Type: Error
User:

=====Application event log=====

Computer Name: karol-PC
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 276
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20111103031256.940150-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: karol-PC
Event Code: 1017
Message: Installation of the Proof of Purchase failed. 0xC004F015
Partial Pkey=PMJBM
ACID=7cfd4696-69a9-4af7-af36-ff3d12b6b6c8
Detailed Error[?]

Record Number: 275
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20111103031248.000000-000
Event Type: Error
User:

Computer Name: karol-PC
Event Code: 10
Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Record Number: 194
Source Name: Microsoft-Windows-WMI
Time Written: 20111103031035.000000-000
Event Type: Error
User:

Computer Name: karol-PC
Event Code: 1008
Message: Služba Windows Search sa spúšťa a pokúša sa odstrániť starý index hľadania. {Dôvod: Full Index Reset}.

Record Number: 177
Source Name: Microsoft-Windows-Search
Time Written: 20111103031001.000000-000
Event Type: Warning
User:

Computer Name: 37L4247F27-25
Event Code: 1008
Message: Služba Windows Search sa spúšťa a pokúša sa odstrániť starý index hľadania. {Dôvod: Full Index Reset}.

Record Number: 167
Source Name: Microsoft-Windows-Search
Time Written: 20111103030714.000000-000
Event Type: Warning
User:

=====Security event log=====

Computer Name: 37L4247F27-25
Event Code: 4735
Message: A security-enabled local group was changed.

Subject:
Security ID: S-1-5-18
Account Name: 37L4247F27-25$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Group:
Security ID: S-1-5-32-551
Group Name: Backup Operators
Group Domain: Builtin

Changed Attributes:
SAM Account Name: -
SID History: -

Additional Information:
Privileges: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111103025956.537279-000
Event Type: Audit Success
User:

Computer Name: 37L4247F27-25
Event Code: 4731
Message: A security-enabled local group was created.

Subject:
Security ID: S-1-5-18
Account Name: 37L4247F27-25$
Account Domain: WORKGROUP
Logon ID: 0x3e7

New Group:
Security ID: S-1-5-32-551
Group Name: Backup Operators
Group Domain: Builtin

Attributes:
SAM Account Name: Backup Operators
SID History: -

Additional Information:
Privileges: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111103025956.537279-000
Event Type: Audit Success
User:

Computer Name: 37L4247F27-25
Event Code: 4902
Message: The Per-user audit policy table was created.

Number of Elements: 0
Policy ID: 0x32a58
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111103025956.194078-000
Event Type: Audit Success
User:

Computer Name: 37L4247F27-25
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Logon Type: 0

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x4
Process Name:

Network Information:
Workstation Name: -
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: -
Authentication Package: -
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111103025953.947674-000
Event Type: Audit Success
User:

Computer Name: 37L4247F27-25
Event Code: 4608
Message: Windows is starting up.

This event is logged when LSASS.EXE starts and the auditing subsystem is initialized.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111103025953.854074-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 23 pro 2011 13:06

Zdravím!
Poprosím o log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

radokub · #3 Příspěvek od **radokub** » 23 pro 2011 19:04

Dakujem za ochotu.
S pozdravom Rado

ComboFix 11-12-23.01 - karol . 12. 2011 18:40:01.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.4030.2658 [GMT 1:00]
Running from: c:\users\karol\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\system32
c:\windows\SysWow64\system32\3DAudio.ax
c:\windows\SysWow64\system32\avrt.dll
c:\windows\SysWow64\system32\cis-2.4.dll
c:\windows\SysWow64\system32\issacapi_bs-2.3.dll
c:\windows\SysWow64\system32\issacapi_pe-2.3.dll
c:\windows\SysWow64\system32\issacapi_se-2.3.dll
c:\windows\SysWow64\system32\MACXMLProto.dll
c:\windows\SysWow64\system32\MaDRM.dll
c:\windows\SysWow64\system32\MaJGUILib.dll
c:\windows\SysWow64\system32\MAMACExtract.dll
c:\windows\SysWow64\system32\MASetupCleaner.exe
c:\windows\SysWow64\system32\MaXMLProto.dll
c:\windows\SysWow64\system32\mfplat.dll
c:\windows\SysWow64\system32\MK_Lyric.dll
c:\windows\SysWow64\system32\MSCLib.dll
c:\windows\SysWow64\system32\MSFLib.dll
c:\windows\SysWow64\system32\MSLUR71.dll
c:\windows\SysWow64\system32\msvcp60.dll
c:\windows\SysWow64\system32\MTTELECHIP.dll
c:\windows\SysWow64\system32\MTXSYNCICON.dll
c:\windows\SysWow64\system32\muzaf1.dll
c:\windows\SysWow64\system32\muzapp.dll
c:\windows\SysWow64\system32\muzapp.exe
c:\windows\SysWow64\system32\muzdecode.ax
c:\windows\SysWow64\system32\muzeffect.ax
c:\windows\SysWow64\system32\muzmp4sp.ax
c:\windows\SysWow64\system32\muzmpgsp.ax
c:\windows\SysWow64\system32\muzoggsp.ax
c:\windows\SysWow64\system32\muzwmts.dll
c:\windows\SysWow64\system32\psapi.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-11-23 to 2011-12-23 )))))))))))))))))))))))))))))))
.
.
2011-12-23 17:43 . 2011-12-23 17:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-22 20:36 . 2011-12-22 20:36 -------- d-----w- C:\Temp
2011-12-22 20:31 . 2011-11-29 15:38 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2011-12-22 20:28 . 2011-12-22 20:28 -------- d-----w- c:\program files (x86)\Samsung
2011-12-22 20:22 . 2011-12-22 20:26 -------- d-----w- c:\program files\trend micro
2011-12-22 20:22 . 2011-12-22 20:23 -------- d-----w- C:\rsit
2011-12-21 22:03 . 2011-10-27 01:25 18944 ----a-w- c:\windows\system32\drivers\ss_mdfl.sys
2011-12-21 22:03 . 2011-10-27 01:25 161280 ----a-w- c:\windows\system32\drivers\ss_mdm.sys
2011-12-21 22:03 . 2011-10-27 01:25 15872 ----a-w- c:\windows\system32\drivers\ss_whnt.sys
2011-12-21 22:03 . 2011-10-27 01:25 15872 ----a-w- c:\windows\system32\drivers\ss_wh.sys
2011-12-21 22:03 . 2011-10-27 01:25 15360 ----a-w- c:\windows\system32\drivers\ss_cmnt.sys
2011-12-21 22:03 . 2011-10-27 01:25 15360 ----a-w- c:\windows\system32\drivers\ss_cm.sys
2011-12-21 22:03 . 2011-10-27 01:25 127488 ----a-w- c:\windows\system32\drivers\ss_bus.sys
2011-12-21 20:28 . 2011-12-21 20:28 -------- d-----w- c:\program files (x86)\MyFree Codec
2011-12-20 21:46 . 2011-12-20 21:58 -------- d-----w- c:\program files (x86)\FDRLab
2011-12-20 21:30 . 2011-12-22 20:33 -------- d-----w- c:\users\karol\AppData\Local\Samsung
2011-12-20 21:27 . 2011-11-29 15:39 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2011-12-20 21:27 . 2011-12-20 21:27 -------- d-----w- c:\program files (x86)\MarkAny
2011-12-20 21:25 . 2011-12-22 20:33 -------- d-----w- c:\users\karol\AppData\Roaming\Samsung
2011-12-20 21:25 . 2011-12-22 20:28 -------- d-----w- c:\programdata\Samsung
2011-12-20 21:13 . 2011-12-22 20:27 -------- d-----w- c:\users\karol\AppData\Local\Downloaded Installations
2011-12-18 20:17 . 2011-12-18 20:17 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2011-12-18 20:17 . 2011-12-23 17:14 -------- d-----w- c:\programdata\Spyware Terminator
2011-12-18 20:17 . 2011-12-18 20:17 -------- d-----w- c:\users\karol\AppData\Roaming\Spyware Terminator
2011-12-18 20:15 . 2011-12-18 20:17 -------- d-----w- c:\program files (x86)\Spyware Terminator
2011-12-18 19:56 . 2011-12-21 18:40 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-12-18 19:56 . 2011-12-18 20:21 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-12-18 18:28 . 2011-12-18 18:28 -------- d-----w- c:\users\karol\AppData\Roaming\AVG2012
2011-12-18 18:28 . 2011-12-18 18:28 -------- d-----w- c:\windows\SysWow64\drivers\AVG
2011-12-18 18:27 . 2011-12-23 17:14 -------- d-----w- c:\windows\system32\drivers\AVG
2011-12-18 18:27 . 2011-12-18 18:33 -------- d-----w- c:\programdata\AVG2012
2011-12-18 18:26 . 2011-12-18 18:26 -------- d-----w- c:\program files (x86)\AVG
2011-12-18 17:42 . 2011-12-18 17:42 -------- d-----w- c:\users\karol\AppData\Local\ElevatedDiagnostics
2011-12-17 17:51 . 2011-12-17 17:51 -------- d-----w- c:\users\karol\AppData\Local\Diagnostics
2011-12-17 17:09 . 2011-12-17 17:10 -------- d-----w- c:\program files (x86)\DAEMON Tools Toolbar
2011-12-17 17:09 . 2011-12-17 17:09 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-12-17 17:09 . 2011-12-17 17:10 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2011-12-17 17:08 . 2011-12-21 18:40 -------- d-----w- c:\users\karol\AppData\Roaming\DAEMON Tools Lite
2011-12-17 17:08 . 2011-12-17 17:08 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-12-17 17:06 . 2011-12-17 17:06 -------- d--h--w- c:\programdata\Common Files
2011-12-17 17:06 . 2011-12-23 17:14 -------- d-----w- c:\programdata\MFAData
2011-11-29 15:38 . 2011-11-29 15:38 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2011-11-29 15:38 . 2011-11-29 15:38 325552 ----a-w- c:\windows\MASetupCaller.dll
2011-11-29 15:38 . 2011-11-29 15:38 30568 ----a-w- c:\windows\MusiccityDownload.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-06 23:40 . 2011-11-06 23:41 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-11-06 21:36 . 2011-11-06 21:36 796672 ----a-w- c:\windows\GPInstall.exe
2011-11-06 11:07 . 2011-11-03 08:59 1284192 ----a-w- c:\windows\system32\drivers\tdrpman.sys
2011-11-06 11:07 . 2011-11-06 11:07 986208 ----a-w- c:\windows\system32\drivers\timntr.sys
2011-11-06 11:07 . 2011-11-06 11:07 210528 ----a-w- c:\windows\system32\drivers\vididr.sys
2011-11-06 11:06 . 2011-11-06 11:06 142944 ----a-w- c:\windows\system32\drivers\vsflt58.sys
2011-11-06 11:06 . 2011-11-06 11:06 132704 ----a-w- c:\windows\system32\drivers\fltsrv.sys
2011-11-03 08:59 . 2011-11-03 08:59 78880 ----a-w- c:\windows\system32\drivers\tifsfilt.sys
2011-11-03 08:58 . 2011-11-03 08:58 229408 ----a-w- c:\windows\system32\drivers\snapman.sys
2011-11-03 07:40 . 2011-11-03 07:40 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-07 05:23 . 2011-10-07 05:23 283728 ----a-w- c:\windows\system32\drivers\avgldx64.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\uTorrentBar\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2010-11-21 1174016]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-11-29 935312]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-11-29 21392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-27 336384]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2011-07-06 323128]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-14 113288]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-11-29 3508624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2011-08-20 5729328]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
R3 SaiH0461;SaiH0461;c:\windows\system32\DRIVERS\SaiH0461.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [x]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys [x]
S0 vidsflt58;Acronis Disk Storage Filter (58);c:\windows\system32\DRIVERS\vsflt58.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-01-06 138400]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-01-06 53920]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-07-05 227384]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-07-06 1698360]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [2011-11-22 1148632]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
S2 UnsignedThemes;Unsigned Themes;c:\windows\UnsignedThemesSvc.exe [2009-07-13 24168]
S2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-25 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-25 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-25 418840]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-01-06 615584]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-01-06 379040]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2011-11-22 2779824]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2011-11-22 3621040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\karol\AppData\Roaming\Mozilla\Firefox\Profiles\ywi597cb.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: network.proxy.type - 4
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
ShellIconOverlayIdentifiers- - (no file)
ShellIconOverlayIdentifiers- - (no file)
ShellIconOverlayIdentifiers- - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-12-23 18:44:33
ComboFix-quarantined-files.txt 2011-12-23 17:44
.
Pre-Run: 36 115 664 896 bytes free
Post-Run: 35 644 010 496 bytes free
.
- - End Of File - - 1723111F141AD6A77FC689C77C0EEF9E

#4 Příspěvek od **Rudy** » 23 pro 2011 19:17

Několik položek CF smazal, zbytek logu vypadá čistý. Nastala nějaká změna?

radokub · #5 Příspěvek od **radokub** » 24 pro 2011 07:19

Zistil som len ze odpajanie sa tyka wifi, po kabli ide net normalne, na wifi teda cf nemal vplyv.

#6 Příspěvek od **Rudy** » 24 pro 2011 10:14

Zkuste restartovat WiFi router a přeinstalovat ovladač WiFi karty.

VIRY.CZ

Nieco ma stale odpaja od internetu.

Nieco ma stale odpaja od internetu.

Re: Nieco ma stale odpaja od internetu.

Re: Nieco ma stale odpaja od internetu.

Re: Nieco ma stale odpaja od internetu.

Re: Nieco ma stale odpaja od internetu.

Re: Nieco ma stale odpaja od internetu.