Odpojuje se mi internet

Zpráva

Herryck · #1 Příspěvek od **Herryck** » 09 zář 2012 21:26

Zdravim. Mám problém ohledně odpojování internetu. Máme 2 počítače a to odpojování netu dělá jenom na mým PC, kabely jsme zkoušeli a jsou v pořádku, zkoušeli jsme i jinak propojit počítače do modemu. Router jsme taky vyloučili. Zkusil jsem vypnout úsporu u síťovky, ale nepomohlo to. Pingnul jsem si seznam a nepravidelně mi to háže tohle: Vypršel časový limit žádosti. Ping mám stále 16-30ms. Díky za jakoukoliv radu.

Herryck · #2 Příspěvek od **Herryck** » 09 zář 2012 21:31

Logfile of random's system information tool 1.09 (written by random/random)
Run by Patrik at 2012-09-09 21:02:08
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 6 GB (8%) free of 86 GB
Total RAM: 8153 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:17:30, on 9.9.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\VOX\JamVOX\JVExec.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMHID2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMTray2.exe
C:\Program Files (x86)\AIMP2\AIMP2.exe
E:\PatrikHDD\Programy\TS3\ts3client_win32.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Users\Patrik\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Patrik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=111814 ... dae94deea3
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Vizuální záložky - {C93F72A2-2162-4BBA-A07A-F13663C297A6} - C:\Program Files (x86)\Yandex\YandexBarIE\fastdial.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: Yandex.Bar - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SteelSeries World of Warcraft Cataclysm MMO Gaming Mouse] "C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMHID2.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: JVExec.lnk = C:\Program Files (x86)\VOX\JamVOX\JVExec.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8700 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}]
HistoryTriggerBHO Class - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll [2011-11-17 36208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
Babylon toolbar helper - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll [2011-08-14 270960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C93F72A2-2162-4BBA-A07A-F13663C297A6}]
Vizuální záložky - C:\Program Files (x86)\Yandex\YandexBarIE\fastdial.dll [2011-10-13 2697528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6} - Yandex.Bar - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll [2011-10-20 12336440]
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll [2011-08-14 237680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-09-30 98304]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2012-08-08 348664]
"SteelSeries World of Warcraft Cataclysm MMO Gaming Mouse"=C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMHID2.exe [2011-08-18 1993216]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2012-08-04 1353080]
"Badoo Desktop"=C:\ProgramData\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe []
"LG LinkAir"= []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
JVExec.lnk - C:\Program Files (x86)\VOX\JamVOX\JVExec.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"vidc.mjpg"=pvmjpg30.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-09-09 21:02:08 ----D---- C:\rsit
2012-09-09 21:02:08 ----D---- C:\Program Files (x86)\trend micro
2012-08-27 19:48:25 ----D---- C:\Program Files (x86)\Common Files\Pinnacle
2012-08-27 19:47:59 ----D---- C:\ProgramData\Pinnacle Studio Ultimate Collection
2012-08-27 19:46:46 ----D---- C:\ProgramData\Studio 15
2012-08-27 19:46:46 ----D---- C:\ProgramData\Pinnacle Studio Plus
2012-08-27 19:46:46 ----D---- C:\Program Files (x86)\Pinnacle
2012-08-27 19:46:46 ----D---- C:\Program Files (x86)\Common Files\Yahoo!
2012-08-27 19:46:46 ----D---- C:\Program Files (x86)\Common Files\Pegasus Imaging
2012-08-27 19:45:55 ----D---- C:\ProgramData\Pinnacle
2012-08-20 14:45:28 ----D---- C:\Windows\SysWOW64\xlive
2012-08-20 14:45:27 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2012-08-16 00:24:04 ----A---- C:\Windows\SysWOW64\win32spl.dll
2012-08-16 00:24:04 ----A---- C:\Windows\SysWOW64\srclient.dll
2012-08-16 00:24:04 ----A---- C:\Windows\splwow64.exe
2012-08-16 00:24:03 ----A---- C:\Windows\SysWOW64\vbscript.dll
2012-08-16 00:24:03 ----A---- C:\Windows\SysWOW64\netapi32.dll
2012-08-16 00:24:03 ----A---- C:\Windows\SysWOW64\jscript.dll
2012-08-16 00:24:03 ----A---- C:\Windows\SysWOW64\browcli.dll
2012-08-16 00:24:02 ----A---- C:\Windows\SysWOW64\mshtml.dll
2012-08-16 00:24:02 ----A---- C:\Windows\SysWOW64\ieframe.dll
2012-08-16 00:24:01 ----A---- C:\Windows\SysWOW64\wininet.dll
2012-08-16 00:24:01 ----A---- C:\Windows\SysWOW64\urlmon.dll
2012-08-16 00:24:01 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2012-08-16 00:24:01 ----A---- C:\Windows\SysWOW64\iertutil.dll
2012-08-16 00:24:00 ----A---- C:\Windows\SysWOW64\url.dll
2012-08-16 00:24:00 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2012-08-16 00:24:00 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2012-08-16 00:24:00 ----A---- C:\Windows\SysWOW64\ieui.dll

======List of files/folders modified in the last 1 month======

2012-09-09 21:12:09 ----D---- C:\Windows\Temp
2012-09-09 21:02:08 ----RD---- C:\Program Files (x86)
2012-09-09 21:00:39 ----D---- C:\Users\Patrik\AppData\Roaming\vlc
2012-09-09 20:19:20 ----D---- C:\ProgramData\PMB Files
2012-09-09 19:44:20 ----D---- C:\Program Files (x86)\Steam
2012-09-09 19:00:05 ----SHD---- C:\System Volume Information
2012-09-09 18:52:17 ----D---- C:\Windows\System32
2012-09-09 18:52:17 ----D---- C:\Windows\inf
2012-09-09 13:20:40 ----D---- C:\Program Files (x86)\Common Files\Steam
2012-09-08 19:18:01 ----D---- C:\Users\Patrik\AppData\Roaming\VOX
2012-09-06 05:16:53 ----D---- C:\Windows
2012-09-05 18:50:23 ----D---- C:\Program Files (x86)\Realtek
2012-09-05 18:50:09 ----A---- C:\Windows\Language_trs.ini
2012-09-04 21:56:22 ----D---- C:\Windows\Minidump
2012-08-31 21:02:32 ----D---- C:\Program Files (x86)\Opera
2012-08-30 13:27:15 ----SHD---- C:\Windows\Installer
2012-08-27 19:48:25 ----D---- C:\Program Files (x86)\Common Files
2012-08-27 19:47:59 ----HD---- C:\ProgramData
2012-08-27 19:47:54 ----SD---- C:\ProgramData\Microsoft
2012-08-27 19:47:43 ----D---- C:\Windows\winsxs
2012-08-27 19:47:36 ----RSD---- C:\Windows\Fonts
2012-08-27 19:47:01 ----D---- C:\Windows\SysWOW64
2012-08-27 19:46:11 ----SD---- C:\Users\Patrik\AppData\Roaming\Microsoft
2012-08-23 14:17:16 ----D---- C:\ProgramData\Adobe
2012-08-23 14:16:37 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-08-20 14:45:24 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2012-08-16 04:56:50 ----D---- C:\Windows\SysWOW64\migration
2012-08-16 04:56:50 ----D---- C:\Program Files (x86)\Internet Explorer
2012-08-10 18:20:16 ----D---- C:\Users\Patrik\AppData\Roaming\Audacity

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys []
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys []
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys []
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys []
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtpt64.sys []
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbs64.sys []
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmdm64.sys []
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 SSMO3v2Filter;MMO3v2 Mouse; C:\Windows\system32\drivers\MO3v2Driver.sys []
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys []
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys []
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys []
S3 JamVOXUSBAudioSrv;CEntrance USB Audio Driver Service for JamVOX; C:\Windows\system32\drivers\jamvox.sys []
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys []
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-05-08 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-09-09 529744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-27 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-23 250568]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-27 136176]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------

#3 Příspěvek od **Rudy** » 09 zář 2012 21:42

Také zdravím!
Poprosím o log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Herryck · #4 Příspěvek od **Herryck** » 09 zář 2012 22:14

ComboFix 12-09-09.02 - Patrik 09.09.2012 23:06:48.2.6 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8153.6681 [GMT 2:00]
Spuštěný z: c:\users\Patrik\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-08-09 do 2012-09-09 )))))))))))))))))))))))))))))))
.
.
2012-09-09 21:08 . 2012-09-09 21:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-09 19:02 . 2012-09-09 19:17 -------- d-----w- C:\rsit
2012-09-09 19:02 . 2012-09-09 19:17 -------- d-----w- c:\program files (x86)\trend micro
2012-09-08 13:56 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3D9148B9-2793-44AB-910A-8A8C4C227EF0}\mpengine.dll
2012-09-05 16:50 . 2011-08-23 19:57 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2012-09-05 16:50 . 2011-08-23 19:57 565352 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2012-08-30 11:27 . 2012-08-30 11:27 -------- d-----w- c:\windows\system32\appmgmt
2012-08-27 17:48 . 2012-08-27 17:48 -------- d-----w- c:\program files (x86)\Common Files\Pinnacle
2012-08-27 17:48 . 2012-08-27 17:48 -------- d-----w- c:\users\Patrik\AppData\Local\Downloaded Installations
2012-08-27 17:48 . 2012-08-27 17:58 -------- d-----w- c:\users\Patrik\AppData\Local\Pinnacle
2012-08-27 17:47 . 2012-08-27 17:47 -------- d-----w- c:\programdata\Pinnacle Studio Ultimate Collection
2012-08-27 17:46 . 2012-08-27 17:46 -------- d-----w- c:\programdata\Studio 15
2012-08-27 17:46 . 2012-08-27 17:46 -------- d-----w- c:\programdata\Pinnacle Studio Plus
2012-08-27 17:46 . 2012-08-27 17:46 -------- d-----w- c:\program files (x86)\Pinnacle
2012-08-27 17:46 . 2012-08-27 17:46 -------- d-----w- c:\program files (x86)\Common Files\Yahoo!
2012-08-27 17:46 . 2012-08-27 17:46 -------- d-----w- c:\program files (x86)\Common Files\Pegasus Imaging
2012-08-27 17:45 . 2012-08-27 17:47 -------- d-----w- c:\programdata\Pinnacle
2012-08-20 12:45 . 2012-08-20 12:45 -------- d-----w- c:\windows\SysWow64\xlive
2012-08-20 12:45 . 2012-08-20 12:45 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-23 12:16 . 2012-04-02 17:48 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-23 12:16 . 2011-12-29 19:27 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-16 02:54 . 2011-12-30 16:01 62134624 ----a-w- c:\windows\system32\MRT.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-09-09_20.54.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-11-21 03:09 . 2012-09-09 21:03 35702 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-09-09 21:03 35562 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2011-12-29 14:24 . 2012-09-09 20:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-12-29 14:24 . 2012-09-09 21:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-12-29 14:24 . 2012-09-09 21:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-12-29 14:24 . 2012-09-09 20:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-12-29 14:17 . 2012-09-09 21:03 4482 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3871889294-1052466465-1512472879-1000_UserData.bin
- 2012-09-09 20:54 . 2012-09-09 20:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-09-09 21:09 . 2012-09-09 21:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36 . 2012-09-09 16:52 616032 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-09-09 21:06 616032 c:\windows\system32\perfh009.dat
+ 2011-04-12 08:34 . 2012-09-09 21:06 631276 c:\windows\system32\perfh005.dat
- 2011-04-12 08:34 . 2012-09-09 16:52 631276 c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2012-09-09 16:52 106412 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-09-09 21:06 106412 c:\windows\system32\perfc009.dat
- 2011-04-12 08:34 . 2012-09-09 16:52 121930 c:\windows\system32\perfc005.dat
+ 2011-04-12 08:34 . 2012-09-09 21:06 121930 c:\windows\system32\perfc005.dat
- 2009-07-14 05:01 . 2012-09-09 20:53 278888 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-09-09 21:08 278888 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-12-30 16:03 . 2012-09-09 21:08 1718360 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3871889294-1052466465-1512472879-1000-8192.dat
- 2011-12-30 16:03 . 2012-09-09 20:53 1718360 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3871889294-1052466465-1512472879-1000-8192.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{91397D20-1446-11D4-8AF4-0040CA1127B6}"= "c:\program files (x86)\Yandex\YandexBarIE\yndbar.dll" [2011-10-20 12336440]
.
[HKEY_CLASSES_ROOT\clsid\{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOT\Yandex.Toolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOT\Yandex.Toolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-08-04 1353080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-30 98304]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"SteelSeries World of Warcraft Cataclysm MMO Gaming Mouse"="c:\program files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMHID2.exe" [2011-08-18 1993216]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
JVExec.lnk - c:\program files (x86)\VOX\JamVOX\JVExec.exe [2012-4-24 1325656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-27 136176]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-23 250568]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-27 136176]
R3 JamVOXUSBAudioSrv;CEntrance USB Audio Driver Service for JamVOX;c:\windows\system32\drivers\jamvox.sys [2011-12-14 131912]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 34816]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-30 1255736]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2011-03-04 78976]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2011-03-04 38528]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-15 27760]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-30 279616]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-09-29 203264]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-09-29 7883264]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-09-29 285696]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-02-24 126952]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-02-24 389608]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-08-16 116240]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
S3 SSMO3v2Filter;MMO3v2 Mouse;c:\windows\system32\drivers\MO3v2Driver.sys [2010-12-17 23040]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-12-16 47232]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-09-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 12:16]
.
2012-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-27 15:46]
.
2012-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-27 15:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.babylon.com/?affID=111814&babsrc=HP_ss&mntrId=2046a89300000000000014dae94deea3
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{91397D20-1446-11D4-8AF4-0040CA1127B6} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
.
**************************************************************************
.
Celkový čas: 2012-09-09 23:10:38 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-09-09 21:10
ComboFix2.txt 2012-09-09 20:55
.
Před spuštěním: 6 648 750 080
Po spuštění: 6 573 944 832
.
- - End Of File - - D238C035EC4811226024257BD0A42A5F

#5 Příspěvek od **Rudy** » 10 zář 2012 19:06

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Yandex

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{91397D20-1446-11D4-8AF4-0040CA1127B6}"=-
[-HKEY_CLASSES_ROOT\clsid\{91397d20-1446-11d4-8af4-0040ca1127b6}]
[-HKEY_CLASSES_ROOT\Yandex.Toolbar.1]
[-HKEY_CLASSES_ROOT\TypeLib\{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[-HKEY_CLASSES_ROOT\Yandex.Toolbar]

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Herryck · #6 Příspěvek od **Herryck** » 10 zář 2012 19:33

ComboFix 12-09-09.02 - Patrik 10.09.2012 20:25:46.3.6 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8153.6309 [GMT 2:00]
Spuštěný z: c:\users\Patrik\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Patrik\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Yandex
c:\program files (x86)\Yandex\YandexBarIE\accelerators\search.ico
c:\program files (x86)\Yandex\YandexBarIE\accelerators\search.xml
c:\program files (x86)\Yandex\YandexBarIE\Apache Licence, version 2.0.rtf
c:\program files (x86)\Yandex\YandexBarIE\bar.ico
c:\program files (x86)\Yandex\YandexBarIE\branding.zip
c:\program files (x86)\Yandex\YandexBarIE\default.xml
c:\program files (x86)\Yandex\YandexBarIE\facebook_ff_1.0_13.zip
c:\program files (x86)\Yandex\YandexBarIE\facebook_ie_2_12.zip
c:\program files (x86)\Yandex\YandexBarIE\fastdial.dll
c:\program files (x86)\Yandex\YandexBarIE\games_cs_ie_1_7.zip
c:\program files (x86)\Yandex\YandexBarIE\gmail3_wwt_1.zip
c:\program files (x86)\Yandex\YandexBarIE\license.rtf
c:\program files (x86)\Yandex\YandexBarIE\news_cs_ff_1_8.zip
c:\program files (x86)\Yandex\YandexBarIE\news_cs_ie_1_7.zip
c:\program files (x86)\Yandex\YandexBarIE\quotes_7.zip
c:\program files (x86)\Yandex\YandexBarIE\radio_ff_1_15.zip
c:\program files (x86)\Yandex\YandexBarIE\radio_ie_2_4.zip
c:\program files (x86)\Yandex\YandexBarIE\seznam_ff_1_11.zip
c:\program files (x86)\Yandex\YandexBarIE\seznam_ie_1_9.zip
c:\program files (x86)\Yandex\YandexBarIE\seznamrank_ff_1_8.zip
c:\program files (x86)\Yandex\YandexBarIE\seznamrank_ie_1_9.zip
c:\program files (x86)\Yandex\YandexBarIE\soc_ff_1_11.zip
c:\program files (x86)\Yandex\YandexBarIE\soc_ie_1_11.zip
c:\program files (x86)\Yandex\YandexBarIE\translator_ie_1_11.zip
c:\program files (x86)\Yandex\YandexBarIE\twitter_ff_1_13.zip
c:\program files (x86)\Yandex\YandexBarIE\twitter_ie_1_14.zip
c:\program files (x86)\Yandex\YandexBarIE\video_cs_ie_1_4.zip
c:\program files (x86)\Yandex\YandexBarIE\yndbar.dll
c:\program files (x86)\Yandex\YandexBarIE\yndhelper.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-08-10 do 2012-09-10 )))))))))))))))))))))))))))))))
.
.
2012-09-10 18:27 . 2012-09-10 18:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-09 19:02 . 2012-09-09 19:17 -------- d-----w- C:\rsit
2012-09-09 19:02 . 2012-09-09 19:17 -------- d-----w- c:\program files (x86)\trend micro
2012-09-08 13:56 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3D9148B9-2793-44AB-910A-8A8C4C227EF0}\mpengine.dll
2012-09-05 16:50 . 2011-08-23 19:57 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2012-09-05 16:50 . 2011-08-23 19:57 565352 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2012-08-30 11:27 . 2012-08-30 11:27 -------- d-----w- c:\windows\system32\appmgmt
2012-08-27 17:48 . 2012-08-27 17:48 -------- d-----w- c:\program files (x86)\Common Files\Pinnacle
2012-08-27 17:48 . 2012-08-27 17:48 -------- d-----w- c:\users\Patrik\AppData\Local\Downloaded Installations
2012-08-27 17:48 . 2012-08-27 17:58 -------- d-----w- c:\users\Patrik\AppData\Local\Pinnacle
2012-08-27 17:47 . 2012-08-27 17:47 -------- d-----w- c:\programdata\Pinnacle Studio Ultimate Collection
2012-08-27 17:46 . 2012-08-27 17:46 -------- d-----w- c:\programdata\Studio 15
2012-08-27 17:46 . 2012-08-27 17:46 -------- d-----w- c:\programdata\Pinnacle Studio Plus
2012-08-27 17:46 . 2012-08-27 17:46 -------- d-----w- c:\program files (x86)\Pinnacle
2012-08-27 17:46 . 2012-08-27 17:46 -------- d-----w- c:\program files (x86)\Common Files\Yahoo!
2012-08-27 17:46 . 2012-08-27 17:46 -------- d-----w- c:\program files (x86)\Common Files\Pegasus Imaging
2012-08-27 17:45 . 2012-08-27 17:47 -------- d-----w- c:\programdata\Pinnacle
2012-08-20 12:45 . 2012-08-20 12:45 -------- d-----w- c:\windows\SysWow64\xlive
2012-08-20 12:45 . 2012-08-20 12:45 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-23 12:16 . 2012-04-02 17:48 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-23 12:16 . 2011-12-29 19:27 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-16 02:54 . 2011-12-30 16:01 62134624 ----a-w- c:\windows\system32\MRT.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-09-09_20.54.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-11-21 03:09 . 2012-09-10 05:23 36006 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-09-10 05:23 35674 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2011-12-29 14:08 . 2012-09-09 11:23 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-12-29 14:08 . 2012-09-10 08:49 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-12-29 14:08 . 2012-09-09 11:23 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-12-29 14:08 . 2012-09-10 08:49 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-09-10 08:49 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-09-09 11:23 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-12-29 14:24 . 2012-09-09 20:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-12-29 14:24 . 2012-09-10 18:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-12-29 14:24 . 2012-09-09 20:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-12-29 14:24 . 2012-09-10 18:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-12-29 14:17 . 2012-09-10 05:23 4498 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3871889294-1052466465-1512472879-1000_UserData.bin
- 2012-09-09 20:54 . 2012-09-09 20:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-09-10 18:28 . 2012-09-10 18:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 02:36 . 2012-09-10 05:27 616032 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-09-09 16:52 616032 c:\windows\system32\perfh009.dat
+ 2011-04-12 08:34 . 2012-09-10 05:27 631276 c:\windows\system32\perfh005.dat
- 2011-04-12 08:34 . 2012-09-09 16:52 631276 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2012-09-10 05:27 106412 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-09-09 16:52 106412 c:\windows\system32\perfc009.dat
- 2011-04-12 08:34 . 2012-09-09 16:52 121930 c:\windows\system32\perfc005.dat
+ 2011-04-12 08:34 . 2012-09-10 05:27 121930 c:\windows\system32\perfc005.dat
- 2009-07-14 05:01 . 2012-09-09 20:53 278888 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-09-10 18:28 278888 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-12-30 16:03 . 2012-09-10 18:28 1718360 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3871889294-1052466465-1512472879-1000-8192.dat
- 2011-12-30 16:03 . 2012-09-09 20:53 1718360 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3871889294-1052466465-1512472879-1000-8192.dat
+ 2012-04-27 16:10 . 2012-09-10 18:28 1641012 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3871889294-1052466465-1512472879-1000-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-08-04 1353080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-30 98304]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"SteelSeries World of Warcraft Cataclysm MMO Gaming Mouse"="c:\program files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMHID2.exe" [2011-08-18 1993216]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
JVExec.lnk - c:\program files (x86)\VOX\JamVOX\JVExec.exe [2012-4-24 1325656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-27 136176]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-23 250568]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-27 136176]
R3 JamVOXUSBAudioSrv;CEntrance USB Audio Driver Service for JamVOX;c:\windows\system32\drivers\jamvox.sys [2011-12-14 131912]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 34816]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-30 1255736]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2011-03-04 78976]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2011-03-04 38528]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-15 27760]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-30 279616]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-09-29 203264]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-09-29 7883264]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-09-29 285696]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-02-24 126952]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-02-24 389608]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-08-16 116240]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
S3 SSMO3v2Filter;MMO3v2 Mouse;c:\windows\system32\drivers\MO3v2Driver.sys [2010-12-17 23040]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-12-16 47232]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-09-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 12:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.babylon.com/?affID=111814&babsrc=HP_ss&mntrId=2046a89300000000000014dae94deea3
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{91397D20-1446-11D4-8AF4-0040CA1127B6} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
.
**************************************************************************
.
Celkový čas: 2012-09-10 20:29:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-09-10 18:29
ComboFix2.txt 2012-09-09 21:10
ComboFix3.txt 2012-09-09 20:55
.
Před spuštěním: 6 399 692 800
Po spuštění: 6 330 171 392
.
- - End Of File - - 641AC8464F9362766FB8BB3CB39F9337

#7 Příspěvek od **Rudy** » 10 zář 2012 20:05

Smazáno, log již vypadá OK. Nasatala nějaká změna?

Herryck · #8 Příspěvek od **Herryck** » 10 zář 2012 20:26

stále mi to občas píše: Vypršel časový limit žádosti když si pingnu seznam.

#9 Příspěvek od **Rudy** » 10 zář 2012 20:54

Herryck píše:stále mi to občas píše: Vypršel časový limit žádosti když si pingnu seznam.

To vypadá na problém samotného připojení. Zkuste¨:

1. Startmenu>přík. řádek>(napsat) netsh winsock reset>Enter. Restart PC.
2. Restartujte modem, příp. další síť prvek v datové cestě.

Pokud to nepomuže, informujte o problému providera.

Herryck · #10 Příspěvek od **Herryck** » 10 zář 2012 21:06

Zadal jsem ten příkaz a restartoval PC, nic se nezměnilo. Tak jsem zkusil restartovat modem a bohužel beze změny

Herryck · #11 Příspěvek od **Herryck** » 10 zář 2012 21:20

Zkoušel jsem zapojit můj PC místo bráchovýho, kterýmu to jde v pohodě a nic. Taky jsem PC vezl ke kámošoj a když jsme ho zapojily tak mě to odpojování netu nedělalo tak často jako doma ale přeci jen to občas udělalo. Síťová karta by to nemohla být ?

#12 Příspěvek od **Rudy** » 10 zář 2012 21:39

Zkuste přeinstalovat ovladač síť. karty.

Herryck · #13 Příspěvek od **Herryck** » 11 zář 2012 19:06

přeinstalace ovladačů síť. karty nepomohla

#14 Příspěvek od **Rudy** » 11 zář 2012 19:52

Opatřte si nějakou síť. kartu do slotu, nechte ji načíst systémem a zkuste se připojit.

Herryck · #15 Příspěvek od **Herryck** » 13 zář 2012 16:56

Zdravim, tak jsem zkusil jinou síťovou kartu (přez usb, na wifi) a stále to háže to samé: Vypršel časový limit

VIRY.CZ

Odpojuje se mi internet

Odpojuje se mi internet

Re: Odpojuje se mi internet

Re: Odpojuje se mi internet

Re: Odpojuje se mi internet

Re: Odpojuje se mi internet

Re: Odpojuje se mi internet

Re: Odpojuje se mi internet

Re: Odpojuje se mi internet

Re: Odpojuje se mi internet

Re: Odpojuje se mi internet

Re: Odpojuje se mi internet

Re: Odpojuje se mi internet

Re: Odpojuje se mi internet

Re: Odpojuje se mi internet

Re: Odpojuje se mi internet