Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Problém s prohlížečema

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Danny20
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 14 pro 2010 20:22

Problém s prohlížečema

#1 Příspěvek od Danny20 »

Dobrý den,

mám problém s prohlížeči IE, Mozilla. Když zapnu prohlížeč a dám nějakou stránku, tak to jakoby zamrzne a pořád se načítá stránka, která se nikdy nenačte. Na fóru jsem si přečetl, že to může být avastem. Avast jsem odinstaloval a prohlížeč jde normálně. Zkusil jsem ho nainstalovat a zase prohlížeč nešel. S Avastem jsem nikdy neměl problémy, tak bych ho rád dál využíval. Tím se vás chci zeptat jeslti to jde nějak opravit. Před týdnem jsem nainstaloval Advance systemCare, tak jestli něco důležitého nesmazal. Děkuju
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Problém s prohlížečema

#2 Příspěvek od motji »

Dobrý večer :)
Máte obnovu systému zapnutou? Pokud ano, zkuste vrátit počítač do doby, než jste nainstaloval Advanced system care. Je skutečně možné, že něco smazal.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Danny20
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 14 pro 2010 20:22

Re: Problém s prohlížečema

#3 Příspěvek od Danny20 »

motji píše:Dobrý večer :)
Máte obnovu systému zapnutou? Pokud ano, zkuste vrátit počítač do doby, než jste nainstaloval Advanced system care. Je skutečně možné, že něco smazal.
Ahoj, v obnovení systému se mi jen ukázalo, jak jsem jen reinstaloval ten Avast. Nevím jestli je víc správců na obnovu systému. Hledal jsem v Vlastnosti systému - ochrana systému - obnovení systému.

Našel jsem další věc. Nefunguje mi Windows Media Player. Na kliknutí myší vůbec nereaguje a když dám spustit písničku tak naskočí chyba.

Děkuji
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Problém s prohlížečema

#4 Příspěvek od motji »

Trochu mám obavy, zda nemáte pooškozený systém. Advanced system care moc nedoporučujeme, právě z důvodu, že maže i to co nemá.

:arrow: Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Danny20
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 14 pro 2010 20:22

Re: Problém s prohlížečema

#5 Příspěvek od Danny20 »

Tak tady to je. Mockrát děkuju.

ComboFix 10-12-16.05 - Daniel 17.12.2010 15:51:00.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.5943.4478 [GMT 1:00]
Spuštěný z: c:\users\Daniel\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-11-17 do 2010-12-17 )))))))))))))))))))))))))))))))
.

2010-12-17 14:53 . 2010-12-17 14:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-17 14:53 . 2010-12-17 14:53 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2010-12-17 08:08 . 2010-11-10 05:35 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8157730C-4BDA-4CF1-9DC8-05FDAA2019C2}\mpengine.dll
2010-12-15 17:27 . 2010-12-15 17:27 -------- d-----w- c:\users\Daniel\AppData\Local\4A Games
2010-12-15 16:36 . 2010-09-07 15:54 472656 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2010-12-13 20:51 . 2010-12-14 21:08 -------- d-----w- c:\users\Daniel\AppData\Local\FullTiltPoker.NET
2010-12-13 20:51 . 2010-12-14 21:15 -------- d-----w- c:\program files (x86)\Full Tilt Poker.Net
2010-12-13 19:45 . 2010-12-13 19:45 -------- d-----w- c:\programdata\IObit
2010-12-13 15:18 . 2010-12-13 15:18 1 ----a-w- c:\windows\SysWow64\SI.bin
2010-12-13 14:30 . 2010-12-14 14:28 -------- d-----w- c:\program files (x86)\IObit
2010-12-13 14:20 . 2010-12-14 14:28 -------- d-----w- c:\users\Daniel\AppData\Roaming\IObit
2010-12-06 16:22 . 2010-12-06 16:22 -------- d-----w- c:\users\Daniel\AppData\Local\Activision
2010-12-02 19:54 . 2010-12-02 19:54 -------- d-----w- c:\program files\Autodesk
2010-12-02 15:30 . 2010-12-02 19:55 -------- d-----w- c:\program files (x86)\Common Files\Autodesk Shared
2010-12-01 22:57 . 2010-12-01 22:58 -------- d-----w- c:\users\Daniel\AppData\Roaming\Zoner
2010-12-01 22:57 . 2010-12-01 22:57 -------- d-----w- c:\users\Daniel\AppData\Local\Zoner
2010-12-01 22:55 . 2010-12-01 22:55 -------- d-----w- c:\program files\Zoner
2010-11-29 20:09 . 2010-12-02 15:34 -------- d-----w- c:\programdata\FLEXnet
2010-11-29 20:03 . 2010-11-29 20:03 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2010-11-29 20:02 . 2010-12-02 20:23 -------- d-----w- c:\users\Daniel\AppData\Roaming\Autodesk
2010-11-29 20:02 . 2010-12-02 20:23 -------- d-----w- c:\programdata\Autodesk
2010-11-29 20:02 . 2010-12-02 19:58 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-11-29 20:02 . 2010-12-02 15:30 -------- d-----w- c:\users\Daniel\AppData\Local\Autodesk
2010-11-29 20:01 . 2008-03-05 14:56 1860120 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2010-11-29 20:01 . 2008-03-05 14:56 1420824 ----a-w- c:\windows\SysWow64\D3DCompiler_37.dll
2010-11-29 20:01 . 2008-02-05 22:07 462864 ----a-w- c:\windows\SysWow64\d3dx10_37.dll
2010-11-29 20:01 . 2008-02-05 22:07 529424 ----a-w- c:\windows\system32\d3dx10_37.dll
2010-11-29 20:01 . 2008-03-05 14:56 4910088 ----a-w- c:\windows\system32\D3DX9_37.dll
2010-11-29 20:01 . 2008-03-05 14:56 3786760 ----a-w- c:\windows\SysWow64\D3DX9_37.dll
2010-11-29 19:47 . 2010-12-02 15:14 -------- d-----w- C:\Autodesk
2010-11-29 17:46 . 2010-11-29 17:46 -------- d-----w- c:\program files (x86)\uTorrent
2010-11-29 17:38 . 2010-12-15 22:16 -------- d-----w- c:\users\Daniel\AppData\Roaming\uTorrent
2010-11-26 17:04 . 2010-11-26 17:04 -------- d-----w- c:\program files (x86)\Ask.com
2010-11-26 17:04 . 2010-11-26 17:04 -------- d-----w- c:\program files (x86)\The KMPlayer
2010-11-24 06:35 . 2010-10-19 08:47 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-24 06:35 . 2010-10-19 08:10 7680 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-25 17:41 . 2010-10-25 17:41 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2010-10-25 17:41 . 2010-10-25 17:41 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2010-10-25 17:41 . 2010-10-25 17:41 122968 ----a-w- c:\windows\system32\OpenAL32.dll
2010-10-25 17:41 . 2010-10-25 17:41 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2010-10-19 09:41 . 2010-10-11 20:39 270720 ------w- c:\windows\system32\MpSigStub.exe
2010-10-14 00:36 . 2010-10-14 00:36 15451288 ----a-w- c:\windows\SysWow64\xlive.dll
2010-10-14 00:36 . 2010-10-14 00:36 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2010-09-22 22:47 . 2010-09-22 22:47 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll
2010-09-22 22:32 . 2010-09-22 22:32 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-09-21 12:49 . 2010-09-21 12:49 252800 ----a-w- c:\windows\system32\LIVESSP.DLL
2010-09-21 12:03 . 2010-09-21 12:03 208768 ----a-w- c:\windows\SysWow64\LIVESSP.DLL
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 21:44 1400712 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:03 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-12-24 284696]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-02-25 1289296]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-02-01 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-25 201512]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-25 401192]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-01-13 265984]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-03 98304]
"MDS_Menu"="c:\program files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"ArcadeMovieService"="c:\program files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe" [2010-03-02 124136]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2010-3-17 704032]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-10-3 1082144]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

R1 aswSnx;aswSnx; [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-12-02 1436424]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-13 1255736]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-10-11 834544]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-03-02 202752]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-02-25 325200]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-02-03 820768]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-24 13336]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-01-07 255744]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-02-05 171040]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-03-02 6370304]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-03-02 188928]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2010-03-02 8038080]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2009-12-22 74280]

.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:06 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2010-02-05 222240]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-02-01 349552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-22 10081312]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-02-22 877600]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-02 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-02 390680]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-02 410136]
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2010-02-03 496160]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_4820tg&r=27361010k906l04c3z1j5t4501j877
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_4820tg&r=27361010k906l04c3z1j5t4501j877
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
FF - ProfilePath - c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\z3dl182e.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)


.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-12-17 15:54:32
ComboFix-quarantined-files.txt 2010-12-17 14:54
ComboFix2.txt 2010-12-17 14:38

Před spuštěním: Volných bajtů: 521 446 502 400
Po spuštění: Volných bajtů: 521 162 043 392

- - End Of File - - 104F4B089CE58ACC4E5D293431BD415D
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Problém s prohlížečema

#6 Příspěvek od motji »

Změnilo se něco?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Danny20
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 14 pro 2010 20:22

Re: Problém s prohlížečema

#7 Příspěvek od Danny20 »

Super, nainstaloval jsem Avast a prohlížeče normálně fungují. WMP už funguje taky.. :) Mockrát ti děkuji. A ještě jednu otázku, je teda dobré používat programy typu AdvanceSystem Care? Nebo nějaký jiný program? Ještě jednou mockrát děkuju. :)
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Problém s prohlížečema

#8 Příspěvek od motji »

Advanced system care jsem zkoušela asi 20minut a pak letěl z počítače :D , ani kolegové ho nedoporučují, maže příliš mnoho záznamů v registrech, a chtě nechtě prostě smaže i to co nemá :roll: .

Místo ASC doporučuji, kudy chodím :D , CCleaner :)

:arrow: Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


:arrow: Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


:arrow: Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázekzáložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

Obrázekzáložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy :arrow: ok :arrow: zavřít

Obrázek Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



:arrow: Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

:arrow: Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Danny20
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 14 pro 2010 20:22

Re: Problém s prohlížečema

#9 Příspěvek od Danny20 »

Počítač se již chová super. Myslím že se i zrychlilo zapínání. :) Na žádný problém jsem zatím nenarazil. Děkuji


Logfile of random's system information tool 1.08 (written by random/random)
Run by Daniel at 2010-12-17 18:23:09
Microsoft Windows 7 Home Premium
System drive C: has 506 GB (85%) free of 598 GB
Total RAM: 5943 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:23:16, on 17.12.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\sysWow64\SearchProtocolHost.exe
C:\Program Files\trend micro\Daniel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t4501j877
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t4501j877
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.6"
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\system32\StikyNot.exe
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Acer ODD Power Service (ODDPwrSvc) - Acer Incorporated - C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11753 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
taskeng.exe {DC6D14F4-77DE-44B1-AE1B-4B90A78C8426}
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
"C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe"
"C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2432
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Windows\System32\GfxUI.exe" /startup:silent
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Windows\system32\StikyNot.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Windows\sysWow64\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3543194260-3550948927-2630483779-10002_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3543194260-3550948927-2630483779-10002 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Users\Daniel\Downloads\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-23 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"ODDPwr"=C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [2010-02-05 222240]
"mwlDaemon"=C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [2010-02-01 349552]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-02-22 10081312]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-02-22 877600]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-03-02 166424]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-03-02 390680]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-03-02 410136]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-17 1842472]
"Acer ePower Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2010-02-03 496160]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"=C:\Windows\system32\StikyNot.exe [2009-07-14 427520]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2009-12-24 284696]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-02-25 1289296]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-02-01 337264]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2009-12-25 201512]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2009-12-25 401192]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-01-13 265984]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-03-03 98304]
"MDS_Menu"=C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"ArcadeMovieService"=C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe [2010-03-02 124136]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-03-02 268800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 290304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-12-17 18:23:09 ----D---- C:\rsit
2010-12-17 18:23:09 ----D---- C:\Program Files\trend micro
2010-12-17 18:13:37 ----D---- C:\Program Files (x86)\CCleaner
2010-12-17 18:08:58 ----SHD---- C:\$RECYCLE.BIN
2010-12-17 16:30:16 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2010-12-17 16:30:15 ----A---- C:\Windows\system32\drivers\aswSP.sys
2010-12-17 16:30:13 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2010-12-17 16:30:12 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2010-12-17 16:30:08 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2010-12-17 16:29:54 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2010-12-15 21:10:40 ----A---- C:\Windows\system32\consent.exe
2010-12-15 21:10:38 ----A---- C:\Windows\SYSWOW64\tzres.dll
2010-12-15 21:10:38 ----A---- C:\Windows\system32\tzres.dll
2010-12-15 21:10:28 ----A---- C:\Windows\system32\webio.dll
2010-12-15 21:10:27 ----A---- C:\Windows\SYSWOW64\webio.dll
2010-12-15 21:10:24 ----A---- C:\Windows\system32\taskschd.dll
2010-12-15 21:10:24 ----A---- C:\Windows\system32\taskeng.exe
2010-12-15 21:10:24 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-15 21:10:23 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-15 21:10:22 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2010-12-15 21:10:22 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2010-12-15 21:10:22 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2010-12-15 21:10:22 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-15 21:10:22 ----A---- C:\Windows\system32\schtasks.exe
2010-12-15 21:10:21 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2010-12-15 21:10:14 ----A---- C:\Windows\system32\atmfd.dll
2010-12-15 21:10:13 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2010-12-15 21:10:12 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2010-12-15 21:10:12 ----A---- C:\Windows\system32\win32k.sys
2010-12-15 21:10:12 ----A---- C:\Windows\system32\atmlib.dll
2010-12-15 21:10:07 ----D---- C:\ProgramData\Avira
2010-12-15 21:09:56 ----A---- C:\Windows\system32\mshtml.dll
2010-12-15 21:09:56 ----A---- C:\Windows\system32\iertutil.dll
2010-12-15 21:09:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-12-15 21:09:54 ----A---- C:\Windows\system32\mstime.dll
2010-12-15 21:09:54 ----A---- C:\Windows\system32\ieframe.dll
2010-12-15 21:09:53 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-12-15 21:09:51 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-12-15 21:09:51 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-12-15 21:09:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-12-15 21:09:50 ----A---- C:\Windows\system32\wininet.dll
2010-12-15 21:09:50 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-15 21:09:49 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-12-15 21:09:49 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2010-12-15 21:09:49 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-12-15 21:09:49 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-12-15 21:09:49 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2010-12-15 21:09:49 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2010-12-15 21:09:49 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-12-15 21:09:49 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-12-15 21:09:49 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-12-15 21:09:49 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-12-15 21:09:49 ----A---- C:\Windows\system32\urlmon.dll
2010-12-15 21:09:49 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-15 21:09:49 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-15 21:09:49 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-15 21:09:49 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-15 21:09:49 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-15 21:09:49 ----A---- C:\Windows\system32\ieui.dll
2010-12-15 21:09:49 ----A---- C:\Windows\system32\iepeers.dll
2010-12-15 21:09:49 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-15 17:36:01 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2010-12-13 21:51:04 ----D---- C:\Program Files (x86)\Full Tilt Poker.Net
2010-12-13 20:45:19 ----D---- C:\ProgramData\IObit
2010-12-13 15:30:27 ----D---- C:\Program Files (x86)\IObit
2010-12-13 15:20:56 ----D---- C:\Users\Daniel\AppData\Roaming\IObit
2010-12-02 20:54:41 ----D---- C:\Program Files\Autodesk
2010-12-01 23:57:48 ----D---- C:\Users\Daniel\AppData\Roaming\Zoner
2010-12-01 23:55:20 ----D---- C:\Program Files\Zoner
2010-11-29 21:09:31 ----D---- C:\ProgramData\FLEXnet
2010-11-29 21:03:35 ----D---- C:\Program Files\Common Files\Macrovision Shared
2010-11-29 21:02:28 ----D---- C:\Users\Daniel\AppData\Roaming\Autodesk
2010-11-29 21:02:28 ----D---- C:\ProgramData\Autodesk
2010-11-29 21:02:28 ----D---- C:\Program Files\Common Files\Autodesk Shared
2010-11-29 21:01:45 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2010-11-29 21:01:45 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2010-11-29 21:01:45 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-11-29 21:01:45 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-11-29 21:01:42 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2010-11-29 21:01:42 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-11-29 21:01:30 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2010-11-29 21:01:30 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-11-29 20:47:20 ----D---- C:\Autodesk
2010-11-29 18:46:15 ----D---- C:\Program Files (x86)\uTorrent
2010-11-29 18:38:40 ----D---- C:\Users\Daniel\AppData\Roaming\uTorrent
2010-11-26 18:04:00 ----D---- C:\Program Files (x86)\The KMPlayer

======List of files/folders modified in the last 1 months======

2010-12-17 18:23:15 ----D---- C:\Windows\Temp
2010-12-17 18:23:09 ----RD---- C:\Program Files
2010-12-17 18:20:33 ----D---- C:\Windows\system32\config
2010-12-17 18:19:30 ----A---- C:\Windows\SYSWOW64\log.txt
2010-12-17 18:19:22 ----D---- C:\Windows
2010-12-17 18:17:21 ----SHD---- C:\Windows\Installer
2010-12-17 18:17:20 ----RD---- C:\Program Files (x86)
2010-12-17 18:17:18 ----D---- C:\Windows\system32\Tasks
2010-12-17 18:16:54 ----SHD---- C:\System Volume Information
2010-12-17 18:14:15 ----D---- C:\Windows\debug
2010-12-17 16:30:16 ----D---- C:\Windows\system32\drivers
2010-12-17 16:29:54 ----D---- C:\Windows\SysWOW64
2010-12-17 15:53:18 ----A---- C:\Windows\system.ini
2010-12-17 15:52:08 ----D---- C:\Windows\SYSWOW64\drivers
2010-12-17 15:52:08 ----D---- C:\Windows\System32
2010-12-17 15:52:08 ----D---- C:\Windows\AppPatch
2010-12-17 15:52:07 ----D---- C:\Program Files\Common Files
2010-12-17 15:52:07 ----D---- C:\Program Files (x86)\Common Files
2010-12-17 15:37:22 ----D---- C:\Windows\Tasks
2010-12-17 15:35:30 ----D---- C:\ProgramData
2010-12-17 15:28:12 ----D---- C:\Windows\Prefetch
2010-12-17 15:08:04 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-12-16 19:19:26 ----D---- C:\Windows\rescache
2010-12-16 16:58:14 ----SD---- C:\Users\Daniel\AppData\Roaming\Microsoft
2010-12-16 13:11:56 ----D---- C:\ProgramData\boost_interprocess
2010-12-16 12:22:12 ----D---- C:\Windows\winsxs
2010-12-16 09:08:47 ----D---- C:\Windows\SYSWOW64\cs-CZ
2010-12-16 09:08:47 ----D---- C:\Windows\system32\cs-CZ
2010-12-16 09:08:46 ----D---- C:\Windows\SYSWOW64\migration
2010-12-16 09:08:46 ----D---- C:\Windows\system32\migration
2010-12-16 09:08:46 ----D---- C:\Program Files\Windows Mail
2010-12-16 09:08:46 ----D---- C:\Program Files\Internet Explorer
2010-12-16 09:08:46 ----D---- C:\Program Files (x86)\Windows Mail
2010-12-16 09:08:46 ----D---- C:\Program Files (x86)\Internet Explorer
2010-12-16 08:40:37 ----D---- C:\ProgramData\Microsoft Help
2010-12-16 08:40:11 ----D---- C:\Windows\system32\catroot
2010-12-16 08:37:28 ----A---- C:\Windows\system32\MRT.exe
2010-12-16 08:37:21 ----D---- C:\Program Files (x86)\Microsoft Works
2010-12-15 21:09:27 ----D---- C:\Windows\system32\catroot2
2010-12-15 18:15:17 ----D---- C:\Program Files (x86)\Games
2010-12-14 19:57:17 ----D---- C:\Windows\inf
2010-12-14 19:57:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-13 16:55:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-12-13 15:49:02 ----D---- C:\ProgramData\Blizzard Entertainment
2010-12-10 13:36:24 ----D---- C:\Windows\system32\NDF
2010-12-02 20:57:03 ----RSD---- C:\Windows\assembly
2010-12-02 20:57:03 ----D---- C:\Windows\Microsoft.NET
2010-12-02 20:55:13 ----RSD---- C:\Windows\Fonts
2010-12-02 20:54:55 ----D---- C:\Windows\Downloaded Program Files
2010-12-02 16:30:01 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-12-02 16:09:22 ----D---- C:\Windows\Help
2010-11-29 21:17:47 ----D---- C:\Program Files\Windows Sidebar
2010-11-29 21:17:46 ----D---- C:\Program Files\Windows Photo Viewer
2010-11-29 21:17:46 ----D---- C:\Program Files\Windows Media Player
2010-11-29 21:17:46 ----D---- C:\Program Files\Windows Journal
2010-11-29 21:17:46 ----D---- C:\Program Files\Windows Defender
2010-11-29 21:17:46 ----D---- C:\Program Files\Common Files\System
2010-11-29 21:17:46 ----D---- C:\Program Files (x86)\Windows Sidebar
2010-11-29 21:17:45 ----D---- C:\Windows\SYSWOW64\winrm
2010-11-29 21:17:45 ----D---- C:\Windows\SYSWOW64\slmgr
2010-11-29 21:17:45 ----D---- C:\Windows\SYSWOW64\sk-SK
2010-11-29 21:17:45 ----D---- C:\Windows\SYSWOW64\migwiz
2010-11-29 21:17:45 ----D---- C:\Windows\SYSWOW64\en
2010-11-29 21:17:45 ----D---- C:\Windows\servicing
2010-11-29 21:17:45 ----D---- C:\Windows\ehome
2010-11-29 21:17:45 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2010-11-29 21:17:45 ----D---- C:\Program Files (x86)\Windows Media Player
2010-11-29 21:17:45 ----D---- C:\Program Files (x86)\Windows Defender
2010-11-29 21:17:42 ----D---- C:\Windows\SYSWOW64\en-US
2010-11-29 21:17:42 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2010-11-29 21:17:36 ----D---- C:\Windows\SYSWOW64\WCN
2010-11-29 21:17:36 ----D---- C:\Windows\SYSWOW64\DriverStore
2010-11-29 21:17:36 ----D---- C:\Windows\SYSWOW64\Dism
2010-11-29 21:17:35 ----D---- C:\Windows\SYSWOW64\wbem
2010-11-29 21:17:35 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2010-11-29 21:17:35 ----D---- C:\Windows\system32\winrm
2010-11-29 21:17:35 ----D---- C:\Windows\system32\oobe
2010-11-29 21:17:35 ----D---- C:\Windows\system32\migwiz
2010-11-29 21:17:35 ----D---- C:\Windows\PolicyDefinitions
2010-11-29 21:17:35 ----D---- C:\Windows\en-US
2010-11-29 21:17:34 ----D---- C:\Windows\system32\sysprep
2010-11-29 21:17:34 ----D---- C:\Windows\system32\slmgr
2010-11-29 21:17:34 ----D---- C:\Windows\system32\sk-SK
2010-11-29 21:17:34 ----D---- C:\Windows\system32\en
2010-11-29 21:17:34 ----D---- C:\Windows\system32\Boot
2010-11-29 21:17:29 ----D---- C:\Windows\system32\en-US
2010-11-29 21:17:25 ----D---- C:\Windows\system32\WCN
2010-11-29 21:17:25 ----D---- C:\Windows\system32\DriverStore
2010-11-29 21:17:25 ----D---- C:\Windows\system32\drivers\en-US
2010-11-29 21:17:25 ----D---- C:\Windows\system32\Dism
2010-11-29 21:17:23 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2010-11-29 21:17:01 ----D---- C:\Program Files\DVD Maker
2010-11-29 21:16:50 ----D---- C:\Windows\Speech
2010-11-29 16:32:36 ----D---- C:\Windows\Logs
2010-11-26 18:03:17 ----D---- C:\Program Files (x86)\Webteh
2010-11-26 18:03:16 ----D---- C:\Users\Daniel\AppData\Roaming\BSplayer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 538136]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-11 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 28752]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2010-09-07 472656]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 121936]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 51280]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 20048]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-02 6370304]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-02 188928]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-03-02 1593384]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-02-22 2271648]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2010-03-02 8038080]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-12-22 74280]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-05 18432]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-17 292912]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-05 16896]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 aniq9h9e;aniq9h9e; C:\Windows\system32\drivers\aniq9h9e.sys []
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-01-28 116736]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-10-02 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-08-28 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-08-28 21160]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-02 202752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-10-03 873248]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-02-25 325200]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-02-03 820768]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-24 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 262144]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-01-07 255744]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
R2 ODDPwrSvc;Acer ODD Power Service; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-02-05 171040]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [2010-02-03 244904]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-12-02 1436424]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-13 1255736]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Problém s prohlížečema

#10 Příspěvek od motji »

:arrow: Otevřete si Poznámkový blok a zkopírujte do něj text

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-
-uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek,
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.


Pokud nejsou problémy, je to vše.
Hezký víkend :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Danny20
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 14 pro 2010 20:22

Re: Problém s prohlížečema

#11 Příspěvek od Danny20 »

Vše hotovo. Ještě jednou mockrát děkuji a přeji krásné svátky.
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Problém s prohlížečema

#12 Příspěvek od motji »

Není zač, také hezké svátky :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“