Stahovanie updatov funguje, browsery nie

[Gr8boi]

Ahojte,

prosím o radu pri probléme s pripojením na internet. Na danom PC sú 3 používateľské účty, ale iba z jedného je možné pristupovať cez browser na web. U ostatných 2 to nejde, ale sťahovať updaty na antivir, adaware, skype funguje na všetkých 3 účtoch.
Prosím o pomoc.

[Rudy]

Máte nainstalován personální firerwall?

[Gr8boi]

Je zapnutý firewall integrovaný vo Win7.

[Rudy]

OK. Dejte log z RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 . Samozřejmě z toho, kde prohlížeče nefugují.

[Gr8boi]

Logfile of random's system information tool 1.08 (written by random/random)
Run by Oto at 2011-06-08 21:14:48
Microsoft Windows 7 Ultimate
System drive C: has 31 GB (39%) free of 78 GB
Total RAM: 1023 MB (31% free)

HijackThis download failed

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000664
\??\C:\Windows\system32\conhost.exe
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe" /TUStart /pid:1884
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-802432a0-68f0-49f1-bfba-0a1dfc32f54d -SystemEventPortName:HostProcess-9ab79b71-ced8-43a0-b3b5-56807adab289 -IoCancelEventPortName:HostProcess-9e184b45-c0d3-4ba5-b872-ba9913fd5890 -NonStateChangingEventPortName:HostProcess-c3456312-1091-4a51-b4f7-e59060c06cfb -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7f6a33e1-eeb1-442f-a1be-bdd53152b22b
C:\Windows\system32\DeviceDisplayObjectProvider.exe -Embedding
"C:\Program Files (x86)\totalcmd\TOTALCMD.EXE"
C:\Windows\system32\DXPServer.exe -Embedding
"C:\Users\Oto\AppData\Local\Temp\WPDNSE\SID-{10001,00000000000000000000000005810732,3840933888}\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-02-17 41760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2010-09-02 13351304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\1Class1]
C:\Users\Oto\AppData\Roaming\jqrim.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\3FWHZQA3LT]
C:\Users\Oto\AppData\Local\Temp\Zhl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2009-06-14 307200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\conhost]
C:\Users\Oto\AppData\Roaming\Microsoft\conhost.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kkeququjarowi]
C:\Users\Oto\AppData\Local\msocsa.dll,Startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Metropolis]
C:\Windows\system32\sshnas21.dll,GetHandle []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mssend]
C:\Users\Oto\AppData\Roaming\mssend2\svcnost.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-25 9650720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-11 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\svchost]
C:\Users\Oto\AppData\Roaming\Microsoft\conhost.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uiPGGcQmqy.exe]
C:\Users\Oto\AppData\Local\Temp\uiPGGcQmqy.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2010-08-02 281768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\Oto\AppData\Local\Temp\0.8026613188794615.exe"="C:\Users\Oto\AppData\Local\Temp\0.8026613188794615.exe:*:Enabled:ldrsoft"
"C:\Users\Oto\AppData\Local\Temp\6271821.exe"="C:\Users\Oto\AppData\Local\Temp\6271821.exe:*:Enabled:ldrsoft"
"C:\Users\Oto\AppData\Roaming\mssend2\svcnost.exe"="C:\Users\Oto\AppData\Roaming\mssend2\svcnost.exe:*:Enabled:ldrsoft"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-06-08 21:14:49 ----D---- C:\Program Files\trend micro
2011-06-08 21:14:48 ----D---- C:\rsit
2011-06-08 20:24:26 ----A---- C:\Windows\system32\drivers\SBREDrv.sys
2011-06-08 20:20:15 ----A---- C:\Windows\system32\drivers\Lbd.sys
2011-06-08 20:20:14 ----DC---- C:\Windows\system32\DRVSTORE
2011-06-08 20:19:56 ----D---- C:\Program Files (x86)\Lavasoft
2011-06-08 20:19:52 ----D---- C:\ProgramData\Lavasoft
2011-06-08 19:39:51 ----A---- C:\Windows\system32\TURegOpt.exe
2011-06-08 19:39:37 ----A---- C:\Windows\system32\uxtuneup.dll
2011-06-08 19:39:36 ----A---- C:\Windows\SYSWOW64\uxtuneup.dll
2011-06-08 19:39:36 ----A---- C:\Windows\system32\authuitu.dll
2011-06-08 19:39:33 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2011-06-08 19:38:51 ----D---- C:\Users\Oto\AppData\Roaming\TuneUp Software
2011-06-08 19:38:19 ----D---- C:\Program Files (x86)\TuneUp Utilities 2011
2011-06-08 19:36:49 ----D---- C:\ProgramData\TuneUp Software
2011-06-08 19:36:34 ----SHD---- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-05-25 09:49:51 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-05-24 09:25:57 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2011-05-24 09:25:57 ----A---- C:\Windows\system32\poqexec.exe
2011-05-11 10:38:41 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-05-11 10:38:37 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-05-11 10:38:37 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-05-11 10:38:23 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-05-11 10:38:23 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-05-11 10:38:23 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-05-11 10:38:23 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-05-11 10:38:22 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2011-05-11 10:38:22 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-05-11 10:38:22 ----A---- C:\Windows\system32\drivers\usbd.sys

======List of files/folders modified in the last 1 months======

2011-06-08 21:14:49 ----RD---- C:\Program Files
2011-06-08 21:14:46 ----D---- C:\Windows\Temp
2011-06-08 20:31:06 ----D---- C:\Windows\system32\config
2011-06-08 20:25:29 ----D---- C:\Windows\System32
2011-06-08 20:25:21 ----D---- C:\Windows\system32\Tasks
2011-06-08 20:24:26 ----D---- C:\Windows\system32\drivers
2011-06-08 20:21:17 ----SHD---- C:\System Volume Information
2011-06-08 20:20:52 ----SHD---- C:\Windows\Installer
2011-06-08 20:20:45 ----D---- C:\Windows\winsxs
2011-06-08 20:20:17 ----D---- C:\Windows\system32\catroot
2011-06-08 20:20:16 ----D---- C:\Windows\system32\catroot2
2011-06-08 20:19:56 ----RD---- C:\Program Files (x86)
2011-06-08 20:19:52 ----HD---- C:\ProgramData
2011-06-08 20:03:35 ----D---- C:\Windows\Tasks
2011-06-08 19:59:04 ----D---- C:\Windows
2011-06-08 19:58:26 ----D---- C:\Windows\Logs
2011-06-08 19:56:14 ----D---- C:\Users\Oto\AppData\Roaming\Skype
2011-06-08 19:39:36 ----D---- C:\Windows\SysWOW64
2011-06-08 19:35:49 ----D---- C:\Programy
2011-06-08 19:35:08 ----D---- C:\Windows\system32\drivers\UMDF
2011-06-08 19:31:45 ----D---- C:\Users\Oto\AppData\Roaming\skypePM
2011-06-08 16:59:52 ----D---- C:\Windows\Prefetch
2011-06-08 16:24:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-06-08 16:24:55 ----D---- C:\Windows\inf
2011-05-11 14:49:00 ----D---- C:\Windows\system32\DriverStore
2011-05-11 12:29:40 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2011-05-25 69376]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-08-02 116568]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-12-16 83120]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2009-12-11 6228480]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2009-12-11 160256]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-06-05 114192]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-25 2229664]
R3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-06-08 17152]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-11-29 11856]
R3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-11 6228480]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-11 202752]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-03-17 269480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-05-03 136360]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2007-12-18 163840]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-12 126464]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-05-25 2151128]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-12-14 2019648]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-13 1255736]

-----------------EOF-----------------

[Rudy]

Slušně zapleveleno. Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[Gr8boi]

Tá mašina je vrak, trvalo to strašne dlho...



ComboFix 11-06-08.01 - Oto . 06. 2011 22:17:31.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1051.18.1023.385 [GMT 2:00]
Running from: c:\users\Oto\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Oto\AppData\Roaming\Adobe\AdobeUpdate .exe
c:\users\Oto\AppData\Roaming\Adobe\plugs
c:\users\Oto\AppData\Roaming\Adobe\plugs\KB1855085.exe
c:\users\Oto\AppData\Roaming\avdrn.dat
c:\users\Oto\AppData\Roaming\desktop.ini
c:\users\Oto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tool
c:\windows\system\Hit.exe
c:\windows\system\tv.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-05-08 to 2011-06-08 )))))))))))))))))))))))))))))))
.
.
2011-06-08 20:24 . 2011-06-08 20:24 -------- d-----w- c:\users\Maťa a Aďa\AppData\Local\temp
2011-06-08 20:24 . 2011-06-08 20:24 -------- d-----w- c:\users\MartinusQa\AppData\Local\temp
2011-06-08 20:24 . 2011-06-08 20:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-08 20:12 . 2011-06-08 20:13 -------- d-----w- C:\32788R22FWJFW
2011-06-08 19:35 . 2011-06-08 19:42 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-06-08 19:35 . 2011-06-08 19:37 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-06-08 19:21 . 2011-06-08 19:21 -------- d-----w- c:\users\MartinusQa\AppData\Local\VirtualStore
2011-06-08 19:14 . 2011-06-08 19:14 -------- d-----w- c:\program files\trend micro
2011-06-08 19:14 . 2011-06-08 19:18 -------- d-----w- C:\rsit
2011-06-08 18:24 . 2011-06-08 18:24 49752 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-06-08 18:20 . 2011-05-25 00:00 69376 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-06-08 18:20 . 2011-06-08 18:20 -------- dc----w- c:\windows\system32\DRVSTORE
2011-06-08 18:19 . 2011-06-08 18:19 -------- d-----w- c:\program files (x86)\Lavasoft
2011-06-08 18:19 . 2011-06-08 18:20 -------- d-----w- c:\programdata\Lavasoft
2011-06-08 18:16 . 2011-06-08 18:15 10080256 ----a-w- C:\Ad-Aware90Install.msi
2011-06-08 17:39 . 2010-12-14 12:43 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-06-08 17:39 . 2010-12-14 12:39 36160 ----a-w- c:\windows\system32\uxtuneup.dll
2011-06-08 17:39 . 2010-12-14 12:39 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-06-08 17:39 . 2010-12-14 12:39 29504 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-06-08 17:39 . 2010-12-14 12:39 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-06-08 17:38 . 2011-06-08 17:38 -------- d-----w- c:\users\Oto\AppData\Roaming\TuneUp Software
2011-06-08 17:38 . 2011-06-08 17:41 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2011
2011-06-08 17:36 . 2011-06-08 17:42 -------- d-----w- c:\programdata\TuneUp Software
2011-06-08 17:36 . 2011-06-08 17:36 -------- d-sh--w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-06-07 17:48 . 2011-05-09 22:00 8718160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{79C3F55F-A47B-4047-B027-D08FE510DFE7}\mpengine.dll
2011-05-25 07:49 . 2011-04-22 20:18 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-05-24 07:25 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-24 07:25 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-11 08:38 . 2011-04-09 06:45 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-11 08:38 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-11 08:38 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-11 08:38 . 2011-03-25 03:23 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 08:38 . 2011-03-25 03:23 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 08:38 . 2011-03-25 03:23 324608 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 08:38 . 2011-03-25 03:22 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 08:38 . 2011-03-25 03:22 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-11 08:38 . 2011-03-25 03:22 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-11 08:38 . 2011-03-25 03:22 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-26 09:29 . 2011-04-26 09:29 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin
2011-03-12 12:03 . 2011-04-27 06:48 662528 ----a-w- c:\windows\system32\XpsPrint.dll
2011-03-12 11:31 . 2011-04-27 06:48 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-03-11 06:23 . 2011-04-27 06:48 187264 ----a-w- c:\windows\system32\drivers\storport.sys
2011-03-11 06:23 . 2011-04-27 06:48 1657216 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-03-11 06:23 . 2011-04-27 06:48 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-03-11 06:23 . 2011-04-27 06:48 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-03-11 06:23 . 2011-04-27 06:48 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-03-11 06:22 . 2011-04-27 06:48 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-03-11 06:22 . 2011-04-27 06:48 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-03-11 06:19 . 2011-04-14 05:18 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 06:19 . 2011-04-14 05:18 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 06:18 . 2011-04-27 06:48 2566144 ----a-w- c:\windows\system32\esent.dll
2011-03-11 06:15 . 2011-04-27 06:48 96768 ----a-w- c:\windows\system32\fsutil.exe
2011-03-11 05:40 . 2011-04-14 05:18 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-11 05:40 . 2011-04-14 05:18 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-11 05:39 . 2011-04-27 06:48 1686016 ----a-w- c:\windows\SysWow64\esent.dll
2011-03-11 05:37 . 2011-04-27 06:48 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2010-09-02 13351304]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-08-02 281768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-05-25 2151128]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-05-03 136360]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-12-14 2019648]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-11-29 11856]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - LBD
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.searchme7.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:59636
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{3B54B4B0-7FEC-4A48-8DD9-176E1F634E20}: NameServer = 192.168.1.1
FF - ProfilePath - c:\users\Oto\AppData\Roaming\Mozilla\Firefox\Profiles\gxom34gt.default\
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 59636
FF - prefs.js: network.proxy.type - 1
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-06-08 22:27:45
ComboFix-quarantined-files.txt 2011-06-08 20:27
.
Pre-Run: 31 980 400 640 bytes free
Post-Run: 32 995 049 472 bytes free
.
- - End Of File - - 22712D81F6F1F98A174B1037613F96BC

[Rudy]

Smazáno, log již vypadá čistý. Nastala nějaká změna?

[Gr8boi]

Bez zmeny, net stale nefunguje.

[Rudy]

Zkuste ze startmenu>přík. řádek (napsat) netsh int ip reset>OK. Pak restartujte PC a zkuste ty browsery.

[Gr8boi]

Vyriešené. V Control paneli, možnosti siete internet bolo v záložke pripojenia, možnosti siete LAN vypnuté automatické zistenie nastavenia. Potom som v Opere zakázal použitie proxy a vo Firefoxe bolo aktivované ručné nastavenie proxy. Po prepnutí na auto všetko funguje.
Ďakujem za Váš čas a za rady.

[Rudy]

OK. Toto, samozřejmě, browsery blokuje. Možná to tak nastavil některý z těch smazaných šmejdů. Nemáte zač!