VIRY.CZ

Dobrý den,

ráda bych poprosila o pomoc. Zhruba asi před 4 dny mi přestala najednou fungovat Opera, nešla otevřít žádná stránka, protože jsem neměla čas to řešit používala jsem ted tři dny IE, který teda fungoval normálně až na občas vyskakující okna s reklamou (nedělo se to příliš často a nepřikládala jsem tomu tedy význam). Dnes jsem Operu odinstalovala a opětovně nainstalovala, hned na začátku to ukázalo problém s proxy serverem, který jsem podle návodu vyřešila ale od té doby bojuju s vyskakujícími okny Bestadbid. Nainstovala jsem AdBlock plus, ale nepomohlo to. Projela jsem PC Eset scannerem, nic to nenašlo. Přede dnem jsem udělala kompletní scan systému Avirou a taky nic.Nevím, kde by se mi do PC mohlo něco natáhnout, nic jsem v uplynulých dnech nestahovala a ani nebyla na jiných než obvyklých stránkách. Můžete mi prosím někdo poradit? (scan systému dodám, jen prosím o radu zda RSIT nebo FRST).
Předem moc děkuju.

Zdravim

Dejte treba RSIT

Zdá se, že program zamrzl. Dala jsem spustit vytvoření logu (podle návodu má vytvoření zabrat jen několik vteřin), ale po několika minutách stále nedokončeno.
Když jsem dala vyhledat log přes :C:\rsit\log.txt vyskočilo pouze toto:

Logfile of random's system information tool 1.09 (written by random/random)
Run by xxx at 2014-02-24 18:58:07
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 333 GB (70%) free of 477 GB
Total RAM: 4076 MB (42% free)

Spustila jste ho jako spravce? Klik na nej pravym mysidlem a levym na napis Spustit jako spravce.

Jestli nepujde, tak zkuste FRST.

Pokud by ani ten nesel, tak zkuste oba jeste v nouzovem rezimu.

Ne. Tak v tom byla ta chyba. (Prosím o shovívavost, jsem skutečně absolutní laik

)

Logfile of random's system information tool 1.09 (written by random/random)
Run by natalka at 2014-02-24 19:16:17
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 333 GB (70%) free of 477 GB
Total RAM: 4076 MB (40% free)

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 26866928
\??\C:\Windows\system32\conhost.exe "-861306231-81336349-1292056787-831905855-786540654-1450606436908139980283080457
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
C:\Users\natalka\AppData\Local\PirritSuggestor\PirritService.exe
"C:\Program Files (x86)\Pirrit\AutoUpdater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"C:\Users\natalka\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000006bc
"C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe" --ran-launcher /crash-reporter-parent-id=3300
"C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe" --type=gpu-process --channel="3300.0.47186083\37484051" --crash-reporter-pid=3316 --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,13,23,28 --gpu-vendor-id=0x10de --gpu-device-id=0x1050 --gpu-driver-vendor=NVIDIA --gpu-driver-version=8.17.12.6800 --crash-reporter-pid=3316 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --crash-reporter-pid=3316 --channel="3300.3.1871705767\2084177643" /prefetch:673131151
"C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --crash-reporter-pid=3316 --channel="3300.10.1591861170\875174442" /prefetch:673131151
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
C:/Users/natalka/AppData/Local/PirritSuggestor\PirritDesktop.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
{E3B05218-3E1E-450D-9A94-4885C29241F7}
{04A4BC58-DE59-4BEE-98E3-FFD84BDC1FC5}
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\WinRST\WinRST.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll" --lang=cs --channel="3300.15.1305569617\739542249" --crash-reporter-pid=3316 /prefetch:-390060480
"C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --extension-process --disable-client-side-phishing-detection --crash-reporter-pid=3316 --channel="3300.42.1050173831\1592598475" /prefetch:673131151
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4476 CREDAT:275457 /prefetch:2
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4476 CREDAT:1651810 /prefetch:2
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4476 CREDAT:3027989 /prefetch:2
"C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --crash-reporter-pid=3316 --channel="3300.66.31719088\292533953" /prefetch:673131151
"C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --crash-reporter-pid=3316 --channel="3300.71.591979271\159990157" /prefetch:673131151
"C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --crash-reporter-pid=3316 --channel="3300.73.123479377\1288706850" /prefetch:673131151
"C:\Program Files\trend micro\natalka.exe" /silentautolog
taskeng.exe {1FACAB51-2851-4E83-BE27-9120327ED11E}
"C:\Program Files (x86)\Opera\19.0.1326.63\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=cs --enable-threaded-compositing --enable-deadline-scheduling --disable-client-side-phishing-detection --crash-reporter-pid=3316 --channel="3300.75.1757902546\222248603" /prefetch:673131151
"C:\Users\natalka\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-12-15 256080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-15 194128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d40c654d-7c51-4eb3-95b2-1e23905c2a2d}]
IEExtension.Extension - C:\Windows\system32\mscoree.dll [2010-11-21 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-12-15 256080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-15 194128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-04-22 39408]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-12-18 684600]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2012-01-19 1106512]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-04-18 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-10-23 152392]

C:\Users\natalka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\natalka\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-02-24 18:58:09 ----D---- C:\Program Files\trend micro
2014-02-24 18:58:07 ----D---- C:\rsit
2014-02-24 07:23:11 ----D---- C:\Users\natalka\AppData\Roaming\Opera Software
2014-02-23 06:40:32 ----D---- C:\Program Files (x86)\WinRST
2014-02-14 08:02:09 ----SHD---- C:\Config.Msi
2014-02-14 08:00:26 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-02-14 08:00:26 ----A---- C:\Windows\system32\vbscript.dll
2014-02-14 07:59:30 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-02-14 07:59:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-02-14 07:59:30 ----A---- C:\Windows\system32\msrating.dll
2014-02-14 07:59:30 ----A---- C:\Windows\system32\ieui.dll
2014-02-14 07:59:29 ----A---- C:\Windows\system32\iernonce.dll
2014-02-14 07:59:29 ----A---- C:\Windows\system32\ie4uinit.exe
2014-02-14 07:59:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-02-14 07:59:28 ----A---- C:\Windows\system32\jsproxy.dll
2014-02-14 07:59:28 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 07:59:27 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-02-14 07:59:27 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-02-14 07:59:27 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-02-14 07:59:27 ----A---- C:\Windows\system32\msfeeds.dll
2014-02-14 07:59:27 ----A---- C:\Windows\system32\ieUnatt.exe
2014-02-14 07:59:26 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-02-14 07:59:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-02-14 07:59:26 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-02-14 07:59:26 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-02-14 07:59:26 ----A---- C:\Windows\system32\mshtml.dll
2014-02-14 07:59:26 ----A---- C:\Windows\system32\jscript9diag.dll
2014-02-14 07:59:26 ----A---- C:\Windows\system32\iesetup.dll
2014-02-14 07:59:26 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-02-14 07:59:26 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-02-14 07:59:25 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-02-14 07:59:25 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-02-14 07:59:25 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-02-14 07:59:25 ----A---- C:\Windows\system32\wininet.dll
2014-02-14 07:59:25 ----A---- C:\Windows\system32\urlmon.dll
2014-02-14 07:59:25 ----A---- C:\Windows\system32\iertutil.dll
2014-02-14 07:59:25 ----A---- C:\Windows\system32\ieapfltr.dll
2014-02-14 07:59:24 ----A---- C:\Windows\system32\ieframe.dll
2014-02-14 07:59:23 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-02-14 07:59:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-02-14 07:59:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-02-14 07:59:21 ----A---- C:\Windows\system32\jscript9.dll
2014-02-13 06:53:28 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-02-13 06:53:28 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-02-13 06:53:28 ----A---- C:\Windows\system32\msxml3r.dll
2014-02-13 06:53:28 ----A---- C:\Windows\system32\msxml3.dll
2014-02-13 06:53:03 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-02-13 06:53:03 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-02-13 06:53:03 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-02-13 06:53:03 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-02-13 06:53:03 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-02-13 06:53:03 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-02-13 06:53:03 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-02-13 06:53:03 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-02-13 06:53:03 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-02-13 06:53:03 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 06:53:03 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-02-13 06:53:03 ----A---- C:\Windows\system32\secproc_isv.dll
2014-02-13 06:53:03 ----A---- C:\Windows\system32\secproc.dll
2014-02-13 06:53:03 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 06:53:03 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 06:53:03 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-02-13 06:53:03 ----A---- C:\Windows\system32\RMActivate.exe
2014-02-13 06:53:03 ----A---- C:\Windows\system32\msdrm.dll
2014-02-13 06:52:58 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-02-13 06:52:58 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-02-13 06:52:58 ----A---- C:\Windows\system32\d3d10warp.dll
2014-02-13 06:52:58 ----A---- C:\Windows\system32\d2d1.dll
2014-02-04 18:55:57 ----D---- C:\Users\natalka\AppData\Roaming\Pirrit
2014-02-04 18:55:50 ----D---- C:\Users\natalka\AppData\Roaming\Mozilla
2014-02-04 18:55:50 ----D---- C:\Program Files (x86)\Pirrit
2014-02-04 18:51:09 ----A---- C:\Program Files\Pazera_Free_MP4_to_AVI_Converter.exe

======List of files/folders modified in the last 1 month======

2014-02-24 19:16:23 ----D---- C:\Windows\Temp
2014-02-24 19:07:49 ----D---- C:\Windows\Prefetch
2014-02-24 18:58:09 ----RD---- C:\Program Files
2014-02-24 18:17:51 ----SD---- C:\Users\natalka\AppData\Roaming\Microsoft
2014-02-24 17:02:41 ----D---- C:\Windows\system32\config
2014-02-24 16:54:27 ----D---- C:\Users\natalka\AppData\Roaming\Dropbox
2014-02-24 13:27:32 ----SHD---- C:\System Volume Information
2014-02-24 12:34:06 ----D---- C:\Users\natalka\AppData\Roaming\vlc
2014-02-24 07:23:08 ----D---- C:\Program Files (x86)\Opera
2014-02-23 06:40:32 ----RD---- C:\Program Files (x86)
2014-02-21 23:03:16 ----D---- C:\Windows\SysWOW64
2014-02-21 23:03:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-02-21 21:44:10 ----D---- C:\Windows\System32
2014-02-21 21:44:10 ----D---- C:\Windows\inf
2014-02-21 21:44:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-16 08:09:29 ----D---- C:\Windows\system32\MRT
2014-02-16 08:07:34 ----A---- C:\Windows\system32\MRT.exe
2014-02-14 19:53:27 ----D---- C:\Windows\rescache
2014-02-14 16:55:43 ----D---- C:\Windows\Microsoft.NET
2014-02-14 16:55:20 ----RSD---- C:\Windows\assembly
2014-02-14 16:41:18 ----D---- C:\Windows\winsxs
2014-02-14 16:37:54 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-02-14 16:37:54 ----D---- C:\Windows\system32\cs-CZ
2014-02-14 16:37:53 ----D---- C:\Program Files\Internet Explorer
2014-02-14 16:37:53 ----D---- C:\Program Files (x86)\Internet Explorer
2014-02-14 08:12:34 ----SHD---- C:\Windows\Installer
2014-02-14 08:12:12 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-02-14 08:05:45 ----D---- C:\Windows\system32\catroot
2014-02-14 07:59:59 ----D---- C:\Windows\system32\catroot2
2014-02-13 16:26:21 ----D---- C:\Users\natalka\AppData\Roaming\Skype
2014-02-06 23:54:16 ----D---- C:\Users\natalka\AppData\Roaming\Vso
2014-01-26 19:17:48 ----D---- C:\ProgramData\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-18 131576]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-10-01 28600]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-18 108440]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-10-08 19192]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-07-16 2350952]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\DRIVERS\b57xdbd.sys [2010-12-11 67112]
R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\DRIVERS\b57xdmp.sys [2010-12-11 19496]
R3 bScsiMSa;bScsiMSa; C:\Windows\system32\DRIVERS\bScsiMSa.sys [2010-12-10 35368]
R3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [2010-12-11 85544]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-10-31 410152]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-04-19 174184]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-11-19 440376]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-12-18 440376]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-01-19 355920]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-03-31 993896]
R2 PirritDesktop;PirritDesktop; C:\Users\natalka\AppData\Local\PirritSuggestor\PirritService.exe [2014-02-14 52568]
R2 PirritUpdater;PirritUpdater; C:\Program Files (x86)\Pirrit\AutoUpdater.exe [2014-02-14 59904]
R2 WinRST;WinRST; C:\Program Files (x86)\WinRST\WinRST.exe [2014-02-21 59904]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-10-23 641352]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-22 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21 257928]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-22 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-04-22 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-04-19 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

anne píše:(Prosím o shovívavost, jsem skutečně absolutní laik )

V klidu, to zvladnem

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a program zacne pracovat.
Pak kliknete na Clean.
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

# AdwCleaner v3.019 - Report created 24/02/2014 at 21:33:26
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : natalka - ACER
# Running from : C:\Users\natalka\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : PirritUpdater

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Pirrit
Folder Deleted : C:\Users\natalka\AppData\Local\Pirrit Suggestor
Folder Deleted : C:\Users\natalka\AppData\Roaming\Pirrit
File Deleted : C:\Users\natalka\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\suggestor@suggestor.pirrit.com.xpi

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKLM\Software\Pirrit
Key Deleted : [x64] HKLM\SOFTWARE\Pirrit

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518

-\\ Mozilla Firefox v

-\\ Google Chrome v33.0.1750.117

[ File : C:\Users\natalka\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1744 octets] - [24/02/2014 21:32:46]
AdwCleaner[S0].txt - [1697 octets] - [24/02/2014 21:33:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1757 octets] ##########

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.02.25.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
natalka :: ACER [administrátor]

Ochrana: Povolena

25.2.2014 6:32:14
MBAM-log-2014-02-25 (07-29-01).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 325102
Uplynulý čas: 55 minut, 44 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Program Files\atubecatcher-setup.exe (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.

(konec)

Nalez nechte odstranit, pak MBAM odinstalujte.

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

Nevím, co mám teď dělat. Nález jsem nechala odstranit mbma, odstranil a vyžádal si restart. Po restartu se začne spouštět Windows, ale následně naběhne jen černá obrazovka (s kurzorem). Co to znamená? Udělala jsem něco špatně? Jak to řešit?

Zkuste restartovat jeste jednou.

Ano, to zabralo, díky

. Jinak nejsem si úplně jistá, jestli došlo ke skutečnému odstranění, v okamžiku kdy jsem dala odstranit vyskočilo hlášení Aviry o přístupu do registrů a nevím, zda odstranění nezablokovalo, přestože mbam nahlásil odstranění. Po opětovném spuštění mbam je škodlivý program v karanténě. Je třeba jej odstranit raději i odsud (a vypnout aviru)? (nechci něco udělat špatně)

V karantene je neskodny a stejne, odinstalaci se smaze i karantena, takze neni co resit. Jinak ten nalez neni nic vazneho

Odinstalujte tedy MBAM a pokracujte RogueKillerem

VIRY.CZ

Bestadbid

Bestadbid

Re: Bestadbid

Re: Bestadbid

Re: Bestadbid

Re: Bestadbid

Re: Bestadbid

Re: Bestadbid

Re: Bestadbid

Re: Bestadbid

Re: Bestadbid

Re: Bestadbid

Re: Bestadbid

Re: Bestadbid

Re: Bestadbid

Re: Bestadbid