Dobrý den, prosila bych o radu,
avast (základní verze bezplatná z netu) detekoval vir, dal 4 věci do truhly, do dalším spuštění, to samé, špatně funguje net prohlížeč, samy přeskakují okna, otevírají se jiné odkazy než zadané, ukazují se divné postranní lišty a černá dolní okna.
Stáhla jsem si RSIT a projela PC, odpověď. viz příloha. Chtěla bych Vás poprosit o radu. Díky! Božena Musilová
Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2016-02-27 09:15:44
Microsoft Windows 7 Home Premium
System drive C: has 411 GB (86%) free of 477 GB
Total RAM: 2048 MB (38% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:15:52, on 27.2.2016
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\soundman.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
C:\Program Files\trend micro\Petr.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://stop-block.org/wpad.dat?2316ea8d ... db26577773
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [StatusAlerts] "C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: ihpmServer - RayDl - C:\Program Files (x86)\RayDld\ihpmServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Mgr DiscoverTreasure - Unknown owner - C:\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77\updater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8569 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\soundman.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe"
"C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\RayDld\ihpmServer.exe"
"C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\PluginContainer.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\AVAST Software\Avast\AvastUI.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77\updater.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="4948.3.1365910518\1831333979" "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4948 "\\.\pipe\gecko-crash-server-pipe.4948" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe" --proxy-stub-channel=Flash4216.57B1F3E8.30347 --host-broker-channel=Flash4216.57B1F3E8.1952 --host-pid=4216 --host-npapi-version=28 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe" --channel=4588.0080F4A4.918581283 --proxy-stub-channel=Flash4216.57B1F3E8.30347 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll" --host-npapi-version=28 --type=renderer
"C:\Users\Petr\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\a330mhd2.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\a330mhd2.default\searchplugins\
yoursearching.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-01-29 885152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-29 664184]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2006-08-02 577536]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2013-02-05 1081224]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-01-29 7021880]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2014-08-13 49904]
""= []
"StatusAlerts"=C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [2013-04-18 313656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2016-02-27 09:15:45 ----D---- C:\Program Files\trend micro
2016-02-27 09:15:44 ----D---- C:\rsit
2016-02-22 12:52:52 ----D---- C:\Program Files (x86)\RayDld
2016-02-22 12:52:42 ----D---- C:\Users\Petr\AppData\Roaming\SpringFiles
2016-02-22 12:51:53 ----D---- C:\Users\Petr\AppData\Roaming\yoursearching
2016-02-22 12:51:53 ----D---- C:\Program Files (x86)\Discover Treasure
2016-02-16 21:08:39 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-02-01 12:25:17 ----D---- C:\faktury
2016-01-29 13:54:21 ----A---- C:\Windows\system32\aswBoot.exe
2016-01-29 13:54:09 ----A---- C:\Windows\avastSS.scr
======List of files/folders modified in the last 1 month======
2016-02-27 09:15:52 ----D---- C:\Windows\Prefetch
2016-02-27 09:15:47 ----D---- C:\Windows\Temp
2016-02-27 09:15:45 ----RD---- C:\Program Files
2016-02-27 08:58:14 ----HD---- C:\ProgramData
2016-02-27 08:57:18 ----D---- C:\Windows\System32
2016-02-27 08:57:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-02-27 08:57:17 ----D---- C:\Windows\inf
2016-02-23 15:55:21 ----D---- C:\Windows\system32\config
2016-02-23 15:44:16 ----SHD---- C:\System Volume Information
2016-02-23 15:21:51 ----D---- C:\Windows\system32\GroupPolicy
2016-02-22 13:36:47 ----RD---- C:\Program Files (x86)
2016-02-22 12:51:56 ----D---- C:\Program Files (x86)\Common Files
2016-02-17 21:45:26 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-10 19:20:32 ----D---- C:\Windows\SysWOW64
2016-02-10 19:20:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-02-04 15:01:20 ----D---- C:\fleš 1
2016-02-03 18:06:05 ----SHD---- C:\Windows\Installer
2016-02-03 13:01:50 ----D---- C:\Windows\Tasks
2016-01-29 13:55:47 ----D---- C:\Windows\system32\drivers
2016-01-29 13:54:30 ----D---- C:\Windows\system32\Tasks
2016-01-29 13:54:20 ----D---- C:\Windows
2016-01-28 15:33:21 ----D---- C:\Users\Petr\AppData\Roaming\HpUpdate
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-01-29 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-01-29 273784]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-01-29 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-01-29 1065208]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-01-29 464256]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-01-29 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-01-29 97648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-01-29 155304]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\ALCWDM64.SYS [2006-08-18 3297280]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 359936]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-07-21 30264]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 238080]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-12-13 12288]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-01-29 226440]
R2 HP DS Service;HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2012-12-04 174592]
R2 ihpmServer;ihpmServer; C:\Program Files (x86)\RayDld\ihpmServer.exe [2016-02-22 275184]
R2 Update Mgr DiscoverTreasure;Update Mgr DiscoverTreasure; C:\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77\updater.exe [2016-02-27 1274080]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10 269504]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-07-21 1471352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-02-16 146888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
avast detekoval vir, dal to truhly, ale špatně funguje net
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: avast detekoval vir, dal to truhly, ale špatně funguje n
Zdravim 
Opiste mi, nebo vyfotte, co avast detekuje jako hrozbu.
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Opiste mi, nebo vyfotte, co avast detekuje jako hrozbu. Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: avast detekoval vir, dal to truhly, ale špatně funguje n
Diky za radu,
posilam zkopirovany log
# AdwCleaner v5.036 - Logfile created 27/02/2016 at 13:54:35
# Updated 22/02/2016 by Xplode
# Database : 2016-02-27.1 [Server]
# Operating system : Windows 7 Home Premium (x64)
# Username : Petr - PETR-PC
# Running from : C:\Users\Petr\Downloads\adwcleaner_5.036.exe
# Option : Scan
# Support : http://toolslib.net/forum
***** [ Services ] *****
Service Found : ihpmServer
Service Found : Update Mgr DiscoverTreasure
***** [ Folders ] *****
Folder Found : C:\Program Files (x86)\RayDld
Folder Found : C:\Program Files (x86)\Discover Treasure
Folder Found : C:\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77
Folder Found : C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77
Folder Found : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnlofbefoejamblfkfemhphgllkdgmj
Folder Found : C:\Users\Petr\AppData\Roaming\yoursearching
Folder Found : C:\Users\Petr\AppData\Roaming\SpringFiles
***** [ Files ] *****
File Found : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_opnlofbefoejamblfkfemhphgllkdgmj_0.localstorage
File Found : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\opnlofbefoejamblfkfemhphgllkdgmj
File Found : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yoursearching.com_0.localstorage
File Found : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yoursearching.com_0.localstorage-journal
File Found : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\a330mhd2.default\user.js
File Found : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\a330mhd2.default\searchplugins\yoursearching.xml
***** [ DLL ] *****
***** [ Shortcuts ] *****
Shortcut Infected : C:\Users\Public\Desktop\Google Chrome.lnk ( hxxp://www.yoursearching.com/?type=sc&ts=14561 ... xx5vm5ll3m )
Shortcut Infected : C:\Users\Public\Desktop\Mozilla Firefox.lnk ( hxxp://www.yoursearching.com/?type=sc&ts=14561 ... xx5vm5ll3m )
Shortcut Infected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk ( hxxp://www.yoursearching.com/?type=sc&ts=14561 ... xx5vm5ll3m )
Shortcut Infected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( hxxp://www.yoursearching.com/?type=sc&ts=14561 ... xx5vm5ll3m )
Shortcut Infected : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk ( "hxxp://esurf.biz/?ssid=1456141896&a=1003081&src=sh&uuid=f3a7079a-fa1b-4ed4-806e-31ae04a57bf5" )
Shortcut Infected : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( "hxxp://esurf.biz/?ssid=1456141896&a=1003081&src=sh&uuid=f3a7079a-fa1b-4ed4-806e-31ae04a57bf5" )
Shortcut Infected : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( "hxxp://esurf.biz/?ssid=1456141896&a=1003081&src=sh&uuid=f3a7079a-fa1b-4ed4-806e-31ae04a57bf5" )
Shortcut Infected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.yoursearching.com/?type=sc&ts=14561 ... xx5vm5ll3m )
Shortcut Infected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( "hxxp://esurf.biz/?ssid=1456141896&a=1003081&src=sh&uuid=f3a7079a-fa1b-4ed4-806e-31ae04a57bf5" )
Shortcut Infected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( hxxp://www.yoursearching.com/?type=sc&ts=14561 ... xx5vm5ll3m )
Shortcut Infected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk ( hxxp://www.yoursearching.com/?type=sc&ts=14561 ... xx5vm5ll3m )
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Mozilla\Extends
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [deskCutv2@gmail.com]
Key Found : HKLM\SOFTWARE\Classes\AppID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8DD92279-9B04-4C6F-A862-EF3C24603804}
Key Found : HKCU\Software\Mozilla\Extends
Key Found : HKLM\SOFTWARE\ihpmserver
Key Found : HKLM\SOFTWARE\RayDld
Key Found : HKLM\SOFTWARE\yoursearchingSoftware
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\yoursearching
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Discover Treasure
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Discover Treasure
***** [ Web browsers ] *****
[C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\a330mhd2.default\prefs.js] [Preference] Found : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\a330mhd2.default\prefs.js] [Preference] Found : user_pref("browser.search.defaultenginename", "yoursearching");
[C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\a330mhd2.default\prefs.js] [Preference] Found : user_pref("extensions.quick_start.enable_search1", false);
[C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\a330mhd2.default\prefs.js] [Preference] Found : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : yoursearching
[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Found : hxxp://www.yoursearching.com/?type=hp&ts=14561 ... xx5vm5ll3m
[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : opnlofbefoejamblfkfemhphgllkdgmj
*************************
C:\AdwCleaner\AdwCleaner[S1].txt - [6630 bytes] - [27/02/2016 13:54:35]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [6703 bytes] ##########
posilam zkopirovany log
# AdwCleaner v5.036 - Logfile created 27/02/2016 at 13:54:35
# Updated 22/02/2016 by Xplode
# Database : 2016-02-27.1 [Server]
# Operating system : Windows 7 Home Premium (x64)
# Username : Petr - PETR-PC
# Running from : C:\Users\Petr\Downloads\adwcleaner_5.036.exe
# Option : Scan
# Support : http://toolslib.net/forum
***** [ Services ] *****
Service Found : ihpmServer
Service Found : Update Mgr DiscoverTreasure
***** [ Folders ] *****
Folder Found : C:\Program Files (x86)\RayDld
Folder Found : C:\Program Files (x86)\Discover Treasure
Folder Found : C:\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77
Folder Found : C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77
Folder Found : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnlofbefoejamblfkfemhphgllkdgmj
Folder Found : C:\Users\Petr\AppData\Roaming\yoursearching
Folder Found : C:\Users\Petr\AppData\Roaming\SpringFiles
***** [ Files ] *****
File Found : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_opnlofbefoejamblfkfemhphgllkdgmj_0.localstorage
File Found : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\opnlofbefoejamblfkfemhphgllkdgmj
File Found : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yoursearching.com_0.localstorage
File Found : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yoursearching.com_0.localstorage-journal
File Found : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\a330mhd2.default\user.js
File Found : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\a330mhd2.default\searchplugins\yoursearching.xml
***** [ DLL ] *****
***** [ Shortcuts ] *****
Shortcut Infected : C:\Users\Public\Desktop\Google Chrome.lnk ( hxxp://www.yoursearching.com/?type=sc&ts=14561 ... xx5vm5ll3m )
Shortcut Infected : C:\Users\Public\Desktop\Mozilla Firefox.lnk ( hxxp://www.yoursearching.com/?type=sc&ts=14561 ... xx5vm5ll3m )
Shortcut Infected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk ( hxxp://www.yoursearching.com/?type=sc&ts=14561 ... xx5vm5ll3m )
Shortcut Infected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( hxxp://www.yoursearching.com/?type=sc&ts=14561 ... xx5vm5ll3m )
Shortcut Infected : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk ( "hxxp://esurf.biz/?ssid=1456141896&a=1003081&src=sh&uuid=f3a7079a-fa1b-4ed4-806e-31ae04a57bf5" )
Shortcut Infected : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( "hxxp://esurf.biz/?ssid=1456141896&a=1003081&src=sh&uuid=f3a7079a-fa1b-4ed4-806e-31ae04a57bf5" )
Shortcut Infected : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( "hxxp://esurf.biz/?ssid=1456141896&a=1003081&src=sh&uuid=f3a7079a-fa1b-4ed4-806e-31ae04a57bf5" )
Shortcut Infected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.yoursearching.com/?type=sc&ts=14561 ... xx5vm5ll3m )
Shortcut Infected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( "hxxp://esurf.biz/?ssid=1456141896&a=1003081&src=sh&uuid=f3a7079a-fa1b-4ed4-806e-31ae04a57bf5" )
Shortcut Infected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( hxxp://www.yoursearching.com/?type=sc&ts=14561 ... xx5vm5ll3m )
Shortcut Infected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk ( hxxp://www.yoursearching.com/?type=sc&ts=14561 ... xx5vm5ll3m )
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Mozilla\Extends
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [deskCutv2@gmail.com]
Key Found : HKLM\SOFTWARE\Classes\AppID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8DD92279-9B04-4C6F-A862-EF3C24603804}
Key Found : HKCU\Software\Mozilla\Extends
Key Found : HKLM\SOFTWARE\ihpmserver
Key Found : HKLM\SOFTWARE\RayDld
Key Found : HKLM\SOFTWARE\yoursearchingSoftware
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\yoursearching
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Discover Treasure
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Discover Treasure
***** [ Web browsers ] *****
[C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\a330mhd2.default\prefs.js] [Preference] Found : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\a330mhd2.default\prefs.js] [Preference] Found : user_pref("browser.search.defaultenginename", "yoursearching");
[C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\a330mhd2.default\prefs.js] [Preference] Found : user_pref("extensions.quick_start.enable_search1", false);
[C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\a330mhd2.default\prefs.js] [Preference] Found : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : yoursearching
[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Found : hxxp://www.yoursearching.com/?type=hp&ts=14561 ... xx5vm5ll3m
[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : opnlofbefoejamblfkfemhphgllkdgmj
*************************
C:\AdwCleaner\AdwCleaner[S1].txt - [6630 bytes] - [27/02/2016 13:54:35]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [6703 bytes] ##########
Re: avast detekoval vir, dal to truhly, ale špatně funguje n
To je spatny log. Chtel jsem log az po smazani vysledku, tohle je jen po skenu. Byly nalezy smazany? Pokud ne, zopakujte sken a nechte je i smazat Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: avast detekoval vir, dal to truhly, ale špatně funguje n
omlouvam se, posilam log az po smazani vysledku z AdwCleaner:# AdwCleaner v5.036 - Logfile created 27/02/2016 at 21:48:58
# Updated 22/02/2016 by Xplode
# Database : 2016-02-27.1 [Server]
# Operating system : Windows 7 Home Premium (x64)
# Username : Petr - PETR-PC
# Running from : C:\Users\Petr\Desktop\adwcleaner_5.036.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : ihpmServer
[-] Service Deleted : Service Mgr DiscoverTreasure
[-] Service Deleted : Update Mgr DiscoverTreasure
***** [ Folders ] *****
[#] Folder Deleted : C:\Program Files (x86)\RayDld
[#] Folder Deleted : C:\Program Files (x86)\Discover Treasure
[#] Folder Deleted : C:\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77
[#] Folder Deleted : C:\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77
[#] Folder Deleted : C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77
[#] Folder Deleted : C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77
[#] Folder Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnlofbefoejamblfkfemhphgllkdgmj
[#] Folder Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnlofbefoejamblfkfemhphgllkdgmj
[#] Folder Deleted : C:\Users\Petr\AppData\Roaming\yoursearching
[#] Folder Deleted : C:\Users\Petr\AppData\Roaming\SpringFiles
***** [ Files ] *****
[-] File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_opnlofbefoejamblfkfemhphgllkdgmj_0.localstorage
[-] File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\opnlofbefoejamblfkfemhphgllkdgmj
[-] File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_opnlofbefoejamblfkfemhphgllkdgmj_0.localstorage
[-] File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\opnlofbefoejamblfkfemhphgllkdgmj
[-] File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yoursearching.com_0.localstorage
[-] File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yoursearching.com_0.localstorage-journal
[-] File Deleted : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\a330mhd2.default\user.js
[-] File Deleted : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\a330mhd2.default\searchplugins\yoursearching.xml
***** [ DLLs ] *****
***** [ Shortcuts ] *****
[-] Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[-] Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[-] Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
[-] Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Mozilla\Extends
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [deskCutv2@gmail.com]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8DD92279-9B04-4C6F-A862-EF3C24603804}
[!] Key Not Deleted : HKCU\Software\Mozilla\Extends
[-] Key Deleted : HKLM\SOFTWARE\ihpmserver
[-] Key Deleted : HKLM\SOFTWARE\RayDld
[-] Key Deleted : HKLM\SOFTWARE\yoursearchingSoftware
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\yoursearching
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Discover Treasure
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Discover Treasure
***** [ Web browsers ] *****
[-] [C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\a330mhd2.default\prefs.js] [Preference] Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[-] [C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\a330mhd2.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaultenginename", "yoursearching");
[-] [C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\a330mhd2.default\prefs.js] [Preference] Deleted : user_pref("extensions.quick_start.enable_search1", false);
[-] [C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\a330mhd2.default\prefs.js] [Preference] Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : yoursearching
[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.yoursearching.com/?type=hp&ts=14561 ... xx5vm5ll3m
[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : opnlofbefoejamblfkfemhphgllkdgmj
[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : opnlofbefoejamblfkfemhphgllkdgmj
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [6368 bytes] - [27/02/2016 21:48:58]
C:\AdwCleaner\AdwCleaner[S1].txt - [6782 bytes] - [27/02/2016 13:54:35]
C:\AdwCleaner\AdwCleaner[S2].txt - [1161 bytes] - [27/02/2016 20:56:09]
C:\AdwCleaner\AdwCleaner[S3].txt - [7669 bytes] - [27/02/2016 21:45:35]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [6660 bytes] ##########
posilam log po kontrole MBAMMalwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 27.2.2016
Čas skenování: 21:59
Protokol: kontrola MBAM.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2016.02.27.03
Databáze rootkitů: v2016.02.27.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7
CPU: x64
Souborový systém: NTFS
Uživatel: Petr
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 439239
Uplynulý čas: 1 hod, 31 min, 47 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 1
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\DiscoverTreasure, , [664955105a3f132325d09d6c2dd628d8],
Hodnoty registru: 1
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-104878757-3034896589-1719802557-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl, http://stop-block.org/wpad.dat?2316ea8d ... db26577773, , [c2ed7beae6b343f35e38e18b3fc5ec14]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 32
PUP.Optional.YourSearching.ShrtCln, C:\Users\Petr\AppData\Local\Temp\E9ghnBcUtC.exe, , [58577ce94554c472ae0e45d85fa68e72],
PUP.Optional.Yontoo, C:\Users\Petr\AppData\Local\Temp\{2F7003FD-437E-4999-9DA1-F682913AD9F9}.dll, , [4966dc896e2b47ef7491124e8b76e917],
PUP.Optional.Yontoo, C:\Users\Petr\AppData\Local\Temp\{6505B2EA-0394-49D6-998A-8F87E02D9EE7}.dll, , [456aacb9c9d0092d2bda6cf4ab566d93],
PUP.Optional.Yontoo.Gen, C:\Users\Petr\AppData\Local\Temp\{91688EA4-6BAD-41A8-8650-2171103D56D4}.xpi, , [505f9bca4851e15588ad949b52af1fe1],
PUP.Optional.Yontoo, C:\Users\Petr\AppData\Local\Temp\{91FC5086-5083-4A93-A663-E517048997B0}.dll, , [0fa012539504be7811f44c149f62718f],
PUP.Optional.Yontoo.Gen, C:\Users\Petr\AppData\Local\Temp\{B01E90A2-524F-43B0-BE28-DFF29ECB729C}.xpi, , [357a3f26c1d857df95a06cc305fc46ba],
PUP.Optional.Yontoo.Gen, C:\Users\Petr\AppData\Local\Temp\{DDDA72D1-26F6-4D08-BB7B-C0D6B5216AB7}.xpi, , [248bc5a0a3f6c67033029699c8397c84],
PUP.Optional.Yontoo, C:\Users\Petr\AppData\Local\Temp\{EA51CFFC-2894-4D76-B6E8-3A565747383E}.dll, , [2f809fc6a7f28fa7b94c0858659c3ec2],
PUP.Optional.Yontoo, C:\Users\Petr\AppData\Local\Temp\{FB7EC6EA-F551-4587-8DF7-679A311EA4DF}.dll, , [426d97ce9ffa8caaa85d2838808121df],
RiskWare.Tool.HCK, C:\Users\Petr\Downloads\autocad 2014\crack\Crack-Win\xf-adsk32.7z, , [86294c194059102627ef58b0bc4539c7],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\4f596ec3-77fb-4fc3-82cb-691c42c71d77\updater.exe.vir, , [c0efd2930495cb6bf213550bf70a4ab6],
PUP.Optional.Elex, C:\AdwCleaner\Quarantine\C\Program Files (x86)\RayDld\ihpmServer.exe.vir, , [2689a4c1eaafe84e0ca313ae877a1fe1],
PUP.Optional.Elex, C:\AdwCleaner\Quarantine\C\Program Files (x86)\RayDld\Raydld.exe.vir, , [2c83ca9b7f1a2016149e358c03feb44c],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\PluginContainer.exe.vir, , [b3fc34316237181e24e11848db262cd4],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\12\Plugin.exe.vir, , [a70871f45e3bb0868d7866fa47bae719],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\12\resources\plugin.dll.vir, , [bef183e26c2ddb5ba85df967659c3bc5],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\2\Plugin.exe.vir, , [a10e86df07920e2810f5cc942dd4e21e],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\3\Plugin.exe.vir, , [08a7d68f9aff88aea16467f9758cb34d],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\5\Plugin.exe.vir, , [cce35b0adebbf73fbd4890d04cb53dc3],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\7\Plugin.exe.vir, , [bbf43332e3b650e615f0fb6547baa060],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\7\resources\40.0.0.dll.vir, , [4c63f66f38613cfa04014e12ac552bd5],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\7\resources\45.0.1.dll.vir, , [6f40273e3d5cd4626a9b8fd1b44dbb45],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77\plugins\8\Plugin.exe.vir, , [99160f56ebae8aac877e3a2680817090],
Trojan.Agent.W, C:\Windows\Setup\SCRIPTS\Windows7Loader.exe, , [bef1dd8878212214b1c7d5be947022de],
PUP.Optional.Yontoo, C:\Windows\Temp\_avast_\unp74506501.tmp, , [3b7483e2138685b18c79f868966b16ea],
PUP.Optional.Yontoo, C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\a330mhd2.default\extensions\{6085d9e4-7d47-40d8-a0a2-64ceb88fadda}.xpi, , [98176afbd0c9d1658f0232ce24df48b8],
PUP.Optional.Yontoo, C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage, , [ded10d58178247ef8d230df9e71cce32],
PUP.Optional.Yontoo, C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage-journal, , [436c77eea2f7f93d7e3242c4da299070],
PUP.Optional.Yontoo, C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_discovertreasure-a.akamaihd.net_0.localstorage, , [4b64f5704a4f5bdba54e28e1689b47b9],
PUP.Optional.Yontoo, C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_discovertreasure-a.akamaihd.net_0.localstorage-journal, , [555aca9bdabfd16529ca040537ccdf21],
PUP.Optional.PriceMoon, C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.pricemoon.co_0.localstorage, , [1a95b7ae1d7c5bdb1d73a7bcfb0927d9],
PUP.Optional.PriceMoon, C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.pricemoon.co_0.localstorage-journal, , [7639283d89107eb8345c6bf8996b7987],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: avast detekoval vir, dal to truhly, ale špatně funguje n
Ten system asi moc legalni nebude, co? 
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: avast detekoval vir, dal to truhly, ale špatně funguje n
to me ani nenapadlo , nejedna se o muj PC, tak to se omlouvam
, nejedna se o muj PC, tak to se omlouvamRe: avast detekoval vir, dal to truhly, ale špatně funguje n
Na to pozor, davate to pod svym jmenem, tak doporucuji tohle si vzdy u majitelu predem overit, at zbytecne nesbirate minusove body 
Je tam pouzity nelegalni aktivator, cili pravidla fora mi nedovoluji pokracovat
Hovori jasne http://forum.viry.cz/viewtopic.php?f=12&t=115512
Tak snad priste s lepsim vysledkem
Mejte se
Je tam pouzity nelegalni aktivator, cili pravidla fora mi nedovoluji pokracovat
Hovori jasne http://forum.viry.cz/viewtopic.php?f=12&t=115512
Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.
Tak snad priste s lepsim vysledkem
Mejte se
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?