istartsurf

Zpráva

Trixl · #1 Příspěvek od **Trixl** » 12 srp 2014 13:14

Zdravím, manžel na novém pc někde nachytal tohoto hajzla. Jdu si k vám o pomoc s odvirováním. Předem děkuji.

Log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-08-2014 01
Ran by User (administrator) on PC-DOMA on 12-08-2014 13:40:57
Running from C:\Users\User\Desktop
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneNss.exe
(Microsoft Corporation) C:\Program Files\Zune\WMZuneComm.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneWlanCfgSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
() C:\Program Files (x86)\SupTab\HpUI.exe
() C:\Program Files (x86)\SupTab\Loader32.exe
() C:\Program Files (x86)\SupTab\Loader64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Promethean Technologies Group Ltd) C:\Program Files\Activ Software\ActivDriver\ActivControl2x64.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
() C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\Logitech\LComMgr\Communications_Helper.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\Logitech\LComMgr\LVComSX.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Logitech\QuickCam10\QuickCam10.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\QuickCam10\COCIManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Somoto) C:\Users\User\AppData\Local\FilesFrog Update Checker\update_checker.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
() C:\Program Files (x86)\trolatunt\updatetrolatunt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Program Files (x86)\trolatunt\bin\utiltrolatunt.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(APN LLC.) C:\Users\User\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe
(APN LLC.) C:\Users\User\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe
() C:\Program Files (x86)\Opera\23.0.1522.72\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.72\opera.exe
(forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13423688 2013-02-26] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [ActivControl] => C:\Program Files\Activ Software\ActivDriver\ActivControl2x64.exe [1233704 2010-03-23] (Promethean Technologies Group Ltd)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [LogitechCommunicationsManager] => C:\Program Files (x86)\Common Files\Logitech\LComMgr\Communications_Helper.exe [497200 2006-06-26] (Logitech Inc.)
HKLM-x32\...\Run: [LVCOMSX] => C:\Program Files (x86)\Common Files\Logitech\LComMgr\LVComSX.exe [243248 2006-06-26] (Logitech Inc.)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files (x86)\Logitech\QuickCam10\QuickCam10.exe [614960 2006-06-26] ()
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-01] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-07-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1957784 2014-08-01] (APN)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
HKU\S-1-5-21-1922288985-3080455679-864892862-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-1922288985-3080455679-864892862-1001\...\Run: [] => [X]
HKU\S-1-5-21-1922288985-3080455679-864892862-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia)
HKU\S-1-5-21-1922288985-3080455679-864892862-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6564120 2014-07-02] (SUPERAntiSpyware)
HKU\S-1-5-21-1922288985-3080455679-864892862-1001\...\MountPoints2: {3a932d57-aab0-11e3-824b-806e6f6e6963} - "E:\ZESetup.exe"
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1 ... 0320029345
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1 ... 0320029345
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1 ... 0320029345
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1 ... 0320029345
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1 ... 0320029345
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1 ... 0320029345
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
URLSearchHook: HKLM-x32 - SiteFinder - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files (x86)\SiteFinder\SiteFinder.dll (Site Finder)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... 0320029345
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTe ... 2&tsp=5201
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: trolatunt -> {59bc35cc-f3cb-4e2b-a21d-481d781207af} -> C:\Program Files (x86)\trolatunt\trolatuntbho.dll No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - SiteFinder - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files (x86)\SiteFinder\SiteFinder.dll (Site Finder)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.24.2.1 10.0.0.1

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cfabr8fw.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: https://accounts.google.com/ServiceLogi ... ail/&hl=cs
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cfabr8fw.default\searchplugins\ask-search.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cfabr8fw.default\searchplugins\buenosearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Fast Start - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cfabr8fw.default\Extensions\faststartff@gmail.com [2014-08-06]
FF Extension: Site Finder - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cfabr8fw.default\Extensions\sitefinder@sitefinder.com [2014-03-29]
FF Extension: KMP Media Toolbar - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cfabr8fw.default\Extensions\toolbar_KMPV7c@apn.ask.com.xpi [2014-03-27]
FF Extension: trolatunt - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cfabr8fw.default\Extensions\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}.xpi [2014-08-06]
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cfabr8fw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-16]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cfabr8fw.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.istartsurf.com/?type=sc&ts=1 ... 0320029345

Chrome:
=======
CHR HomePage: hxxp://www.istartsurf.com/?type=hp&ts=14073394 ... 0320029345
CHR StartupUrls: "hxxp://www.istartsurf.com/?type=hp&ts=14073394 ... 0320029345"
CHR NewTab: "chrome-extension://pelmeidfhdlhlbjimpabfcbnnojbboma/index.html"
CHR DefaultSearchKeyword: istartsurf
CHR DefaultNewTabURL:
CHR Extension: (Dokumenty Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-13]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-13]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-13]
CHR Extension: (Vyhledávání Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-13]
CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-14]
CHR Extension: (Skype Click to Call) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-23]
CHR Extension: (Peněženka Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-13]
CHR Extension: (Quick start) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-08-06]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-13]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-11] (SUPERAntiSpyware.com)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-30] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1021520 2014-07-30] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [165784 2014-06-14] (APN LLC.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-01] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-01] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-01] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2139328 2014-05-27] (Comodo Security Solutions, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [694784 2014-08-06] (Cherished Technololgy LIMITED) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)
S2 LVSrvLauncher; C:\Program Files (x86)\Common Files\Logitech\SrvLnch\SrvLnch.exe [91696 2006-06-26] (Logitech Inc.)
R2 Update trolatunt; C:\Program Files (x86)\trolatunt\updatetrolatunt.exe [323360 2014-08-12] ()
R2 Util trolatunt; C:\Program Files (x86)\trolatunt\bin\utiltrolatunt.exe [323360 2014-08-12] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ActivHidSerMini; C:\Windows\System32\drivers\activhidsermini.sys [65152 2009-05-05] (Promethean Technologies Ltd)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21584 2013-02-19] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-09-24] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-01] (BlueStack Systems)
R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-07-21] (LogMeIn Inc.)
R3 prmvmouse; C:\Windows\System32\drivers\activmouse.sys [8152 2009-10-05] (Promethean Technologies Ltd)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [21584 2013-05-06] ()
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-12 13:40 - 2014-08-12 13:41 - 00027217 _____ () C:\Users\User\Desktop\FRST.txt
2014-08-12 13:37 - 2014-08-12 13:35 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
2014-08-12 13:34 - 2014-08-12 13:40 - 00000000 ____D () C:\FRST
2014-08-12 13:33 - 2014-08-12 13:32 - 02099712 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-08-12 13:16 - 2014-08-12 13:16 - 00003140 _____ () C:\Windows\System32\Tasks\{46E8C067-4CC6-4B34-9F13-8F078A90D47D}
2014-08-11 16:09 - 2014-08-11 22:17 - 00000000 ____D () C:\Users\User\Desktop\video
2014-08-09 18:42 - 2014-08-09 18:42 - 00280736 _____ () C:\Windows\Minidump\080914-17312-01.dmp
2014-08-09 18:41 - 2014-08-09 18:41 - 00000000 _____ () C:\Users\User\AppData\Local\{55A9AD33-5C96-4223-AAF6-03942F483DBC}
2014-08-06 17:39 - 2014-08-06 17:39 - 00003242 _____ () C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart
2014-08-06 17:39 - 2014-08-06 17:39 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
2014-08-06 17:39 - 2014-08-06 17:39 - 00000000 ____D () C:\Users\User\AppData\Local\FilesFrog Update Checker
2014-08-06 17:39 - 2014-08-06 17:39 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-06 17:39 - 2014-08-06 17:39 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-08-06 17:39 - 2014-08-06 17:39 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-08-06 17:38 - 2014-08-12 13:14 - 00000000 ____D () C:\Users\User\AppData\Roaming\istartsurf
2014-08-06 17:36 - 2014-08-09 14:47 - 00000000 ____D () C:\Program Files (x86)\trolatunt
2014-08-06 17:36 - 2014-08-06 18:41 - 00000000 ____D () C:\Users\User\AppData\Local\CatalinaGroup
2014-08-06 17:36 - 2014-08-06 17:36 - 00118254 _____ () C:\Windows\unins000.dat
2014-08-06 17:36 - 2014-08-06 17:35 - 00718497 _____ () C:\Windows\unins000.exe
2014-08-05 12:03 - 2014-08-05 12:03 - 00280736 _____ () C:\Windows\Minidump\080514-17390-01.dmp
2014-07-28 17:06 - 2013-06-01 06:32 - 00694784 _____ (AnjoCaido) C:\Users\User\Desktop\MinecraftSP.exe
2014-07-26 08:47 - 2014-07-26 08:47 - 00280736 _____ () C:\Windows\Minidump\072614-17406-01.dmp
2014-07-25 08:04 - 2014-07-25 08:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-25 08:04 - 2014-07-25 08:04 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-25 08:03 - 2014-08-09 18:42 - 446060514 _____ () C:\Windows\MEMORY.DMP
2014-07-25 08:03 - 2014-07-25 08:03 - 00280736 _____ () C:\Windows\Minidump\072514-17046-01.dmp
2014-07-24 07:35 - 2014-07-24 07:35 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-21 18:08 - 2014-07-21 18:08 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-07-21 07:23 - 2014-07-21 07:23 - 00280680 _____ () C:\Windows\Minidump\072114-17671-01.dmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-12 13:41 - 2014-08-12 13:40 - 00027217 _____ () C:\Users\User\Desktop\FRST.txt
2014-08-12 13:40 - 2014-08-12 13:34 - 00000000 ____D () C:\FRST
2014-08-12 13:40 - 2014-03-13 15:30 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{4C6D52C8-5349-4374-9EBF-60F50FD82937}
2014-08-12 13:35 - 2014-08-12 13:37 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
2014-08-12 13:34 - 2014-03-23 20:52 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2014-08-12 13:33 - 2014-03-13 15:07 - 01201759 _____ () C:\Windows\WindowsUpdate.log
2014-08-12 13:32 - 2014-08-12 13:33 - 02099712 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-08-12 13:29 - 2014-03-13 15:16 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1922288985-3080455679-864892862-1001
2014-08-12 13:24 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-08-12 13:16 - 2014-08-12 13:16 - 00003140 _____ () C:\Windows\System32\Tasks\{46E8C067-4CC6-4B34-9F13-8F078A90D47D}
2014-08-12 13:14 - 2014-08-06 17:38 - 00000000 ____D () C:\Users\User\AppData\Roaming\istartsurf
2014-08-12 13:11 - 2014-03-23 13:35 - 00000000 ____D () C:\Users\User\AppData\Local\Paint.NET
2014-08-12 13:11 - 2014-03-13 16:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\ClassicShell
2014-08-12 13:07 - 2014-03-21 16:05 - 00000000 ____D () C:\Users\User\AppData\Roaming\.minecraft
2014-08-12 13:05 - 2014-03-13 16:44 - 00000964 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-12 13:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-08-12 12:55 - 2014-03-13 15:14 - 01749406 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-12 12:55 - 2013-08-23 00:08 - 00739720 _____ () C:\Windows\system32\perfh005.dat
2014-08-12 12:55 - 2013-08-23 00:08 - 00151940 _____ () C:\Windows\system32\perfc005.dat
2014-08-12 12:54 - 2013-08-22 16:46 - 00042166 _____ () C:\Windows\setupact.log
2014-08-12 10:34 - 2014-06-14 16:44 - 00000000 ____D () C:\Users\User\AppData\Local\LogMeIn Hamachi
2014-08-12 10:34 - 2014-03-13 16:44 - 00002377 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-12 10:34 - 2014-03-13 16:44 - 00000960 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-11 22:17 - 2014-08-11 16:09 - 00000000 ____D () C:\Users\User\Desktop\video
2014-08-10 22:08 - 2014-03-24 21:47 - 00000000 ____D () C:\Users\User\AppData\Roaming\Audacity
2014-08-09 19:23 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-08-09 19:07 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-09 18:42 - 2014-08-09 18:42 - 00280736 _____ () C:\Windows\Minidump\080914-17312-01.dmp
2014-08-09 18:42 - 2014-07-25 08:03 - 446060514 _____ () C:\Windows\MEMORY.DMP
2014-08-09 18:42 - 2014-06-17 20:38 - 00000000 ____D () C:\Windows\Minidump
2014-08-09 18:41 - 2014-08-09 18:41 - 00000000 _____ () C:\Users\User\AppData\Local\{55A9AD33-5C96-4223-AAF6-03942F483DBC}
2014-08-09 14:53 - 2014-04-02 17:47 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2014-08-09 14:47 - 2014-08-06 17:36 - 00000000 ____D () C:\Program Files (x86)\trolatunt
2014-08-09 14:47 - 2014-03-13 15:06 - 00144052 _____ () C:\Windows\PFRO.log
2014-08-09 14:47 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-08-09 14:37 - 2013-08-22 15:25 - 00000278 _____ () C:\Windows\win.ini
2014-08-07 11:36 - 2014-03-23 20:52 - 00000000 ____D () C:\ProgramData\Skype
2014-08-06 18:41 - 2014-08-06 17:36 - 00000000 ____D () C:\Users\User\AppData\Local\CatalinaGroup
2014-08-06 17:39 - 2014-08-06 17:39 - 00003242 _____ () C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart
2014-08-06 17:39 - 2014-08-06 17:39 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
2014-08-06 17:39 - 2014-08-06 17:39 - 00000000 ____D () C:\Users\User\AppData\Local\FilesFrog Update Checker
2014-08-06 17:39 - 2014-08-06 17:39 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-06 17:39 - 2014-08-06 17:39 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-08-06 17:39 - 2014-08-06 17:39 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-08-06 17:37 - 2014-03-20 15:26 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-06 17:37 - 2014-03-20 15:26 - 00001333 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-06 17:37 - 2014-03-13 15:11 - 00001608 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-06 17:36 - 2014-08-06 17:36 - 00118254 _____ () C:\Windows\unins000.dat
2014-08-06 17:35 - 2014-08-06 17:36 - 00718497 _____ () C:\Windows\unins000.exe
2014-08-06 16:56 - 2014-06-03 16:54 - 00003826 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1396102601
2014-08-06 16:56 - 2014-03-29 16:16 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-08-05 12:03 - 2014-08-05 12:03 - 00280736 _____ () C:\Windows\Minidump\080514-17390-01.dmp
2014-08-04 17:23 - 2014-03-20 21:21 - 00000000 ____D () C:\Program Files\World of Warcraft
2014-08-03 10:44 - 2014-06-07 17:34 - 00000000 ____D () C:\The KMPlayer
2014-08-01 13:24 - 2014-03-29 18:09 - 00627712 ___SH () C:\Users\User\Desktop\Thumbs.db
2014-07-31 15:57 - 2014-03-23 20:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-26 08:47 - 2014-07-26 08:47 - 00280736 _____ () C:\Windows\Minidump\072614-17406-01.dmp
2014-07-25 08:04 - 2014-07-25 08:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-25 08:04 - 2014-07-25 08:04 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-25 08:03 - 2014-07-25 08:03 - 00280736 _____ () C:\Windows\Minidump\072514-17046-01.dmp
2014-07-24 21:44 - 2014-03-20 15:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-24 07:35 - 2014-07-24 07:35 - 00004489 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-24 07:35 - 2014-03-13 16:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-24 07:35 - 2014-03-13 16:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-23 22:50 - 2014-03-20 15:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-23 08:19 - 2014-04-09 20:59 - 00000900 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MinecraftSP.lnk
2014-07-21 18:08 - 2014-07-21 18:08 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-07-21 07:23 - 2014-07-21 07:23 - 00280680 _____ () C:\Windows\Minidump\072114-17671-01.dmp
2014-07-15 09:03 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache

Files to move or delete:
====================
C:\Users\User\xobglu16.dll
C:\Users\User\xobglu32.dll

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\APNSetup.exe
C:\Users\User\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\bdcam_0.dll
C:\Users\User\AppData\Local\Temp\bdfilters.dll
C:\Users\User\AppData\Local\Temp\BuenoSearchTB.exe
C:\Users\User\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\User\AppData\Local\Temp\i4jdel0.exe
C:\Users\User\AppData\Local\Temp\i4jdel1.exe
C:\Users\User\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.9-R0.2-1-ga6e0bfd-b3095jnks.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.4-R2.0-b2918jnks.dll
C:\Users\User\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\User\AppData\Local\Temp\npp.6.6.3.Installer.exe
C:\Users\User\AppData\Local\Temp\Offercast_AVIRAV7_.exe
C:\Users\User\AppData\Local\Temp\ose00000.exe
C:\Users\User\AppData\Local\Temp\PIPInstaller_PTV_.exe
C:\Users\User\AppData\Local\Temp\RDtemp.exe
C:\Users\User\AppData\Local\Temp\SimilarBundleGenericDl.exe
C:\Users\User\AppData\Local\Temp\trolatuntSetup.exe
C:\Users\User\AppData\Local\Temp\UNT4F0D.tmp.exe
C:\Users\User\AppData\Local\Temp\UNT4F0E.tmp.exe
C:\Users\User\AppData\Local\Temp\UNT4F0F.tmp.exe
C:\Users\User\AppData\Local\Temp\UNT4F10.tmp.exe
C:\Users\User\AppData\Local\Temp\UNT4F11.tmp.exe
C:\Users\User\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\User\AppData\Local\Temp\xmlUpdater.exe
C:\Users\User\AppData\Local\Temp\_is62F8.exe
C:\Users\User\AppData\Local\Temp\_isEFCB.exe
C:\Users\User\AppData\Local\Temp\~678D.exe
C:\Users\User\AppData\Local\Temp\~8533.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-08-09 22:04

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:118.9 GB) (Free:32.79 GB) NTFS
Drive d: (Data) (Fixed) (Total:465.76 GB) (Free:373.37 GB) NTFS
Drive e: (ZOO EMPIRE CZ) (CDROM) (Total:0.54 GB) (Free:0 GB) CDFS
Drive f: (FLASH16) (Removable) (Total:15.09 GB) (Free:5.41 GB) FAT32

Available physical RAM: 2257.65 MB
Total physical RAM: 4038.31 MB
Percentage of memory in use: 44%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: CB709CCC)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: F181D239)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
Disk: 2 (MBR Code: Windows XP) (Size: 15 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\User\Desktop" je 2944 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Trixl · #2 Příspěvek od **Trixl** » 12 srp 2014 13:31

Ještě mám poddotaz co s tím ale souvisí, bohužel. Nejsem žádný specialista, jen běžný uživatel.
Jak donutit chlapa, aby neignoroval hlášky antiviráku? Že vyskakují informační okýnka ho obtěžuje a nečte to

a zavirování pc svádí na puberťáka

Existuje něco placeného spolehlivě samostatně fungujícího z kategorie pro blondýny?

#3 Příspěvek od **Márty84** » 12 srp 2014 14:56

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Trixl píše:Jak donutit chlapa, aby neignoroval hlášky antiviráku?

Dokud neprijde o neco duleziteho, asi se nepouci

Druha moznost je poradna rana do hlavy

Trixl píše:Existuje něco placeného spolehlivě samostatně fungujícího z kategorie pro blondýny?

Pokud zamerne hlasky ignoruje, asi vam nepomuze nic

Zadny program neni 100%

Trixl · #4 Příspěvek od **Trixl** » 12 srp 2014 15:27

# AdwCleaner v3.304 - Report created 12/08/2014 at 16:23:58
# Updated 08/08/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : User - PC-DOMA
# Running from : C:\Users\User\Desktop\adwcleaner_3.304.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : IePluginServices
[#] Service Deleted : Update trolatunt
[#] Service Deleted : Util trolatunt
[#] Service Deleted : AppleChargerSrv

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Program Files (x86)\trolatunt
Folder Deleted : C:\Users\User\AppData\Local\FilesFrog Update Checker
Folder Deleted : C:\Users\User\AppData\Roaming\SimilarSites
Folder Deleted : C:\Users\User\AppData\Roaming\Solvusoft
Folder Deleted : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cfabr8fw.default\Extensions\faststartff@gmail.com
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cfabr8fw.default\Extensions\sitefinder@sitefinder.com
Folder Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
File Deleted : C:\Users\Public\Desktop\simplicheck.lnk
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Windows\System32\AppleChargerSrv.exe
File Deleted : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cfabr8fw.default\invalidprefs.js
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cfabr8fw.default\searchplugins\ask-search.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cfabr8fw.default\searchplugins\buenosearch.xml
File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.buenosearch.com_0.localstorage
File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.buenosearch.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : SomotoUpdateCheckerAutoStart

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{59bc35cc-f3cb-4e2b-a21d-481d781207af}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D36C200-0855-4AEF-9004-51647E95F0BB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{e153ae67-d58a-406d-a93d-c353d665c7d5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59bc35cc-f3cb-4e2b-a21d-481d781207af}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59bc35cc-f3cb-4e2b-a21d-481d781207af}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{59bc35cc-f3cb-4e2b-a21d-481d781207af}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D36C200-0855-4AEF-9004-51647E95F0BB}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\trolatunt
Key Deleted : HKLM\Software\simplitec
Key Deleted : HKLM\Software\Solvusoft
Key Deleted : HKLM\Software\SupDp
Key Deleted : HKLM\Software\SupTab
Key Deleted : HKLM\Software\supWindowsMangerProtect
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\Software\trolatunt
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\trolatunt

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v31.0 (x86 cs)

[ File : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cfabr8fw.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "istartsurf");
Line Deleted : user_pref("browser.search.selectedEngine", "istartsurf");
Line Deleted : user_pref("extensions.buenosearch.admin", false);
Line Deleted : user_pref("extensions.buenosearch.aflt", "babsst");
Line Deleted : user_pref("extensions.buenosearch.appId", "{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}");
Line Deleted : user_pref("extensions.buenosearch.autoRvrt", "false");
Line Deleted : user_pref("extensions.buenosearch.dfltLng", "en");
Line Deleted : user_pref("extensions.buenosearch.excTlbr", false);
Line Deleted : user_pref("extensions.buenosearch.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.buenosearch.id", "ba2bb45d00000000000094de80bc11a9");
Line Deleted : user_pref("extensions.buenosearch.instlDay", "16158");
Line Deleted : user_pref("extensions.buenosearch.instlRef", "sst");
Line Deleted : user_pref("extensions.buenosearch.newTab", false);
Line Deleted : user_pref("extensions.buenosearch.prdct", "buenosearch");
Line Deleted : user_pref("extensions.buenosearch.prtnrId", "buenosearch");
Line Deleted : user_pref("extensions.buenosearch.rvrt", "false");
Line Deleted : user_pref("extensions.buenosearch.smplGrp", "none");
Line Deleted : user_pref("extensions.buenosearch.tb_url", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 2&tsp=5201");
Line Deleted : user_pref("extensions.buenosearch.tlbrId", "base");
Line Deleted : user_pref("extensions.buenosearch.tlbrSrchUrl", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 2&tsp=5201");
Line Deleted : user_pref("extensions.buenosearch.vrsn", "1.8.28.7");
Line Deleted : user_pref("extensions.buenosearch.vrsnTs", "1.8.28.713:08:07");
Line Deleted : user_pref("extensions.buenosearch.vrsni", "1.8.28.7");

-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Startup_urls] : hxxp://www.istartsurf.com/?type=hp&ts=14073394 ... 0320029345
Deleted [Homepage] : hxxp://www.istartsurf.com/?type=hp&ts=14073394 ... 0320029345
Deleted [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma

*************************

AdwCleaner[R0].txt - [12796 octets] - [12/08/2014 16:22:51]
AdwCleaner[S0].txt - [10357 octets] - [12/08/2014 16:23:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10418 octets] ##########

Tak snad je ten hnusák pryč

chlapovo a klukovo oblíbené prohlížeče naběhly normálně.

#5 Příspěvek od **Márty84** » 12 srp 2014 17:25

Bude to chtit docistit, jinak to bude za chvili zpatky

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Trixl · #6 Příspěvek od **Trixl** » 12 srp 2014 18:53

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12. 8. 2014
Scan Time: 19:01:04
Logfile: mbm.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.12.09
Rootkit Database: v2014.08.04.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: User

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 307426
Time Elapsed: 6 min, 13 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 14
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}, , [e3d6695c97e4979fbd6854179171b44c],
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{CCC7B14F-1D8C-11E3-B2AD-F3EF3D58318D}, , [e3d6695c97e4979fbd6854179171b44c],
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3050F3EE-98B5-11CF-BB82-00AA00BDCE0B}, , [e3d6695c97e4979fbd6854179171b44c],
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{CCC7B150-1D8C-11E3-B2AD-F3EF3D58318D}, , [e3d6695c97e4979fbd6854179171b44c],
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3050F3EE-98B5-11CF-BB82-00AA00BDCE0B}, , [e3d6695c97e4979fbd6854179171b44c],
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{CCC7B150-1D8C-11E3-B2AD-F3EF3D58318D}, , [e3d6695c97e4979fbd6854179171b44c],
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{CCC7B14F-1D8C-11E3-B2AD-F3EF3D58318D}, , [e3d6695c97e4979fbd6854179171b44c],
PUP.Optional.SiteFinder.A, HKU\S-1-5-21-1922288985-3080455679-864892862-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}, , [e3d6695c97e4979fbd6854179171b44c],
PUP.Optional.SiteFinder.A, HKU\S-1-5-21-1922288985-3080455679-864892862-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}, , [e3d6695c97e4979fbd6854179171b44c],
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\EXPLORER BARS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}, , [e3d6695c97e4979fbd6854179171b44c],
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SiteFinder, , [dddcb60fa2d9c96d79d4bf3aa75b7090],
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, , [2099b114f08b2c0aa6dd3d9c55ad39c7],
PUP.Optional.Trolatunt.A, HKLM\SOFTWARE\WOW6432NODE\trolatunt, , [e3d65075394256e09e9fbc3d2ed4728e],
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\istartsurf uninstall, , [aa0f5273fc7f6dc9647fd203ec16db25],

Registry Values: 5
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}, Site Finder Toolbar, , [e3d6695c97e4979fbd6854179171b44c]
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}, , [e3d6695c97e4979fbd6854179171b44c],
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}, , [6b4e14b193e8ad897fa6c4a760a2a759],
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}, , [4079c3025e1d70c6091c83e807fb9e62],
PUP.Optional.FastStart.A, HKU\S-1-5-21-1922288985-3080455679-864892862-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, , [d2e7755062191a1cee56974cf012dc24]

Registry Data: 0
(No malicious items detected)

Folders: 6
PUP.Optional.SiteFinder.A, C:\Program Files (x86)\SiteFinder, , [dddcb60fa2d9c96d79d4bf3aa75b7090],
PUP.Optional.QuickStart.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma, , [a415d9ecaccf4ee85be26952dd256898],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\code, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\log, , [aa0f5273fc7f6dc9647fd203ec16db25],

Files: 43
PUP.Optional.SiteFinder.A, C:\Program Files (x86)\SiteFinder\SiteFinder.dll, , [e3d6695c97e4979fbd6854179171b44c],
PUP.Optional.Spigot.A, C:\Users\User\AppData\Local\Temp\PIPInstaller_PTV_.exe, , [99205e6717647db98814c06f34cd6c94],
PUP.Optional.SimilarSites.A, C:\Users\User\AppData\Local\Temp\SimilarBundleGenericDl.exe, , [7841bc0985f6c0761751d964b8480af6],
PUP.Optional.Trolotunt.A, C:\Users\User\AppData\Local\Temp\trolatuntSetup.exe, , [4574ab1a6714a096e86d09afd43044bc],
PUP.Optional.Somoto, C:\Users\User\AppData\Local\Temp\UpdateCheckerSetup.exe, , [4673e3e298e3fa3c7b9d111679879c64],
PUP.Optional.IStartSurf.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml, , [dcdde3e2c5b63ef8318751895fa3a35d],
PUP.Optional.SiteFinder.A, C:\Program Files (x86)\SiteFinder\ToolbarData.ini, , [dddcb60fa2d9c96d79d4bf3aa75b7090],
PUP.Optional.SiteFinder.A, C:\Program Files (x86)\SiteFinder\btn.ico, , [dddcb60fa2d9c96d79d4bf3aa75b7090],
PUP.Optional.SiteFinder.A, C:\Program Files (x86)\SiteFinder\hotbtn.ico, , [dddcb60fa2d9c96d79d4bf3aa75b7090],
PUP.Optional.SiteFinder.A, C:\Program Files (x86)\SiteFinder\SiteFinder_new.dll, , [dddcb60fa2d9c96d79d4bf3aa75b7090],
PUP.Optional.SiteFinder.A, C:\Program Files (x86)\SiteFinder\sitefinder_uninstaller.exe, , [dddcb60fa2d9c96d79d4bf3aa75b7090],
PUP.Optional.QuickStart.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage, , [902914b1de9db185982fbc80d92b966a],
PUP.Optional.QuickStart.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage-journal, , [6a4fc500601b1c1addea0b31b74dc937],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\247.json, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\MessageBox.xml, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\uninstallDlg2.xml, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\UninstallManager.exe, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\bg.png, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\bg1.png, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\bk_shadow.png, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\button.png, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\button1.png, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\checkbox.png, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\checkbox_select.png, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\checked.png, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\close.png, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\loading_bg.png, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\loading_light.png, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\min.png, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\scrollbar.bmp, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\Thumbs.db, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\unchecked.png, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\code\code1.jpg, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\code\code2.jpg, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\code\code3.jpg, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\code\code4.jpg, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\code\code5.jpg, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\code\code6.jpg, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\images\code\Thumbs.db, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\log\UninstallManager_2014-08-12[13-14-56-328].log, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\log\UninstallManager_2014-08-12[13-15-26-328].log, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.IStartSurf.A, C:\Users\User\AppData\Roaming\istartsurf\log\UninstallManager_2014-08-12[13-16-26-716].log, , [aa0f5273fc7f6dc9647fd203ec16db25],
PUP.Optional.QuickStart.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cfabr8fw.default\prefs.js, Good: (), Bad: (user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");), ,[0eab4283dc9f6bcb310e41bb10f442be]

Physical Sectors: 0
(No malicious items detected)

(end)

#7 Příspěvek od **Márty84** » 13 srp 2014 01:32

Vsechny nalezy hodte do karanteny. Po odstraneni a restrtu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup

Trixl · #8 Příspěvek od **Trixl** » 13 srp 2014 02:43

Tak snad už ok? Takhle v noci ani nevím jestli jsem všechno dělala jak jsem měla. Pc naběhl, nic blbého nezahkásil, tak snad ...

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 13. 8. 2014
Scan Time: 3:33:03
Logfile: vysledek.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.12.12
Rootkit Database: v2014.08.04.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: User

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 307079
Time Elapsed: 5 min, 33 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

#9 Příspěvek od **Márty84** » 13 srp 2014 14:04

No OK to sice je, ale bohuzel jste nenastavila test podle navodu, takze nprohlizel cely pc. Chtelo by to radeji jeste jeden test, ale tentokrat se spravnym nastavenim.

Trixl · #10 Příspěvek od **Trixl** » 14 srp 2014 13:14

Tak mám problém. Nešlo to spustit, tak jsem mbam odinstalovala a nejde naistalovat, hází to chybové hlášky, sice nainstaluje,ale nespouští se to.

#11 Příspěvek od **Márty84** » 14 srp 2014 17:13

Pouzijte tento odinstalator http://www.malwarebytes.org/mbam-clean.exe a pak to zkuste nainstalovat znovu.

Trixl · #12 Příspěvek od **Trixl** » 14 srp 2014 22:46

Díky to skutečně zabralo, snad jsem to udělala správně. No a našel něco.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 14. 8. 2014
Scan Time: 23:10:23
Logfile: mbam2.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.14.10
Rootkit Database: v2014.08.04.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: User

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 513766
Time Elapsed: 30 min, 58 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 20
PUP.Optional.IEPluginService.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\RSHP.exe.vir, , [4f33765082f9cb6b23e9175dba47a55b],
PUP.Optional.ELEX, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir, , [7909d7ef1566a49276130d9d689929d7],
PUP.Optional.SupTab.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir, , [95edf3d3f289a59185eec273dd238e72],
PUP.Optional.Trolatunt.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\trolatunt\updatetrolatunt.exe.vir, , [730f705692e982b47f411678f011f60a],
PUP.Optional.Trolatunt.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\trolatunt\bin\utiltrolatunt.exe.vir, , [750d477fcbb0c86e0bb57618e120a957],
PUP.Optional.Sanbreel.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\trolatunt\bin\plugins\trolatunt.BrowserAdapterS.dll.vir, , [d8aaf9cd037878be675c048cb8498b75],
PUP.Optional.Sanbreel.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\trolatunt\bin\plugins\trolatunt.PurBrowseG.dll.vir, , [a8da85412853a88e60980e7308f9fa06],
PUP.Optional.ELEX, C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir, , [7012c9fd97e441f5f198d4d6d62bdb25],
PUP.Optional.Somoto, C:\AdwCleaner\Quarantine\C\Users\User\AppData\Local\FilesFrog Update Checker\uninstall.exe.vir, , [d1b14a7c4d2e65d1a87281a6e91760a0],
Trojan.Dropper, C:\Program Files\World of Warcraft\Interface.20081113-175154\AddOns\ventrilo-2.1.4-Windows-i386.exe, , [612113b3de9d90a6651ad90b5aa7fc04],
Trojan.Dropper, C:\Program Files\World of Warcraft\Interface.20081113-175154\AddOns\ventrilo2.1.4.zip, , [6b1707bf0279d0666b143ba9ee13738d],
PUP.Optional.Spigot.A, C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE\PTHZ0QVC\Offercast2802_PTV_[1].exe, , [354db80e7902ca6c8e55eb4441c0ea16],
PUP.Optional.SiteFinder.A, C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE\PTHZ0QVC\sitefinder_installer[1].exe, , [750d31958cef37ffbab1ef4e817f1de3],
PUP.Optional.Softonic.A, D:\Stazene soubory\SoftonicDownloader_for_amcap.exe, , [c6bcd9ed1665d95d8aafbd6ec53c0df3],
PUP.Optional.Softonic.A, D:\Stazene soubory\SoftonicDownloader_for_camtasia-studio.exe, , [8bf75e685c1f71c563d6101b758c43bd],
PUP.Optional.Softonic.A, D:\Stazene soubory\SoftonicDownloader_for_sony-vegas.exe, , [0a786561c4b70432e25784a70cf5ce32],
PUP.Optional.Softonic.A, D:\Stazene soubory\SoftonicDownloader_for_zune-software.exe, , [740e9234770473c398a1d2596f927c84],
PUP.Optional.FilePile, D:\Stazene soubory\SUMOTORI_DREAMS_MODS_FREE_DOWNLOAD_Downloader.exe, , [c4be01c527542115f1e2760bc14012ee],
PUP.RiskwareTool.CK.gen, D:\Stazene soubory\Euro-Truck-Simulator-2-Keygen.exe, , [42403096b9c24ee8e349828d08f951af],
PUP.Optional.ASK.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cfabr8fw.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://www.search.ask.com/?tpid=KMPV7c& ... psv=&pt=tb");), ,[334f15b10675f93d4a59dd245ca9ac54]

Physical Sectors: 0
(No malicious items detected)

(end)

#13 Příspěvek od **Márty84** » 15 srp 2014 08:03

Vsechny nalezy do karanteny a po restartu pc znovu tento test, se stejnym nastavenim. Napiste zase vysledek a podle nej se zaridime dale

Trixl · #14 Příspěvek od **Trixl** » 15 srp 2014 13:27

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 15. 8. 2014
Scan Time: 11:39:18
Logfile: mbam3.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.15.03
Rootkit Database: v2014.08.04.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: User

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 513125
Time Elapsed: 1 hr, 3 min, 46 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

#15 Příspěvek od **Márty84** » 15 srp 2014 17:17

Fajn, MBAM odinstalujte a dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe . Navod zde http://forum.viry.cz/viewtopic.php?f=13&t=130786

VIRY.CZ

istartsurf

istartsurf

Re: istartsurf

Re: istartsurf

Re: istartsurf

Re: istartsurf

Re: istartsurf

Re: istartsurf

Re: istartsurf

Re: istartsurf

Re: istartsurf

Re: istartsurf

Re: istartsurf

Re: istartsurf

Re: istartsurf

Re: istartsurf