VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o konrolu logu-minerd.exe

https://forum.viry.cz:443/viewtopic.php?t=136987

Stránka 2 z 2

Re: Prosím o konrolu logu-minerd.exe

Napsal: 24 bře 2014 22:44
od vyosek
Poprosim o novy FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Re: Prosím o konrolu logu-minerd.exe

Napsal: 25 bře 2014 08:21
od štajny
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by FERDA (administrator) on FERDA-PC on 25-03-2014 08:26:48
Running from C:\Users\FERDA\Desktop
Windows 7 Home Premium (X64) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WScript.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mncjttxSrv] - C:\Windows\inf\mncjttx.vbe [1342 2014-01-19] ()
HKU\S-1-5-21-1011155146-2800395049-3198481244-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1011155146-2800395049-3198481244-1001\...\MountPoints2: {5ccffea3-9799-11e3-8a0e-0050fca8902c} - E:\setup.exe
HKU\S-1-5-21-1011155146-2800395049-3198481244-1001\...\MountPoints2: {6308e4be-9811-11e3-af1e-806e6f6e6963} - F:\setup.exe

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\FERDA\AppData\Roaming\Mozilla\Firefox\Profiles\n05bw4ki.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014-02-16]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []

==================== Services (Whitelisted) =================

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [264360 2013-10-08] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-17] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-02-15] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-02-15] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140321.001\IDSvia64.sys [524504 2014-03-06] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140324.001\ENG64.SYS [126040 2014-02-15] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140324.001\EX64.SYS [2099288 2014-02-15] (Symantec Corporation)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )
S3 SRTSP; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-02-16] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\N360x64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-25 08:26 - 2014-03-25 08:26 - 02157056 _____ (Farbar) C:\Users\FERDA\Desktop\FRST64.exe
2014-03-25 08:23 - 2014-03-25 08:23 - 00002932 _____ () C:\Windows\System32\Tasks\{0B36C00A-6D38-4471-9F87-6B3A113946A3}
2014-03-23 22:03 - 2014-03-23 22:03 - 01285120 _____ () C:\Users\FERDA\Desktop\zoek.exe
2014-03-23 22:00 - 2014-02-13 23:59 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-23 21:57 - 2014-03-23 21:57 - 00000000 ____D () C:\Users\FERDA\AppData\Local\Microsoft Games
2014-03-23 21:47 - 2014-03-23 22:02 - 00007923 _____ () C:\zoek-results.log
2014-03-23 21:46 - 2014-03-23 21:57 - 00000000 ____D () C:\zoek_backup
2014-03-23 21:46 - 2014-03-23 21:47 - 00000000 ____D () C:\Users\FERDA\Desktop\zoek
2014-03-23 21:45 - 2014-03-23 21:45 - 04235514 _____ () C:\Users\FERDA\Desktop\zoek.rar
2014-03-23 18:36 - 2014-03-23 18:48 - 00000000 ____D () C:\Users\FERDA\Desktop\fotky
2014-03-21 11:55 - 2014-03-25 08:26 - 00010040 _____ () C:\Users\FERDA\Desktop\FRST.txt
2014-03-21 11:55 - 2014-03-25 08:26 - 00000000 ____D () C:\FRST
2014-03-21 11:55 - 2014-03-21 11:56 - 00014431 _____ () C:\Users\FERDA\Desktop\Addition.txt
2014-03-21 11:51 - 2014-03-21 11:51 - 00015327 _____ () C:\Users\FERDA\Desktop\LM.bat
2014-03-21 11:20 - 2014-03-21 11:22 - 00000000 ____D () C:\AdwCleaner
2014-03-21 11:20 - 2014-03-21 11:20 - 01950720 _____ () C:\Users\FERDA\Downloads\adwcleaner.exe
2014-03-21 08:49 - 2014-03-21 08:49 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-21 08:49 - 2014-03-21 08:49 - 00000000 ____D () C:\Users\FERDA\AppData\Roaming\Malwarebytes
2014-03-21 08:49 - 2014-03-21 08:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-21 08:49 - 2014-03-21 08:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-21 08:49 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-21 08:48 - 2014-03-21 08:48 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\FERDA\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-21 08:26 - 2014-03-25 08:19 - 00000000 ____D () C:\Program Files\trend micro
2014-03-21 08:26 - 2014-03-21 08:26 - 00935175 _____ () C:\Users\FERDA\Downloads\RSITx64.exe
2014-03-21 08:26 - 2014-03-21 08:26 - 00000000 ____D () C:\rsit
2014-03-19 23:22 - 2014-03-19 23:22 - 00733368 _____ () C:\Users\FERDA\Downloads\ccleaner-lista-centrumcz.exe
2014-03-19 23:16 - 2014-03-19 23:16 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-03-19 23:15 - 2014-03-21 08:46 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-03-19 23:15 - 2014-03-19 23:15 - 00937208 _____ (Crawler.com ) C:\Users\FERDA\Downloads\SpywareTerminatorSetup.exe
2014-03-19 23:14 - 2014-03-19 23:14 - 08003752 _____ ( ) C:\Users\FERDA\Downloads\setupfree(1).exe
2014-03-19 23:12 - 2014-03-19 23:12 - 08003752 _____ ( ) C:\Users\FERDA\Downloads\setupfree.exe
2014-03-19 22:56 - 2014-03-19 22:56 - 00000000 _____ () C:\autoexec.bat
2014-03-19 22:55 - 2014-03-20 22:10 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-03-19 22:55 - 2014-03-19 22:55 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-19 22:54 - 2014-03-19 22:54 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\FERDA\Downloads\SpyHunter-Installer.exe
2014-03-19 22:41 - 2014-03-19 22:41 - 00007605 _____ () C:\Users\FERDA\AppData\Local\Resmon.ResmonCfg
2014-03-18 22:25 - 2014-03-18 22:28 - 00206312 __RSH () C:\XELDZ
2014-03-18 22:25 - 2014-03-18 22:25 - 00000000 ____D () C:\Users\FERDA\Downloads\Windows.7.Loader.eXtreme.Edition.v3.503-NAPALUM
2014-03-18 22:24 - 2014-03-18 22:25 - 06923657 _____ () C:\Users\FERDA\Downloads\Windows.7.Loader.eXtreme.Edition.v3.503-NAPALUM.rar
2014-03-05 15:22 - 2014-03-05 15:34 - 1857513472 _____ () C:\Users\FERDA\Downloads\Letadla.avi
2014-03-05 12:27 - 2014-03-05 12:30 - 164205813 _____ (by Barbje Keller) C:\Users\FERDA\Downloads\Versme_16.exe
2014-03-05 12:16 - 2014-03-05 12:17 - 43458984 _____ () C:\Users\FERDA\Downloads\RBRSweetLamb.exe
2014-03-04 12:38 - 2014-01-26 21:38 - 00742912 _____ () C:\Users\FERDA\Desktop\Rally team.pps
2014-03-03 16:31 - 2014-03-03 16:31 - 03800567 _____ () C:\Users\FERDA\Downloads\RBRReversedRC3.exe
2014-03-03 16:24 - 2014-03-03 16:24 - 02732233 _____ () C:\Users\FERDA\Downloads\Real_CZ_Pacenotes_v2.2.zip
2014-03-03 16:24 - 2014-03-03 16:24 - 00000000 ____D () C:\Users\FERDA\Downloads\Real_CZ_Pacenotes_v2.2
2014-03-03 16:08 - 2014-03-03 16:08 - 00000000 ____D () C:\Users\FERDA\AppData\Local\Logitech
2014-03-03 16:05 - 2014-03-03 16:05 - 00000000 ____D () C:\Program Files\Logitech
2014-03-03 16:05 - 2014-03-03 16:05 - 00000000 ____D () C:\Program Files\Common Files\Logitech
2014-03-03 15:56 - 2014-03-03 15:56 - 00000000 ____D () C:\Users\FERDA\Desktop\rbrct_10e
2014-02-23 18:17 - 2014-02-23 18:31 - 00000000 ____D () C:\Users\FERDA\Desktop\Narozeniny Matýsek
2014-02-23 18:17 - 2014-02-23 18:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-02-23 17:02 - 2014-03-25 08:25 - 00000200 _____ () C:\Windows\Tasks\AutoKMS.job
2014-02-23 17:02 - 2014-03-24 17:02 - 00000200 _____ () C:\Windows\Tasks\AutoKMSDaily.job
2014-02-23 17:02 - 2014-02-23 17:02 - 00002738 _____ () C:\Windows\System32\Tasks\AutoKMSDaily
2014-02-23 17:02 - 2014-02-23 17:02 - 00002432 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-02-23 17:02 - 2014-02-23 17:02 - 00000184 _____ () C:\Windows\AutoKMS.ini
2014-02-23 16:49 - 2014-02-23 17:03 - 00000000 ____D () C:\Users\FERDA\Downloads\Office 2010 (Toolkit and EZ-Activator) 2.0.1 Final
2014-02-23 16:45 - 2014-02-23 16:45 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-02-23 16:44 - 2014-02-23 16:44 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-02-23 16:44 - 2014-02-23 16:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-02-23 16:43 - 2014-02-23 16:43 - 00000000 ____D () C:\Windows\PCHEALTH
2014-02-23 16:43 - 2014-02-23 16:43 - 00000000 ____D () C:\Program Files\Microsoft Sync Framework
2014-02-23 16:43 - 2014-02-23 16:43 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-02-23 16:42 - 2014-02-23 16:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-02-23 16:41 - 2014-02-23 17:06 - 00000000 ____D () C:\Users\FERDA\AppData\Local\Microsoft Help
2014-02-23 16:41 - 2014-02-23 16:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-23 16:41 - 2014-02-23 16:43 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-02-23 16:41 - 2014-02-23 16:41 - 00000000 __RHD () C:\MSOCache
2014-02-23 16:41 - 2014-02-23 16:41 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-02-23 16:41 - 2014-02-23 16:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-02-23 16:41 - 2014-02-23 16:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-02-23 16:38 - 2014-02-23 16:38 - 03248193 _____ () C:\Users\FERDA\Downloads\Office 2010 (Toolkit and EZ-Activator) 2.0.1 Final.rar
2014-02-23 16:17 - 2014-02-23 17:11 - 00000000 ____D () C:\Users\FERDA\Downloads\Microsoft Office Professional Plus 2010 CZ 32bit, 64bit
2014-02-23 16:16 - 2014-03-08 12:31 - 00000000 ____D () C:\Users\FERDA\AppData\Roaming\uTorrent
2014-02-23 16:16 - 2014-02-23 16:16 - 00000931 _____ () C:\Users\FERDA\Desktop\µTorrent.lnk
2014-02-23 16:16 - 2014-02-23 16:16 - 00000000 ____D () C:\Users\FERDA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2014-02-23 16:15 - 2014-02-23 16:16 - 01727010 _____ (emc) C:\Users\FERDA\Downloads\uTorrent221.exe
2014-02-23 16:15 - 2014-02-23 16:15 - 23294607 _____ (emc) C:\Users\FERDA\Downloads\utorrent-setup.exe

==================== One Month Modified Files and Folders =======

2014-03-25 08:26 - 2014-03-25 08:26 - 02157056 _____ (Farbar) C:\Users\FERDA\Desktop\FRST64.exe
2014-03-25 08:26 - 2014-03-21 11:55 - 00010040 _____ () C:\Users\FERDA\Desktop\FRST.txt
2014-03-25 08:26 - 2014-03-21 11:55 - 00000000 ____D () C:\FRST
2014-03-25 08:25 - 2014-02-23 17:02 - 00000200 _____ () C:\Windows\Tasks\AutoKMS.job
2014-03-25 08:25 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-25 08:24 - 2014-02-16 20:12 - 00670201 _____ () C:\Windows\WindowsUpdate.log
2014-03-25 08:24 - 2009-07-14 05:51 - 00020003 _____ () C:\Windows\setupact.log
2014-03-25 08:23 - 2014-03-25 08:23 - 00002932 _____ () C:\Windows\System32\Tasks\{0B36C00A-6D38-4471-9F87-6B3A113946A3}
2014-03-25 08:23 - 2009-07-14 05:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-25 08:23 - 2009-07-14 05:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-25 08:20 - 2009-07-14 16:18 - 00622422 _____ () C:\Windows\system32\perfh005.dat
2014-03-25 08:20 - 2009-07-14 16:18 - 00118604 _____ () C:\Windows\system32\perfc005.dat
2014-03-25 08:20 - 2009-07-14 06:13 - 01445734 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-25 08:19 - 2014-03-21 08:26 - 00000000 ____D () C:\Program Files\trend micro
2014-03-24 21:35 - 2014-02-16 21:36 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-24 17:02 - 2014-02-23 17:02 - 00000200 _____ () C:\Windows\Tasks\AutoKMSDaily.job
2014-03-23 22:03 - 2014-03-23 22:03 - 01285120 _____ () C:\Users\FERDA\Desktop\zoek.exe
2014-03-23 22:02 - 2014-03-23 21:47 - 00007923 _____ () C:\zoek-results.log
2014-03-23 22:02 - 2014-02-17 21:23 - 00031724 _____ () C:\Windows\PFRO.log
2014-03-23 21:57 - 2014-03-23 21:57 - 00000000 ____D () C:\Users\FERDA\AppData\Local\Microsoft Games
2014-03-23 21:57 - 2014-03-23 21:46 - 00000000 ____D () C:\zoek_backup
2014-03-23 21:57 - 2014-02-16 20:18 - 00000000 ____D () C:\Users\FERDA
2014-03-23 21:47 - 2014-03-23 21:46 - 00000000 ____D () C:\Users\FERDA\Desktop\zoek
2014-03-23 21:45 - 2014-03-23 21:45 - 04235514 _____ () C:\Users\FERDA\Desktop\zoek.rar
2014-03-23 18:49 - 2014-02-20 21:55 - 00108360 _____ () C:\Users\FERDA\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-23 18:48 - 2014-03-23 18:36 - 00000000 ____D () C:\Users\FERDA\Desktop\fotky
2014-03-21 11:56 - 2014-03-21 11:55 - 00014431 _____ () C:\Users\FERDA\Desktop\Addition.txt
2014-03-21 11:51 - 2014-03-21 11:51 - 00015327 _____ () C:\Users\FERDA\Desktop\LM.bat
2014-03-21 11:22 - 2014-03-21 11:20 - 00000000 ____D () C:\AdwCleaner
2014-03-21 11:20 - 2014-03-21 11:20 - 01950720 _____ () C:\Users\FERDA\Downloads\adwcleaner.exe
2014-03-21 08:49 - 2014-03-21 08:49 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-21 08:49 - 2014-03-21 08:49 - 00000000 ____D () C:\Users\FERDA\AppData\Roaming\Malwarebytes
2014-03-21 08:49 - 2014-03-21 08:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-21 08:49 - 2014-03-21 08:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-21 08:48 - 2014-03-21 08:48 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\FERDA\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-21 08:46 - 2014-03-19 23:15 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-03-21 08:26 - 2014-03-21 08:26 - 00935175 _____ () C:\Users\FERDA\Downloads\RSITx64.exe
2014-03-21 08:26 - 2014-03-21 08:26 - 00000000 ____D () C:\rsit
2014-03-21 07:47 - 2009-07-14 05:45 - 00414168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-20 22:10 - 2014-03-19 22:55 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-03-20 21:42 - 2014-02-16 21:32 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-03-19 23:22 - 2014-03-19 23:22 - 00733368 _____ () C:\Users\FERDA\Downloads\ccleaner-lista-centrumcz.exe
2014-03-19 23:16 - 2014-03-19 23:16 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-03-19 23:15 - 2014-03-19 23:15 - 00937208 _____ (Crawler.com ) C:\Users\FERDA\Downloads\SpywareTerminatorSetup.exe
2014-03-19 23:14 - 2014-03-19 23:14 - 08003752 _____ ( ) C:\Users\FERDA\Downloads\setupfree(1).exe
2014-03-19 23:12 - 2014-03-19 23:12 - 08003752 _____ ( ) C:\Users\FERDA\Downloads\setupfree.exe
2014-03-19 22:56 - 2014-03-19 22:56 - 00000000 _____ () C:\autoexec.bat
2014-03-19 22:55 - 2014-03-19 22:55 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-19 22:54 - 2014-03-19 22:54 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\FERDA\Downloads\SpyHunter-Installer.exe
2014-03-19 22:41 - 2014-03-19 22:41 - 00007605 _____ () C:\Users\FERDA\AppData\Local\Resmon.ResmonCfg
2014-03-18 22:28 - 2014-03-18 22:25 - 00206312 __RSH () C:\XELDZ
2014-03-18 22:28 - 2014-02-16 20:09 - 00383562 __RSH () C:\bootmgr
2014-03-18 22:25 - 2014-03-18 22:25 - 00000000 ____D () C:\Users\FERDA\Downloads\Windows.7.Loader.eXtreme.Edition.v3.503-NAPALUM
2014-03-18 22:25 - 2014-03-18 22:24 - 06923657 _____ () C:\Users\FERDA\Downloads\Windows.7.Loader.eXtreme.Edition.v3.503-NAPALUM.rar
2014-03-12 16:35 - 2014-02-16 21:36 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 16:35 - 2014-02-16 21:36 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 16:35 - 2014-02-16 21:36 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-08 12:31 - 2014-02-23 16:16 - 00000000 ____D () C:\Users\FERDA\AppData\Roaming\uTorrent
2014-03-08 12:31 - 2014-02-18 19:36 - 00000000 ____D () C:\Users\FERDA\Desktop\RBR tratě
2014-03-08 11:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-05 15:34 - 2014-03-05 15:22 - 1857513472 _____ () C:\Users\FERDA\Downloads\Letadla.avi
2014-03-05 12:30 - 2014-03-05 12:27 - 164205813 _____ (by Barbje Keller) C:\Users\FERDA\Downloads\Versme_16.exe
2014-03-05 12:17 - 2014-03-05 12:16 - 43458984 _____ () C:\Users\FERDA\Downloads\RBRSweetLamb.exe
2014-03-03 16:31 - 2014-03-03 16:31 - 03800567 _____ () C:\Users\FERDA\Downloads\RBRReversedRC3.exe
2014-03-03 16:24 - 2014-03-03 16:24 - 02732233 _____ () C:\Users\FERDA\Downloads\Real_CZ_Pacenotes_v2.2.zip
2014-03-03 16:24 - 2014-03-03 16:24 - 00000000 ____D () C:\Users\FERDA\Downloads\Real_CZ_Pacenotes_v2.2
2014-03-03 16:08 - 2014-03-03 16:08 - 00000000 ____D () C:\Users\FERDA\AppData\Local\Logitech
2014-03-03 16:05 - 2014-03-03 16:05 - 00000000 ____D () C:\Program Files\Logitech
2014-03-03 16:05 - 2014-03-03 16:05 - 00000000 ____D () C:\Program Files\Common Files\Logitech
2014-03-03 15:56 - 2014-03-03 15:56 - 00000000 ____D () C:\Users\FERDA\Desktop\rbrct_10e
2014-02-23 18:31 - 2014-02-23 18:17 - 00000000 ____D () C:\Users\FERDA\Desktop\Narozeniny Matýsek
2014-02-23 18:17 - 2014-02-23 18:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-02-23 17:11 - 2014-02-23 16:17 - 00000000 ____D () C:\Users\FERDA\Downloads\Microsoft Office Professional Plus 2010 CZ 32bit, 64bit
2014-02-23 17:06 - 2014-02-23 16:41 - 00000000 ____D () C:\Users\FERDA\AppData\Local\Microsoft Help
2014-02-23 17:03 - 2014-02-23 16:49 - 00000000 ____D () C:\Users\FERDA\Downloads\Office 2010 (Toolkit and EZ-Activator) 2.0.1 Final
2014-02-23 17:02 - 2014-02-23 17:02 - 00002738 _____ () C:\Windows\System32\Tasks\AutoKMSDaily
2014-02-23 17:02 - 2014-02-23 17:02 - 00002432 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-02-23 17:02 - 2014-02-23 17:02 - 00000184 _____ () C:\Windows\AutoKMS.ini
2014-02-23 16:47 - 2014-02-23 16:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-23 16:45 - 2014-02-23 16:45 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-02-23 16:44 - 2014-02-23 16:44 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-02-23 16:44 - 2014-02-23 16:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-02-23 16:44 - 2009-07-14 16:36 - 00000000 ____D () C:\Windows\ShellNew
2014-02-23 16:44 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-02-23 16:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-02-23 16:43 - 2014-02-23 16:43 - 00000000 ____D () C:\Windows\PCHEALTH
2014-02-23 16:43 - 2014-02-23 16:43 - 00000000 ____D () C:\Program Files\Microsoft Sync Framework
2014-02-23 16:43 - 2014-02-23 16:43 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-02-23 16:43 - 2014-02-23 16:41 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-02-23 16:42 - 2014-02-23 16:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-02-23 16:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-02-23 16:42 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-02-23 16:41 - 2014-02-23 16:41 - 00000000 __RHD () C:\MSOCache
2014-02-23 16:41 - 2014-02-23 16:41 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-02-23 16:41 - 2014-02-23 16:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-02-23 16:41 - 2014-02-23 16:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-02-23 16:38 - 2014-02-23 16:38 - 03248193 _____ () C:\Users\FERDA\Downloads\Office 2010 (Toolkit and EZ-Activator) 2.0.1 Final.rar
2014-02-23 16:16 - 2014-02-23 16:16 - 00000931 _____ () C:\Users\FERDA\Desktop\µTorrent.lnk
2014-02-23 16:16 - 2014-02-23 16:16 - 00000000 ____D () C:\Users\FERDA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2014-02-23 16:16 - 2014-02-23 16:15 - 01727010 _____ (emc) C:\Users\FERDA\Downloads\uTorrent221.exe
2014-02-23 16:15 - 2014-02-23 16:15 - 23294607 _____ (emc) C:\Users\FERDA\Downloads\utorrent-setup.exe

Files to move or delete:
====================
C:\Users\FERDA\audio.dat


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-20 20:51

==================== End Of Log ============================

Re: Prosím o konrolu logu-minerd.exe

Napsal: 25 bře 2014 08:35
od vyosek
:arrow: Odinstalujte Spyware Terminator

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start

C:\Windows\inf\mncjttx.vbe
2014-02-23 16:38 - 2014-02-23 16:38 - 03248193 _____ () C:\Users\FERDA\Downloads\Office 2010 (Toolkit and EZ-Activator) 2.0.1 Final.rar
2014-02-23 17:03 - 2014-02-23 16:49 - 00000000 ____D () C:\Users\FERDA\Downloads\Office 2010 (Toolkit and EZ-Activator) 2.0.1 Final
2014-02-23 17:02 - 2014-02-23 17:02 - 00002738 _____ () C:\Windows\System32\Tasks\AutoKMSDaily
2014-02-23 17:02 - 2014-02-23 17:02 - 00002432 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-02-23 17:02 - 2014-02-23 17:02 - 00000184 _____ () C:\Windows\AutoKMS.ini
2014-03-18 22:25 - 2014-03-18 22:25 - 00000000 ____D () C:\Users\FERDA\Downloads\Windows.7.Loader.eXtreme.Edition.v3.503-NAPALUM
2014-03-18 22:25 - 2014-03-18 22:24 - 06923657 _____ () C:\Users\FERDA\Downloads\Windows.7.Loader.eXtreme.Edition.v3.503-NAPALUM.rar
2014-03-19 22:55 - 2014-03-19 22:55 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-19 22:54 - 2014-03-19 22:54 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\FERDA\Downloads\SpyHunter-Installer.exe
2014-03-19 23:15 - 2014-03-19 23:15 - 00937208 _____ (Crawler.com ) C:\Users\FERDA\Downloads\SpywareTerminatorSetup.exe
2014-03-19 23:14 - 2014-03-19 23:14 - 08003752 _____ ( ) C:\Users\FERDA\Downloads\setupfree(1).exe
2014-03-19 23:12 - 2014-03-19 23:12 - 08003752 _____ ( ) C:\Users\FERDA\Downloads\setupfree.exe
2014-03-19 23:22 - 2014-03-19 23:22 - 00733368 _____ () C:\Users\FERDA\Downloads\ccleaner-lista-centrumcz.exe
2014-03-21 08:48 - 2014-03-21 08:48 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\FERDA\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-21 08:46 - 2014-03-19 23:15 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-03-21 11:56 - 2014-03-21 11:55 - 00014431 _____ () C:\Users\FERDA\Desktop\Addition.txt
2014-03-21 11:51 - 2014-03-21 11:51 - 00015327 _____ () C:\Users\FERDA\Desktop\LM.bat
2014-03-23 21:57 - 2014-03-23 21:46 - 00000000 ____D () C:\zoek_backup
2014-03-24 21:35 - 2014-02-16 21:36 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-24 17:02 - 2014-02-23 17:02 - 00000200 _____ () C:\Windows\Tasks\AutoKMSDaily.job
2014-03-23 22:03 - 2014-03-23 22:03 - 01285120 _____ () C:\Users\FERDA\Desktop\zoek.exe
2014-03-23 22:02 - 2014-03-23 21:47 - 00007923 _____ () C:\zoek-results.log
2014-03-25 08:25 - 2014-02-23 17:02 - 00000200 _____ () C:\Windows\Tasks\AutoKMS.job
2014-03-23 22:03 - 2014-03-23 22:03 - 01285120 _____ () C:\Users\FERDA\Desktop\zoek.exe
2014-03-23 22:00 - 2014-02-13 23:59 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-23 21:47 - 2014-03-23 22:02 - 00007923 _____ () C:\zoek-results.log
2014-03-23 21:46 - 2014-03-23 21:57 - 00000000 ____D () C:\zoek_backup
2014-03-23 21:46 - 2014-03-23 21:47 - 00000000 ____D () C:\Users\FERDA\Desktop\zoek
2014-03-23 21:45 - 2014-03-23 21:45 - 04235514 _____ () C:\Users\FERDA\Desktop\zoek.rar
2014-03-23 18:36 - 2014-03-23 18:48 - 00000000 ____D () C:\Users\FERDA\Desktop\fotky
2014-03-21 11:55 - 2014-03-25 08:26 - 00010040 _____ () C:\Users\FERDA\Desktop\FRST.txt
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mncjttxSrv] - C:\Windows\inf\mncjttx.vbe [1342 2014-01-19] ()
HKU\S-1-5-21-1011155146-2800395049-3198481244-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1011155146-2800395049-3198481244-1001\...\MountPoints2: {5ccffea3-9799-11e3-8a0e-0050fca8902c} - E:\setup.exe
HKU\S-1-5-21-1011155146-2800395049-3198481244-1001\...\MountPoints2: {6308e4be-9811-11e3-af1e-806e6f6e6963} - F:\setup.exe

Hosts:
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt

Re: Prosím o konrolu logu-minerd.exe

Napsal: 25 bře 2014 12:21
od štajny
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by FERDA at 2014-03-25 12:18:00 Run:1
Running from C:\Users\FERDA\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start

C:\Windows\inf\mncjttx.vbe
2014-02-23 16:38 - 2014-02-23 16:38 - 03248193 _____ () C:\Users\FERDA\Downloads\Office 2010 (Toolkit and EZ-Activator) 2.0.1 Final.rar
2014-02-23 17:03 - 2014-02-23 16:49 - 00000000 ____D () C:\Users\FERDA\Downloads\Office 2010 (Toolkit and EZ-Activator) 2.0.1 Final
2014-02-23 17:02 - 2014-02-23 17:02 - 00002738 _____ () C:\Windows\System32\Tasks\AutoKMSDaily
2014-02-23 17:02 - 2014-02-23 17:02 - 00002432 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-02-23 17:02 - 2014-02-23 17:02 - 00000184 _____ () C:\Windows\AutoKMS.ini
2014-03-18 22:25 - 2014-03-18 22:25 - 00000000 ____D () C:\Users\FERDA\Downloads\Windows.7.Loader.eXtreme.Edition.v3.503-NAPALUM
2014-03-18 22:25 - 2014-03-18 22:24 - 06923657 _____ () C:\Users\FERDA\Downloads\Windows.7.Loader.eXtreme.Edition.v3.503-NAPALUM.rar
2014-03-19 22:55 - 2014-03-19 22:55 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-19 22:54 - 2014-03-19 22:54 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\FERDA\Downloads\SpyHunter-Installer.exe
2014-03-19 23:15 - 2014-03-19 23:15 - 00937208 _____ (Crawler.com ) C:\Users\FERDA\Downloads\SpywareTerminatorSetup.exe
2014-03-19 23:14 - 2014-03-19 23:14 - 08003752 _____ ( ) C:\Users\FERDA\Downloads\setupfree(1).exe
2014-03-19 23:12 - 2014-03-19 23:12 - 08003752 _____ ( ) C:\Users\FERDA\Downloads\setupfree.exe
2014-03-19 23:22 - 2014-03-19 23:22 - 00733368 _____ () C:\Users\FERDA\Downloads\ccleaner-lista-centrumcz.exe
2014-03-21 08:48 - 2014-03-21 08:48 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\FERDA\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-21 08:46 - 2014-03-19 23:15 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-03-21 11:56 - 2014-03-21 11:55 - 00014431 _____ () C:\Users\FERDA\Desktop\Addition.txt
2014-03-21 11:51 - 2014-03-21 11:51 - 00015327 _____ () C:\Users\FERDA\Desktop\LM.bat
2014-03-23 21:57 - 2014-03-23 21:46 - 00000000 ____D () C:\zoek_backup
2014-03-24 21:35 - 2014-02-16 21:36 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-24 17:02 - 2014-02-23 17:02 - 00000200 _____ () C:\Windows\Tasks\AutoKMSDaily.job
2014-03-23 22:03 - 2014-03-23 22:03 - 01285120 _____ () C:\Users\FERDA\Desktop\zoek.exe
2014-03-23 22:02 - 2014-03-23 21:47 - 00007923 _____ () C:\zoek-results.log
2014-03-25 08:25 - 2014-02-23 17:02 - 00000200 _____ () C:\Windows\Tasks\AutoKMS.job
2014-03-23 22:03 - 2014-03-23 22:03 - 01285120 _____ () C:\Users\FERDA\Desktop\zoek.exe
2014-03-23 22:00 - 2014-02-13 23:59 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-23 21:47 - 2014-03-23 22:02 - 00007923 _____ () C:\zoek-results.log
2014-03-23 21:46 - 2014-03-23 21:57 - 00000000 ____D () C:\zoek_backup
2014-03-23 21:46 - 2014-03-23 21:47 - 00000000 ____D () C:\Users\FERDA\Desktop\zoek
2014-03-23 21:45 - 2014-03-23 21:45 - 04235514 _____ () C:\Users\FERDA\Desktop\zoek.rar
2014-03-23 18:36 - 2014-03-23 18:48 - 00000000 ____D () C:\Users\FERDA\Desktop\fotky
2014-03-21 11:55 - 2014-03-25 08:26 - 00010040 _____ () C:\Users\FERDA\Desktop\FRST.txt
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mncjttxSrv] - C:\Windows\inf\mncjttx.vbe [1342 2014-01-19] ()
HKU\S-1-5-21-1011155146-2800395049-3198481244-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1011155146-2800395049-3198481244-1001\...\MountPoints2: {5ccffea3-9799-11e3-8a0e-0050fca8902c} - E:\setup.exe
HKU\S-1-5-21-1011155146-2800395049-3198481244-1001\...\MountPoints2: {6308e4be-9811-11e3-af1e-806e6f6e6963} - F:\setup.exe

Hosts:
End
*****************

C:\Windows\inf\mncjttx.vbe => Moved successfully.
C:\Users\FERDA\Downloads\Office 2010 (Toolkit and EZ-Activator) 2.0.1 Final.rar => Moved successfully.
C:\Users\FERDA\Downloads\Office 2010 (Toolkit and EZ-Activator) 2.0.1 Final => Moved successfully.
C:\Windows\System32\Tasks\AutoKMSDaily => Moved successfully.
C:\Windows\System32\Tasks\AutoKMS => Moved successfully.
C:\Windows\AutoKMS.ini => Moved successfully.
C:\Users\FERDA\Downloads\Windows.7.Loader.eXtreme.Edition.v3.503-NAPALUM => Moved successfully.
C:\Users\FERDA\Downloads\Windows.7.Loader.eXtreme.Edition.v3.503-NAPALUM.rar => Moved successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
C:\Users\FERDA\Downloads\SpyHunter-Installer.exe => Moved successfully.
C:\Users\FERDA\Downloads\SpywareTerminatorSetup.exe => Moved successfully.
C:\Users\FERDA\Downloads\setupfree(1).exe => Moved successfully.
C:\Users\FERDA\Downloads\setupfree.exe => Moved successfully.
C:\Users\FERDA\Downloads\ccleaner-lista-centrumcz.exe => Moved successfully.
C:\Users\FERDA\Downloads\mbam-setup-1.75.0.1300.exe => Moved successfully.
C:\Program Files (x86)\Spyware Terminator => Moved successfully.
C:\Users\FERDA\Desktop\Addition.txt => Moved successfully.
C:\Users\FERDA\Desktop\LM.bat => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\AutoKMSDaily.job => Moved successfully.
C:\Users\FERDA\Desktop\zoek.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\Windows\Tasks\AutoKMS.job => Moved successfully.
"C:\Users\FERDA\Desktop\zoek.exe" => File/Directory not found.
C:\Windows\zoek-delete.exe => Moved successfully.
"C:\zoek-results.log" => File/Directory not found.
"C:\zoek_backup" => File/Directory not found.
C:\Users\FERDA\Desktop\zoek => Moved successfully.
C:\Users\FERDA\Desktop\zoek.rar => Moved successfully.
C:\Users\FERDA\Desktop\fotky => Moved successfully.
C:\Users\FERDA\Desktop\FRST.txt => Moved successfully.
esgiguard => Service deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorShield => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdater => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mncjttxSrv => Value deleted successfully.
HKU\S-1-5-21-1011155146-2800395049-3198481244-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\S-1-5-21-1011155146-2800395049-3198481244-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5ccffea3-9799-11e3-8a0e-0050fca8902c} => Key deleted successfully.
HKCR\CLSID\{5ccffea3-9799-11e3-8a0e-0050fca8902c} => Key not found.
HKU\S-1-5-21-1011155146-2800395049-3198481244-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6308e4be-9811-11e3-af1e-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{6308e4be-9811-11e3-af1e-806e6f6e6963} => Key not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====


nikde toho spyware nemám,ale píše že ja zapnutý,nebo ne?

Re: Prosím o konrolu logu-minerd.exe

Napsal: 25 bře 2014 16:28
od vyosek
:arrow: Terminator by snad mel byt jiz zlikvidovany :?:

Tak jeste uklidime :James008:

:arrow: T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|

Re: Prosím o konrolu logu-minerd.exe

Napsal: 25 bře 2014 18:09
od štajny
Mockrát děkuji,jen v registrech se mi stále robrazuje toto
Chybí TypeLib reference. IBackupLocationsShellFolderImpl - {00020424-0000-0000-C000-000000000046} HKCR\Interface\{F0E3A5D7-80C7-4228-90FE-61DF01C417A5}

Re: Prosím o konrolu logu-minerd.exe

Napsal: 25 bře 2014 18:10
od vyosek
Toto zobrazuje CCleaner??

Re: Prosím o konrolu logu-minerd.exe

Napsal: 25 bře 2014 19:44
od štajny
jojo při čištění registru

Re: Prosím o konrolu logu-minerd.exe

Napsal: 26 bře 2014 09:12
od vyosek
Neni nejaka velka zavada, jen drobnost - obcas je CCleaner na neco kratky.

Jeste muzete zkusit projet to v nouzovem rezimu.

Re: Prosím o konrolu logu-minerd.exe

Napsal: 26 bře 2014 11:43
od štajny
Dobře zkusim,každopádně díky za spolupráci

Re: Prosím o konrolu logu-minerd.exe

Napsal: 26 bře 2014 12:38
od vyosek
Nemate zac, rad jsem pomohl :worship: Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat :lock:
Všechny časy jsou v UTC+01:00
Stránka 2 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz