Stránka 1 z 1

Prosím o kontrolu logu

Napsal: 28 úno 2014 18:23
od George152
Prosím o kontrolu logu, nějaký minerd.exe neustále točí procesor na 100%...Děkuji

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-02-2014 02
Ran by Petra (administrator) on MARTIN on 28-02-2014 18:01:34
Running from C:\Users\Petra\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Rocket Division Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Windows\System32\WScript.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
() C:\Users\Public\Public\minerd.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-02-01] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9996320 2010-01-20] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860192 2010-02-06] (Acer Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-11-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-10] (AVAST Software)
HKU\S-1-5-21-898774755-496677765-1295066475-1000\...\Run: [SysProc] - C:\Users\Public\Public\run_shc.lnk [1472 2014-01-24] ()

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t5691o224
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t5691o224
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t5691o224
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t5691o224
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ACAW
SearchScopes: HKCU - {39195A1B-536E-481D-A66B-97B606724B31} URL = http://websearch.ask.com/redirect?clien ... B280169098
SearchScopes: HKCU - {659E165C-774F-453A-BB34-7C6933A901DC} URL = http://search.ividi.org/?q={searchTerms ... lt=3&r=249
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ACAW
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: HistoryTriggerBHO Class - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - No Name - {CF0F43AB-9C23-4D7B-8040-201B82844854} - No File
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - No Name - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - No File
Toolbar: HKLM-x32 - No Name - {CF0F43AB-9C23-4D7B-8040-201B82844854} - No File
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\zpn7anuk.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Petra\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Petra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\libdivx.dll (The OpenSSL Project, http://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ssldivx.dll (The OpenSSL Project, http://www.openssl.org/)
FF SearchPlugin: C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\zpn7anuk.default\searchplugins\ividi.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: New tab - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\zpn7anuk.default\Extensions\{2FD73609-F02D-3849-D765-5F8F93ECC348} [2014-01-05]
FF Extension: Metal3D - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\zpn7anuk.default\Extensions\{48e23fba-bb14-4745-b768-382150cd83fb} [2010-12-27]
FF Extension: FT DeepDark - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\zpn7anuk.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2012-07-24]
FF Extension: SmileysWeLove: Smileys for use with Facebook, GMail, and more - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\zpn7anuk.default\Extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi [2013-10-11]
FF Extension: Silvermel - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\zpn7anuk.default\Extensions\silvermel@pardal.de.xpi [2012-01-23]
FF Extension: Speed Analysis 3 - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\zpn7anuk.default\Extensions\speedanalysis03@SpeedAnalysis.com.xpi [2013-10-06]
FF Extension: Oxygen KDE - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\zpn7anuk.default\Extensions\{C1F83B1E-D6EE-11DE-B441-1AD556D89593}.xpi [2011-10-22]
FF Extension: Oxygen KDE Options - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\zpn7anuk.default\Extensions\{c2a3f51e-2920-4eab-9008-1bcb44d21d57}.xpi [2011-10-22]
FF Extension: Shine Bright Skin Aero - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\zpn7anuk.default\Extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi [2012-01-23]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-09-28]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-13]
CHR Extension: (Disk Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-13]
CHR Extension: (YouTube) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-23]
CHR Extension: (Vyhledávání Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-23]
CHR Extension: (Fiery Music) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmfeiddljnkcdgcfcfhpenipgmaocon [2014-01-29]
CHR Extension: (Peněženka Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-23]
CHR HKLM-x32\...\Chrome\Extension: [gjajpkikblccgefaibcafkfbanllpefi] - C:\Users\Petra\AppData\Roaming\7go\7go.crx [2012-04-23]
CHR HKLM-x32\...\Chrome\Extension: [mbmpjbkgemhgalmeiigcdljkccfcafoj] - C:\Users\Petra\AppData\Roaming\SpeedAnalysis3\SpeedAnalysis.crx [2012-04-23]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-10] (AVAST Software)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2102072 2013-12-18] (AVG)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [42808 2013-12-18] (AVG)

==================== Drivers (Whitelisted) ====================

S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2010-12-07] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2010-12-07] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2010-12-07] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2010-12-07] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29696 2010-11-29] (LG Electronics Inc.)
S3 AndNetGps; C:\Windows\System32\DRIVERS\lgandnetgps64.sys [28672 2010-11-29] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2010-11-29] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [100352 2010-11-29] (LG Electronics Inc)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-10] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-10] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2013-12-04] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-22] ()
R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbs64.sys [14848 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [95552 2004-01-26] (Protection Technology)
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology)
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [871408 2010-12-26] ()
S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [16640 2012-01-04] (Windows (R) Win 7 DDK provider)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
S3 X86BDA; C:\Windows\System32\DRIVERS\OEMDrv.sys [268416 2011-06-08] ( )
U3 a1ypvmu2; C:\Windows\System32\Drivers\a1ypvmu2.sys [0 ] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [X]
S3 xpvcom; System32\Drivers\xpvcom.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-28 18:02 - 2014-02-28 18:02 - 00111680 _____ () C:\Users\Petra\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-28 18:01 - 2014-02-28 18:02 - 00019351 _____ () C:\Users\Petra\Downloads\FRST.txt
2014-02-28 17:59 - 2014-02-28 17:59 - 00000056 _____ () C:\Windows\setupact.log
2014-02-28 17:59 - 2014-02-28 17:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-28 17:58 - 2014-02-28 17:58 - 00429848 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-28 17:07 - 2014-02-28 18:01 - 00000000 ____D () C:\FRST
2014-02-28 17:05 - 2014-02-28 17:06 - 02155520 _____ (Farbar) C:\Users\Petra\Downloads\FRST64.exe
2014-02-28 16:17 - 2014-02-28 16:17 - 00000000 _____ () C:\autoexec.bat
2014-02-28 16:16 - 2014-02-28 17:34 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-02-21 15:33 - 2014-02-21 15:33 - 00000000 ____D () C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
2014-02-19 17:13 - 2014-02-19 17:15 - 00000000 ____D () C:\Users\Petra\Documents\honestech DVR
2014-02-19 17:06 - 2014-02-19 17:07 - 00000000 ____D () C:\Program Files (x86)\honestech
2014-02-19 17:06 - 2006-05-17 01:58 - 00073728 _____ (Macrovision Corporation) C:\Windows\SysWOW64\ISUSPM.cpl
2014-02-19 17:04 - 2014-02-19 17:04 - 00000000 ____D () C:\Program Files (x86)\eEnjoy VIDEO DVR
2014-02-19 17:04 - 2011-06-08 17:22 - 00268416 _____ ( ) C:\Windows\system32\Drivers\OEMDrv.sys
2014-02-19 17:02 - 2014-02-19 17:07 - 00000000 ____D () C:\ProgramData\InstallShield
2014-02-18 19:33 - 2014-02-18 19:33 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w95inf32.dll
2014-02-18 19:33 - 2014-02-18 19:33 - 00002272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w95inf16.dll
2014-02-18 19:33 - 2014-02-18 19:33 - 00000000 ____D () C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2014-02-18 19:33 - 2014-02-18 19:33 - 00000000 ____D () C:\Program Files (x86)\JoWooD
2014-02-18 19:33 - 1998-09-02 09:28 - 01088272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\danim.dll
2014-02-18 19:33 - 1998-09-02 09:28 - 00155408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LMRT.dll
2014-02-18 19:33 - 1998-09-02 09:28 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unam4ie.exe
2014-02-18 19:33 - 1998-09-02 09:28 - 00038160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LMRTREND.dll
2014-02-18 19:33 - 1998-09-02 09:02 - 00194320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qcut.dll
2014-02-18 19:33 - 1998-08-27 05:51 - 00182032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft3.dll
2014-02-18 19:33 - 1998-08-20 12:02 - 00140800 _____ (The Duck Corporation) C:\Windows\SysWOW64\tm20dec.ax
2014-02-18 19:33 - 1998-08-20 11:38 - 00217984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\strmdll.dll
2014-02-18 19:33 - 1998-08-17 10:21 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciqtz.drv
2014-02-18 19:33 - 1998-08-17 10:21 - 00010240 _____ () C:\Windows\SysWOW64\vidx16.dll
2014-02-18 19:33 - 1998-08-17 10:21 - 00005672 _____ () C:\Windows\SysWOW64\quartz.vxd
2014-02-18 13:13 - 2014-02-18 13:13 - 00001457 _____ () C:\Users\Petra\Sti_Trace.log
2014-02-04 10:46 - 1999-11-12 05:11 - 00183808 _____ () C:\Windows\SysWOW64\BDEADMIN.CPL
2014-02-04 10:46 - 1999-01-20 05:01 - 00210032 _____ () C:\Windows\SysWOW64\DBCLIENT.DLL
2014-02-04 10:44 - 2014-02-04 10:45 - 24821531 _____ (KASTNER software s.r.o. ) C:\Users\Petra\Downloads\du823.exe
2014-02-02 15:08 - 2014-02-02 15:07 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-02 15:07 - 2014-02-02 15:07 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-02 15:07 - 2014-02-02 15:07 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-02 15:07 - 2014-02-02 15:07 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

==================== One Month Modified Files and Folders =======

2014-02-28 18:02 - 2014-02-28 18:02 - 00111680 _____ () C:\Users\Petra\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-28 18:02 - 2014-02-28 18:01 - 00019351 _____ () C:\Users\Petra\Downloads\FRST.txt
2014-02-28 18:01 - 2014-02-28 17:07 - 00000000 ____D () C:\FRST
2014-02-28 18:01 - 2012-07-09 08:23 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-28 17:59 - 2014-02-28 17:59 - 00000056 _____ () C:\Windows\setupact.log
2014-02-28 17:59 - 2014-02-28 17:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-28 17:59 - 2014-01-13 20:07 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-28 17:59 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-28 17:58 - 2014-02-28 17:58 - 00429848 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-28 17:58 - 2013-05-31 19:58 - 01668025 _____ () C:\Windows\WindowsUpdate.log
2014-02-28 17:40 - 2013-12-06 18:08 - 00000000 ____D () C:\Users\Petra\AppData\Local\CrashDumps
2014-02-28 17:40 - 2013-10-14 16:40 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-28 17:40 - 2010-12-30 11:42 - 00000000 ____D () C:\Users\Petra\AppData\Roaming\Skype
2014-02-28 17:34 - 2014-02-28 16:16 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-02-28 17:31 - 2009-07-14 05:45 - 00017600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-28 17:31 - 2009-07-14 05:45 - 00017600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-28 17:29 - 2012-12-20 20:24 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-898774755-496677765-1295066475-1000UA.job
2014-02-28 17:28 - 2014-01-13 20:07 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-28 17:06 - 2014-02-28 17:05 - 02155520 _____ (Farbar) C:\Users\Petra\Downloads\FRST64.exe
2014-02-28 16:17 - 2014-02-28 16:17 - 00000000 _____ () C:\autoexec.bat
2014-02-27 20:29 - 2012-12-20 20:24 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-898774755-496677765-1295066475-1000Core.job
2014-02-26 21:48 - 2014-01-24 13:20 - 00000000 ___RD () C:\Users\Petra\Desktop\ 
2014-02-26 19:24 - 2013-06-12 11:28 - 00000000 ___RD () C:\Users\Petra\Prezentace
2014-02-22 13:15 - 2011-06-08 12:10 - 00000000 ___RD () C:\Users\Petra\Hry
2014-02-21 16:01 - 2010-12-30 11:44 - 00000000 ____D () C:\Users\Petra\AppData\Roaming\skypePM
2014-02-21 15:33 - 2014-02-21 15:33 - 00000000 ____D () C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
2014-02-21 15:33 - 2013-10-26 17:25 - 00000000 ____D () C:\Program Files (x86)\Drakensang Online
2014-02-21 14:45 - 2013-10-12 11:37 - 00000000 ____D () C:\Users\Petra\AppData\Roaming\Wargaming.net
2014-02-21 13:17 - 2013-08-31 10:13 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-02-21 13:17 - 2013-08-31 10:13 - 00000000 ____D () C:\Games
2014-02-20 17:05 - 2013-11-11 15:06 - 00000000 ____D () C:\Counter-Strike 1.6
2014-02-19 18:20 - 2013-09-02 09:52 - 00000000 ____D () C:\Users\Petra\nástroje
2014-02-19 17:15 - 2014-02-19 17:13 - 00000000 ____D () C:\Users\Petra\Documents\honestech DVR
2014-02-19 17:10 - 2011-01-01 18:34 - 00000000 ____D () C:\Users\Petra\AppData\Roaming\XnView
2014-02-19 17:07 - 2014-02-19 17:06 - 00000000 ____D () C:\Program Files (x86)\honestech
2014-02-19 17:07 - 2014-02-19 17:02 - 00000000 ____D () C:\ProgramData\InstallShield
2014-02-19 17:06 - 2010-03-25 22:24 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-19 17:04 - 2014-02-19 17:04 - 00000000 ____D () C:\Program Files (x86)\eEnjoy VIDEO DVR
2014-02-18 19:33 - 2014-02-18 19:33 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w95inf32.dll
2014-02-18 19:33 - 2014-02-18 19:33 - 00002272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w95inf16.dll
2014-02-18 19:33 - 2014-02-18 19:33 - 00000000 ____D () C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2014-02-18 19:33 - 2014-02-18 19:33 - 00000000 ____D () C:\Program Files (x86)\JoWooD
2014-02-18 19:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-02-18 13:13 - 2014-02-18 13:13 - 00001457 _____ () C:\Users\Petra\Sti_Trace.log
2014-02-18 13:13 - 2011-01-01 20:56 - 00000000 ____D () C:\Users\Petra\AppData\Roaming\Epson
2014-02-18 13:13 - 2010-12-24 19:45 - 00000000 ____D () C:\Users\Petra
2014-02-17 19:33 - 2010-12-27 11:53 - 00000000 ____D () C:\Users\Petra\AppData\Roaming\ICQ
2014-02-17 14:48 - 2012-09-16 19:48 - 00000000 ___RD () C:\Users\Petra\filmy
2014-02-17 08:41 - 2010-05-24 00:24 - 00672386 _____ () C:\Windows\system32\perfh005.dat
2014-02-17 08:41 - 2010-05-24 00:24 - 00142950 _____ () C:\Windows\system32\perfc005.dat
2014-02-17 08:41 - 2009-07-14 06:13 - 01593150 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-16 19:11 - 2013-09-04 08:26 - 00000000 ____D () C:\AdwCleaner
2014-02-12 09:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-12 07:23 - 2014-01-13 20:07 - 00003946 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-12 07:23 - 2014-01-13 20:07 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-10 20:28 - 2014-01-22 07:35 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-02-10 20:28 - 2011-09-28 17:30 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-10 20:28 - 2011-09-28 17:30 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-02-10 20:28 - 2011-09-28 17:30 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-10 20:28 - 2011-09-28 17:30 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-10 20:28 - 2011-09-28 17:29 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-10 17:43 - 2014-01-22 10:37 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-02-04 10:45 - 2014-02-04 10:44 - 24821531 _____ (KASTNER software s.r.o. ) C:\Users\Petra\Downloads\du823.exe
2014-02-02 15:09 - 2013-11-11 16:51 - 00000000 ____D () C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-02-02 15:09 - 2010-12-26 21:51 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-02-02 15:08 - 2013-12-04 21:52 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-02 15:07 - 2014-02-02 15:08 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-02 15:07 - 2014-02-02 15:07 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-02 15:07 - 2014-02-02 15:07 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-02 15:07 - 2014-02-02 15:07 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-31 19:40 - 2011-02-16 10:30 - 00000000 ____D () C:\Users\Petra\Documents\GTA San Andreas User Files
2014-01-31 12:13 - 2013-11-19 16:11 - 00000000 ____D () C:\Users\Petra\AppData\Roaming\uTorrent

Files to move or delete:
====================
C:\Users\Petra\GTA.San.Andreas.Multiplayer.0.3c.up.andrew1996.exe


Some content of TEMP:
====================
C:\Users\Petra\AppData\Local\Temp\i4jdel0.exe
C:\Users\Petra\AppData\Local\Temp\i4jdel1.exe
C:\Users\Petra\AppData\Local\Temp\i4jdel2.exe
C:\Users\Petra\AppData\Local\Temp\Quarantine.exe
C:\Users\Petra\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-28 15:03

==================== End Of Log ============================

Re: Prosím o kontrolu logu

Napsal: 28 úno 2014 22:45
od vyosek
Zdravim :)

:arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize
  • Kód: Vybrat vše

    srinfo;
    autoclean;
    emptyclsid;
    shortcutfix;
    iedefaults;
    FFdefaults;
    CHRdefaults;
    process;
    hijackthis;
    startupall;
    filesrcm;
    emptyalltemp;
    resethosts;
    
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: Prosím o kontrolu logu

Napsal: 28 úno 2014 23:42
od George152
Dobrý večer, po kliknutí pravým tl. a Spustit jako správce se pc okamžitě restartuje bez jiné možnosti...

Re: Prosím o kontrolu logu

Napsal: 01 bře 2014 22:45
od vyosek
:arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte