nalezen vir

[OTAZ]

Dobrý den antivirový program mě našel vir a uložil do karantény.Na ploše se mě ted objevuje že tento soubor chybí.
C:\Users\DOMA\AppData\Local\Temp\mdi064.dll"Mohly by jste mě poradit co s tím.Předem děkuji OTAS

[OTAZ]

Logfile of random's system information tool 1.09 (written by random/random)
Run by DOMA at 2014-01-26 16:00:34
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 397 GB (83%) free of 477 GB
Total RAM: 4048 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:00:38, on 26.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\DOMA.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.12\PriceGongIE.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\DOMA\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [tsiVideo] C:\Windows\SysWOW64\rundll32.exe C:\Users\DOMA\AppData\Local\Temp\\mdi064.dll,runme
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1482381698-2929903929-1953463437-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1482381698-2929903929-1953463437-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: Zjišťování interaktivních služeb (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8444 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Windows\SysWOW64\rundll32.exe" "C:\Users\DOMA\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\SysWOW64\ssins.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
C:\Windows\system32\viakaraokesrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:1292
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ae8c79c8-bac7-489a-838f-c0bbe3a4159b -SystemEventPortName:HostProcess-0c029c0e-8d27-4b3e-9b18-43dea111b1d7 -IoCancelEventPortName:HostProcess-1e8932ca-939e-49af-9d64-0c2461b67820 -NonStateChangingEventPortName:HostProcess-59dd3fe4-b8e7-4f2a-940a-22d15c21d28b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8b904761-9ed1-4cb1-909f-211fb00da2c7 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\UI0Detect.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
taskhost.exe $(Arg0)
"C:\Users\DOMA\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cef72f870d0911.job

=========Mozilla firefox=========

ProfilePath - C:\Users\DOMA\AppData\Roaming\Mozilla\Firefox\Profiles\3amwd1fg.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=Quicksearch_12454&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\DOMA\AppData\Roaming\Mozilla\Firefox\Profiles\3amwd1fg.default\extensions\
cs@dictionaries.addons.mozilla.org
foxmarks@kei.com
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\DOMA\AppData\Roaming\Mozilla\Firefox\Profiles\3amwd1fg.default\searchplugins\
firmycz.xml
mapycz.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}]
PriceGong - Price Comparison - C:\Program Files (x86)\PriceGong\2.6.12\PriceGongIE.dll [2013-11-13 457056]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14 175776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-09-25 462248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-09-25 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14 4372120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5618456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NextLive"=C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]
"tsiVideo"=C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
C:\Users\DOMA\AppData\Roaming\BitTorrent\BitTorrent.exe /MINIMIZED []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2726728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\DOMA\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\DOMA\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp]
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2013-07-09 1093464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-02-09 5015040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2013-12-13 831488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2013-12-13 831488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uninst.exe]
"Debugger=""C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-01-26 16:00:35 ----D---- C:\Program Files\trend micro
2014-01-26 16:00:34 ----D---- C:\rsit
2014-01-26 15:34:04 ----D---- C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-22 20:28:05 ----D---- C:\Users\DOMA\AppData\Roaming\Malwarebytes
2014-01-22 20:27:29 ----D---- C:\ProgramData\Malwarebytes
2014-01-22 20:27:27 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-22 20:02:39 ----D---- C:\Program Files (x86)\ESET
2014-01-22 19:57:17 ----SHD---- C:\Config.Msi
2014-01-22 18:45:29 ----A---- C:\autoexec.bat
2014-01-22 18:45:08 ----D---- C:\Program Files\Enigma Software Group
2014-01-21 12:59:12 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2014-01-21 12:59:12 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-01-21 12:59:12 ----A---- C:\Windows\system32\drivers\usbohci.sys
2014-01-21 12:59:12 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-01-21 12:59:12 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-01-21 12:59:12 ----A---- C:\Windows\system32\drivers\usbd.sys
2014-01-21 12:59:12 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-01-21 12:59:11 ----A---- C:\Windows\system32\win32k.sys
2014-01-21 12:59:04 ----A---- C:\Windows\system32\drivers\netio.sys
2014-01-11 19:15:24 ----D---- C:\Users\DOMA\AppData\Roaming\20253
2014-01-11 19:12:10 ----D---- C:\Users\DOMA\AppData\Roaming\19620
2014-01-06 16:43:35 ----A---- C:\Users\DOMA\AppData\Roaming\pcouffin.sys
2014-01-06 16:43:35 ----A---- C:\Users\DOMA\AppData\Roaming\inst.exe
2014-01-06 16:43:34 ----D---- C:\Users\DOMA\AppData\Roaming\Vso
2014-01-06 16:43:29 ----D---- C:\ProgramData\VSO
2014-01-06 16:43:29 ----D---- C:\Program Files (x86)\VSO
2013-12-31 15:07:51 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2013-12-31 15:07:51 ----A---- C:\Windows\system32\TURegOpt.exe
2013-12-31 15:07:51 ----A---- C:\Windows\system32\authuitu.dll
2013-12-31 15:06:53 ----D---- C:\Program Files (x86)\AVG
2013-12-31 14:35:29 ----ASH---- C:\hiberfil.sys
2013-12-30 17:40:06 ----D---- C:\Users\DOMA\AppData\Roaming\23700
2013-12-27 18:25:14 ----D---- C:\ProgramData\QuickSet
2013-12-27 17:40:34 ----D---- C:\Users\DOMA\AppData\Roaming\AVG
2013-12-27 17:38:40 ----D---- C:\ProgramData\AVG
2013-12-27 17:38:21 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-12-27 17:38:21 ----HD---- C:\ProgramData\Common Files

======List of files/folders modified in the last 1 month======

2014-01-26 16:00:35 ----RD---- C:\Program Files
2014-01-26 16:00:35 ----D---- C:\Windows\Temp
2014-01-26 15:44:27 ----D---- C:\Users\DOMA\AppData\Roaming\newnext.me
2014-01-26 15:42:44 ----D---- C:\Windows\system32\config
2014-01-26 15:40:33 ----D---- C:\Windows
2014-01-26 15:34:27 ----SHD---- C:\Windows\Installer
2014-01-26 15:34:25 ----D---- C:\Windows\system32\Tasks
2014-01-26 15:34:11 ----D---- C:\Windows\system32\drivers
2014-01-26 15:34:11 ----D---- C:\Windows\inf
2014-01-26 15:33:56 ----SHD---- C:\System Volume Information
2014-01-26 15:33:25 ----D---- C:\Users\DOMA\AppData\Roaming\uTorrent
2014-01-26 15:31:34 ----D---- C:\Windows\Tasks
2014-01-26 15:31:34 ----D---- C:\Windows\system32\wfp
2014-01-26 15:31:34 ----D---- C:\Windows\system32\DriverStore
2014-01-26 15:31:33 ----D---- C:\Windows\system32\wbem
2014-01-26 15:30:52 ----D---- C:\Windows\SysWOW64
2014-01-26 15:30:52 ----D---- C:\Windows\system32\CodeIntegrity
2014-01-26 15:30:52 ----D---- C:\Windows\system32\catroot2
2014-01-26 15:30:52 ----D---- C:\Windows\System32
2014-01-26 15:30:51 ----D---- C:\Windows\AppCompat
2014-01-26 15:30:49 ----D---- C:\Program Files\CCleaner
2014-01-26 15:30:49 ----D---- C:\Program Files (x86)\PriceGong
2014-01-26 15:30:48 ----D---- C:\Windows\registration
2014-01-26 15:30:35 ----D---- C:\Users\DOMA\AppData\Roaming\Adobe
2014-01-26 15:30:29 ----HD---- C:\ProgramData
2014-01-26 15:30:25 ----RD---- C:\Program Files (x86)
2014-01-26 15:18:28 ----D---- C:\Windows\Prefetch
2014-01-24 12:45:12 ----D---- C:\Windows\SoftwareDistribution
2014-01-23 17:17:17 ----D---- C:\Windows\debug
2014-01-22 19:12:32 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-01-22 18:44:35 ----D---- C:\Program Files (x86)\Common Files
2014-01-21 16:31:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-21 13:03:12 ----D---- C:\Windows\winsxs
2014-01-21 13:00:30 ----D---- C:\ProgramData\Microsoft Help
2014-01-21 12:59:08 ----D---- C:\Windows\system32\catroot
2014-01-16 12:33:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-01-12 18:14:45 ----D---- C:\Program Files (x86)\DVDFab 9
2014-01-07 16:35:02 ----SHD---- C:\$Recycle.Bin
2014-01-07 15:20:58 ----D---- C:\ProgramData\CanonIJPLM
2014-01-06 17:24:55 ----D---- C:\ProgramData\vsosdk
2014-01-02 16:46:35 ----D---- C:\Windows\system32\FxsTmp
2013-12-31 15:40:56 ----SD---- C:\ProgramData\Microsoft
2013-12-31 15:28:51 ----A---- C:\Windows\SYSWOW64\log.txt
2013-12-31 14:47:51 ----D---- C:\Program Files (x86)\Ashampoo
2013-12-30 23:08:13 ----D---- C:\ProgramData\Ashampoo
2013-12-30 21:15:08 ----D---- C:\Windows\Panther
2013-12-29 08:07:55 ----D---- C:\Program Files\WinRAR
2013-12-28 21:55:20 ----D---- C:\Users\DOMA\AppData\Roaming\Ashampoo
2013-12-27 18:25:13 ----D---- C:\ProgramData\InstallMate

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-10-06 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-02 62784]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-06-12 726160]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2013-08-21 14112]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-11-11 2182768]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-09-12 1337752]
R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-07-09 219480]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 878368]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-19 1259296]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2013-10-02 2324216]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2013-08-30 2099512]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-11-11 27760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-16 257928]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-13 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-17 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-21 116648]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-21 116648]
S4 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
S4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
S4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
S4 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S4 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]

-----------------EOF-----------------

[OTAZ]

Ještě je v karanteně toto.
"C:\Users\DOMA\AppData\Local\Temp\Rar$EXa0.734\Spyhunter_keygen.exe"Jako trojský kun Kryptik BTZL

[Márty84]

Zdravim

Vidi, tam MBAM. Delal jste uplnou kontrolu?
Pokud ne, udelejte ji a dejte sem vysledky. Predem nic nemazte.
Pokud ano, spustte ho a v zalozce protokoly si nechte zobrazit posledni log a zkopirujte mi sem vysledky

[OTAZ]

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.01.26.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
DOMA :: DOMA-PC [administrátor]

Ochrana: Povolena

26.1.2014 16:35:44
MBAM-log-2014-01-26 (17-12-57).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 362995
Uplynulý čas: 36 minut, 31 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 1
C:\Users\DOMA\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.

Nalezené klíče v registru: 20
HKCR\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692} (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71} (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{1631550F-191D-4826-B069-D9439253D926} (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
HKCR\PriceFactorIE.PriceGongBHO.1 (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
HKCR\PriceFactorIE.PriceGongBHO (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926} (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926} (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB} (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
HKCR\PriceGongIE.PriceGongCtrl.1 (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
HKCR\PriceGongIE.PriceGongCtrl (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UNINST.EXE (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
HKCR\AppID\PriceGongIE.DLL (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\InstalledBrowserExtensions\installdaddy (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\1ClickMovieDownloader V6 (PUP.Optional.1ClickMovieDownloader.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk (PUP.Optional.Gophoto.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\Windows\SysWOW64\rundll32.exe "C:\Users\DOMA\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\PriceGong\2.6.12 (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Users\DOMA\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\DOMA\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\DOMA\AppData\Local\Local_Weather_LLC (PUP.Optional.WeatherAlerts) -> Nebyla provedena žádná instrukce.
C:\Users\DOMA\AppData\Local\Local_Weather_LLC\WeatherAlerts.exe_Url_avthnjuktwfquxpemikqinqu1tkrze0z (PUP.Optional.WeatherAlerts) -> Nebyla provedena žádná instrukce.
C:\Users\DOMA\AppData\Local\Local_Weather_LLC\WeatherAlerts.exe_Url_avthnjuktwfquxpemikqinqu1tkrze0z\1.4.0.0 (PUP.Optional.WeatherAlerts) -> Nebyla provedena žádná instrukce.
C:\Users\DOMA\AppData\Local\WeatherAlerts (PUP.Optional.WeatherAlerts) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 20
C:\Program Files (x86)\PriceGong\2.6.12\PriceGongIE.dll (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\PriceGong\uninst.exe (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Users\DOMA\AppData\Local\Application Data\Bundled software uninstaller\bi_client.exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Users\DOMA\AppData\Local\Temp\iswizard05\dwm.exe (PUP.Optional.Primeminer) -> Nebyla provedena žádná instrukce.
C:\Users\DOMA\AppData\Local\Temp\iswizard05\iswizard.7z (PUP.Optional.Primeminer) -> Nebyla provedena žádná instrukce.
C:\Users\DOMA\Desktop\Táta\Nová složka\odemčení map garmin + návod\garmin unlock generator v1.5.exe (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
C:\Windows\Setup\SCRIPTS\Windows7Loader.exe (Trojan.Agent.W) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong\PriceGong Homepage.lnk (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong\PriceGong Contact Us.lnk (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong\PriceGong Help.lnk (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong\Uninstall PriceGong.lnk (PUP.Optional.PriceGong.A) -> Nebyla provedena žádná instrukce.
C:\Users\DOMA\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\DOMA\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\DOMA\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\DOMA\AppData\Local\Local_Weather_LLC\WeatherAlerts.exe_Url_avthnjuktwfquxpemikqinqu1tkrze0z\1.4.0.0\user.config (PUP.Optional.WeatherAlerts) -> Nebyla provedena žádná instrukce.
C:\Users\DOMA\AppData\Local\WeatherAlerts\ICSharpCode.SharpZipLib.dll (PUP.Optional.WeatherAlerts) -> Nebyla provedena žádná instrukce.
C:\Users\DOMA\AppData\Local\WeatherAlerts\uninstall.exe (PUP.Optional.WeatherAlerts) -> Nebyla provedena žádná instrukce.
C:\Users\DOMA\AppData\Local\WeatherAlerts\WAUpdater.exe (PUP.Optional.WeatherAlerts) -> Nebyla provedena žádná instrukce.
C:\Users\DOMA\AppData\Local\WeatherAlerts\WeatherAlerts.exe (PUP.Optional.WeatherAlerts) -> Nebyla provedena žádná instrukce.
C:\Users\DOMA\AppData\Local\WeatherAlerts\WeatherAlerts.exe.config (PUP.Optional.WeatherAlerts) -> Nebyla provedena žádná instrukce.

(konec)

[Márty84]

Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste, zda neco nasel. Podle toho zvolim dalsi postup.

[OTAZ]

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.01.26.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
DOMA :: DOMA-PC [administrátor]

Ochrana: Povolena

26.1.2014 17:23:55
mbam-log-2014-01-26 (17-23-55).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 363013
Uplynulý čas: 33 minut, 11 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Márty84]

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

[OTAZ]

# AdwCleaner v3.017 - Report created 26/01/2014 at 18:17:20
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : DOMA - DOMA-PC
# Running from : C:\Users\DOMA\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\DOMA\AppData\Roaming\Mozilla\Firefox\Profiles\3amwd1fg.default\user.js
Folder Found : C:\Users\DOMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Folder Found C:\Program Files (x86)\Mobogenie
Folder Found C:\Program Files (x86)\PriceGong
Folder Found C:\ProgramData\QuickSet
Folder Found C:\Users\DOMA\AppData\Local\cool_mirage
Folder Found C:\Users\DOMA\AppData\Local\genienext
Folder Found C:\Users\DOMA\AppData\Local\Mobogenie
Folder Found C:\Users\DOMA\AppData\LocalLow\PriceGong
Folder Found C:\Users\DOMA\Documents\Mobogenie

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\BI
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\installedbrowserextensions
Key Found : HKCU\Software\Optimizer Pro
Key Found : [x64] HKCU\Software\BI
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\installedbrowserextensions
Key Found : [x64] HKCU\Software\Optimizer Pro
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\DOMA\AppData\Roaming\Mozilla\Firefox\Profiles\3amwd1fg.default\prefs.js ]

Line Found : user_pref("CT3225826_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1374082659978,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Found : user_pref("extensions.crossrider.bic", "143125f2ec64271ee50a5ee170a2d2a4");
Line Found : user_pref("smartbar.machineId", "FTKSOSZN0RB9FX0IAXQP6RCHB85OCUVGNG9SWPICEG5G/QR4Z3B2HT8IOYEAIC+2UCFQUQ00A1AWJVTDGBV2RA");

-\\ Google Chrome v32.0.1700.76

[ File : C:\Users\DOMA\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2421 octets] - [26/01/2014 18:17:20]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2481 octets] ##########

[Márty84]

MBAM odinstalujte.

Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.
Tentokrat kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zase zkopirujte.

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

[OTAZ]

když jsem spustil program ADWCLEANER tak tlačítko Clean a report už je zapnuté Jak přibližně trvá dlouho sken?

[OTAZ]

# AdwCleaner v3.017 - Report created 26/01/2014 at 20:19:51
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : DOMA - DOMA-PC
# Running from : C:\Users\DOMA\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\QuickSet
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\PriceGong
Folder Deleted : C:\Users\DOMA\AppData\Local\cool_mirage
Folder Deleted : C:\Users\DOMA\AppData\Local\genienext
Folder Deleted : C:\Users\DOMA\AppData\Local\Mobogenie
Folder Deleted : C:\Users\DOMA\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\DOMA\Documents\Mobogenie
Folder Deleted : C:\Users\DOMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
File Deleted : C:\Users\DOMA\AppData\Roaming\Mozilla\Firefox\Profiles\3amwd1fg.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\DOMA\AppData\Roaming\Mozilla\Firefox\Profiles\3amwd1fg.default\prefs.js ]

Line Deleted : user_pref("CT3225826_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1374082659978,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("extensions.crossrider.bic", "143125f2ec64271ee50a5ee170a2d2a4");
Line Deleted : user_pref("smartbar.machineId", "FTKSOSZN0RB9FX0IAXQP6RCHB85OCUVGNG9SWPICEG5G/QR4Z3B2HT8IOYEAIC+2UCFQUQ00A1AWJVTDGBV2RA");

-\\ Google Chrome v32.0.1700.76

[ File : C:\Users\DOMA\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2302 octets] - [26/01/2014 20:19:26]
AdwCleaner[S0].txt - [2194 octets] - [26/01/2014 20:19:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2254 octets] ##########

[OTAZ]

RogueKiller V8.8.3 [Jan 24 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : DOMA [Práva správce]
Mód : Kontrola -- Datum : 01/26/2014 20:31:44
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : tsiVideo (C:\Windows\SysWOW64\rundll32.exe C:\Users\DOMA\AppData\Local\Temp\\mdi064.dll,runme [7][x]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1482381698-2929903929-1953463437-1000\[...]\Run : tsiVideo (C:\Windows\SysWOW64\rundll32.exe C:\Users\DOMA\AppData\Local\Temp\\mdi064.dll,runme [7][x]) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5000AAKX-00ERMA0 ATA Device +++++
--- User ---
[MBR] 2c14711551e26e1b7d0e28786093f08b
[BSP] 1fcb73c66dfbc51c854628e015723e8e : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 313 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 642600 | Size: 476623 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_01262014_203144.txt >>

[Márty84]

Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

[OTAZ]

RogueKiller V8.8.3 [Jan 24 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : DOMA [Práva správce]
Mód : Odebrat -- Datum : 01/27/2014 12:38:19
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5000AAKX-00ERMA0 ATA Device +++++
--- User ---
[MBR] 2c14711551e26e1b7d0e28786093f08b
[BSP] 1fcb73c66dfbc51c854628e015723e8e : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 313 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 642600 | Size: 476623 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_01272014_123819.txt >>
RKreport[0]_D_01272014_123658.txt;RKreport[0]_S_01262014_203144.txt;RKreport[0]_S_01272014_123654.txt
RKreport[0]_S_01272014_123801.txt