TrojanMC

[rado145]

Dobrý den,dnes mi našel spyware terminátor trojanaMC a nejde se ho zbavit.Prosím o radu.Děkuji

Zde přiložen log: http://uloz.to/xXpA94Yt/log-rar

[Márty84]

Zdravim

Kde ho Terminator hlasi? (nazev souboru i presne umisteni)

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[rado145]

Zdravim

Kde ho Terminator hlasi? (nazev souboru i presne umisteni)

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Zde. http://i57.tinypic.com/sffn7k.png Mimochodem je moc nebezpečný?

[rado145]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.03.22.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16521
radek :: RADEK-PC [administrátor]

Ochrana: Povolena

22.3.2014 10:27:20
mbam-log-2014-03-22 (10-27-20).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 217838
Uplynulý čas: 1 minut, 35 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Márty84]

Nevim jak moc je nebezpecny, ja ho nevytvoril, takze nevim, co vlastne dela

Chtel jsem kompletni kontrolu. Tohle byla jen rychla, ta neprohlizi cely disk. Takze repete

[rado145]

Tak tady to je.
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.03.22.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16521
radek :: RADEK-PC [administrátor]

Ochrana: Povolena

22.3.2014 11:27:35
mbam-log-2014-03-22 (11-27-35).txt

Typ: Kompletní kontrola (C:\|E:\|G:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 342415
Uplynulý čas: 16 minut, 19 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Márty84]

MBAM odinstalujte.


Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

[rado145]

RogueKiller V8.8.12 [Mar 20 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : radek [Práva správce]
Mód : Kontrola -- Datum : 03/22/2014 12:44:33
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) INTEL SSDSA2M080G2GC ATA Device +++++
--- User ---
[MBR] 84ad0d6588188e42c6ce617706386e6c
[BSP] ece3e3e330b6047eef981b6d8bfd91e5 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 76217 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD10EARS-00Y5B1 ATA Device +++++
--- User ---
[MBR] 6e8d33b740dc36a8c69df76eb81eaba6
[BSP] b59c8a9ce3d31fa2eb7eca1650897be3 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 478492 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 979953664 | Size: 475374 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ IDE) WDC WD1500HLFS-01G6U0 ATA Device +++++
--- User ---
[MBR] f9481f3ad50922c1ee12c7b86a774824
[BSP] 4c3736f7c3c0e43e6228e1a95c854000 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 142987 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ IDE) ST3320620AS ATA Device +++++
--- User ---
[MBR] d1b62b9bd0733fa5fa3c03fc0c65b104
[BSP] dfe2a735ae98df2c1e33ddee1d2a59a2 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 152622 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 312571904 | Size: 76311 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 468856832 | Size: 76310 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive4: (\\.\PHYSICALDRIVE4 @ IDE) Hitachi HDP725050GLA360 ATA Device +++++
--- User ---
[MBR] 03053f238927ef078a6fad42c8ff36b1
[BSP] 43e3c2c3a1830aa2fc2f68f699b40289 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097151 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_03222014_124433.txt >>

[Márty84]

Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

[rado145]

RogueKiller V8.8.12 [Mar 20 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : radek [Práva správce]
Mód : Odebrat -- Datum : 03/22/2014 12:59:00
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) INTEL SSDSA2M080G2GC ATA Device +++++
--- User ---
[MBR] 84ad0d6588188e42c6ce617706386e6c
[BSP] ece3e3e330b6047eef981b6d8bfd91e5 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 76217 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD10EARS-00Y5B1 ATA Device +++++
--- User ---
[MBR] 6e8d33b740dc36a8c69df76eb81eaba6
[BSP] b59c8a9ce3d31fa2eb7eca1650897be3 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 478492 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 979953664 | Size: 475374 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ IDE) WDC WD1500HLFS-01G6U0 ATA Device +++++
--- User ---
[MBR] f9481f3ad50922c1ee12c7b86a774824
[BSP] 4c3736f7c3c0e43e6228e1a95c854000 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 142987 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ IDE) ST3320620AS ATA Device +++++
--- User ---
[MBR] d1b62b9bd0733fa5fa3c03fc0c65b104
[BSP] dfe2a735ae98df2c1e33ddee1d2a59a2 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 152622 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 312571904 | Size: 76311 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 468856832 | Size: 76310 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive4: (\\.\PHYSICALDRIVE4 @ IDE) Hitachi HDP725050GLA360 ATA Device +++++
--- User ---
[MBR] 03053f238927ef078a6fad42c8ff36b1
[BSP] 43e3c2c3a1830aa2fc2f68f699b40289 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097151 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_03222014_125900.txt >>
RKreport[0]_S_03222014_124433.txt;RKreport[0]_S_03222014_125856.txt





RogueKiller V8.8.12 [Mar 20 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : radek [Práva správce]
Mód : Oprava HOSTS -- Datum : 03/22/2014 13:00:21
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost


Dokončeno : << RKreport[0]_H_03222014_130021.txt >>
RKreport[0]_D_03222014_125900.txt;RKreport[0]_S_03222014_124433.txt;RKreport[0]_S_03222014_125856.txt

[Márty84]

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

[rado145]

# AdwCleaner v3.022 - Report created 22/03/2014 at 13:59:25
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : radek - RADEK-PC
# Running from : F:\userdata\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : iSafeKrnl
Service Deleted : iSafeNetFilter
[#] Service Deleted : iSafeService

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\Program Files (x86)\iSafe
Folder Deleted : C:\Users\radek\AppData\Roaming\eCyber
Folder Deleted : C:\Users\radek\AppData\Roaming\iSafe

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKLM\Software\Conduit

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v

[ File : C:\Users\radek\AppData\Roaming\Mozilla\Firefox\Profiles\obcmzbxd.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1095 octets] - [22/03/2014 13:58:35]
AdwCleaner[S0].txt - [1006 octets] - [22/03/2014 13:59:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1066 octets] ##########

[Márty84]

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[rado145]

ComboFix 14-03-19.01 - radek 22.03.2014 14:24:50.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8139.6160 [GMT 1:00]
Spuštěný z: f:\userdata\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-02-22 do 2014-03-22 )))))))))))))))))))))))))))))))
.
.
2014-03-22 13:27 . 2014-03-22 13:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-22 12:58 . 2014-03-22 13:03 -------- d-----w- C:\AdwCleaner
2014-03-22 12:37 . 2014-03-17 09:16 10521840 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E204FFA1-64CB-45D2-AB92-2185374558F4}\mpengine.dll
2014-03-22 12:26 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{86EBD7DC-6D7C-43D8-8168-F244D0622EE6}\mpengine.dll
2014-03-22 09:26 . 2014-03-22 09:26 -------- d-----w- c:\programdata\Malwarebytes
2014-03-22 08:07 . 2014-03-22 08:13 -------- d-----w- c:\program files\trend micro
2014-03-22 08:07 . 2014-03-22 08:12 -------- d-----w- C:\rsit
2014-03-22 07:47 . 2014-03-22 08:03 -------- d-----w- C:\FRST
2014-03-22 07:22 . 2014-03-22 07:22 -------- d-----w- c:\windows\system32\log
2014-03-22 07:22 . 2014-03-22 13:00 -------- d-----w- c:\program files (x86)\iSafe
2014-03-21 07:47 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-03-20 20:45 . 2014-03-20 20:45 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2014-03-20 20:45 . 2014-03-20 20:45 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-03-20 07:45 . 2014-03-06 22:08 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{486CB923-87DE-4EE5-926D-A163095D8E19}\gapaengine.dll
2014-03-18 13:37 . 2014-03-18 13:37 -------- d-----w- c:\programdata\ATI
2014-03-18 13:36 . 2014-03-18 13:36 -------- d-----w- c:\program files (x86)\AMD AVT
2014-03-18 13:36 . 2014-03-18 13:36 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2014-03-18 13:34 . 2014-03-18 13:34 -------- d-----w- c:\program files (x86)\ATI Technologies
2014-03-18 13:33 . 2014-03-18 13:36 -------- d-----w- c:\program files\ATI Technologies
2014-03-18 08:25 . 2014-03-22 07:27 -------- d-----w- c:\program files (x86)\Raptr
2014-03-16 08:53 . 2014-03-16 08:53 -------- d-----w- c:\program files (x86)\Webteh
2014-03-15 18:11 . 2014-03-15 18:11 -------- d-----w- c:\windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP
2014-03-15 18:11 . 2014-03-15 18:11 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2014-03-15 11:38 . 2014-03-15 11:38 -------- d-----w- c:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2014-03-12 18:26 . 2014-03-20 20:42 111928 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-03-12 18:26 . 2014-03-20 20:42 75064 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-03-12 16:06 . 2014-03-12 16:06 273632 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2014-03-12 16:04 . 2014-03-12 16:04 13929984 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2014-03-12 15:50 . 2014-03-12 15:50 230912 ----a-w- c:\windows\system32\clinfo.exe
2014-03-12 15:49 . 2014-03-12 15:49 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2014-03-12 15:49 . 2014-03-12 15:49 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2014-03-12 15:49 . 2014-03-12 15:49 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2014-03-12 15:49 . 2014-03-12 15:49 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2014-03-12 15:49 . 2014-03-12 15:49 28425216 ----a-w- c:\windows\system32\amdocl64.dll
2014-03-12 15:47 . 2014-03-12 15:47 23903744 ----a-w- c:\windows\SysWow64\amdocl.dll
2014-03-12 15:44 . 2014-03-12 15:44 65024 ----a-w- c:\windows\system32\OpenCL.dll
2014-03-12 15:44 . 2014-03-12 15:44 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-03-12 15:27 . 2014-03-12 15:27 27490304 ----a-w- c:\windows\system32\atio6axx.dll
2014-03-12 15:24 . 2014-03-12 15:24 368640 ----a-w- c:\windows\system32\atiapfxx.exe
2014-03-12 15:24 . 2014-03-12 15:24 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2014-03-12 15:24 . 2014-03-12 15:24 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2014-03-12 15:24 . 2014-03-12 15:24 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2014-03-12 15:24 . 2014-03-12 15:24 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2014-03-12 15:23 . 2014-03-12 15:23 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2014-03-12 15:20 . 2014-03-12 15:20 126464 ----a-w- c:\windows\system32\mantle64.dll
2014-03-12 15:20 . 2014-03-12 15:20 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2014-03-12 15:20 . 2014-03-12 15:20 113152 ----a-w- c:\windows\SysWow64\mantle32.dll
2014-03-12 15:19 . 2014-03-12 15:19 5393408 ----a-w- c:\windows\system32\amdmantle64.dll
2014-03-12 15:07 . 2014-03-12 15:07 23108608 ----a-w- c:\windows\SysWow64\atioglxx.dll
2014-03-12 15:06 . 2014-03-12 15:06 4319744 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2014-03-12 15:03 . 2014-03-12 15:03 442368 ----a-w- c:\windows\system32\atidemgy.dll
2014-03-12 15:03 . 2014-03-12 15:03 31232 ----a-w- c:\windows\system32\atimuixx.dll
2014-03-12 15:03 . 2014-03-12 15:03 586240 ----a-w- c:\windows\system32\atieclxx.exe
2014-03-12 15:02 . 2014-03-12 15:02 240128 ----a-w- c:\windows\system32\atiesrxx.exe
2014-03-12 15:00 . 2014-03-12 15:00 190976 ----a-w- c:\windows\system32\atitmm64.dll
2014-03-12 14:53 . 2014-03-12 14:53 81920 ----a-w- c:\windows\system32\mantleaxl64.dll
2014-03-12 14:53 . 2014-03-12 14:53 79360 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2014-03-12 14:50 . 2014-03-12 14:50 44544 ----a-w- c:\windows\system32\amdmmcl6.dll
2014-03-12 14:50 . 2014-03-12 14:50 35840 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2014-03-12 14:34 . 2014-03-12 14:34 806912 ----a-w- c:\windows\system32\coinst_13.350.dll
2014-03-12 14:26 . 2014-03-12 14:26 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2014-03-12 14:26 . 2014-03-12 14:26 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2014-03-12 14:26 . 2014-03-12 14:26 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2014-03-12 14:26 . 2014-03-12 14:26 146432 ----a-w- c:\windows\system32\atig6txx.dll
2014-03-12 14:25 . 2014-03-12 14:25 133120 ----a-w- c:\windows\SysWow64\atigktxx.dll
2014-03-12 14:25 . 2014-03-12 14:25 636928 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2014-03-12 14:24 . 2014-03-12 14:24 95744 ----a-w- c:\windows\system32\amdave64.dll
2014-03-12 14:24 . 2014-03-12 14:24 90112 ----a-w- c:\windows\SysWow64\amdave32.dll
2014-03-12 14:24 . 2014-03-12 14:24 89088 ----a-w- c:\windows\system32\atisamu64.dll
2014-03-12 14:24 . 2014-03-12 14:24 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
2014-03-12 14:20 . 2014-03-12 14:20 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2014-03-12 11:00 . 2014-03-12 11:00 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2014-03-12 10:55 . 2014-03-12 10:55 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
2014-03-12 10:36 . 2014-03-12 10:36 357376 ----a-w- c:\windows\system32\amdacpusl.dll
2014-03-12 10:36 . 2014-03-12 10:36 242688 ----a-w- c:\windows\SysWow64\amdacpusl.dll
2014-03-12 08:15 . 2014-03-12 08:15 -------- d-----w- c:\program files (x86)\Ubisoft
2014-03-10 19:04 . 2008-07-12 07:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2014-03-10 19:04 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2014-03-10 19:04 . 2008-07-12 07:18 540688 ----a-w- c:\windows\system32\d3dx10_39.dll
2014-03-10 19:04 . 2008-07-12 07:18 1942552 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2014-03-10 19:04 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2014-03-10 19:04 . 2008-07-12 07:18 4992520 ----a-w- c:\windows\system32\D3DX9_39.dll
2014-03-09 19:47 . 2014-03-09 20:03 -------- d-----w- c:\program files (x86)\Google
2014-03-09 19:33 . 2014-03-20 12:57 -------- d-----w- c:\program files (x86)\Opera
2014-03-09 15:28 . 2014-03-09 15:28 -------- d-----w- c:\programdata\EA Core
2014-03-09 15:28 . 2014-03-17 20:00 -------- d-----w- c:\programdata\EA Logs
2014-03-09 13:07 . 2014-03-09 13:07 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-03-09 12:56 . 2014-03-09 13:08 -------- d-----w- c:\program files (x86)\Microsoft Works
2014-03-09 12:55 . 2014-03-09 12:55 -------- d-----w- c:\windows\PCHEALTH
2014-03-09 12:54 . 2014-03-09 12:54 -------- d-----w- c:\program files\Microsoft Office
2014-03-09 12:54 . 2014-03-09 12:54 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2014-03-09 12:53 . 2014-03-14 13:30 -------- d-----w- c:\programdata\Microsoft Help
2014-03-09 12:53 . 2014-03-09 12:53 -------- d-----r- C:\MSOCache
2014-03-09 09:59 . 2014-03-09 09:59 -------- d-----w- c:\windows\High Quality Cinema ENB Series for Mass Effect 3
2014-03-09 09:28 . 2014-03-09 09:28 -------- d-----w- c:\windows\46ED2B6485C74E1F920CA555B21F2E4C.TMP
2014-03-09 08:27 . 2014-03-15 20:07 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-03-08 20:11 . 2014-03-20 09:12 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2014-03-08 15:00 . 2014-03-18 14:02 -------- d-----w- C:\AIDA64.4.00.2766_softarchive.net
2014-03-08 14:53 . 2014-03-08 14:53 -------- d-----w- C:\SteamLibrary
2014-03-08 12:48 . 2014-03-08 12:48 -------- d-----w- c:\program files (x86)\VideoLAN
2014-03-08 12:12 . 2014-03-21 07:31 11776 ----a-w- c:\windows\system32\ardnat.exe
2014-03-08 12:12 . 2014-03-08 12:12 -------- d-----w- c:\program files\Ainvo
2014-03-08 09:11 . 2014-03-06 22:08 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-03-07 20:55 . 2014-03-15 19:54 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-03-07 20:55 . 2014-03-20 20:42 794408 ----a-w- c:\windows\SysWow64\pbsvc.exe
2014-03-07 15:10 . 2014-03-07 15:10 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-03-07 12:43 . 2014-03-07 12:43 -------- d-----w- c:\program files (x86)\Origin Games
2014-03-07 11:54 . 2014-03-07 11:54 -------- d-----w- c:\program files (x86)\Dell
2014-03-07 11:41 . 2014-03-07 11:50 -------- d-----w- c:\program files (x86)\Diablo III
2014-03-07 11:39 . 2014-03-07 11:51 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
2014-03-07 11:39 . 2014-03-07 11:39 -------- d-----w- c:\programdata\Blizzard Entertainment
2014-03-07 11:38 . 2014-03-07 11:38 -------- d-----w- c:\programdata\Battle.net
2014-03-07 10:23 . 2014-03-07 10:23 -------- d-----w- c:\program files\CPUID
2014-03-07 09:29 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-03-07 09:29 . 2013-12-21 08:56 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-03-07 09:28 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2014-03-07 09:28 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2014-03-07 09:28 . 2013-12-24 23:09 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-03-07 09:28 . 2013-12-24 22:48 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-03-07 09:28 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2014-03-07 09:28 . 2013-11-22 22:48 3928064 ----a-w- c:\windows\system32\d2d1.dll
2014-03-07 09:28 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-03-07 09:28 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
2014-03-07 09:28 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2014-03-07 09:28 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-12 14:27 . 2013-12-06 20:22 1148416 ----a-w- c:\windows\system32\atiadlxx.dll
2014-03-12 14:26 . 2013-12-06 20:22 828416 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2014-03-07 09:15 . 2014-03-07 09:15 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-03-07 09:15 . 2014-03-07 09:15 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-03-07 07:48 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-03-07 07:48 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-03-06 22:29 . 2011-03-28 17:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"="c:\program files (x86)\OSCAR Editor X7\OscarEditor.exe" [2012-03-20 3340288]
"OscarKeyboard"="c:\program files (x86)\X7 Oscar Keyboard Editor\OscarEditor.exe" [2010-12-24 3536896]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"RadeonPro"="c:\program files (x86)\RadeonPro\RadeonPro.exe" [2013-11-04 2195584]
"MtdAcqu"="c:\program files (x86)\Creative\MediaSource5\MtdAcqu.exe" [2006-03-08 278528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"RCSystem"="c:\program files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" [2006-11-22 57344]
"AudioDrvEmulator"="c:\program files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" [2006-11-22 57344]
"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2006-12-06 180224]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-03-12 767200]
"CTxfiHlp"="CTXFIHLP.EXE" [2011-08-22 25600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Display Manager.lnk - c:\program files (x86)\Dell\Dell Display Manager\ddm.exe [2014-3-7 576656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 ASGT;ASGT;c:\windows\SysWOW64\ASGT.exe;c:\windows\SysWOW64\ASGT.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 amdacpksd;ACP Kernel Service Driver;c:\windows\system32\drivers\amdacpksd.sys;c:\windows\SYSNATIVE\drivers\amdacpksd.sys [x]
S2 amdacpusrsvc;ACP User Service;c:\amd\amdacpusrsvc.exe;c:\amd\amdacpusrsvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 RadeonPro Support Service;RadeonPro Support Service;c:\program files (x86)\RadeonPro\RadeonProSupport.exe;c:\program files (x86)\RadeonPro\RadeonProSupport.exe [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
S3 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys;c:\windows\SYSNATIVE\drivers\IOMap64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\radek\AppData\Local\Temp\tmp5502.tmp;c:\users\radek\AppData\Local\Temp\tmp5502.tmp [x]
S3 XENfiltv;XENfiltv;c:\windows\system32\drivers\XENfiltv.sys;c:\windows\SYSNATIVE\drivers\XENfiltv.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WINRING0_1_2_0
.
Obsah adresáře 'Naplánované úlohy'
.
2014-03-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-06 10:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2013-10-22 2777736]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2013-10-22 3684488]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-iSafe - c:\program files (x86)\iSafe\uninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\Pbsvc.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinRing0_1_2_0]
"ImagePath"="\??\c:\users\radek\AppData\Local\Temp\tmp5502.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1623278216-665100827-287208642-1000\Software\SecuROM\License information*]
"datasecu"=hex:1c,4f,eb,30,db,9b,f5,32,0c,3d,76,cd,41,0a,1a,47,be,52,5c,a2,1b,
9c,c5,d6,6a,5e,e7,de,18,9e,79,a1,9a,3a,18,4e,a8,1c,fa,1f,59,30,1c,45,45,e2,\
"rkeysecu"=hex:52,7e,f1,e5,90,ab,f4,7b,2e,ee,17,8f,be,1e,24,d1
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-03-22 14:28:03
ComboFix-quarantined-files.txt 2014-03-22 13:28
.
Před spuštěním: Volných bajtů: 17 397 760 000
Po spuštění: Volných bajtů: 17 245 601 792
.
- - End Of File - - 04F4261D42E616A35A4B9D170BD4BEC4
A36C5E4F47E84449FF07ED3517B43A31

[rado145]

Oznamuji, že spyware terminátor nic nenašel je to pryč. Moc děkuji za pomoc!