Zdravím,
chtěl bych poprosit jednoho z odborníků o kontrolu logu, který mi vyhodil Combofix, po tom co jsem urputně odstraňoval čínské nesmysly, které se mi natáhly do PC s jiným zájmovým programem. Předem děkuji za rady a pomoc.
Log:
ComboFix 16-02-29.01 - VSB 29.02.2016 11:44:21.1.16 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.65439.60124 [GMT 1:00]
Spuštěný z: f:\download\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
SP: Microsoft Security Essentials *Disabled/Updated* {CDE0C533-D3CD-62A1-E772-AFADDF863628}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\ar\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\bg\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\ca\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\cs\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\da\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\de\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\el\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\en\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\es\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\fi\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\fr\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\gu\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\he\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\hr\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\hu\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\id\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\it\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\ja\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\ko\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\nb\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\nl\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\pl\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\pt_BR\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\pt_PT\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\ro\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\ru\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\sk\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\sl\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\sr\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\sv\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\tr\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\uk\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\vi\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\zh_CN\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_locales\zh_TW\messages.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_metadata\computed_hashes.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\_metadata\verified_contents.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\adblock_safari_beforeload.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\adblock_safari_contentblocking.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\adblock_start_common.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\adblock_start_chrome.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\background.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\bandaids.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\button\popup.css
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\button\popup.html
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\button\popup.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\datacollection.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\dropbox-datastores.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\filtering\declarativewebrequest.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\filtering\domainset.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\filtering\filternormalizer.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\filtering\filteroptions.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\filtering\filterset.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\filtering\filtertypes.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\filtering\myfilters.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\functions.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\gab_question.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\CHANGELOG.txt
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\checkupdates.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\chrome_oauth_receiver.html
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\chrome_oauth_receiver.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\idlehandler.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\delete.gif
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\dropbox1.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\dropbox2.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\dropbox3.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\facebook-sprite.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\gplus-sprite.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon128.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon16.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon16_grayscale.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon16_grayscale@2x.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon19-grayscale.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon19-whitelisted.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon19.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon24.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon32.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon38-grayscale.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon38-whitelisted.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon38.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\icon48.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\loader.gif
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\logo.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\search\check.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\search\magnifying_glass.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\search\search-engine-card_no-shadow.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\search\search-engine-icons.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\search\search-omnibox-card_no-shadow.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\search\search_engine_select_arrow.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\img\twitter-sprite.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\images\ui-bg_flat_55_999999_40x100.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\images\ui-bg_flat_75_aaaaaa_40x100.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\images\ui-bg_glass_45_0078ae_1x400.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\images\ui-bg_glass_55_f8da4e_1x400.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\images\ui-bg_glass_75_79c9ec_1x400.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\images\ui-bg_gloss-wave_50_38cfff_500x100.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\images\ui-bg_gloss-wave_75_2191c0_500x100.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\images\ui-bg_inset-hard_100_fcfdfd_1x100.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\images\ui-icons_056b93_256x240.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\images\ui-icons_d8e7f3_256x240.png
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\jquery-ui.custom.css
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\css\override-page.css
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\jquery-ui.custom.min.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\jquery.cookie.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\jquery\jquery.min.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\LICENSE
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\manifest.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\notificationoverlay.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\bug-report.html
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\bug-report.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\customize.html
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\customize.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\filters.html
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\filters.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\general.html
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\general.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\index.html
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\index.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\options.css
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\support.html
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\options\support.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\pages\adreport.html
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\pages\adreport.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\pages\resourceblock.css
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\pages\resourceblock.html
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\pages\resourceblock.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\pages\subscribe.css
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\pages\subscribe.html
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\pages\subscribe.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\port.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\punycode.min.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\README.markdown
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\stats.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\survey.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\translators.json
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\uiscripts\blacklisting\blacklistui.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\uiscripts\blacklisting\clickwatcher.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\uiscripts\blacklisting\elementchain.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\uiscripts\blacklisting\overlay.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\uiscripts\blacklisting\rightclick_hook.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\uiscripts\load_jquery_ui.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\uiscripts\send_content_to_back.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\uiscripts\top_open_blacklist_ui.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\uiscripts\top_open_whitelist_ui.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.50_0\ytchannel.js
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gighmmpiobklfepjocnamgkkbiglidom_0.localstorage-journal
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gighmmpiobklfepjocnamgkkbiglidom_0.localstorage
c:\users\VSB\AppData\Local\Google\Chrome\User Data\Default\Preferences
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_BD0001
-------\Legacy_BD0002
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-01-28 do 2016-02-29 )))))))))))))))))))))))))))))))
.
.
2016-02-29 10:33 . 2016-02-29 10:33 -------- d-----w- c:\programdata\TXQMPC
2016-02-29 10:30 . 2016-02-29 10:32 -------- d-----w- C:\AdwCleaner
2016-02-29 10:11 . 2016-02-29 10:17 -------- d-----w- c:\windows\GJFix
2016-02-29 10:10 . 2016-02-29 10:10 87864 ------w- c:\windows\system32\drivers\TFsFltX64.sys
2016-02-29 10:10 . 2016-02-29 10:10 -------- d-----w- c:\program files (x86)\Tencent
2016-02-29 10:10 . 2016-02-29 10:33 -------- d-----w- c:\programdata\Tencent
2016-02-29 10:09 . 2016-02-29 10:17 -------- d-----w- c:\program files (x86)\Common Files\Baidu
2016-02-29 10:09 . 2016-02-29 10:09 -------- d-----w- c:\program files (x86)\Baidu
2016-02-29 10:09 . 2016-02-29 10:14 -------- d-----w- c:\programdata\Baidu
2016-02-29 10:09 . 2016-02-29 10:09 -------- d-----w- c:\users\VSB\AppData\Roaming\Baidu
2016-02-29 10:05 . 2016-02-29 10:05 -------- d-----w- c:\programdata\BOINC
2016-02-29 10:05 . 2016-02-29 10:05 -------- d-----w- c:\windows\Downloaded Installations
2016-02-29 10:04 . 2016-02-29 10:15 -------- d-----w- c:\program files (x86)\Seznam.cz
2016-02-29 10:04 . 2016-02-29 10:15 -------- d-----w- c:\users\VSB\AppData\Roaming\Seznam.cz
2016-02-29 10:01 . 2015-11-25 11:02 11154520 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{810F488C-A00C-4ACA-AA1B-91E2668046CE}\mpengine.dll
2016-02-28 10:01 . 2015-11-25 11:02 11154520 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-02-25 13:04 . 2016-02-26 11:45 -------- d-----w- c:\users\VSB\AppData\Roaming\TeamViewer
2016-02-25 13:04 . 2016-02-25 13:06 -------- d-----w- c:\program files (x86)\TeamViewer
2016-02-22 11:52 . 2016-02-22 12:54 -------- d-----w- c:\users\VSB\AppData\Roaming\FreeCAD
2016-02-19 14:12 . 2015-12-03 21:33 572536 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2016-02-15 14:26 . 2016-02-15 14:26 -------- d-----w- c:\users\VSB\test_dir
2016-02-11 09:54 . 2016-02-11 09:54 -------- d-----w- c:\users\VSB\AppData\Local\Ansys
2016-02-11 09:42 . 2016-02-22 13:55 -------- d-----w- c:\users\VSB\AppData\Roaming\Ansys
2016-02-10 08:49 . 2016-01-11 19:05 98816 ----a-w- c:\windows\system32\wudriver.dll
2016-02-08 15:57 . 2016-02-08 15:57 -------- d-----w- c:\program files\Common Files\DESIGNER
2016-02-08 15:55 . 2016-02-08 15:55 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2016-02-08 13:15 . 2016-02-08 13:15 -------- d-----w- c:\users\VSB\AppData\Local\ElevatedDiagnostics
2016-02-08 13:10 . 2016-02-08 13:10 -------- d-----w- c:\users\VSB\AppData\Local\CEF
2016-02-08 13:09 . 2016-02-08 13:09 -------- d-----w- c:\program files (x86)\TOSHIBA Viewer V2
2016-02-08 13:06 . 2009-07-31 18:55 155136 ----a-w- c:\windows\system32\wilpmv64.exe
2016-02-08 13:06 . 2007-03-17 03:55 81920 ----a-w- c:\windows\system32\P3coinst.dll
2016-02-08 13:06 . 2007-03-16 19:55 115712 ----a-w- c:\windows\system32\P3coin64.dll
2016-02-08 13:06 . 2006-06-15 01:53 90112 ----a-w- c:\windows\system32\WilPrins.dll
2016-02-08 13:06 . 2005-10-21 21:12 61440 ----a-w- c:\windows\system32\WilPrt.exe
2016-02-08 11:47 . 2016-02-08 11:47 -------- d-----w- c:\program files\Microsoft Synchronization Services
2016-02-08 11:47 . 2016-02-08 11:47 -------- d-----w- c:\windows\PCHEALTH
2016-02-08 11:47 . 2016-02-08 11:47 -------- d-----w- c:\program files\Microsoft Sync Framework
2016-02-08 11:47 . 2016-02-08 11:47 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----w- c:\program files\Microsoft Analysis Services
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----w- c:\users\VSB\AppData\Local\Microsoft Help
2016-02-08 11:45 . 2016-02-15 11:15 -------- d-----w- c:\programdata\Microsoft Help
2016-02-08 11:45 . 2016-02-08 11:47 -------- d-----w- c:\program files\Microsoft Office
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----r- C:\MSOCache
2016-02-08 11:38 . 2016-02-08 13:01 -------- d-----w- c:\program files (x86)\Elaborate Bytes
2016-02-08 11:12 . 2016-02-08 11:12 -------- d-----w- c:\users\VSB\AppData\Local\GWX
2016-02-05 08:50 . 2015-12-03 02:09 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3FA3149D-0A32-4793-B281-FC6326C55ACE}\gapaengine.dll
2016-02-05 08:39 . 2016-02-27 02:00 -------- d-s---w- c:\windows\SysWow64\GWX
2016-02-05 08:39 . 2016-02-27 02:00 -------- d-s---w- c:\windows\system32\GWX
2016-02-02 13:37 . 2016-02-02 14:15 -------- d-----w- c:\users\VSB\AppData\Local\Google
2016-02-02 13:37 . 2016-02-02 13:37 -------- d-----w- c:\program files (x86)\Google
2016-02-02 13:37 . 2016-02-02 13:37 -------- d-----w- c:\users\VSB\AppData\Local\Deployment
2016-02-02 13:37 . 2016-02-02 13:37 -------- d-----w- c:\users\VSB\AppData\Local\Apps
2016-02-02 08:34 . 2016-02-29 10:14 -------- d-----w- c:\users\VSB\MAGMAprojects
2016-02-02 08:34 . 2016-02-18 16:58 -------- d-----w- c:\users\VSB\AppData\Local\MAGMA
2016-02-02 08:30 . 2016-02-02 08:30 -------- d-----w- C:\MAGMA5
2016-02-02 08:05 . 2016-02-02 08:05 -------- d-----w- c:\programdata\Intel Corporation
2016-02-02 08:04 . 2016-02-02 08:04 -------- d-----w- c:\programdata\Macrovision
2016-02-02 08:01 . 2016-02-02 08:01 -------- d-----w- c:\program files\WIBU-SYSTEMS
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-02-10 14:48 . 2015-12-03 01:52 146614896 ----a-w- c:\windows\system32\MRT.exe
2016-01-22 06:19 . 2016-02-10 08:49 344064 ----a-w- c:\windows\system32\schannel.dll
2016-01-22 06:05 . 2016-02-10 08:49 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-01-22 05:59 . 2016-02-10 08:49 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-12-09 03:39 . 2015-12-03 01:51 301728 ------w- c:\windows\system32\MpSigStub.exe
2015-12-03 23:18 . 2015-12-03 02:03 3171448 ----a-w- c:\windows\system32\nvwmi64.exe
2015-12-03 23:18 . 2015-12-03 02:03 112944 ----a-w- c:\windows\system32\OpenCL.dll
2015-12-03 23:18 . 2015-12-03 02:03 105264 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-12-03 23:18 . 2015-12-03 02:03 3410056 ----a-w- c:\windows\system32\nvapi64.dll
2015-12-03 23:18 . 2015-12-03 02:03 3012160 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-12-03 23:18 . 2015-12-03 02:03 17670528 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-12-03 23:18 . 2015-12-03 02:03 1572496 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-12-03 23:18 . 2015-12-03 02:03 15183072 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-12-03 23:18 . 2015-12-03 02:03 12902080 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-12-03 21:44 . 2015-12-03 02:03 75056 ----a-w- c:\windows\system32\nv3dappshextr.dll
2015-12-03 21:44 . 2015-12-03 02:03 6875768 ----a-w- c:\windows\system32\nvcpl.dll
2015-12-03 21:44 . 2015-12-03 02:03 62584 ----a-w- c:\windows\system32\nvshext.dll
2015-12-03 21:44 . 2015-12-03 02:03 385144 ----a-w- c:\windows\system32\nvmctray.dll
2015-12-03 21:44 . 2015-12-03 02:03 3496752 ----a-w- c:\windows\system32\nvsvc64.dll
2015-12-03 21:44 . 2015-12-03 02:03 2558584 ----a-w- c:\windows\system32\nvsvcr.dll
2015-12-03 21:44 . 2015-12-03 02:03 1255728 ----a-w- c:\windows\system32\nvvsvc.exe
2015-12-03 21:44 . 2015-12-03 02:03 1060472 ----a-w- c:\windows\system32\nv3dappshext.dll
2015-12-03 04:57 . 2015-12-03 04:57 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2015-12-03 04:57 . 2015-12-03 04:57 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2015-12-03 04:57 . 2015-12-03 04:57 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2015-12-03 04:57 . 2015-12-03 04:57 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2015-12-03 04:57 . 2015-12-03 04:57 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2015-12-03 04:57 . 2015-12-03 04:57 235008 ----a-w- c:\windows\system32\elshyph.dll
2015-12-03 04:57 . 2015-12-03 04:57 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2015-12-03 04:57 . 2015-12-03 04:57 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2015-12-03 04:57 . 2015-12-03 04:57 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2015-12-03 04:57 . 2015-12-03 04:57 942592 ----a-w- c:\windows\system32\jsIntl.dll
2015-12-03 04:57 . 2015-12-03 04:57 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2015-12-03 04:57 . 2015-12-03 04:57 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-12-03 04:57 . 2015-12-03 04:57 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2015-12-03 04:57 . 2015-12-03 04:57 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2015-12-03 04:57 . 2015-12-03 04:57 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2015-12-03 04:57 . 2015-12-03 04:57 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2015-12-03 04:57 . 2015-12-03 04:57 247808 ----a-w- c:\windows\system32\msls31.dll
2015-12-03 04:57 . 2015-12-03 04:57 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2015-12-03 04:57 . 2015-12-03 04:57 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2015-12-03 04:57 . 2015-12-03 04:57 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-12-03 04:57 . 2015-12-03 04:57 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2015-12-03 04:57 . 2015-12-03 04:57 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-12-03 04:57 . 2015-12-03 04:57 81408 ----a-w- c:\windows\system32\icardie.dll
2015-12-03 04:57 . 2015-12-03 04:57 77312 ----a-w- c:\windows\system32\tdc.ocx
2015-12-03 04:57 . 2015-12-03 04:57 62464 ----a-w- c:\windows\system32\pngfilt.dll
2015-12-03 04:57 . 2015-12-03 04:57 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2015-12-03 04:57 . 2015-12-03 04:57 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-12-03 04:57 . 2015-12-03 04:57 48128 ----a-w- c:\windows\system32\imgutil.dll
2015-12-03 04:57 . 2015-12-03 04:57 30208 ----a-w- c:\windows\system32\licmgr10.dll
2015-12-03 04:57 . 2015-12-03 04:57 235520 ----a-w- c:\windows\system32\url.dll
2015-12-03 04:57 . 2015-12-03 04:57 167424 ----a-w- c:\windows\system32\iexpress.exe
2015-12-03 04:57 . 2015-12-03 04:57 143872 ----a-w- c:\windows\system32\wextract.exe
2015-12-03 04:57 . 2015-12-03 04:57 13824 ----a-w- c:\windows\system32\mshta.exe
2015-12-03 04:57 . 2015-12-03 04:57 105984 ----a-w- c:\windows\system32\iesysprep.dll
2015-12-03 04:57 . 2015-12-03 04:57 135680 ----a-w- c:\windows\system32\iepeers.dll
2015-12-03 02:22 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2015-12-03 02:22 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2015-12-03 02:09 . 2016-01-25 17:13 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-12-02 21:05 . 2015-12-03 02:03 6063568 ----a-w- c:\windows\system32\nvcoproc.bin
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-08-25 293872]
"CAM"="c:\program files (x86)\NZXT\CAM\CAMLauncher.exe" [2015-10-20 113264]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\\isuspm.exe" [2010-05-21 324976]
"WilPrintCapture"="c:\program files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\WILCAPV.EXE" [2009-02-10 143360]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CodeMeter Control Center.lnk - c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe [2015-3-24 10362232]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 TSDefenseBt;TSDefenseBt;c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsDefenseBT64.sys;c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsDefenseBT64.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 Intel(R) ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 QQPCRTP;QQPCMgr RTP Service;c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCRtp.exe;c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCRtp.exe [x]
R2 tsnethlpx64;TsNetHlpX64.sys;c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsNetHlpX64.sys;c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsNetHlpX64.sys [x]
R3 ALSysIO;ALSysIO;c:\users\VSB\AppData\Local\Temp\ALSysIO64.sys;c:\users\VSB\AppData\Local\Temp\ALSysIO64.sys [x]
R3 cpuz138;cpuz138;c:\users\VSB\AppData\Local\Temp\cpuz138\cpuz138_x64.sys;c:\users\VSB\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 iumsvc;Intel(R) Update Manager;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\NZXT\CAM\CAM_Client_V2.sys;c:\program files (x86)\NZXT\CAM\CAM_Client_V2.sys [x]
S0 asstor64;asstor64;c:\windows\system32\DRIVERS\asstor64.sys;c:\windows\SYSNATIVE\DRIVERS\asstor64.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [x]
S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
S2 impi_hydra;Intel(R) MPI Library Hydra Process Manager;c:\program files (x86)\Intel\MPI-RT\5.0.2.044\intel64\bin\hydra_service.exe;c:\program files (x86)\Intel\MPI-RT\5.0.2.044\intel64\bin\hydra_service.exe [x]
S2 impi_smpd;Intel(R) MPI Library Process Manager;c:\program files (x86)\Intel\MPI-RT\5.0.2.044\intel64\bin\smpd.exe;c:\program files (x86)\Intel\MPI-RT\5.0.2.044\intel64\bin\smpd.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 MAGMA53liccontrol;MAGMA5.3 License Control Service;c:\magma5\v5.3.0\WINDOWS64\bin\MAGMAliccontrol.exe;c:\magma5\v5.3.0\WINDOWS64\bin\MAGMAliccontrol.exe [x]
S2 NVWMI;NVIDIA WMI Provider;c:\windows\system32\nvwmi64.exe;c:\windows\SYSNATIVE\nvwmi64.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 wilusbmonitor;Unimessage Printer Tracking Service;c:\windows\system32\wilpmv64.exe;c:\windows\SYSNATIVE\wilpmv64.exe [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MAGMA53license;MAGMA5.3 License Service;c:\magma5\V53~1.0\WINDOW~1\LICENS~1\..\bin\MAGMALicenseServer.exe;c:\magma5\V53~1.0\WINDOW~1\LICENS~1\..\bin\MAGMALicenseServer.exe [x]
S3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys;c:\windows\SYSNATIVE\drivers\SiUSBXp.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - NAL
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-02-22 07:42 1088664 ----a-w- c:\program files (x86)\Google\Chrome\Application\48.0.2564.116\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-02-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-02-02 13:37]
.
2016-02-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-02-02 13:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-08-21 7636696]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2014-08-26 1392344]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2014-05-28 36352]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-01-29 1340192]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2015-12-03 2160248]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 158.196.0.53 158.196.99.166
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-ISM - (no file)
Wow6432Node-HKLM-Run-QQPCTray - c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCTRAY.EXE
ShellIconOverlayIdentifiers-{B7667919-3765-4815-A66D-98A09BE662D6} - (no file)
AddRemove-ĂŔÍĽäŻŔŔ - c:\program files (x86)\MTV20160128\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" QQPCTray"="\"c:\\Program Files (x86)\\Tencent\\QQPCMgr\\11.3.17201.218\\QQPCTRAY.EXE\" /regrun /qqrepair"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
.
**************************************************************************
.
Celkový čas: 2016-02-29 11:47:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-02-29 10:47
.
Před spuštěním: Volných bajtů: 330 743 635 968
Po spuštění: Volných bajtů: 330 475 270 144
.
- - End Of File - - 035EBE75CF91889F88B321E4DB89F6E8
A36C5E4F47E84449FF07ED3517B43A31
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu po odstranění nechtěného čínského programu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu po odstranění nechtěného čínského programu
Zdravím!
Proč spouštíte ComboFix, utilitu určenou pouze profesionálům? Chcete si pošodit systém, nebo některou alplikaci?
Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:
Proč spouštíte ComboFix, utilitu určenou pouze profesionálům? Chcete si pošodit systém, nebo některou alplikaci?
Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
Folder::
c:\programdata\TXQMPC
c:\program files (x86)\Baidu
c:\programdata\Baidu
c:\programdata\Tencent
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Driver::
QQPCRTP
RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu po odstranění nechtěného čínského programu
No systém si určitě poškodit nechci jen jsem postupoval dle návodu z jiného vlákna kde se řešil stejný problém, přesně dle postupu profesionála, který CF rozumí. 
děkuji za pomoc. 
děkuji za pomoc. Re: Kontrola logu po odstranění nechtěného čínského programu
Tak jsem provedl vše dle Vašich instrukcí ale nechtěný soubor mi v PC pořád visí (viz. obr. příloha)
zde je log z CF:
ComboFix 16-02-29.01 - VSB 01.03.2016 10:06:18.2.16 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.65439.59676 [GMT 1:00]
Spuštěný z: c:\users\VSB\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\VSB\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
SP: Microsoft Security Essentials *Disabled/Updated* {CDE0C533-D3CD-62A1-E772-AFADDF863628}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Baidu
c:\programdata\Baidu
c:\programdata\Baidu\BaiduAn\BDMSOCleaner\SOGarbageConfig.xml
c:\programdata\Baidu\BaiduAn\BDMSOCleaner\SOTraceConfig.xml
c:\programdata\Baidu\BaiduAn\CachedDB_1\000003.log
c:\programdata\Baidu\BaiduAn\CachedDB_1\CURRENT
c:\programdata\Baidu\BaiduAn\CachedDB_1\LOCK
c:\programdata\Baidu\BaiduAn\CachedDB_1\LOG
c:\programdata\Baidu\BaiduAn\CachedDB_1\MANIFEST-000002
c:\programdata\Baidu\BaiduAn\Config\1000.dat
c:\programdata\Baidu\BaiduAn\Config\4401.dat
c:\programdata\Baidu\BaiduAn\Config\4402.dat
c:\programdata\Baidu\BaiduAn\Config\4501.dat
c:\programdata\Baidu\BaiduAn\Config\4700.dat
c:\programdata\Baidu\BaiduAn\Config\6001.dat
c:\programdata\Baidu\BaiduAn\Config\8001.dat
c:\programdata\Baidu\BaiduAn\Config\805.dat
c:\programdata\Baidu\BaiduAn\Config\812.dat
c:\programdata\Baidu\BaiduAn\Config\8500.dat
c:\programdata\Baidu\BaiduAn\Config\900.dat
c:\programdata\Baidu\BaiduAn\Config\config.ini
c:\programdata\Baidu\BaiduAn\FileSignDB\000003.log
c:\programdata\Baidu\BaiduAn\FileSignDB\CURRENT
c:\programdata\Baidu\BaiduAn\FileSignDB\LOCK
c:\programdata\Baidu\BaiduAn\FileSignDB\LOG
c:\programdata\Baidu\BaiduAn\FileSignDB\MANIFEST-000002
c:\programdata\Baidu\BaiduAn\FileUpdate\CommonUpdate\17\0\Download.data
c:\programdata\Baidu\BaiduAn\FileUpdate\CommonUpdate\2\0\Download.data
c:\programdata\Baidu\BaiduAn\FileUpdate\CommonUpdate\36\609\Download.data
c:\programdata\Baidu\BaiduAn\Patch\error.dat
c:\programdata\Baidu\BaiduAn\Patch\publish.db
c:\programdata\Baidu\BaiduAn\SWManager\ultcache.dat
c:\programdata\Baidu\BaiduAn\white_list.db
c:\programdata\Baidu\BrowserProtect\BPCtrl.ini
c:\programdata\Baidu\BrowserProtect\Records.xml
c:\programdata\Baidu\Common\Global.db
c:\programdata\Tencent
c:\programdata\Tencent\QQPCMgr\BlackCacheData2.ini
c:\programdata\Tencent\QQPCMgr\dr.ini
c:\programdata\Tencent\QQPCMgr\dr_packet.dat
c:\programdata\Tencent\QQPCMgr\drsave.dat
c:\programdata\Tencent\QQPCMgr\QMFilemonRep.ini
c:\programdata\Tencent\QQPCMgr\Rtplog.db
c:\programdata\Tencent\QQPCMgr\TaskLog.dat
c:\programdata\TXQMPC
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_QQPCRTP
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-02-01 do 2016-03-01 )))))))))))))))))))))))))))))))
.
.
2016-03-01 09:08 . 2016-03-01 09:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-02-29 11:12 . 2015-11-25 11:02 11154520 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8B2B194D-A51C-4508-A140-B0DA59CE609A}\mpengine.dll
2016-02-29 10:30 . 2016-02-29 10:32 -------- d-----w- C:\AdwCleaner
2016-02-29 10:11 . 2016-02-29 10:17 -------- d-----w- c:\windows\GJFix
2016-02-29 10:10 . 2016-02-29 10:10 87864 ------w- c:\windows\system32\drivers\TFsFltX64.sys
2016-02-29 10:10 . 2016-02-29 10:10 -------- d-----w- c:\program files (x86)\Tencent
2016-02-29 10:09 . 2016-02-29 10:17 -------- d-----w- c:\program files (x86)\Common Files\Baidu
2016-02-29 10:09 . 2016-02-29 10:09 -------- d-----w- c:\users\VSB\AppData\Roaming\Baidu
2016-02-29 10:05 . 2016-02-29 10:05 -------- d-----w- c:\programdata\BOINC
2016-02-29 10:05 . 2016-02-29 10:05 -------- d-----w- c:\windows\Downloaded Installations
2016-02-29 10:04 . 2016-02-29 10:15 -------- d-----w- c:\program files (x86)\Seznam.cz
2016-02-29 10:04 . 2016-02-29 10:15 -------- d-----w- c:\users\VSB\AppData\Roaming\Seznam.cz
2016-02-28 10:01 . 2015-11-25 11:02 11154520 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-02-25 13:04 . 2016-02-26 11:45 -------- d-----w- c:\users\VSB\AppData\Roaming\TeamViewer
2016-02-25 13:04 . 2016-02-25 13:06 -------- d-----w- c:\program files (x86)\TeamViewer
2016-02-22 11:52 . 2016-02-22 12:54 -------- d-----w- c:\users\VSB\AppData\Roaming\FreeCAD
2016-02-19 14:12 . 2015-12-03 21:33 572536 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2016-02-15 14:26 . 2016-02-15 14:26 -------- d-----w- c:\users\VSB\test_dir
2016-02-11 09:54 . 2016-02-11 09:54 -------- d-----w- c:\users\VSB\AppData\Local\Ansys
2016-02-11 09:42 . 2016-03-01 08:58 -------- d-----w- c:\users\VSB\AppData\Roaming\Ansys
2016-02-10 08:49 . 2016-01-11 19:05 98816 ----a-w- c:\windows\system32\wudriver.dll
2016-02-08 15:57 . 2016-02-08 15:57 -------- d-----w- c:\program files\Common Files\DESIGNER
2016-02-08 15:55 . 2016-02-08 15:55 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2016-02-08 13:15 . 2016-02-08 13:15 -------- d-----w- c:\users\VSB\AppData\Local\ElevatedDiagnostics
2016-02-08 13:10 . 2016-02-08 13:10 -------- d-----w- c:\users\VSB\AppData\Local\CEF
2016-02-08 13:09 . 2016-02-08 13:09 -------- d-----w- c:\program files (x86)\TOSHIBA Viewer V2
2016-02-08 13:06 . 2009-07-31 18:55 155136 ----a-w- c:\windows\system32\wilpmv64.exe
2016-02-08 13:06 . 2007-03-17 03:55 81920 ----a-w- c:\windows\system32\P3coinst.dll
2016-02-08 13:06 . 2007-03-16 19:55 115712 ----a-w- c:\windows\system32\P3coin64.dll
2016-02-08 13:06 . 2006-06-15 01:53 90112 ----a-w- c:\windows\system32\WilPrins.dll
2016-02-08 13:06 . 2005-10-21 21:12 61440 ----a-w- c:\windows\system32\WilPrt.exe
2016-02-08 11:47 . 2016-02-08 11:47 -------- d-----w- c:\program files\Microsoft Synchronization Services
2016-02-08 11:47 . 2016-02-08 11:47 -------- d-----w- c:\windows\PCHEALTH
2016-02-08 11:47 . 2016-02-08 11:47 -------- d-----w- c:\program files\Microsoft Sync Framework
2016-02-08 11:47 . 2016-02-08 11:47 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----w- c:\program files\Microsoft Analysis Services
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----w- c:\users\VSB\AppData\Local\Microsoft Help
2016-02-08 11:45 . 2016-02-15 11:15 -------- d-----w- c:\programdata\Microsoft Help
2016-02-08 11:45 . 2016-02-08 11:47 -------- d-----w- c:\program files\Microsoft Office
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----r- C:\MSOCache
2016-02-08 11:38 . 2016-02-08 13:01 -------- d-----w- c:\program files (x86)\Elaborate Bytes
2016-02-08 11:12 . 2016-02-08 11:12 -------- d-----w- c:\users\VSB\AppData\Local\GWX
2016-02-05 08:50 . 2015-12-03 02:09 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3FA3149D-0A32-4793-B281-FC6326C55ACE}\gapaengine.dll
2016-02-05 08:39 . 2016-02-27 02:00 -------- d-s---w- c:\windows\SysWow64\GWX
2016-02-05 08:39 . 2016-02-27 02:00 -------- d-s---w- c:\windows\system32\GWX
2016-02-02 13:37 . 2016-02-02 14:15 -------- d-----w- c:\users\VSB\AppData\Local\Google
2016-02-02 13:37 . 2016-02-02 13:37 -------- d-----w- c:\program files (x86)\Google
2016-02-02 13:37 . 2016-02-02 13:37 -------- d-----w- c:\users\VSB\AppData\Local\Deployment
2016-02-02 13:37 . 2016-02-02 13:37 -------- d-----w- c:\users\VSB\AppData\Local\Apps
2016-02-02 08:34 . 2016-02-29 10:14 -------- d-----w- c:\users\VSB\MAGMAprojects
2016-02-02 08:34 . 2016-02-18 16:58 -------- d-----w- c:\users\VSB\AppData\Local\MAGMA
2016-02-02 08:30 . 2016-02-02 08:30 -------- d-----w- C:\MAGMA5
2016-02-02 08:05 . 2016-02-02 08:05 -------- d-----w- c:\programdata\Intel Corporation
2016-02-02 08:04 . 2016-02-02 08:04 -------- d-----w- c:\programdata\Macrovision
2016-02-02 08:01 . 2016-02-02 08:01 -------- d-----w- c:\program files\WIBU-SYSTEMS
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-02-10 14:48 . 2015-12-03 01:52 146614896 ----a-w- c:\windows\system32\MRT.exe
2016-01-22 06:19 . 2016-02-10 08:49 344064 ----a-w- c:\windows\system32\schannel.dll
2016-01-22 06:05 . 2016-02-10 08:49 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-01-22 05:59 . 2016-02-10 08:49 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-12-09 03:39 . 2015-12-03 01:51 301728 ------w- c:\windows\system32\MpSigStub.exe
2015-12-03 23:18 . 2015-12-03 02:03 3171448 ----a-w- c:\windows\system32\nvwmi64.exe
2015-12-03 23:18 . 2015-12-03 02:03 112944 ----a-w- c:\windows\system32\OpenCL.dll
2015-12-03 23:18 . 2015-12-03 02:03 105264 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-12-03 23:18 . 2015-12-03 02:03 3410056 ----a-w- c:\windows\system32\nvapi64.dll
2015-12-03 23:18 . 2015-12-03 02:03 3012160 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-12-03 23:18 . 2015-12-03 02:03 17670528 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-12-03 23:18 . 2015-12-03 02:03 1572496 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-12-03 23:18 . 2015-12-03 02:03 15183072 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-12-03 23:18 . 2015-12-03 02:03 12902080 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-12-03 21:44 . 2015-12-03 02:03 75056 ----a-w- c:\windows\system32\nv3dappshextr.dll
2015-12-03 21:44 . 2015-12-03 02:03 6875768 ----a-w- c:\windows\system32\nvcpl.dll
2015-12-03 21:44 . 2015-12-03 02:03 62584 ----a-w- c:\windows\system32\nvshext.dll
2015-12-03 21:44 . 2015-12-03 02:03 385144 ----a-w- c:\windows\system32\nvmctray.dll
2015-12-03 21:44 . 2015-12-03 02:03 3496752 ----a-w- c:\windows\system32\nvsvc64.dll
2015-12-03 21:44 . 2015-12-03 02:03 2558584 ----a-w- c:\windows\system32\nvsvcr.dll
2015-12-03 21:44 . 2015-12-03 02:03 1255728 ----a-w- c:\windows\system32\nvvsvc.exe
2015-12-03 21:44 . 2015-12-03 02:03 1060472 ----a-w- c:\windows\system32\nv3dappshext.dll
2015-12-03 04:57 . 2015-12-03 04:57 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2015-12-03 04:57 . 2015-12-03 04:57 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2015-12-03 04:57 . 2015-12-03 04:57 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2015-12-03 04:57 . 2015-12-03 04:57 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2015-12-03 04:57 . 2015-12-03 04:57 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2015-12-03 04:57 . 2015-12-03 04:57 235008 ----a-w- c:\windows\system32\elshyph.dll
2015-12-03 04:57 . 2015-12-03 04:57 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2015-12-03 04:57 . 2015-12-03 04:57 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2015-12-03 04:57 . 2015-12-03 04:57 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2015-12-03 04:57 . 2015-12-03 04:57 942592 ----a-w- c:\windows\system32\jsIntl.dll
2015-12-03 04:57 . 2015-12-03 04:57 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2015-12-03 04:57 . 2015-12-03 04:57 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-12-03 04:57 . 2015-12-03 04:57 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2015-12-03 04:57 . 2015-12-03 04:57 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2015-12-03 04:57 . 2015-12-03 04:57 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2015-12-03 04:57 . 2015-12-03 04:57 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2015-12-03 04:57 . 2015-12-03 04:57 247808 ----a-w- c:\windows\system32\msls31.dll
2015-12-03 04:57 . 2015-12-03 04:57 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2015-12-03 04:57 . 2015-12-03 04:57 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2015-12-03 04:57 . 2015-12-03 04:57 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-12-03 04:57 . 2015-12-03 04:57 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2015-12-03 04:57 . 2015-12-03 04:57 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-12-03 04:57 . 2015-12-03 04:57 81408 ----a-w- c:\windows\system32\icardie.dll
2015-12-03 04:57 . 2015-12-03 04:57 77312 ----a-w- c:\windows\system32\tdc.ocx
2015-12-03 04:57 . 2015-12-03 04:57 62464 ----a-w- c:\windows\system32\pngfilt.dll
2015-12-03 04:57 . 2015-12-03 04:57 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2015-12-03 04:57 . 2015-12-03 04:57 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-12-03 04:57 . 2015-12-03 04:57 48128 ----a-w- c:\windows\system32\imgutil.dll
2015-12-03 04:57 . 2015-12-03 04:57 30208 ----a-w- c:\windows\system32\licmgr10.dll
2015-12-03 04:57 . 2015-12-03 04:57 235520 ----a-w- c:\windows\system32\url.dll
2015-12-03 04:57 . 2015-12-03 04:57 167424 ----a-w- c:\windows\system32\iexpress.exe
2015-12-03 04:57 . 2015-12-03 04:57 143872 ----a-w- c:\windows\system32\wextract.exe
2015-12-03 04:57 . 2015-12-03 04:57 13824 ----a-w- c:\windows\system32\mshta.exe
2015-12-03 04:57 . 2015-12-03 04:57 105984 ----a-w- c:\windows\system32\iesysprep.dll
2015-12-03 04:57 . 2015-12-03 04:57 135680 ----a-w- c:\windows\system32\iepeers.dll
2015-12-03 02:22 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2015-12-03 02:22 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2015-12-03 02:09 . 2016-01-25 17:13 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-12-02 21:05 . 2015-12-03 02:03 6063568 ----a-w- c:\windows\system32\nvcoproc.bin
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-08-25 293872]
"CAM"="c:\program files (x86)\NZXT\CAM\CAMLauncher.exe" [2015-10-20 113264]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\\isuspm.exe" [2010-05-21 324976]
"WilPrintCapture"="c:\program files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\WILCAPV.EXE" [2009-02-10 143360]
"QQPCTray"="c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCTRAY.EXE" [BU]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CodeMeter Control Center.lnk - c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe [2015-3-24 10362232]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 TSDefenseBt;TSDefenseBt;c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsDefenseBT64.sys;c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsDefenseBT64.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 Intel(R) ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 tsnethlpx64;TsNetHlpX64.sys;c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsNetHlpX64.sys;c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsNetHlpX64.sys [x]
R3 ALSysIO;ALSysIO;c:\users\VSB\AppData\Local\Temp\ALSysIO64.sys;c:\users\VSB\AppData\Local\Temp\ALSysIO64.sys [x]
R3 cpuz138;cpuz138;c:\users\VSB\AppData\Local\Temp\cpuz138\cpuz138_x64.sys;c:\users\VSB\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 iumsvc;Intel(R) Update Manager;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\NZXT\CAM\CAM_Client_V2.sys;c:\program files (x86)\NZXT\CAM\CAM_Client_V2.sys [x]
S0 asstor64;asstor64;c:\windows\system32\DRIVERS\asstor64.sys;c:\windows\SYSNATIVE\DRIVERS\asstor64.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [x]
S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
S2 impi_hydra;Intel(R) MPI Library Hydra Process Manager;c:\program files (x86)\Intel\MPI-RT\5.0.2.044\intel64\bin\hydra_service.exe;c:\program files (x86)\Intel\MPI-RT\5.0.2.044\intel64\bin\hydra_service.exe [x]
S2 impi_smpd;Intel(R) MPI Library Process Manager;c:\program files (x86)\Intel\MPI-RT\5.0.2.044\intel64\bin\smpd.exe;c:\program files (x86)\Intel\MPI-RT\5.0.2.044\intel64\bin\smpd.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 MAGMA53liccontrol;MAGMA5.3 License Control Service;c:\magma5\v5.3.0\WINDOWS64\bin\MAGMAliccontrol.exe;c:\magma5\v5.3.0\WINDOWS64\bin\MAGMAliccontrol.exe [x]
S2 NVWMI;NVIDIA WMI Provider;c:\windows\system32\nvwmi64.exe;c:\windows\SYSNATIVE\nvwmi64.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 wilusbmonitor;Unimessage Printer Tracking Service;c:\windows\system32\wilpmv64.exe;c:\windows\SYSNATIVE\wilpmv64.exe [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MAGMA53license;MAGMA5.3 License Service;c:\magma5\V53~1.0\WINDOW~1\LICENS~1\..\bin\MAGMALicenseServer.exe;c:\magma5\V53~1.0\WINDOW~1\LICENS~1\..\bin\MAGMALicenseServer.exe [x]
S3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys;c:\windows\SYSNATIVE\drivers\SiUSBXp.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - NAL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-02-22 07:42 1088664 ----a-w- c:\program files (x86)\Google\Chrome\Application\48.0.2564.116\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-08-21 7636696]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2014-08-26 1392344]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2014-05-28 36352]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-01-29 1340192]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2015-12-03 2160248]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 158.196.0.53 158.196.99.166
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{B7667919-3765-4815-A66D-98A09BE662D6} - (no file)
AddRemove-ĂŔÍĽäŻŔŔ - c:\program files (x86)\MTV20160128\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" QQPCTray"="\"c:\\Program Files (x86)\\Tencent\\QQPCMgr\\11.3.17201.218\\QQPCTRAY.EXE\" /regrun /qqrepair"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Celkový čas: 2016-03-01 10:09:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-03-01 09:09
ComboFix2.txt 2016-02-29 10:47
.
Před spuštěním: Volných bajtů: 330 287 800 320
Po spuštění: Volných bajtů: 330 205 605 888
.
- - End Of File - - 0636970EB052CCBC405394BD427F8B27
A36C5E4F47E84449FF07ED3517B43A31
zde je log z CF:
ComboFix 16-02-29.01 - VSB 01.03.2016 10:06:18.2.16 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.65439.59676 [GMT 1:00]
Spuštěný z: c:\users\VSB\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\VSB\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
SP: Microsoft Security Essentials *Disabled/Updated* {CDE0C533-D3CD-62A1-E772-AFADDF863628}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Baidu
c:\programdata\Baidu
c:\programdata\Baidu\BaiduAn\BDMSOCleaner\SOGarbageConfig.xml
c:\programdata\Baidu\BaiduAn\BDMSOCleaner\SOTraceConfig.xml
c:\programdata\Baidu\BaiduAn\CachedDB_1\000003.log
c:\programdata\Baidu\BaiduAn\CachedDB_1\CURRENT
c:\programdata\Baidu\BaiduAn\CachedDB_1\LOCK
c:\programdata\Baidu\BaiduAn\CachedDB_1\LOG
c:\programdata\Baidu\BaiduAn\CachedDB_1\MANIFEST-000002
c:\programdata\Baidu\BaiduAn\Config\1000.dat
c:\programdata\Baidu\BaiduAn\Config\4401.dat
c:\programdata\Baidu\BaiduAn\Config\4402.dat
c:\programdata\Baidu\BaiduAn\Config\4501.dat
c:\programdata\Baidu\BaiduAn\Config\4700.dat
c:\programdata\Baidu\BaiduAn\Config\6001.dat
c:\programdata\Baidu\BaiduAn\Config\8001.dat
c:\programdata\Baidu\BaiduAn\Config\805.dat
c:\programdata\Baidu\BaiduAn\Config\812.dat
c:\programdata\Baidu\BaiduAn\Config\8500.dat
c:\programdata\Baidu\BaiduAn\Config\900.dat
c:\programdata\Baidu\BaiduAn\Config\config.ini
c:\programdata\Baidu\BaiduAn\FileSignDB\000003.log
c:\programdata\Baidu\BaiduAn\FileSignDB\CURRENT
c:\programdata\Baidu\BaiduAn\FileSignDB\LOCK
c:\programdata\Baidu\BaiduAn\FileSignDB\LOG
c:\programdata\Baidu\BaiduAn\FileSignDB\MANIFEST-000002
c:\programdata\Baidu\BaiduAn\FileUpdate\CommonUpdate\17\0\Download.data
c:\programdata\Baidu\BaiduAn\FileUpdate\CommonUpdate\2\0\Download.data
c:\programdata\Baidu\BaiduAn\FileUpdate\CommonUpdate\36\609\Download.data
c:\programdata\Baidu\BaiduAn\Patch\error.dat
c:\programdata\Baidu\BaiduAn\Patch\publish.db
c:\programdata\Baidu\BaiduAn\SWManager\ultcache.dat
c:\programdata\Baidu\BaiduAn\white_list.db
c:\programdata\Baidu\BrowserProtect\BPCtrl.ini
c:\programdata\Baidu\BrowserProtect\Records.xml
c:\programdata\Baidu\Common\Global.db
c:\programdata\Tencent
c:\programdata\Tencent\QQPCMgr\BlackCacheData2.ini
c:\programdata\Tencent\QQPCMgr\dr.ini
c:\programdata\Tencent\QQPCMgr\dr_packet.dat
c:\programdata\Tencent\QQPCMgr\drsave.dat
c:\programdata\Tencent\QQPCMgr\QMFilemonRep.ini
c:\programdata\Tencent\QQPCMgr\Rtplog.db
c:\programdata\Tencent\QQPCMgr\TaskLog.dat
c:\programdata\TXQMPC
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_QQPCRTP
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-02-01 do 2016-03-01 )))))))))))))))))))))))))))))))
.
.
2016-03-01 09:08 . 2016-03-01 09:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-02-29 11:12 . 2015-11-25 11:02 11154520 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8B2B194D-A51C-4508-A140-B0DA59CE609A}\mpengine.dll
2016-02-29 10:30 . 2016-02-29 10:32 -------- d-----w- C:\AdwCleaner
2016-02-29 10:11 . 2016-02-29 10:17 -------- d-----w- c:\windows\GJFix
2016-02-29 10:10 . 2016-02-29 10:10 87864 ------w- c:\windows\system32\drivers\TFsFltX64.sys
2016-02-29 10:10 . 2016-02-29 10:10 -------- d-----w- c:\program files (x86)\Tencent
2016-02-29 10:09 . 2016-02-29 10:17 -------- d-----w- c:\program files (x86)\Common Files\Baidu
2016-02-29 10:09 . 2016-02-29 10:09 -------- d-----w- c:\users\VSB\AppData\Roaming\Baidu
2016-02-29 10:05 . 2016-02-29 10:05 -------- d-----w- c:\programdata\BOINC
2016-02-29 10:05 . 2016-02-29 10:05 -------- d-----w- c:\windows\Downloaded Installations
2016-02-29 10:04 . 2016-02-29 10:15 -------- d-----w- c:\program files (x86)\Seznam.cz
2016-02-29 10:04 . 2016-02-29 10:15 -------- d-----w- c:\users\VSB\AppData\Roaming\Seznam.cz
2016-02-28 10:01 . 2015-11-25 11:02 11154520 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-02-25 13:04 . 2016-02-26 11:45 -------- d-----w- c:\users\VSB\AppData\Roaming\TeamViewer
2016-02-25 13:04 . 2016-02-25 13:06 -------- d-----w- c:\program files (x86)\TeamViewer
2016-02-22 11:52 . 2016-02-22 12:54 -------- d-----w- c:\users\VSB\AppData\Roaming\FreeCAD
2016-02-19 14:12 . 2015-12-03 21:33 572536 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2016-02-15 14:26 . 2016-02-15 14:26 -------- d-----w- c:\users\VSB\test_dir
2016-02-11 09:54 . 2016-02-11 09:54 -------- d-----w- c:\users\VSB\AppData\Local\Ansys
2016-02-11 09:42 . 2016-03-01 08:58 -------- d-----w- c:\users\VSB\AppData\Roaming\Ansys
2016-02-10 08:49 . 2016-01-11 19:05 98816 ----a-w- c:\windows\system32\wudriver.dll
2016-02-08 15:57 . 2016-02-08 15:57 -------- d-----w- c:\program files\Common Files\DESIGNER
2016-02-08 15:55 . 2016-02-08 15:55 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2016-02-08 13:15 . 2016-02-08 13:15 -------- d-----w- c:\users\VSB\AppData\Local\ElevatedDiagnostics
2016-02-08 13:10 . 2016-02-08 13:10 -------- d-----w- c:\users\VSB\AppData\Local\CEF
2016-02-08 13:09 . 2016-02-08 13:09 -------- d-----w- c:\program files (x86)\TOSHIBA Viewer V2
2016-02-08 13:06 . 2009-07-31 18:55 155136 ----a-w- c:\windows\system32\wilpmv64.exe
2016-02-08 13:06 . 2007-03-17 03:55 81920 ----a-w- c:\windows\system32\P3coinst.dll
2016-02-08 13:06 . 2007-03-16 19:55 115712 ----a-w- c:\windows\system32\P3coin64.dll
2016-02-08 13:06 . 2006-06-15 01:53 90112 ----a-w- c:\windows\system32\WilPrins.dll
2016-02-08 13:06 . 2005-10-21 21:12 61440 ----a-w- c:\windows\system32\WilPrt.exe
2016-02-08 11:47 . 2016-02-08 11:47 -------- d-----w- c:\program files\Microsoft Synchronization Services
2016-02-08 11:47 . 2016-02-08 11:47 -------- d-----w- c:\windows\PCHEALTH
2016-02-08 11:47 . 2016-02-08 11:47 -------- d-----w- c:\program files\Microsoft Sync Framework
2016-02-08 11:47 . 2016-02-08 11:47 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----w- c:\program files\Microsoft Analysis Services
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----w- c:\users\VSB\AppData\Local\Microsoft Help
2016-02-08 11:45 . 2016-02-15 11:15 -------- d-----w- c:\programdata\Microsoft Help
2016-02-08 11:45 . 2016-02-08 11:47 -------- d-----w- c:\program files\Microsoft Office
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----r- C:\MSOCache
2016-02-08 11:38 . 2016-02-08 13:01 -------- d-----w- c:\program files (x86)\Elaborate Bytes
2016-02-08 11:12 . 2016-02-08 11:12 -------- d-----w- c:\users\VSB\AppData\Local\GWX
2016-02-05 08:50 . 2015-12-03 02:09 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3FA3149D-0A32-4793-B281-FC6326C55ACE}\gapaengine.dll
2016-02-05 08:39 . 2016-02-27 02:00 -------- d-s---w- c:\windows\SysWow64\GWX
2016-02-05 08:39 . 2016-02-27 02:00 -------- d-s---w- c:\windows\system32\GWX
2016-02-02 13:37 . 2016-02-02 14:15 -------- d-----w- c:\users\VSB\AppData\Local\Google
2016-02-02 13:37 . 2016-02-02 13:37 -------- d-----w- c:\program files (x86)\Google
2016-02-02 13:37 . 2016-02-02 13:37 -------- d-----w- c:\users\VSB\AppData\Local\Deployment
2016-02-02 13:37 . 2016-02-02 13:37 -------- d-----w- c:\users\VSB\AppData\Local\Apps
2016-02-02 08:34 . 2016-02-29 10:14 -------- d-----w- c:\users\VSB\MAGMAprojects
2016-02-02 08:34 . 2016-02-18 16:58 -------- d-----w- c:\users\VSB\AppData\Local\MAGMA
2016-02-02 08:30 . 2016-02-02 08:30 -------- d-----w- C:\MAGMA5
2016-02-02 08:05 . 2016-02-02 08:05 -------- d-----w- c:\programdata\Intel Corporation
2016-02-02 08:04 . 2016-02-02 08:04 -------- d-----w- c:\programdata\Macrovision
2016-02-02 08:01 . 2016-02-02 08:01 -------- d-----w- c:\program files\WIBU-SYSTEMS
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-02-10 14:48 . 2015-12-03 01:52 146614896 ----a-w- c:\windows\system32\MRT.exe
2016-01-22 06:19 . 2016-02-10 08:49 344064 ----a-w- c:\windows\system32\schannel.dll
2016-01-22 06:05 . 2016-02-10 08:49 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-01-22 05:59 . 2016-02-10 08:49 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-12-09 03:39 . 2015-12-03 01:51 301728 ------w- c:\windows\system32\MpSigStub.exe
2015-12-03 23:18 . 2015-12-03 02:03 3171448 ----a-w- c:\windows\system32\nvwmi64.exe
2015-12-03 23:18 . 2015-12-03 02:03 112944 ----a-w- c:\windows\system32\OpenCL.dll
2015-12-03 23:18 . 2015-12-03 02:03 105264 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-12-03 23:18 . 2015-12-03 02:03 3410056 ----a-w- c:\windows\system32\nvapi64.dll
2015-12-03 23:18 . 2015-12-03 02:03 3012160 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-12-03 23:18 . 2015-12-03 02:03 17670528 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-12-03 23:18 . 2015-12-03 02:03 1572496 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-12-03 23:18 . 2015-12-03 02:03 15183072 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-12-03 23:18 . 2015-12-03 02:03 12902080 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-12-03 21:44 . 2015-12-03 02:03 75056 ----a-w- c:\windows\system32\nv3dappshextr.dll
2015-12-03 21:44 . 2015-12-03 02:03 6875768 ----a-w- c:\windows\system32\nvcpl.dll
2015-12-03 21:44 . 2015-12-03 02:03 62584 ----a-w- c:\windows\system32\nvshext.dll
2015-12-03 21:44 . 2015-12-03 02:03 385144 ----a-w- c:\windows\system32\nvmctray.dll
2015-12-03 21:44 . 2015-12-03 02:03 3496752 ----a-w- c:\windows\system32\nvsvc64.dll
2015-12-03 21:44 . 2015-12-03 02:03 2558584 ----a-w- c:\windows\system32\nvsvcr.dll
2015-12-03 21:44 . 2015-12-03 02:03 1255728 ----a-w- c:\windows\system32\nvvsvc.exe
2015-12-03 21:44 . 2015-12-03 02:03 1060472 ----a-w- c:\windows\system32\nv3dappshext.dll
2015-12-03 04:57 . 2015-12-03 04:57 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2015-12-03 04:57 . 2015-12-03 04:57 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2015-12-03 04:57 . 2015-12-03 04:57 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2015-12-03 04:57 . 2015-12-03 04:57 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2015-12-03 04:57 . 2015-12-03 04:57 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2015-12-03 04:57 . 2015-12-03 04:57 235008 ----a-w- c:\windows\system32\elshyph.dll
2015-12-03 04:57 . 2015-12-03 04:57 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2015-12-03 04:57 . 2015-12-03 04:57 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2015-12-03 04:57 . 2015-12-03 04:57 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2015-12-03 04:57 . 2015-12-03 04:57 942592 ----a-w- c:\windows\system32\jsIntl.dll
2015-12-03 04:57 . 2015-12-03 04:57 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2015-12-03 04:57 . 2015-12-03 04:57 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-12-03 04:57 . 2015-12-03 04:57 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2015-12-03 04:57 . 2015-12-03 04:57 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2015-12-03 04:57 . 2015-12-03 04:57 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2015-12-03 04:57 . 2015-12-03 04:57 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2015-12-03 04:57 . 2015-12-03 04:57 247808 ----a-w- c:\windows\system32\msls31.dll
2015-12-03 04:57 . 2015-12-03 04:57 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2015-12-03 04:57 . 2015-12-03 04:57 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2015-12-03 04:57 . 2015-12-03 04:57 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-12-03 04:57 . 2015-12-03 04:57 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2015-12-03 04:57 . 2015-12-03 04:57 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-12-03 04:57 . 2015-12-03 04:57 81408 ----a-w- c:\windows\system32\icardie.dll
2015-12-03 04:57 . 2015-12-03 04:57 77312 ----a-w- c:\windows\system32\tdc.ocx
2015-12-03 04:57 . 2015-12-03 04:57 62464 ----a-w- c:\windows\system32\pngfilt.dll
2015-12-03 04:57 . 2015-12-03 04:57 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2015-12-03 04:57 . 2015-12-03 04:57 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-12-03 04:57 . 2015-12-03 04:57 48128 ----a-w- c:\windows\system32\imgutil.dll
2015-12-03 04:57 . 2015-12-03 04:57 30208 ----a-w- c:\windows\system32\licmgr10.dll
2015-12-03 04:57 . 2015-12-03 04:57 235520 ----a-w- c:\windows\system32\url.dll
2015-12-03 04:57 . 2015-12-03 04:57 167424 ----a-w- c:\windows\system32\iexpress.exe
2015-12-03 04:57 . 2015-12-03 04:57 143872 ----a-w- c:\windows\system32\wextract.exe
2015-12-03 04:57 . 2015-12-03 04:57 13824 ----a-w- c:\windows\system32\mshta.exe
2015-12-03 04:57 . 2015-12-03 04:57 105984 ----a-w- c:\windows\system32\iesysprep.dll
2015-12-03 04:57 . 2015-12-03 04:57 135680 ----a-w- c:\windows\system32\iepeers.dll
2015-12-03 02:22 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2015-12-03 02:22 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2015-12-03 02:09 . 2016-01-25 17:13 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-12-02 21:05 . 2015-12-03 02:03 6063568 ----a-w- c:\windows\system32\nvcoproc.bin
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-08-25 293872]
"CAM"="c:\program files (x86)\NZXT\CAM\CAMLauncher.exe" [2015-10-20 113264]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\\isuspm.exe" [2010-05-21 324976]
"WilPrintCapture"="c:\program files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\WILCAPV.EXE" [2009-02-10 143360]
"QQPCTray"="c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCTRAY.EXE" [BU]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CodeMeter Control Center.lnk - c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe [2015-3-24 10362232]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 TSDefenseBt;TSDefenseBt;c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsDefenseBT64.sys;c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsDefenseBT64.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 Intel(R) ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 tsnethlpx64;TsNetHlpX64.sys;c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsNetHlpX64.sys;c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsNetHlpX64.sys [x]
R3 ALSysIO;ALSysIO;c:\users\VSB\AppData\Local\Temp\ALSysIO64.sys;c:\users\VSB\AppData\Local\Temp\ALSysIO64.sys [x]
R3 cpuz138;cpuz138;c:\users\VSB\AppData\Local\Temp\cpuz138\cpuz138_x64.sys;c:\users\VSB\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 iumsvc;Intel(R) Update Manager;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\NZXT\CAM\CAM_Client_V2.sys;c:\program files (x86)\NZXT\CAM\CAM_Client_V2.sys [x]
S0 asstor64;asstor64;c:\windows\system32\DRIVERS\asstor64.sys;c:\windows\SYSNATIVE\DRIVERS\asstor64.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [x]
S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
S2 impi_hydra;Intel(R) MPI Library Hydra Process Manager;c:\program files (x86)\Intel\MPI-RT\5.0.2.044\intel64\bin\hydra_service.exe;c:\program files (x86)\Intel\MPI-RT\5.0.2.044\intel64\bin\hydra_service.exe [x]
S2 impi_smpd;Intel(R) MPI Library Process Manager;c:\program files (x86)\Intel\MPI-RT\5.0.2.044\intel64\bin\smpd.exe;c:\program files (x86)\Intel\MPI-RT\5.0.2.044\intel64\bin\smpd.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 MAGMA53liccontrol;MAGMA5.3 License Control Service;c:\magma5\v5.3.0\WINDOWS64\bin\MAGMAliccontrol.exe;c:\magma5\v5.3.0\WINDOWS64\bin\MAGMAliccontrol.exe [x]
S2 NVWMI;NVIDIA WMI Provider;c:\windows\system32\nvwmi64.exe;c:\windows\SYSNATIVE\nvwmi64.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 wilusbmonitor;Unimessage Printer Tracking Service;c:\windows\system32\wilpmv64.exe;c:\windows\SYSNATIVE\wilpmv64.exe [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MAGMA53license;MAGMA5.3 License Service;c:\magma5\V53~1.0\WINDOW~1\LICENS~1\..\bin\MAGMALicenseServer.exe;c:\magma5\V53~1.0\WINDOW~1\LICENS~1\..\bin\MAGMALicenseServer.exe [x]
S3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys;c:\windows\SYSNATIVE\drivers\SiUSBXp.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - NAL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-02-22 07:42 1088664 ----a-w- c:\program files (x86)\Google\Chrome\Application\48.0.2564.116\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-08-21 7636696]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2014-08-26 1392344]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2014-05-28 36352]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-01-29 1340192]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2015-12-03 2160248]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 158.196.0.53 158.196.99.166
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{B7667919-3765-4815-A66D-98A09BE662D6} - (no file)
AddRemove-ĂŔÍĽäŻŔŔ - c:\program files (x86)\MTV20160128\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" QQPCTray"="\"c:\\Program Files (x86)\\Tencent\\QQPCMgr\\11.3.17201.218\\QQPCTRAY.EXE\" /regrun /qqrepair"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Celkový čas: 2016-03-01 10:09:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-03-01 09:09
ComboFix2.txt 2016-02-29 10:47
.
Před spuštěním: Volných bajtů: 330 287 800 320
Po spuštění: Volných bajtů: 330 205 605 888
.
- - End Of File - - 0636970EB052CCBC405394BD427F8B27
A36C5E4F47E84449FF07ED3517B43A31
- Přílohy
-
- čínský vir.jpg (82.08 KiB) Zobrazeno 1193 x
Re: Kontrola logu po odstranění nechtěného čínského programu
Tak jsem provedl vše dle Vašich instrukcí ale nechtěný soubor mi v PC pořád visí (viz. obr. příloha)
zde je log z CF:
ComboFix 16-02-29.01 - VSB 01.03.2016 10:06:18.2.16 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.65439.59676 [GMT 1:00]
Spuštěný z: c:\users\VSB\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\VSB\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
SP: Microsoft Security Essentials *Disabled/Updated* {CDE0C533-D3CD-62A1-E772-AFADDF863628}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Baidu
c:\programdata\Baidu
c:\programdata\Baidu\BaiduAn\BDMSOCleaner\SOGarbageConfig.xml
c:\programdata\Baidu\BaiduAn\BDMSOCleaner\SOTraceConfig.xml
c:\programdata\Baidu\BaiduAn\CachedDB_1\000003.log
c:\programdata\Baidu\BaiduAn\CachedDB_1\CURRENT
c:\programdata\Baidu\BaiduAn\CachedDB_1\LOCK
c:\programdata\Baidu\BaiduAn\CachedDB_1\LOG
c:\programdata\Baidu\BaiduAn\CachedDB_1\MANIFEST-000002
c:\programdata\Baidu\BaiduAn\Config\1000.dat
c:\programdata\Baidu\BaiduAn\Config\4401.dat
c:\programdata\Baidu\BaiduAn\Config\4402.dat
c:\programdata\Baidu\BaiduAn\Config\4501.dat
c:\programdata\Baidu\BaiduAn\Config\4700.dat
c:\programdata\Baidu\BaiduAn\Config\6001.dat
c:\programdata\Baidu\BaiduAn\Config\8001.dat
c:\programdata\Baidu\BaiduAn\Config\805.dat
c:\programdata\Baidu\BaiduAn\Config\812.dat
c:\programdata\Baidu\BaiduAn\Config\8500.dat
c:\programdata\Baidu\BaiduAn\Config\900.dat
c:\programdata\Baidu\BaiduAn\Config\config.ini
c:\programdata\Baidu\BaiduAn\FileSignDB\000003.log
c:\programdata\Baidu\BaiduAn\FileSignDB\CURRENT
c:\programdata\Baidu\BaiduAn\FileSignDB\LOCK
c:\programdata\Baidu\BaiduAn\FileSignDB\LOG
c:\programdata\Baidu\BaiduAn\FileSignDB\MANIFEST-000002
c:\programdata\Baidu\BaiduAn\FileUpdate\CommonUpdate\17\0\Download.data
c:\programdata\Baidu\BaiduAn\FileUpdate\CommonUpdate\2\0\Download.data
c:\programdata\Baidu\BaiduAn\FileUpdate\CommonUpdate\36\609\Download.data
c:\programdata\Baidu\BaiduAn\Patch\error.dat
c:\programdata\Baidu\BaiduAn\Patch\publish.db
c:\programdata\Baidu\BaiduAn\SWManager\ultcache.dat
c:\programdata\Baidu\BaiduAn\white_list.db
c:\programdata\Baidu\BrowserProtect\BPCtrl.ini
c:\programdata\Baidu\BrowserProtect\Records.xml
c:\programdata\Baidu\Common\Global.db
c:\programdata\Tencent
c:\programdata\Tencent\QQPCMgr\BlackCacheData2.ini
c:\programdata\Tencent\QQPCMgr\dr.ini
c:\programdata\Tencent\QQPCMgr\dr_packet.dat
c:\programdata\Tencent\QQPCMgr\drsave.dat
c:\programdata\Tencent\QQPCMgr\QMFilemonRep.ini
c:\programdata\Tencent\QQPCMgr\Rtplog.db
c:\programdata\Tencent\QQPCMgr\TaskLog.dat
c:\programdata\TXQMPC
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_QQPCRTP
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-02-01 do 2016-03-01 )))))))))))))))))))))))))))))))
.
.
2016-03-01 09:08 . 2016-03-01 09:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-02-29 11:12 . 2015-11-25 11:02 11154520 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8B2B194D-A51C-4508-A140-B0DA59CE609A}\mpengine.dll
2016-02-29 10:30 . 2016-02-29 10:32 -------- d-----w- C:\AdwCleaner
2016-02-29 10:11 . 2016-02-29 10:17 -------- d-----w- c:\windows\GJFix
2016-02-29 10:10 . 2016-02-29 10:10 87864 ------w- c:\windows\system32\drivers\TFsFltX64.sys
2016-02-29 10:10 . 2016-02-29 10:10 -------- d-----w- c:\program files (x86)\Tencent
2016-02-29 10:09 . 2016-02-29 10:17 -------- d-----w- c:\program files (x86)\Common Files\Baidu
2016-02-29 10:09 . 2016-02-29 10:09 -------- d-----w- c:\users\VSB\AppData\Roaming\Baidu
2016-02-29 10:05 . 2016-02-29 10:05 -------- d-----w- c:\programdata\BOINC
2016-02-29 10:05 . 2016-02-29 10:05 -------- d-----w- c:\windows\Downloaded Installations
2016-02-29 10:04 . 2016-02-29 10:15 -------- d-----w- c:\program files (x86)\Seznam.cz
2016-02-29 10:04 . 2016-02-29 10:15 -------- d-----w- c:\users\VSB\AppData\Roaming\Seznam.cz
2016-02-28 10:01 . 2015-11-25 11:02 11154520 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-02-25 13:04 . 2016-02-26 11:45 -------- d-----w- c:\users\VSB\AppData\Roaming\TeamViewer
2016-02-25 13:04 . 2016-02-25 13:06 -------- d-----w- c:\program files (x86)\TeamViewer
2016-02-22 11:52 . 2016-02-22 12:54 -------- d-----w- c:\users\VSB\AppData\Roaming\FreeCAD
2016-02-19 14:12 . 2015-12-03 21:33 572536 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2016-02-15 14:26 . 2016-02-15 14:26 -------- d-----w- c:\users\VSB\test_dir
2016-02-11 09:54 . 2016-02-11 09:54 -------- d-----w- c:\users\VSB\AppData\Local\Ansys
2016-02-11 09:42 . 2016-03-01 08:58 -------- d-----w- c:\users\VSB\AppData\Roaming\Ansys
2016-02-10 08:49 . 2016-01-11 19:05 98816 ----a-w- c:\windows\system32\wudriver.dll
2016-02-08 15:57 . 2016-02-08 15:57 -------- d-----w- c:\program files\Common Files\DESIGNER
2016-02-08 15:55 . 2016-02-08 15:55 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2016-02-08 13:15 . 2016-02-08 13:15 -------- d-----w- c:\users\VSB\AppData\Local\ElevatedDiagnostics
2016-02-08 13:10 . 2016-02-08 13:10 -------- d-----w- c:\users\VSB\AppData\Local\CEF
2016-02-08 13:09 . 2016-02-08 13:09 -------- d-----w- c:\program files (x86)\TOSHIBA Viewer V2
2016-02-08 13:06 . 2009-07-31 18:55 155136 ----a-w- c:\windows\system32\wilpmv64.exe
2016-02-08 13:06 . 2007-03-17 03:55 81920 ----a-w- c:\windows\system32\P3coinst.dll
2016-02-08 13:06 . 2007-03-16 19:55 115712 ----a-w- c:\windows\system32\P3coin64.dll
2016-02-08 13:06 . 2006-06-15 01:53 90112 ----a-w- c:\windows\system32\WilPrins.dll
2016-02-08 13:06 . 2005-10-21 21:12 61440 ----a-w- c:\windows\system32\WilPrt.exe
2016-02-08 11:47 . 2016-02-08 11:47 -------- d-----w- c:\program files\Microsoft Synchronization Services
2016-02-08 11:47 . 2016-02-08 11:47 -------- d-----w- c:\windows\PCHEALTH
2016-02-08 11:47 . 2016-02-08 11:47 -------- d-----w- c:\program files\Microsoft Sync Framework
2016-02-08 11:47 . 2016-02-08 11:47 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----w- c:\program files\Microsoft Analysis Services
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----w- c:\users\VSB\AppData\Local\Microsoft Help
2016-02-08 11:45 . 2016-02-15 11:15 -------- d-----w- c:\programdata\Microsoft Help
2016-02-08 11:45 . 2016-02-08 11:47 -------- d-----w- c:\program files\Microsoft Office
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----r- C:\MSOCache
2016-02-08 11:38 . 2016-02-08 13:01 -------- d-----w- c:\program files (x86)\Elaborate Bytes
2016-02-08 11:12 . 2016-02-08 11:12 -------- d-----w- c:\users\VSB\AppData\Local\GWX
2016-02-05 08:50 . 2015-12-03 02:09 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3FA3149D-0A32-4793-B281-FC6326C55ACE}\gapaengine.dll
2016-02-05 08:39 . 2016-02-27 02:00 -------- d-s---w- c:\windows\SysWow64\GWX
2016-02-05 08:39 . 2016-02-27 02:00 -------- d-s---w- c:\windows\system32\GWX
2016-02-02 13:37 . 2016-02-02 14:15 -------- d-----w- c:\users\VSB\AppData\Local\Google
2016-02-02 13:37 . 2016-02-02 13:37 -------- d-----w- c:\program files (x86)\Google
2016-02-02 13:37 . 2016-02-02 13:37 -------- d-----w- c:\users\VSB\AppData\Local\Deployment
2016-02-02 13:37 . 2016-02-02 13:37 -------- d-----w- c:\users\VSB\AppData\Local\Apps
2016-02-02 08:34 . 2016-02-29 10:14 -------- d-----w- c:\users\VSB\MAGMAprojects
2016-02-02 08:34 . 2016-02-18 16:58 -------- d-----w- c:\users\VSB\AppData\Local\MAGMA
2016-02-02 08:30 . 2016-02-02 08:30 -------- d-----w- C:\MAGMA5
2016-02-02 08:05 . 2016-02-02 08:05 -------- d-----w- c:\programdata\Intel Corporation
2016-02-02 08:04 . 2016-02-02 08:04 -------- d-----w- c:\programdata\Macrovision
2016-02-02 08:01 . 2016-02-02 08:01 -------- d-----w- c:\program files\WIBU-SYSTEMS
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-02-10 14:48 . 2015-12-03 01:52 146614896 ----a-w- c:\windows\system32\MRT.exe
2016-01-22 06:19 . 2016-02-10 08:49 344064 ----a-w- c:\windows\system32\schannel.dll
2016-01-22 06:05 . 2016-02-10 08:49 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-01-22 05:59 . 2016-02-10 08:49 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-12-09 03:39 . 2015-12-03 01:51 301728 ------w- c:\windows\system32\MpSigStub.exe
2015-12-03 23:18 . 2015-12-03 02:03 3171448 ----a-w- c:\windows\system32\nvwmi64.exe
2015-12-03 23:18 . 2015-12-03 02:03 112944 ----a-w- c:\windows\system32\OpenCL.dll
2015-12-03 23:18 . 2015-12-03 02:03 105264 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-12-03 23:18 . 2015-12-03 02:03 3410056 ----a-w- c:\windows\system32\nvapi64.dll
2015-12-03 23:18 . 2015-12-03 02:03 3012160 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-12-03 23:18 . 2015-12-03 02:03 17670528 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-12-03 23:18 . 2015-12-03 02:03 1572496 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-12-03 23:18 . 2015-12-03 02:03 15183072 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-12-03 23:18 . 2015-12-03 02:03 12902080 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-12-03 21:44 . 2015-12-03 02:03 75056 ----a-w- c:\windows\system32\nv3dappshextr.dll
2015-12-03 21:44 . 2015-12-03 02:03 6875768 ----a-w- c:\windows\system32\nvcpl.dll
2015-12-03 21:44 . 2015-12-03 02:03 62584 ----a-w- c:\windows\system32\nvshext.dll
2015-12-03 21:44 . 2015-12-03 02:03 385144 ----a-w- c:\windows\system32\nvmctray.dll
2015-12-03 21:44 . 2015-12-03 02:03 3496752 ----a-w- c:\windows\system32\nvsvc64.dll
2015-12-03 21:44 . 2015-12-03 02:03 2558584 ----a-w- c:\windows\system32\nvsvcr.dll
2015-12-03 21:44 . 2015-12-03 02:03 1255728 ----a-w- c:\windows\system32\nvvsvc.exe
2015-12-03 21:44 . 2015-12-03 02:03 1060472 ----a-w- c:\windows\system32\nv3dappshext.dll
2015-12-03 04:57 . 2015-12-03 04:57 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2015-12-03 04:57 . 2015-12-03 04:57 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2015-12-03 04:57 . 2015-12-03 04:57 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2015-12-03 04:57 . 2015-12-03 04:57 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2015-12-03 04:57 . 2015-12-03 04:57 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2015-12-03 04:57 . 2015-12-03 04:57 235008 ----a-w- c:\windows\system32\elshyph.dll
2015-12-03 04:57 . 2015-12-03 04:57 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2015-12-03 04:57 . 2015-12-03 04:57 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2015-12-03 04:57 . 2015-12-03 04:57 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2015-12-03 04:57 . 2015-12-03 04:57 942592 ----a-w- c:\windows\system32\jsIntl.dll
2015-12-03 04:57 . 2015-12-03 04:57 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2015-12-03 04:57 . 2015-12-03 04:57 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-12-03 04:57 . 2015-12-03 04:57 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2015-12-03 04:57 . 2015-12-03 04:57 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2015-12-03 04:57 . 2015-12-03 04:57 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2015-12-03 04:57 . 2015-12-03 04:57 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2015-12-03 04:57 . 2015-12-03 04:57 247808 ----a-w- c:\windows\system32\msls31.dll
2015-12-03 04:57 . 2015-12-03 04:57 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2015-12-03 04:57 . 2015-12-03 04:57 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2015-12-03 04:57 . 2015-12-03 04:57 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-12-03 04:57 . 2015-12-03 04:57 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2015-12-03 04:57 . 2015-12-03 04:57 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-12-03 04:57 . 2015-12-03 04:57 81408 ----a-w- c:\windows\system32\icardie.dll
2015-12-03 04:57 . 2015-12-03 04:57 77312 ----a-w- c:\windows\system32\tdc.ocx
2015-12-03 04:57 . 2015-12-03 04:57 62464 ----a-w- c:\windows\system32\pngfilt.dll
2015-12-03 04:57 . 2015-12-03 04:57 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2015-12-03 04:57 . 2015-12-03 04:57 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-12-03 04:57 . 2015-12-03 04:57 48128 ----a-w- c:\windows\system32\imgutil.dll
2015-12-03 04:57 . 2015-12-03 04:57 30208 ----a-w- c:\windows\system32\licmgr10.dll
2015-12-03 04:57 . 2015-12-03 04:57 235520 ----a-w- c:\windows\system32\url.dll
2015-12-03 04:57 . 2015-12-03 04:57 167424 ----a-w- c:\windows\system32\iexpress.exe
2015-12-03 04:57 . 2015-12-03 04:57 143872 ----a-w- c:\windows\system32\wextract.exe
2015-12-03 04:57 . 2015-12-03 04:57 13824 ----a-w- c:\windows\system32\mshta.exe
2015-12-03 04:57 . 2015-12-03 04:57 105984 ----a-w- c:\windows\system32\iesysprep.dll
2015-12-03 04:57 . 2015-12-03 04:57 135680 ----a-w- c:\windows\system32\iepeers.dll
2015-12-03 02:22 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2015-12-03 02:22 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2015-12-03 02:09 . 2016-01-25 17:13 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-12-02 21:05 . 2015-12-03 02:03 6063568 ----a-w- c:\windows\system32\nvcoproc.bin
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-08-25 293872]
"CAM"="c:\program files (x86)\NZXT\CAM\CAMLauncher.exe" [2015-10-20 113264]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\\isuspm.exe" [2010-05-21 324976]
"WilPrintCapture"="c:\program files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\WILCAPV.EXE" [2009-02-10 143360]
"QQPCTray"="c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCTRAY.EXE" [BU]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CodeMeter Control Center.lnk - c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe [2015-3-24 10362232]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 TSDefenseBt;TSDefenseBt;c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsDefenseBT64.sys;c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsDefenseBT64.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 Intel(R) ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 tsnethlpx64;TsNetHlpX64.sys;c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsNetHlpX64.sys;c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsNetHlpX64.sys [x]
R3 ALSysIO;ALSysIO;c:\users\VSB\AppData\Local\Temp\ALSysIO64.sys;c:\users\VSB\AppData\Local\Temp\ALSysIO64.sys [x]
R3 cpuz138;cpuz138;c:\users\VSB\AppData\Local\Temp\cpuz138\cpuz138_x64.sys;c:\users\VSB\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 iumsvc;Intel(R) Update Manager;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\NZXT\CAM\CAM_Client_V2.sys;c:\program files (x86)\NZXT\CAM\CAM_Client_V2.sys [x]
S0 asstor64;asstor64;c:\windows\system32\DRIVERS\asstor64.sys;c:\windows\SYSNATIVE\DRIVERS\asstor64.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [x]
S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
S2 impi_hydra;Intel(R) MPI Library Hydra Process Manager;c:\program files (x86)\Intel\MPI-RT\5.0.2.044\intel64\bin\hydra_service.exe;c:\program files (x86)\Intel\MPI-RT\5.0.2.044\intel64\bin\hydra_service.exe [x]
S2 impi_smpd;Intel(R) MPI Library Process Manager;c:\program files (x86)\Intel\MPI-RT\5.0.2.044\intel64\bin\smpd.exe;c:\program files (x86)\Intel\MPI-RT\5.0.2.044\intel64\bin\smpd.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 MAGMA53liccontrol;MAGMA5.3 License Control Service;c:\magma5\v5.3.0\WINDOWS64\bin\MAGMAliccontrol.exe;c:\magma5\v5.3.0\WINDOWS64\bin\MAGMAliccontrol.exe [x]
S2 NVWMI;NVIDIA WMI Provider;c:\windows\system32\nvwmi64.exe;c:\windows\SYSNATIVE\nvwmi64.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 wilusbmonitor;Unimessage Printer Tracking Service;c:\windows\system32\wilpmv64.exe;c:\windows\SYSNATIVE\wilpmv64.exe [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MAGMA53license;MAGMA5.3 License Service;c:\magma5\V53~1.0\WINDOW~1\LICENS~1\..\bin\MAGMALicenseServer.exe;c:\magma5\V53~1.0\WINDOW~1\LICENS~1\..\bin\MAGMALicenseServer.exe [x]
S3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys;c:\windows\SYSNATIVE\drivers\SiUSBXp.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - NAL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-02-22 07:42 1088664 ----a-w- c:\program files (x86)\Google\Chrome\Application\48.0.2564.116\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-08-21 7636696]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2014-08-26 1392344]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2014-05-28 36352]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-01-29 1340192]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2015-12-03 2160248]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 158.196.0.53 158.196.99.166
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{B7667919-3765-4815-A66D-98A09BE662D6} - (no file)
AddRemove-ĂŔÍĽäŻŔŔ - c:\program files (x86)\MTV20160128\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" QQPCTray"="\"c:\\Program Files (x86)\\Tencent\\QQPCMgr\\11.3.17201.218\\QQPCTRAY.EXE\" /regrun /qqrepair"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Celkový čas: 2016-03-01 10:09:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-03-01 09:09
ComboFix2.txt 2016-02-29 10:47
.
Před spuštěním: Volných bajtů: 330 287 800 320
Po spuštění: Volných bajtů: 330 205 605 888
.
- - End Of File - - 0636970EB052CCBC405394BD427F8B27
A36C5E4F47E84449FF07ED3517B43A31
zde je log z CF:
ComboFix 16-02-29.01 - VSB 01.03.2016 10:06:18.2.16 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.65439.59676 [GMT 1:00]
Spuštěný z: c:\users\VSB\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\VSB\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
SP: Microsoft Security Essentials *Disabled/Updated* {CDE0C533-D3CD-62A1-E772-AFADDF863628}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Baidu
c:\programdata\Baidu
c:\programdata\Baidu\BaiduAn\BDMSOCleaner\SOGarbageConfig.xml
c:\programdata\Baidu\BaiduAn\BDMSOCleaner\SOTraceConfig.xml
c:\programdata\Baidu\BaiduAn\CachedDB_1\000003.log
c:\programdata\Baidu\BaiduAn\CachedDB_1\CURRENT
c:\programdata\Baidu\BaiduAn\CachedDB_1\LOCK
c:\programdata\Baidu\BaiduAn\CachedDB_1\LOG
c:\programdata\Baidu\BaiduAn\CachedDB_1\MANIFEST-000002
c:\programdata\Baidu\BaiduAn\Config\1000.dat
c:\programdata\Baidu\BaiduAn\Config\4401.dat
c:\programdata\Baidu\BaiduAn\Config\4402.dat
c:\programdata\Baidu\BaiduAn\Config\4501.dat
c:\programdata\Baidu\BaiduAn\Config\4700.dat
c:\programdata\Baidu\BaiduAn\Config\6001.dat
c:\programdata\Baidu\BaiduAn\Config\8001.dat
c:\programdata\Baidu\BaiduAn\Config\805.dat
c:\programdata\Baidu\BaiduAn\Config\812.dat
c:\programdata\Baidu\BaiduAn\Config\8500.dat
c:\programdata\Baidu\BaiduAn\Config\900.dat
c:\programdata\Baidu\BaiduAn\Config\config.ini
c:\programdata\Baidu\BaiduAn\FileSignDB\000003.log
c:\programdata\Baidu\BaiduAn\FileSignDB\CURRENT
c:\programdata\Baidu\BaiduAn\FileSignDB\LOCK
c:\programdata\Baidu\BaiduAn\FileSignDB\LOG
c:\programdata\Baidu\BaiduAn\FileSignDB\MANIFEST-000002
c:\programdata\Baidu\BaiduAn\FileUpdate\CommonUpdate\17\0\Download.data
c:\programdata\Baidu\BaiduAn\FileUpdate\CommonUpdate\2\0\Download.data
c:\programdata\Baidu\BaiduAn\FileUpdate\CommonUpdate\36\609\Download.data
c:\programdata\Baidu\BaiduAn\Patch\error.dat
c:\programdata\Baidu\BaiduAn\Patch\publish.db
c:\programdata\Baidu\BaiduAn\SWManager\ultcache.dat
c:\programdata\Baidu\BaiduAn\white_list.db
c:\programdata\Baidu\BrowserProtect\BPCtrl.ini
c:\programdata\Baidu\BrowserProtect\Records.xml
c:\programdata\Baidu\Common\Global.db
c:\programdata\Tencent
c:\programdata\Tencent\QQPCMgr\BlackCacheData2.ini
c:\programdata\Tencent\QQPCMgr\dr.ini
c:\programdata\Tencent\QQPCMgr\dr_packet.dat
c:\programdata\Tencent\QQPCMgr\drsave.dat
c:\programdata\Tencent\QQPCMgr\QMFilemonRep.ini
c:\programdata\Tencent\QQPCMgr\Rtplog.db
c:\programdata\Tencent\QQPCMgr\TaskLog.dat
c:\programdata\TXQMPC
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_QQPCRTP
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-02-01 do 2016-03-01 )))))))))))))))))))))))))))))))
.
.
2016-03-01 09:08 . 2016-03-01 09:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-02-29 11:12 . 2015-11-25 11:02 11154520 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8B2B194D-A51C-4508-A140-B0DA59CE609A}\mpengine.dll
2016-02-29 10:30 . 2016-02-29 10:32 -------- d-----w- C:\AdwCleaner
2016-02-29 10:11 . 2016-02-29 10:17 -------- d-----w- c:\windows\GJFix
2016-02-29 10:10 . 2016-02-29 10:10 87864 ------w- c:\windows\system32\drivers\TFsFltX64.sys
2016-02-29 10:10 . 2016-02-29 10:10 -------- d-----w- c:\program files (x86)\Tencent
2016-02-29 10:09 . 2016-02-29 10:17 -------- d-----w- c:\program files (x86)\Common Files\Baidu
2016-02-29 10:09 . 2016-02-29 10:09 -------- d-----w- c:\users\VSB\AppData\Roaming\Baidu
2016-02-29 10:05 . 2016-02-29 10:05 -------- d-----w- c:\programdata\BOINC
2016-02-29 10:05 . 2016-02-29 10:05 -------- d-----w- c:\windows\Downloaded Installations
2016-02-29 10:04 . 2016-02-29 10:15 -------- d-----w- c:\program files (x86)\Seznam.cz
2016-02-29 10:04 . 2016-02-29 10:15 -------- d-----w- c:\users\VSB\AppData\Roaming\Seznam.cz
2016-02-28 10:01 . 2015-11-25 11:02 11154520 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-02-25 13:04 . 2016-02-26 11:45 -------- d-----w- c:\users\VSB\AppData\Roaming\TeamViewer
2016-02-25 13:04 . 2016-02-25 13:06 -------- d-----w- c:\program files (x86)\TeamViewer
2016-02-22 11:52 . 2016-02-22 12:54 -------- d-----w- c:\users\VSB\AppData\Roaming\FreeCAD
2016-02-19 14:12 . 2015-12-03 21:33 572536 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2016-02-15 14:26 . 2016-02-15 14:26 -------- d-----w- c:\users\VSB\test_dir
2016-02-11 09:54 . 2016-02-11 09:54 -------- d-----w- c:\users\VSB\AppData\Local\Ansys
2016-02-11 09:42 . 2016-03-01 08:58 -------- d-----w- c:\users\VSB\AppData\Roaming\Ansys
2016-02-10 08:49 . 2016-01-11 19:05 98816 ----a-w- c:\windows\system32\wudriver.dll
2016-02-08 15:57 . 2016-02-08 15:57 -------- d-----w- c:\program files\Common Files\DESIGNER
2016-02-08 15:55 . 2016-02-08 15:55 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2016-02-08 13:15 . 2016-02-08 13:15 -------- d-----w- c:\users\VSB\AppData\Local\ElevatedDiagnostics
2016-02-08 13:10 . 2016-02-08 13:10 -------- d-----w- c:\users\VSB\AppData\Local\CEF
2016-02-08 13:09 . 2016-02-08 13:09 -------- d-----w- c:\program files (x86)\TOSHIBA Viewer V2
2016-02-08 13:06 . 2009-07-31 18:55 155136 ----a-w- c:\windows\system32\wilpmv64.exe
2016-02-08 13:06 . 2007-03-17 03:55 81920 ----a-w- c:\windows\system32\P3coinst.dll
2016-02-08 13:06 . 2007-03-16 19:55 115712 ----a-w- c:\windows\system32\P3coin64.dll
2016-02-08 13:06 . 2006-06-15 01:53 90112 ----a-w- c:\windows\system32\WilPrins.dll
2016-02-08 13:06 . 2005-10-21 21:12 61440 ----a-w- c:\windows\system32\WilPrt.exe
2016-02-08 11:47 . 2016-02-08 11:47 -------- d-----w- c:\program files\Microsoft Synchronization Services
2016-02-08 11:47 . 2016-02-08 11:47 -------- d-----w- c:\windows\PCHEALTH
2016-02-08 11:47 . 2016-02-08 11:47 -------- d-----w- c:\program files\Microsoft Sync Framework
2016-02-08 11:47 . 2016-02-08 11:47 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----w- c:\program files\Microsoft Analysis Services
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----w- c:\users\VSB\AppData\Local\Microsoft Help
2016-02-08 11:45 . 2016-02-15 11:15 -------- d-----w- c:\programdata\Microsoft Help
2016-02-08 11:45 . 2016-02-08 11:47 -------- d-----w- c:\program files\Microsoft Office
2016-02-08 11:45 . 2016-02-08 11:45 -------- d-----r- C:\MSOCache
2016-02-08 11:38 . 2016-02-08 13:01 -------- d-----w- c:\program files (x86)\Elaborate Bytes
2016-02-08 11:12 . 2016-02-08 11:12 -------- d-----w- c:\users\VSB\AppData\Local\GWX
2016-02-05 08:50 . 2015-12-03 02:09 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3FA3149D-0A32-4793-B281-FC6326C55ACE}\gapaengine.dll
2016-02-05 08:39 . 2016-02-27 02:00 -------- d-s---w- c:\windows\SysWow64\GWX
2016-02-05 08:39 . 2016-02-27 02:00 -------- d-s---w- c:\windows\system32\GWX
2016-02-02 13:37 . 2016-02-02 14:15 -------- d-----w- c:\users\VSB\AppData\Local\Google
2016-02-02 13:37 . 2016-02-02 13:37 -------- d-----w- c:\program files (x86)\Google
2016-02-02 13:37 . 2016-02-02 13:37 -------- d-----w- c:\users\VSB\AppData\Local\Deployment
2016-02-02 13:37 . 2016-02-02 13:37 -------- d-----w- c:\users\VSB\AppData\Local\Apps
2016-02-02 08:34 . 2016-02-29 10:14 -------- d-----w- c:\users\VSB\MAGMAprojects
2016-02-02 08:34 . 2016-02-18 16:58 -------- d-----w- c:\users\VSB\AppData\Local\MAGMA
2016-02-02 08:30 . 2016-02-02 08:30 -------- d-----w- C:\MAGMA5
2016-02-02 08:05 . 2016-02-02 08:05 -------- d-----w- c:\programdata\Intel Corporation
2016-02-02 08:04 . 2016-02-02 08:04 -------- d-----w- c:\programdata\Macrovision
2016-02-02 08:01 . 2016-02-02 08:01 -------- d-----w- c:\program files\WIBU-SYSTEMS
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-02-10 14:48 . 2015-12-03 01:52 146614896 ----a-w- c:\windows\system32\MRT.exe
2016-01-22 06:19 . 2016-02-10 08:49 344064 ----a-w- c:\windows\system32\schannel.dll
2016-01-22 06:05 . 2016-02-10 08:49 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-01-22 05:59 . 2016-02-10 08:49 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-12-09 03:39 . 2015-12-03 01:51 301728 ------w- c:\windows\system32\MpSigStub.exe
2015-12-03 23:18 . 2015-12-03 02:03 3171448 ----a-w- c:\windows\system32\nvwmi64.exe
2015-12-03 23:18 . 2015-12-03 02:03 112944 ----a-w- c:\windows\system32\OpenCL.dll
2015-12-03 23:18 . 2015-12-03 02:03 105264 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-12-03 23:18 . 2015-12-03 02:03 3410056 ----a-w- c:\windows\system32\nvapi64.dll
2015-12-03 23:18 . 2015-12-03 02:03 3012160 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-12-03 23:18 . 2015-12-03 02:03 17670528 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-12-03 23:18 . 2015-12-03 02:03 1572496 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-12-03 23:18 . 2015-12-03 02:03 15183072 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-12-03 23:18 . 2015-12-03 02:03 12902080 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-12-03 21:44 . 2015-12-03 02:03 75056 ----a-w- c:\windows\system32\nv3dappshextr.dll
2015-12-03 21:44 . 2015-12-03 02:03 6875768 ----a-w- c:\windows\system32\nvcpl.dll
2015-12-03 21:44 . 2015-12-03 02:03 62584 ----a-w- c:\windows\system32\nvshext.dll
2015-12-03 21:44 . 2015-12-03 02:03 385144 ----a-w- c:\windows\system32\nvmctray.dll
2015-12-03 21:44 . 2015-12-03 02:03 3496752 ----a-w- c:\windows\system32\nvsvc64.dll
2015-12-03 21:44 . 2015-12-03 02:03 2558584 ----a-w- c:\windows\system32\nvsvcr.dll
2015-12-03 21:44 . 2015-12-03 02:03 1255728 ----a-w- c:\windows\system32\nvvsvc.exe
2015-12-03 21:44 . 2015-12-03 02:03 1060472 ----a-w- c:\windows\system32\nv3dappshext.dll
2015-12-03 04:57 . 2015-12-03 04:57 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2015-12-03 04:57 . 2015-12-03 04:57 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2015-12-03 04:57 . 2015-12-03 04:57 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2015-12-03 04:57 . 2015-12-03 04:57 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2015-12-03 04:57 . 2015-12-03 04:57 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2015-12-03 04:57 . 2015-12-03 04:57 235008 ----a-w- c:\windows\system32\elshyph.dll
2015-12-03 04:57 . 2015-12-03 04:57 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2015-12-03 04:57 . 2015-12-03 04:57 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2015-12-03 04:57 . 2015-12-03 04:57 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2015-12-03 04:57 . 2015-12-03 04:57 942592 ----a-w- c:\windows\system32\jsIntl.dll
2015-12-03 04:57 . 2015-12-03 04:57 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2015-12-03 04:57 . 2015-12-03 04:57 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-12-03 04:57 . 2015-12-03 04:57 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2015-12-03 04:57 . 2015-12-03 04:57 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2015-12-03 04:57 . 2015-12-03 04:57 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2015-12-03 04:57 . 2015-12-03 04:57 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2015-12-03 04:57 . 2015-12-03 04:57 247808 ----a-w- c:\windows\system32\msls31.dll
2015-12-03 04:57 . 2015-12-03 04:57 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2015-12-03 04:57 . 2015-12-03 04:57 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2015-12-03 04:57 . 2015-12-03 04:57 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-12-03 04:57 . 2015-12-03 04:57 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2015-12-03 04:57 . 2015-12-03 04:57 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-12-03 04:57 . 2015-12-03 04:57 81408 ----a-w- c:\windows\system32\icardie.dll
2015-12-03 04:57 . 2015-12-03 04:57 77312 ----a-w- c:\windows\system32\tdc.ocx
2015-12-03 04:57 . 2015-12-03 04:57 62464 ----a-w- c:\windows\system32\pngfilt.dll
2015-12-03 04:57 . 2015-12-03 04:57 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2015-12-03 04:57 . 2015-12-03 04:57 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-12-03 04:57 . 2015-12-03 04:57 48128 ----a-w- c:\windows\system32\imgutil.dll
2015-12-03 04:57 . 2015-12-03 04:57 30208 ----a-w- c:\windows\system32\licmgr10.dll
2015-12-03 04:57 . 2015-12-03 04:57 235520 ----a-w- c:\windows\system32\url.dll
2015-12-03 04:57 . 2015-12-03 04:57 167424 ----a-w- c:\windows\system32\iexpress.exe
2015-12-03 04:57 . 2015-12-03 04:57 143872 ----a-w- c:\windows\system32\wextract.exe
2015-12-03 04:57 . 2015-12-03 04:57 13824 ----a-w- c:\windows\system32\mshta.exe
2015-12-03 04:57 . 2015-12-03 04:57 105984 ----a-w- c:\windows\system32\iesysprep.dll
2015-12-03 04:57 . 2015-12-03 04:57 135680 ----a-w- c:\windows\system32\iepeers.dll
2015-12-03 02:22 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2015-12-03 02:22 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2015-12-03 02:09 . 2016-01-25 17:13 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-12-02 21:05 . 2015-12-03 02:03 6063568 ----a-w- c:\windows\system32\nvcoproc.bin
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-08-25 293872]
"CAM"="c:\program files (x86)\NZXT\CAM\CAMLauncher.exe" [2015-10-20 113264]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\\isuspm.exe" [2010-05-21 324976]
"WilPrintCapture"="c:\program files (x86)\TOSHIBA Viewer V2\GDI&TWAIN\WILCAPV.EXE" [2009-02-10 143360]
"QQPCTray"="c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCTRAY.EXE" [BU]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CodeMeter Control Center.lnk - c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe [2015-3-24 10362232]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 TSDefenseBt;TSDefenseBt;c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsDefenseBT64.sys;c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsDefenseBT64.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 Intel(R) ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 tsnethlpx64;TsNetHlpX64.sys;c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsNetHlpX64.sys;c:\program files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsNetHlpX64.sys [x]
R3 ALSysIO;ALSysIO;c:\users\VSB\AppData\Local\Temp\ALSysIO64.sys;c:\users\VSB\AppData\Local\Temp\ALSysIO64.sys [x]
R3 cpuz138;cpuz138;c:\users\VSB\AppData\Local\Temp\cpuz138\cpuz138_x64.sys;c:\users\VSB\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 iumsvc;Intel(R) Update Manager;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\NZXT\CAM\CAM_Client_V2.sys;c:\program files (x86)\NZXT\CAM\CAM_Client_V2.sys [x]
S0 asstor64;asstor64;c:\windows\system32\DRIVERS\asstor64.sys;c:\windows\SYSNATIVE\DRIVERS\asstor64.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [x]
S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
S2 impi_hydra;Intel(R) MPI Library Hydra Process Manager;c:\program files (x86)\Intel\MPI-RT\5.0.2.044\intel64\bin\hydra_service.exe;c:\program files (x86)\Intel\MPI-RT\5.0.2.044\intel64\bin\hydra_service.exe [x]
S2 impi_smpd;Intel(R) MPI Library Process Manager;c:\program files (x86)\Intel\MPI-RT\5.0.2.044\intel64\bin\smpd.exe;c:\program files (x86)\Intel\MPI-RT\5.0.2.044\intel64\bin\smpd.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 MAGMA53liccontrol;MAGMA5.3 License Control Service;c:\magma5\v5.3.0\WINDOWS64\bin\MAGMAliccontrol.exe;c:\magma5\v5.3.0\WINDOWS64\bin\MAGMAliccontrol.exe [x]
S2 NVWMI;NVIDIA WMI Provider;c:\windows\system32\nvwmi64.exe;c:\windows\SYSNATIVE\nvwmi64.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 wilusbmonitor;Unimessage Printer Tracking Service;c:\windows\system32\wilpmv64.exe;c:\windows\SYSNATIVE\wilpmv64.exe [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MAGMA53license;MAGMA5.3 License Service;c:\magma5\V53~1.0\WINDOW~1\LICENS~1\..\bin\MAGMALicenseServer.exe;c:\magma5\V53~1.0\WINDOW~1\LICENS~1\..\bin\MAGMALicenseServer.exe [x]
S3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys;c:\windows\SYSNATIVE\drivers\SiUSBXp.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - NAL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-02-22 07:42 1088664 ----a-w- c:\program files (x86)\Google\Chrome\Application\48.0.2564.116\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-08-21 7636696]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2014-08-26 1392344]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2014-05-28 36352]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-01-29 1340192]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2015-12-03 2160248]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 158.196.0.53 158.196.99.166
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{B7667919-3765-4815-A66D-98A09BE662D6} - (no file)
AddRemove-ĂŔÍĽäŻŔŔ - c:\program files (x86)\MTV20160128\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" QQPCTray"="\"c:\\Program Files (x86)\\Tencent\\QQPCMgr\\11.3.17201.218\\QQPCTRAY.EXE\" /regrun /qqrepair"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Celkový čas: 2016-03-01 10:09:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-03-01 09:09
ComboFix2.txt 2016-02-29 10:47
.
Před spuštěním: Volných bajtů: 330 287 800 320
Po spuštění: Volných bajtů: 330 205 605 888
.
- - End Of File - - 0636970EB052CCBC405394BD427F8B27
A36C5E4F47E84449FF07ED3517B43A31
- Přílohy
-
- čínský vir.jpg (82.08 KiB) Zobrazeno 1193 x
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu po odstranění nechtěného čínského programu
Program tam reálně je, nebo zbyl pouze v nabídce start?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu po odstranění nechtěného čínského programu
Zdravím, tak program tam zanechal pouze zástupce, ty jsem smazal a je po problému. Děkuji celému týmu viry.cz za pomoc.
S pozdravem,
Gurubash.
S pozdravem,
Gurubash.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu po odstranění nechtěného čínského programu
Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?
