Re: Prosím o kontrolu logu
Napsal: 04 srp 2017 07:37
ComboFix 17-07-31.01 - Zdenka 04.08.2017 1:19.3.2 - x64 NETWORK
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4061.3331 [GMT 2:00]
Spuštěný z: c:\users\Zdenka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Zdenka\Desktop\CFScript.txt
AV: Avast Antivirus *Enabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\programdata\McAfee Security Scan
c:\programdata\McAfee Security Scan\ftstate.ini
c:\users\Zdenka\AppData\Local\ESET
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\esets_apiW.dll
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\esets_apiW_a.dll
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Char_Cache\CACHE.NDB
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\http_update.eset.com\download\engineols3\update.ver
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\lastupd.ver
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod027F.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod029F.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod0C34.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod0CD9.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod11D6.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod1633.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod172E.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod1AC7.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod1AE8.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod32DD.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod41ED.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod4357.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod4D75.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod5785.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod5C53.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod67A2.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod69EF.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod6BDC.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\upd.ver
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\em000_32.dat
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\em001_32.dat
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\em002_32.dat
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\em003_32.dat
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\em004_32.dat
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\em005_32.dat
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\em006_32.dat
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\em023_32.dat
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\esets_api.stg
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-07-03 do 2017-08-03 )))))))))))))))))))))))))))))))
.
.
2017-08-03 23:32 . 2017-08-03 23:32 -------- d-----w- C:\$AV_ASW
2017-08-03 23:27 . 2017-08-03 23:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-08-03 05:27 . 2017-08-03 05:27 -------- d-----w- c:\users\Zdenka\AppData\Local\CEF
2017-08-03 05:18 . 2017-08-03 05:18 -------- d-----w- c:\programdata\SWCUTemp
2017-08-03 05:14 . 2017-08-03 05:14 -------- d-----w- c:\users\Zdenka\AppData\Local\Zemana
2017-08-02 23:43 . 2017-08-02 23:43 -------- d-----w- c:\users\Zdenka\AppData\Local\Broadcom
2017-08-02 23:43 . 2017-08-03 05:16 -------- d-----w- c:\program files (x86)\McAfee
2017-08-02 23:06 . 2017-08-02 22:48 24064 ----a-w- c:\windows\zoek-delete.exe
2017-08-02 23:06 . 2017-08-03 23:32 -------- d-----w- c:\users\Zdenka\AppData\Local\Temp
2017-08-02 22:48 . 2017-08-02 23:03 -------- d-----w- C:\zoek_backup
2017-07-30 17:38 . 2017-08-01 23:37 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2017-07-30 17:38 . 2017-07-30 18:26 -------- d-----w- c:\programdata\RogueKiller
2017-07-30 16:32 . 2017-08-03 23:32 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2017-07-30 16:31 . 2017-07-30 16:31 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2017-07-30 16:31 . 2017-07-30 16:31 -------- d-----w- c:\programdata\Malwarebytes
2017-07-30 16:31 . 2015-03-17 04:15 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2017-07-30 16:31 . 2015-03-17 04:15 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2017-07-30 16:31 . 2015-03-17 04:15 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2017-07-30 16:31 . 2017-07-30 16:31 -------- d-----w- c:\users\Zdenka\AppData\Local\Programs
2017-07-27 22:28 . 2017-08-01 23:33 -------- d-----w- C:\AdwCleaner
2017-07-27 11:08 . 2017-07-27 11:08 400464 ----a-w- c:\windows\system32\aswBoot.exe
2017-07-09 19:54 . 2017-07-09 19:54 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-07-30 15:30 . 2011-04-11 20:12 146696 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2017-07-27 11:06 . 2017-03-10 07:05 57728 ----a-w- c:\windows\system32\drivers\aswbuniva.sys
2017-07-27 11:06 . 2017-03-10 07:05 343288 ----a-w- c:\windows\system32\drivers\aswbloga.sys
2017-07-27 11:06 . 2017-03-10 07:05 320008 ----a-w- c:\windows\system32\drivers\aswbidsdrivera.sys
2017-07-27 11:06 . 2017-03-10 07:05 198976 ----a-w- c:\windows\system32\drivers\aswbidsha.sys
2017-07-09 19:34 . 2013-03-01 13:56 361336 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2017-07-09 19:29 . 2014-03-19 16:02 198768 ----a-w- c:\windows\system32\drivers\aswStm.sys
2017-07-09 19:29 . 2011-04-11 20:12 585608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2017-07-09 19:29 . 2014-04-29 16:06 46984 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2017-07-09 19:29 . 2013-03-01 13:56 84392 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2017-07-09 19:29 . 2012-02-24 09:52 110352 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2017-07-09 19:27 . 2011-04-11 20:12 1015848 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2017-07-09 19:27 . 2016-04-27 18:50 41800 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2017-06-20 06:53 . 2012-12-19 20:27 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-06-20 06:53 . 2011-10-06 18:22 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-07-12 19:49 285000 ----a-w- c:\users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt.17.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-07-12 19:49 285000 ----a-w- c:\users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt.17.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-07-12 19:49 285000 ----a-w- c:\users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt.17.0.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dropbox Update"="c:\users\Zdenka\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2016-11-05 143144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl8"="c:\program files (x86)\ASUSTek\ASUSDVD 8\PDVD8Serv.exe" [2009-04-16 91432]
"PDVD8LanguageShortcut"="c:\program files (x86)\ASUSTek\ASUSDVD 8\Language\Language.exe" [2009-04-16 50472]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624]
"CLMLServer"="c:\program files (x86)\Cyberlink\Power2Go\CLMLSvc.exe" [2008-07-18 104936]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-09-24 210216]
"UpdatePPShortCut"="c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]
"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-10-22 210216]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-04-23 311152]
"Clarus Drive Manager"="c:\program files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe" [2015-08-19 8139480]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2016-12-17 1160408]
.
c:\users\Zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Zdenka\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2017-7-14 3486520]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-2 1079584]
FancyStart daemon.lnk - c:\windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe -d [2009-10-31 12862]
Samsung Drive Manager Real-Time.lnk - c:\program files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe [2017-3-2 136192]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe /f=srs_premium_sound_nopreset.zip /h [2009-10-31 156880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 InstallerService;Service Installer TrueKey;c:\program files\TrueKey\Mcafee.TrueKey.InstallerService.exe;c:\program files\TrueKey\Mcafee.TrueKey.InstallerService.exe [x]
R2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys;c:\windows\SYSNATIVE\DRIVERS\adusbser.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 aswVmm;aswVmm;c:\users\Zdenka\AppData\Local\Temp\aswVmm.sys;c:\users\Zdenka\AppData\Local\Temp\aswVmm.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys;c:\windows\SYSNATIVE\DRIVERS\ipswuio.sys [x]
R3 massfilter_hs;HS HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys;c:\windows\SYSNATIVE\drivers\massfilter_hs.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.11.587\McCHSvc.exe;c:\program files\McAfee Security Scan\3.11.587\McCHSvc.exe [x]
R3 NETw1v64;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw1v64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw1v64.sys [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TrueKeyServiceHelper;TrueKeyServiceHelper;c:\program files\TrueKey\McAfee.TrueKey.ServiceHelper.exe;c:\program files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswbidsh;aswbidsh;c:\windows\\SystemRoot\system32\drivers\aswbidsha.sys;c:\windows\\SystemRoot\system32\drivers\aswbidsha.sys [x]
S0 aswblog;aswblog;c:\windows\\SystemRoot\system32\drivers\aswbloga.sys;c:\windows\\SystemRoot\system32\drivers\aswbloga.sys [x]
S0 aswbuniv;aswbuniv;c:\windows\\SystemRoot\system32\drivers\aswbuniva.sys;c:\windows\\SystemRoot\system32\drivers\aswbuniva.sys [x]
S0 aswRvrt;aswRvrt;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys [x]
S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdrivera.sys;c:\windows\SYSNATIVE\drivers\aswbidsdrivera.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys;c:\program files\ATKGFNEX\ASMMAP64.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 SZDrvSvc;Samsung Drive Manager Service;c:\program files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe;c:\program files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [x]
S2 TrueKey;Intel Security True Key;c:\program files\TrueKey\McAfee.TrueKey.Service.exe;c:\program files\TrueKey\McAfee.TrueKey.Service.exe [x]
S3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 mdf16;mdf16;c:\program files (x86)\Clarus\Samsung Drive Manager\mdf16.sys;c:\program files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [x]
S3 mvd23;mvd23;c:\program files (x86)\Clarus\Samsung Drive Manager\mvd23.sys;c:\program files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [x]
S3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
Obsah adresáře 'Naplánované úlohy'
.
2017-03-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-19 06:53]
.
2017-03-01 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-710972117-1834648420-811751981-1000Core.job
- c:\users\Zdenka\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-29 08:45]
.
2017-03-02 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-710972117-1834648420-811751981-1000UA.job
- c:\users\Zdenka\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-29 08:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-07-27 11:08 1527760 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-07-27 11:08 1527760 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-07-12 19:49 333128 ----a-w- c:\users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-07-12 19:49 333128 ----a-w- c:\users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-07-12 19:49 333128 ----a-w- c:\users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-07-12 19:49 333128 ----a-w- c:\users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1]
@="{fe25455d-b4c2-4e32-97d2-92632ec1c224}"
[HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}]
2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2]
@="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}"
[HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}]
2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EeeStorageBackup"="c:\program files (x86)\ASUS\Asus WebStorage\BackupService.exe" [2009-08-25 947472]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-05 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-05 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-05 365592]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-28 16336488]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-07-30 617856]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2017-07-27 213832]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Zdenka\AppData\Roaming\Mozilla\Firefox\Profiles\hp6vozql.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-ASUS_UL_Series_Screensaver - c:\windows\system32\ASUS_UL_Series_Screensaver.scr
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{e2803110-78b3-4664-a479-3611a381656a} - c:\programdata\Package Cache\{e2803110-78b3-4664-a479-3611a381656a}\VC_redist.x86.exe
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\PowerDVD\PDVDServ.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\Cyberlink\Shared files\RichVideo.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files\AVAST Software\SZBrowser\launcher.exe
c:\program files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser_autoupdate.exe
.
**************************************************************************
.
Celkový čas: 2017-08-04 01:40:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2017-08-03 23:40
ComboFix2.txt 2017-08-03 05:42
.
Před spuštěním: Volných bajtů: 51 538 472 960
Po spuštění: Volných bajtů: 51 039 506 432
.
- - End Of File - - 346095316D123E657F83DC08211767BC
5C616939100B85E558DA92B899A0FC36
aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2017-08-04 07:10:31
-----------------------------
07:10:31.937 OS Version: Windows x64 6.1.7601 Service Pack 1
07:10:31.937 Number of processors: 2 586 0x170A
07:10:31.937 ComputerName: ZDENKA-PC UserName: Zdenka
07:10:32.420 Initialize success
07:10:34.651 AVAST engine defs: 17080308
07:10:46.569 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
07:10:46.569 Disk 0 Vendor: ST950032 0002 Size: 476940MB BusType: 3
07:10:46.741 Disk 0 MBR read successfully
07:10:46.741 Disk 0 MBR scan
07:10:47.193 Disk 0 Windows VISTA default MBR code
07:10:47.599 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 14998 MB offset 2048
07:10:47.693 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 119231 MB offset 30717952
07:10:47.708 Disk 0 default boot code
07:10:47.817 Disk 0 Partition - 00 0F Extended LBA 342706 MB offset 274904280
07:10:47.849 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 342706 MB offset 274904343
07:10:48.098 Disk 0 scanning C:\Windows\system32\drivers
07:11:12.029 Service scanning
07:11:46.255 Modules scanning
07:11:46.255 Disk 0 trace - called modules:
07:11:46.318 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
07:11:46.333 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c3b060]
07:11:46.333 3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> [0xfffffa8004a7ab50]
07:11:46.349 5 ACPI.sys[fffff88000f207a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a79050]
07:11:46.567 AVAST engine scan C:\Windows
07:11:50.888 AVAST engine scan C:\Windows\system32
07:16:10.551 AVAST engine scan C:\Windows\system32\drivers
07:16:30.675 AVAST engine scan C:\Users\Zdenka
07:23:12.578 File: C:\Users\Zdenka\Desktop\zoek.exe **INFECTED** Win32:Malware-gen
07:25:34.242 AVAST engine scan C:\ProgramData
07:28:54.188 Disk 0 statistics 4140100/0/0 @ 2,96 MB/s
07:28:54.203 Scan finished successfully
07:36:24.405 Disk 0 MBR has been saved successfully to "C:\Users\Zdenka\Desktop\MBR.dat"
07:36:24.420 The log file has been saved successfully to "C:\Users\Zdenka\Desktop\aswMBR.txt"
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4061.3331 [GMT 2:00]
Spuštěný z: c:\users\Zdenka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Zdenka\Desktop\CFScript.txt
AV: Avast Antivirus *Enabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\programdata\McAfee Security Scan
c:\programdata\McAfee Security Scan\ftstate.ini
c:\users\Zdenka\AppData\Local\ESET
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\esets_apiW.dll
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\esets_apiW_a.dll
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Char_Cache\CACHE.NDB
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\http_update.eset.com\download\engineols3\update.ver
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\lastupd.ver
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod027F.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod029F.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod0C34.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod0CD9.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod11D6.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod1633.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod172E.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod1AC7.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod1AE8.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod32DD.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod41ED.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod4357.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod4D75.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod5785.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod5C53.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod67A2.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod69EF.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod6BDC.nup
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\upd.ver
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\em000_32.dat
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\em001_32.dat
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\em002_32.dat
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\em003_32.dat
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\em004_32.dat
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\em005_32.dat
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\em006_32.dat
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\em023_32.dat
c:\users\Zdenka\AppData\Local\ESET\ESETOnlineScanner\Modules\esets_api.stg
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-07-03 do 2017-08-03 )))))))))))))))))))))))))))))))
.
.
2017-08-03 23:32 . 2017-08-03 23:32 -------- d-----w- C:\$AV_ASW
2017-08-03 23:27 . 2017-08-03 23:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-08-03 05:27 . 2017-08-03 05:27 -------- d-----w- c:\users\Zdenka\AppData\Local\CEF
2017-08-03 05:18 . 2017-08-03 05:18 -------- d-----w- c:\programdata\SWCUTemp
2017-08-03 05:14 . 2017-08-03 05:14 -------- d-----w- c:\users\Zdenka\AppData\Local\Zemana
2017-08-02 23:43 . 2017-08-02 23:43 -------- d-----w- c:\users\Zdenka\AppData\Local\Broadcom
2017-08-02 23:43 . 2017-08-03 05:16 -------- d-----w- c:\program files (x86)\McAfee
2017-08-02 23:06 . 2017-08-02 22:48 24064 ----a-w- c:\windows\zoek-delete.exe
2017-08-02 23:06 . 2017-08-03 23:32 -------- d-----w- c:\users\Zdenka\AppData\Local\Temp
2017-08-02 22:48 . 2017-08-02 23:03 -------- d-----w- C:\zoek_backup
2017-07-30 17:38 . 2017-08-01 23:37 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2017-07-30 17:38 . 2017-07-30 18:26 -------- d-----w- c:\programdata\RogueKiller
2017-07-30 16:32 . 2017-08-03 23:32 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2017-07-30 16:31 . 2017-07-30 16:31 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2017-07-30 16:31 . 2017-07-30 16:31 -------- d-----w- c:\programdata\Malwarebytes
2017-07-30 16:31 . 2015-03-17 04:15 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2017-07-30 16:31 . 2015-03-17 04:15 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2017-07-30 16:31 . 2015-03-17 04:15 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2017-07-30 16:31 . 2017-07-30 16:31 -------- d-----w- c:\users\Zdenka\AppData\Local\Programs
2017-07-27 22:28 . 2017-08-01 23:33 -------- d-----w- C:\AdwCleaner
2017-07-27 11:08 . 2017-07-27 11:08 400464 ----a-w- c:\windows\system32\aswBoot.exe
2017-07-09 19:54 . 2017-07-09 19:54 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-07-30 15:30 . 2011-04-11 20:12 146696 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2017-07-27 11:06 . 2017-03-10 07:05 57728 ----a-w- c:\windows\system32\drivers\aswbuniva.sys
2017-07-27 11:06 . 2017-03-10 07:05 343288 ----a-w- c:\windows\system32\drivers\aswbloga.sys
2017-07-27 11:06 . 2017-03-10 07:05 320008 ----a-w- c:\windows\system32\drivers\aswbidsdrivera.sys
2017-07-27 11:06 . 2017-03-10 07:05 198976 ----a-w- c:\windows\system32\drivers\aswbidsha.sys
2017-07-09 19:34 . 2013-03-01 13:56 361336 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2017-07-09 19:29 . 2014-03-19 16:02 198768 ----a-w- c:\windows\system32\drivers\aswStm.sys
2017-07-09 19:29 . 2011-04-11 20:12 585608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2017-07-09 19:29 . 2014-04-29 16:06 46984 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2017-07-09 19:29 . 2013-03-01 13:56 84392 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2017-07-09 19:29 . 2012-02-24 09:52 110352 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2017-07-09 19:27 . 2011-04-11 20:12 1015848 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2017-07-09 19:27 . 2016-04-27 18:50 41800 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2017-06-20 06:53 . 2012-12-19 20:27 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-06-20 06:53 . 2011-10-06 18:22 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-07-12 19:49 285000 ----a-w- c:\users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt.17.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-07-12 19:49 285000 ----a-w- c:\users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt.17.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-07-12 19:49 285000 ----a-w- c:\users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt.17.0.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dropbox Update"="c:\users\Zdenka\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2016-11-05 143144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl8"="c:\program files (x86)\ASUSTek\ASUSDVD 8\PDVD8Serv.exe" [2009-04-16 91432]
"PDVD8LanguageShortcut"="c:\program files (x86)\ASUSTek\ASUSDVD 8\Language\Language.exe" [2009-04-16 50472]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624]
"CLMLServer"="c:\program files (x86)\Cyberlink\Power2Go\CLMLSvc.exe" [2008-07-18 104936]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-09-24 210216]
"UpdatePPShortCut"="c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]
"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-10-22 210216]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-04-23 311152]
"Clarus Drive Manager"="c:\program files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe" [2015-08-19 8139480]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2016-12-17 1160408]
.
c:\users\Zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Zdenka\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2017-7-14 3486520]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-2 1079584]
FancyStart daemon.lnk - c:\windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe -d [2009-10-31 12862]
Samsung Drive Manager Real-Time.lnk - c:\program files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe [2017-3-2 136192]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe /f=srs_premium_sound_nopreset.zip /h [2009-10-31 156880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 InstallerService;Service Installer TrueKey;c:\program files\TrueKey\Mcafee.TrueKey.InstallerService.exe;c:\program files\TrueKey\Mcafee.TrueKey.InstallerService.exe [x]
R2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys;c:\windows\SYSNATIVE\DRIVERS\adusbser.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 aswVmm;aswVmm;c:\users\Zdenka\AppData\Local\Temp\aswVmm.sys;c:\users\Zdenka\AppData\Local\Temp\aswVmm.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys;c:\windows\SYSNATIVE\DRIVERS\ipswuio.sys [x]
R3 massfilter_hs;HS HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys;c:\windows\SYSNATIVE\drivers\massfilter_hs.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.11.587\McCHSvc.exe;c:\program files\McAfee Security Scan\3.11.587\McCHSvc.exe [x]
R3 NETw1v64;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw1v64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw1v64.sys [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TrueKeyServiceHelper;TrueKeyServiceHelper;c:\program files\TrueKey\McAfee.TrueKey.ServiceHelper.exe;c:\program files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswbidsh;aswbidsh;c:\windows\\SystemRoot\system32\drivers\aswbidsha.sys;c:\windows\\SystemRoot\system32\drivers\aswbidsha.sys [x]
S0 aswblog;aswblog;c:\windows\\SystemRoot\system32\drivers\aswbloga.sys;c:\windows\\SystemRoot\system32\drivers\aswbloga.sys [x]
S0 aswbuniv;aswbuniv;c:\windows\\SystemRoot\system32\drivers\aswbuniva.sys;c:\windows\\SystemRoot\system32\drivers\aswbuniva.sys [x]
S0 aswRvrt;aswRvrt;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys [x]
S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdrivera.sys;c:\windows\SYSNATIVE\drivers\aswbidsdrivera.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys;c:\program files\ATKGFNEX\ASMMAP64.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 SZDrvSvc;Samsung Drive Manager Service;c:\program files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe;c:\program files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [x]
S2 TrueKey;Intel Security True Key;c:\program files\TrueKey\McAfee.TrueKey.Service.exe;c:\program files\TrueKey\McAfee.TrueKey.Service.exe [x]
S3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 mdf16;mdf16;c:\program files (x86)\Clarus\Samsung Drive Manager\mdf16.sys;c:\program files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [x]
S3 mvd23;mvd23;c:\program files (x86)\Clarus\Samsung Drive Manager\mvd23.sys;c:\program files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [x]
S3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
Obsah adresáře 'Naplánované úlohy'
.
2017-03-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-19 06:53]
.
2017-03-01 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-710972117-1834648420-811751981-1000Core.job
- c:\users\Zdenka\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-29 08:45]
.
2017-03-02 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-710972117-1834648420-811751981-1000UA.job
- c:\users\Zdenka\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-29 08:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-07-27 11:08 1527760 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-07-27 11:08 1527760 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-07-12 19:49 333128 ----a-w- c:\users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-07-12 19:49 333128 ----a-w- c:\users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-07-12 19:49 333128 ----a-w- c:\users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-07-12 19:49 333128 ----a-w- c:\users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1]
@="{fe25455d-b4c2-4e32-97d2-92632ec1c224}"
[HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}]
2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2]
@="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}"
[HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}]
2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EeeStorageBackup"="c:\program files (x86)\ASUS\Asus WebStorage\BackupService.exe" [2009-08-25 947472]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-05 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-05 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-05 365592]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-28 16336488]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-07-30 617856]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2017-07-27 213832]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Zdenka\AppData\Roaming\Mozilla\Firefox\Profiles\hp6vozql.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-ASUS_UL_Series_Screensaver - c:\windows\system32\ASUS_UL_Series_Screensaver.scr
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{e2803110-78b3-4664-a479-3611a381656a} - c:\programdata\Package Cache\{e2803110-78b3-4664-a479-3611a381656a}\VC_redist.x86.exe
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\PowerDVD\PDVDServ.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\Cyberlink\Shared files\RichVideo.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files\AVAST Software\SZBrowser\launcher.exe
c:\program files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser_autoupdate.exe
.
**************************************************************************
.
Celkový čas: 2017-08-04 01:40:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2017-08-03 23:40
ComboFix2.txt 2017-08-03 05:42
.
Před spuštěním: Volných bajtů: 51 538 472 960
Po spuštění: Volných bajtů: 51 039 506 432
.
- - End Of File - - 346095316D123E657F83DC08211767BC
5C616939100B85E558DA92B899A0FC36
aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2017-08-04 07:10:31
-----------------------------
07:10:31.937 OS Version: Windows x64 6.1.7601 Service Pack 1
07:10:31.937 Number of processors: 2 586 0x170A
07:10:31.937 ComputerName: ZDENKA-PC UserName: Zdenka
07:10:32.420 Initialize success
07:10:34.651 AVAST engine defs: 17080308
07:10:46.569 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
07:10:46.569 Disk 0 Vendor: ST950032 0002 Size: 476940MB BusType: 3
07:10:46.741 Disk 0 MBR read successfully
07:10:46.741 Disk 0 MBR scan
07:10:47.193 Disk 0 Windows VISTA default MBR code
07:10:47.599 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 14998 MB offset 2048
07:10:47.693 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 119231 MB offset 30717952
07:10:47.708 Disk 0 default boot code
07:10:47.817 Disk 0 Partition - 00 0F Extended LBA 342706 MB offset 274904280
07:10:47.849 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 342706 MB offset 274904343
07:10:48.098 Disk 0 scanning C:\Windows\system32\drivers
07:11:12.029 Service scanning
07:11:46.255 Modules scanning
07:11:46.255 Disk 0 trace - called modules:
07:11:46.318 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
07:11:46.333 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c3b060]
07:11:46.333 3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> [0xfffffa8004a7ab50]
07:11:46.349 5 ACPI.sys[fffff88000f207a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a79050]
07:11:46.567 AVAST engine scan C:\Windows
07:11:50.888 AVAST engine scan C:\Windows\system32
07:16:10.551 AVAST engine scan C:\Windows\system32\drivers
07:16:30.675 AVAST engine scan C:\Users\Zdenka
07:23:12.578 File: C:\Users\Zdenka\Desktop\zoek.exe **INFECTED** Win32:Malware-gen
07:25:34.242 AVAST engine scan C:\ProgramData
07:28:54.188 Disk 0 statistics 4140100/0/0 @ 2,96 MB/s
07:28:54.203 Scan finished successfully
07:36:24.405 Disk 0 MBR has been saved successfully to "C:\Users\Zdenka\Desktop\MBR.dat"
07:36:24.420 The log file has been saved successfully to "C:\Users\Zdenka\Desktop\aswMBR.txt"