VIRY.CZ

Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

ComboFix 17-09-14.01 - kompjutr 30.09.2017 9:24.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4093.2248 [GMT 1:00]
Spuštìný z: c:\users\kompjutr\Desktop\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
SP: Avast Antivirus *Disabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\TrueKey\McAfeeTrueKeyPasswordFilter.dll
c:\users\kompjutr\AppData\Local\assembly\tmp
.
.
((((((((((((((((((((((((( Soubory vytvoøené od 2017-08-28 do 2017-09-30 )))))))))))))))))))))))))))))))
.
.
2017-09-30 08:30 . 2017-09-30 08:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-09-30 08:21 . 2017-09-30 08:21 -------- d-----w- c:\programdata\SWCUTemp
2017-09-30 08:02 . 2017-09-30 08:30 -------- d-----w- c:\users\kompjutr\AppData\Local\Temp
2017-09-30 07:54 . 2017-09-30 08:02 -------- d-----w- C:\zoek
2017-09-29 20:04 . 2017-07-28 20:27 400464 ----a-w- c:\windows\system32\aswBoot.exe
2017-09-28 18:01 . 2017-09-28 18:01 -------- d-----w- C:\$AV_ASW
2017-09-27 16:16 . 2017-09-27 16:16 -------- d-----w- c:\program files\Common Files\DESIGNER
2017-09-27 16:00 . 2017-08-16 01:10 395976 ----a-w- c:\windows\system32\iedkcs32.dll
2017-09-26 20:41 . 2017-09-26 20:41 -------- d-----w- C:\_OTM
2017-09-26 18:06 . 2017-09-26 18:18 -------- d-----w- C:\AdwCleaner
2017-09-26 17:08 . 2017-09-26 20:55 -------- d-----w- c:\program files\trend micro
2017-09-26 17:08 . 2017-09-26 17:08 -------- d-----w- C:\rsit
2017-09-26 16:51 . 2017-09-26 16:51 -------- d-----w- c:\users\kompjutr\AppData\Roaming\TeamViewer
2017-09-26 15:58 . 2017-09-26 15:58 -------- d-----w- c:\users\kompjutr\AppData\Local\ElevatedDiagnostics
2017-09-25 15:18 . 2017-09-25 15:18 -------- d-----w- c:\program files (x86)\Common Files\Skype
2017-09-24 19:53 . 2017-09-26 13:35 -------- d-----w- c:\users\kompjutr\AppData\Local\Diagnostics
2017-09-08 05:38 . 2017-09-08 05:38 577736 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
2017-09-08 05:32 . 2017-09-08 05:32 29896 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll
2017-09-08 05:18 . 2017-09-08 05:18 260296 ----a-w- c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-09-27 16:03 . 2017-03-29 20:34 5287616 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2017-09-25 14:47 . 2017-03-31 20:40 138202976 -c--a-w- c:\windows\system32\MRT.exe
2017-08-11 06:35 . 2017-09-27 16:00 345600 ----a-w- c:\windows\system32\schannel.dll
2017-08-11 06:35 . 2017-09-27 16:00 190464 ----a-w- c:\windows\system32\rpchttp.dll
2017-08-11 06:19 . 2017-09-27 16:00 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2017-08-11 06:19 . 2017-09-27 16:00 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2017-08-11 06:19 . 2017-09-27 16:00 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2017-08-09 16:01 . 2017-05-14 09:48 1015880 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2017-08-09 16:01 . 2017-05-14 09:48 146704 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2017-07-29 14:56 . 2017-08-08 19:54 117248 ----a-w- c:\windows\system32\drivers\tdx.sys
2017-07-28 20:26 . 2017-05-14 09:48 57728 ----a-w- c:\windows\system32\drivers\aswbuniva.sys
2017-07-28 20:26 . 2017-05-14 09:48 343288 ----a-w- c:\windows\system32\drivers\aswbloga.sys
2017-07-28 20:26 . 2017-05-14 09:48 198976 ----a-w- c:\windows\system32\drivers\aswbidsha.sys
2017-07-28 20:26 . 2017-05-14 09:48 320008 ----a-w- c:\windows\system32\drivers\aswbidsdrivera.sys
2017-07-21 14:26 . 2017-08-08 19:54 282624 ----a-w- c:\windows\SysWow64\mstext40.dll
2017-07-21 14:26 . 2017-08-08 19:54 518144 ----a-w- c:\windows\SysWow64\msjetoledb40.dll
2017-07-21 14:26 . 2017-08-08 19:54 290816 ----a-w- c:\windows\SysWow64\msjtes40.dll
2017-07-21 14:26 . 2017-08-08 19:54 409600 ----a-w- c:\windows\SysWow64\msexch40.dll
2017-07-14 15:29 . 2017-08-08 19:54 486400 ----a-w- c:\windows\system32\wer.dll
2017-07-14 15:29 . 2017-08-08 19:54 34304 ----a-w- c:\windows\system32\werdiagcontroller.dll
2017-07-14 15:29 . 2017-08-08 19:54 2319872 ----a-w- c:\windows\system32\tquery.dll
2017-07-14 15:29 . 2017-08-08 19:54 2058240 ----a-w- c:\windows\system32\Query.dll
2017-07-14 15:29 . 2017-08-08 19:54 778240 ----a-w- c:\windows\system32\mssvp.dll
2017-07-14 15:29 . 2017-08-08 19:54 2222080 ----a-w- c:\windows\system32\mssrch.dll
2017-07-14 15:29 . 2017-08-08 19:54 491520 ----a-w- c:\windows\system32\mssph.dll
2017-07-14 15:29 . 2017-08-08 19:54 99840 ----a-w- c:\windows\system32\mssprxy.dll
2017-07-14 15:29 . 2017-08-08 19:54 288256 ----a-w- c:\windows\system32\mssphtb.dll
2017-07-14 15:29 . 2017-08-08 19:54 115200 ----a-w- c:\windows\system32\mssitlb.dll
2017-07-14 15:29 . 2017-08-08 19:54 75264 ----a-w- c:\windows\system32\msscntrs.dll
2017-07-14 15:29 . 2017-08-08 19:54 14336 ----a-w- c:\windows\system32\msshooks.dll
2017-07-14 15:12 . 2017-08-08 19:54 591872 ----a-w- c:\windows\system32\SearchIndexer.exe
2017-07-14 15:12 . 2017-08-08 19:54 249856 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2017-07-14 15:11 . 2017-08-08 19:54 113664 ----a-w- c:\windows\system32\SearchFilterHost.exe
2017-07-14 15:10 . 2017-08-08 19:54 382976 ----a-w- c:\windows\SysWow64\wer.dll
2017-07-14 15:10 . 2017-08-08 19:54 1549824 ----a-w- c:\windows\SysWow64\tquery.dll
2017-07-14 15:10 . 2017-08-08 19:54 1363968 ----a-w- c:\windows\SysWow64\Query.dll
2017-07-14 15:10 . 2017-08-08 19:54 666624 ----a-w- c:\windows\SysWow64\mssvp.dll
2017-07-14 15:10 . 2017-08-08 19:54 1400320 ----a-w- c:\windows\SysWow64\mssrch.dll
2017-07-14 15:10 . 2017-08-08 19:54 34816 ----a-w- c:\windows\SysWow64\mssprxy.dll
2017-07-14 15:10 . 2017-08-08 19:54 337408 ----a-w- c:\windows\SysWow64\mssph.dll
2017-07-14 15:10 . 2017-08-08 19:54 197120 ----a-w- c:\windows\SysWow64\mssphtb.dll
2017-07-14 15:10 . 2017-08-08 19:54 104448 ----a-w- c:\windows\SysWow64\mssitlb.dll
2017-07-14 15:10 . 2017-08-08 19:54 59392 ----a-w- c:\windows\SysWow64\msscntrs.dll
2017-07-14 15:00 . 2017-08-08 19:54 427520 ----a-w- c:\windows\SysWow64\SearchIndexer.exe
2017-07-14 15:00 . 2017-08-08 19:54 164352 ----a-w- c:\windows\SysWow64\SearchProtocolHost.exe
2017-07-14 14:59 . 2017-08-08 19:54 86528 ----a-w- c:\windows\SysWow64\SearchFilterHost.exe
2017-07-14 14:59 . 2017-08-08 19:54 9728 ----a-w- c:\windows\SysWow64\msshooks.dll
2017-07-14 14:57 . 2017-08-08 19:54 50688 ----a-w- c:\windows\system32\wermgr.exe
2017-07-14 14:50 . 2017-08-08 19:54 54272 ----a-w- c:\windows\SysWow64\wermgr.exe
2017-07-14 14:50 . 2017-08-08 19:54 28672 ----a-w- c:\windows\SysWow64\werdiagcontroller.dll
2017-07-11 20:34 . 2017-05-14 09:48 361336 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2017-07-11 20:34 . 2017-05-14 09:48 585608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2017-07-11 20:34 . 2017-05-14 09:48 198768 ----a-w- c:\windows\system32\drivers\aswStm.sys
2017-07-11 20:34 . 2017-05-14 09:48 84392 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2017-07-11 20:34 . 2017-05-14 09:48 46984 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2017-07-11 20:34 . 2017-05-14 09:48 110352 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2017-07-11 20:33 . 2017-05-14 09:51 41800 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2017-07-08 15:34 . 2017-08-08 19:54 370920 ----a-w- c:\windows\system32\clfs.sys
2017-07-07 15:33 . 2017-08-08 19:54 363752 ----a-w- c:\windows\system32\drivers\volmgrx.sys
2017-07-07 15:29 . 2017-08-08 19:54 149504 ----a-w- c:\windows\system32\t2embed.dll
2017-07-07 15:11 . 2017-08-08 19:54 109568 ----a-w- c:\windows\SysWow64\t2embed.dll
2017-07-06 04:56 . 2017-07-15 09:47 119296 ----a-w- c:\windows\system32\drivers\bthpan.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštìcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2017-09-23 20:19 2602704 ----a-w- c:\users\kompjutr\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2017-09-23 20:19 2602704 ----a-w- c:\users\kompjutr\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2017-09-23 20:19 2602704 ----a-w- c:\users\kompjutr\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2017-09-23 20:19 2602704 ----a-w- c:\users\kompjutr\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2017-09-23 20:19 2602704 ----a-w- c:\users\kompjutr\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive6]
@="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}"
[HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}]
2017-09-23 20:19 2602704 ----a-w- c:\users\kompjutr\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2017-09-27 16:12 2179272 ----a-w- c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2017-09-27 16:12 2179272 ----a-w- c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2017-09-27 16:12 2179272 ----a-w- c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2017-08-25 27832272]
"Spotify"="c:\users\kompjutr\AppData\Roaming\Spotify\Spotify.exe" [2017-09-26 20644976]
"Spotify Web Helper"="c:\users\kompjutr\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2017-09-26 777840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 InstallerService;Service Installer TrueKey;c:\program files\TrueKey\Mcafee.TrueKey.InstallerService.exe;c:\program files\TrueKey\Mcafee.TrueKey.InstallerService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 WinZip Smart Monitor Service;WinZip Smart Monitor Service;c:\program files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe;c:\program files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe [x]
R3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe [x]
R3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladaè adaptéru pro 64bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 TrueKeyServiceHelper;TrueKeyServiceHelper;c:\program files\TrueKey\McAfee.TrueKey.ServiceHelper.exe;c:\program files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswbidsh;aswbidsh;c:\windows\\SystemRoot\system32\drivers\aswbidsha.sys;c:\windows\\SystemRoot\system32\drivers\aswbidsha.sys [x]
S0 aswblog;aswblog;c:\windows\\SystemRoot\system32\drivers\aswbloga.sys;c:\windows\\SystemRoot\system32\drivers\aswbloga.sys [x]
S0 aswbuniv;aswbuniv;c:\windows\\SystemRoot\system32\drivers\aswbuniva.sys;c:\windows\\SystemRoot\system32\drivers\aswbuniva.sys [x]
S0 aswRvrt;aswRvrt;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys [x]
S0 aswVmm;aswVmm;c:\windows\\SystemRoot\system32\drivers\aswVmm.sys;c:\windows\\SystemRoot\system32\drivers\aswVmm.sys [x]
S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdrivera.sys;c:\windows\SYSNATIVE\drivers\aswbidsdrivera.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 ClickToRunSvc;Služba Microsoft Office Klikni a spus;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe;c:\program files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [x]
S2 TrueKey;Intel Security True Key;c:\program files\TrueKey\McAfee.TrueKey.Service.exe;c:\program files\TrueKey\McAfee.TrueKey.Service.exe [x]
S3 NETw5s64;Ovladaè adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
S3 RTL8167;Ovladaè Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2017-09-23 20:20 2863824 ----a-w- c:\users\kompjutr\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2017-09-23 20:20 2863824 ----a-w- c:\users\kompjutr\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2017-09-23 20:20 2863824 ----a-w- c:\users\kompjutr\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2017-09-23 20:20 2863824 ----a-w- c:\users\kompjutr\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2017-09-23 20:20 2863824 ----a-w- c:\users\kompjutr\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive6]
@="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}"
[HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}]
2017-09-23 20:20 2863824 ----a-w- c:\users\kompjutr\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-07-28 20:27 1527760 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-13 15935520]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-13 82464]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2017-07-28 213832]
"WinZip UN"="c:\program files\WinZip\WZUpdateNotifier.exe" [2017-04-19 1878016]
"WinZip PreLoader"="c:\program files\WinZip\WzPreloader.exe" [2017-04-19 124360]
"WinZip FAH"="c:\program files\WinZip\FAHConsole.exe" [2017-04-19 436416]
.
------- Doplòkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{513FF2B3-D7AB-42F3-A1F6-5B552E7E306E}: DhcpNameServer = 194.168.4.100 194.168.8.100
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
FF - ProfilePath - c:\users\kompjutr\AppData\Roaming\Mozilla\Firefox\Profiles\h1t1171c.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANÌNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-BingSvc - c:\users\kompjutr\AppData\Local\Microsoft\BingSvc\BingSvc.exe
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{e2803110-78b3-4664-a479-3611a381656a} - c:\programdata\Package Cache\{e2803110-78b3-4664-a479-3611a381656a}\VC_redist.x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍÈE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový èas: 2017-09-30 09:35:11
ComboFix-quarantined-files.txt 2017-09-30 08:35
.
Pøed spuštìním: Volných bajtù: 268 322 553 856
Po spuštìní: Volných bajtù: 267 563 962 368
.
- - End Of File - - 089FD97E45D340ABEF638D72D196D4E8
A36C5E4F47E84449FF07ED3517B43A31

OK. Změnilo se něco teď?

Žádné

MistrYpsilon píše: Žádné

Tomu mám rozumět jak? Na otázku

Rudy píše:Změnilo se něco teď

bych očekával odpověď "Ano/Ne".

nic se nezměnilo, pořád ty stránky prý nechodí

OK. Udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 01.10.17
Čas skenování: 17:27
Logovací soubor: 7c38f51e-a6c5-11e7-b3b7-002186d4f72f.json
Správce: Ano

-Informace o softwaru-
Verze: 3.2.2.2029
Verze komponentů: 1.0.207
Aktualizovat verzi balíku komponent: 1.0.2928
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: kompjutr-PC\kompjutr

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 309147
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 3 min, 30 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

PC je zcela bez malwaru. V tomto případě bych se obrátil na providera. V PC samotném zřejmě problém nebude, zvláště, když se to týká všech prohlížečů.