Prosím o kontrolu logu
Napsal: 17 pro 2015 11:18
Dobrý den,u počítače mi dochází nepravidelně k automatickému restartu počítače na př. stačí když nechám něco stahovat a nebo jen serfuju a nebo nědělám vůbec nic jen si něco prohlížím a když mám štěstí a sedím zrovna u počítače tak najednou plocha zčerná a dojde k restartu. Po restartu počítač bezchybně naběhne a zádná chybová zpráva se nezobrazí.Prosím Vás čím asi tato neočekávaná závada vzniká a jak jí odstranit? (používám antivir a často provádím kotroly a čištění). Provedl jsem čištění v Combo Fix a posílám ještě logo ke kotrole. Děkuji za doporučení
jozunost
ComboFix 15-12-16.01 - jozunost 17.12.2015 11:04:35.6.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8062.5974 [GMT 1:00]
Spuštěný z: c:\users\jozunost\Desktop\Prosím o kontrolu loga\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Public\Documents\bootracer.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-11-17 do 2015-12-17 )))))))))))))))))))))))))))))))
.
.
2015-12-17 10:07 . 2015-12-17 10:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-12-17 08:36 . 2015-12-17 08:36 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B77914B0-4115-40F4-8937-DB68C2FFF3C9}\offreg.1056.dll
2015-12-16 13:38 . 2015-12-16 13:44 -------- d-----w- C:\dddd
2015-12-16 12:45 . 2015-10-29 00:28 11138400 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B77914B0-4115-40F4-8937-DB68C2FFF3C9}\mpengine.dll
2015-12-16 11:06 . 2015-12-16 11:09 -------- d-----w- c:\program files\trend micro
2015-12-16 11:06 . 2015-12-16 11:07 -------- d-----w- C:\rsit
2015-12-16 10:15 . 2015-10-29 00:28 11138400 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-12-16 09:34 . 2015-12-16 10:14 -------- d-----w- c:\program files (x86)\PcMedik
2015-12-16 08:49 . 2015-12-16 08:49 -------- d-----w- C:\5-16.12.2015 (8.40 GB)
2015-12-15 11:17 . 2015-12-16 10:14 -------- d-----w- c:\program files\HWiNFO64
2015-12-14 16:59 . 2015-12-14 17:00 -------- d-----w- C:\totalcmd
2015-12-11 13:54 . 2015-12-11 13:54 -------- d-----w- c:\program files (x86)\Wise
2015-12-11 09:03 . 2015-12-11 09:03 -------- d-----w- C:\AdwCleaner
2015-12-10 12:23 . 2015-12-10 12:23 -------- d-----w- c:\program files (x86)\Glarysoft
2015-12-10 12:23 . 2015-12-10 12:23 -------- d-----w- C:\Extracted
2015-12-10 08:37 . 2015-12-06 19:04 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-12-10 08:37 . 2015-12-06 19:04 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BC7420C7-9685-41D7-B0A5-2BD170D12F2E}\gapaengine.dll
2015-12-09 18:33 . 2015-12-09 18:33 22200 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2015-12-08 15:31 . 2015-12-08 15:31 -------- d-----w- c:\program files (x86)\Double Driver
2015-12-08 14:00 . 2015-12-08 15:51 -------- d-----w- c:\program files\Soluto
2015-12-08 11:25 . 2015-12-08 11:25 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-12-08 11:25 . 2015-12-08 11:25 -------- d-----w- c:\programdata\Oracle
2015-12-08 11:25 . 2015-12-08 11:25 -------- d-----w- c:\program files (x86)\Java
2015-12-08 11:10 . 2015-12-08 11:10 -------- d-----w- c:\program files (x86)\Microsoft
2015-12-07 20:04 . 2015-12-07 20:04 -------- d-----w- c:\programdata\Ahead
2015-12-07 15:05 . 2015-12-08 14:00 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin
2015-12-07 15:05 . 2015-12-08 15:51 -------- dc----w- c:\windows\system32\DRVSTORE
2015-12-07 15:05 . 2015-12-08 15:51 -------- d-----w- c:\programdata\Soluto
2015-12-07 14:19 . 2015-12-16 10:16 -------- d-----w- c:\programdata\BootRacer
2015-12-07 14:17 . 2015-12-17 08:36 -------- d-----w- c:\program files (x86)\BootRacer
2015-12-07 13:38 . 2015-12-07 13:38 -------- d--h--w- c:\programdata\CanonIJMyPrinter
2015-12-07 13:34 . 2015-12-07 20:04 -------- d-----w- c:\program files (x86)\Common Files\Ahead
2015-12-07 13:34 . 2015-12-07 20:04 -------- d-----w- c:\programdata\Nero
2015-12-07 13:34 . 2015-12-07 13:34 -------- d-----w- c:\program files (x86)\Nero
2015-12-07 13:22 . 2015-12-08 13:30 -------- d-----w- c:\program files (x86)\Your Uninstaller! 7
2015-12-07 12:56 . 2015-12-07 12:56 -------- d-----w- c:\programdata\McAfee
2015-12-07 12:56 . 2015-12-11 14:45 796864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-12-07 12:56 . 2015-12-11 14:45 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-07 12:56 . 2015-12-08 13:29 -------- d-----w- c:\windows\SysWow64\Macromed
2015-12-07 12:56 . 2015-12-08 13:29 -------- d-----w- c:\windows\system32\Macromed
2015-12-07 12:26 . 2015-12-07 12:26 -------- d-----w- c:\programdata\Licenses
2015-12-07 10:48 . 2015-12-07 10:48 -------- d-----w- c:\program files (x86)\xchat
2015-12-07 10:45 . 2015-12-16 13:05 -------- d-----w- c:\program files (x86)\TeamViewer
2015-12-07 10:33 . 2015-12-07 10:33 -------- d-----r- C:\bootwiz
2015-12-07 09:39 . 2015-12-07 09:39 -------- d-----w- c:\windows\cs
2015-12-07 09:38 . 2015-12-07 09:38 -------- d-----w- c:\program files\Windows Live
2015-12-07 09:38 . 2010-06-02 03:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2015-12-07 09:38 . 2010-06-02 03:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll
2015-12-07 09:38 . 2010-06-02 03:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll
2015-12-07 09:38 . 2010-06-02 03:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2015-12-07 09:38 . 2010-05-26 10:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2015-12-07 09:38 . 2010-05-26 10:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2015-12-07 09:38 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2015-12-07 09:38 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll
2015-12-07 09:37 . 2015-12-07 09:37 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2015-12-07 09:37 . 2015-12-07 09:38 -------- d-----w- c:\program files (x86)\Windows Live
2015-12-07 09:36 . 2009-09-04 16:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2015-12-07 09:36 . 2009-09-04 16:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2015-12-07 09:36 . 2009-09-04 16:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2015-12-07 09:36 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2015-12-07 09:36 . 2006-11-29 12:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll
2015-12-07 09:36 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll
2015-12-07 09:36 . 2015-12-07 09:36 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2015-12-07 08:51 . 2015-12-11 09:02 -------- d-----w- c:\program files (x86)\Security Task Manager
2015-12-06 21:11 . 2015-12-06 21:11 285280 ----a-w- c:\windows\system32\drivers\afcdp.sys
2015-12-06 21:11 . 2015-12-06 21:11 1263200 ----a-w- c:\windows\system32\drivers\tdrpm273.sys
2015-12-06 21:11 . 2015-12-06 21:11 970336 ----a-w- c:\windows\system32\drivers\timntr.sys
2015-12-06 21:11 . 2015-12-06 21:11 277088 ----a-w- c:\windows\system32\drivers\snapman.sys
2015-12-06 20:53 . 2015-12-06 21:11 -------- d-----w- c:\program files (x86)\Common Files\Acronis
2015-12-06 20:53 . 2015-12-06 20:53 -------- d-----w- c:\program files (x86)\Acronis
2015-12-06 20:31 . 2015-12-06 20:31 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-12-06 20:29 . 2015-12-06 20:31 -------- d-----r- c:\program files (x86)\Skype
2015-12-06 20:22 . 2015-12-06 20:22 -------- d-----w- c:\programdata\Tmp0x0x
2015-12-06 20:22 . 2015-12-06 20:25 -------- d-----w- c:\program files (x86)\Opera
2015-12-06 20:14 . 2015-12-06 20:14 -------- d-----w- c:\windows\system32\appmgmt
2015-12-06 19:59 . 2015-12-06 20:31 -------- d-----w- c:\programdata\Skype
2015-12-06 19:57 . 2015-12-06 19:57 -------- d--h--w- c:\programdata\CanonIJQuickMenu
2015-12-06 19:57 . 2015-12-08 13:30 -------- d--h--w- c:\programdata\CanonIJEGV
2015-12-06 19:56 . 2015-12-17 08:51 -------- d-----w- c:\programdata\CanonIJPLM
2015-12-06 19:56 . 2012-02-08 15:34 320000 ----a-w- c:\windows\SysWow64\CNC_B5L.dll
2015-12-06 19:56 . 2012-01-16 13:21 103424 ----a-w- c:\windows\SysWow64\CNC_B5U.dll
2015-12-06 19:56 . 2008-08-25 17:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll
2015-12-06 19:53 . 2015-12-06 19:53 -------- d-----w- c:\program files\Common Files\CANON
2015-12-06 19:53 . 2015-12-06 19:53 -------- d-----w- c:\programdata\CanonIJWSpt
2015-12-06 19:50 . 2015-12-06 19:50 -------- d-----w- c:\windows\PCHEALTH
2015-12-06 19:49 . 2015-12-06 19:49 -------- d-----w- c:\program files\Microsoft Office
2015-12-06 19:49 . 2015-12-06 19:50 -------- d-----w- c:\programdata\Microsoft Help
2015-12-06 19:46 . 2015-12-06 19:46 -------- d-----w- c:\program files (x86)\VideoLAN
2015-12-06 19:45 . 2015-12-06 19:53 -------- d-----w- c:\program files\Canon
2015-12-06 19:44 . 2015-12-06 19:44 -------- d--h--w- c:\programdata\CanonBJ
2015-12-06 19:44 . 2012-03-26 04:00 30208 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDB5.DLL
2015-12-06 19:44 . 2012-03-26 04:00 100352 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPB5.DLL
2015-12-06 19:44 . 2015-12-06 19:44 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2015-12-06 19:44 . 2012-02-08 15:36 363520 ----a-w- c:\windows\system32\CNC_B5L.dll
2015-12-06 19:44 . 2012-01-16 13:21 287744 ----a-w- c:\windows\system32\CNC_B5C.dll
2015-12-06 19:44 . 2012-01-16 13:20 106496 ----a-w- c:\windows\system32\CNC_B5I.dll
2015-12-06 19:44 . 2008-08-25 17:02 17920 ----a-w- c:\windows\system32\CNHMCA6.dll
2015-12-06 19:44 . 2012-03-26 04:00 389120 ----a-w- c:\windows\system32\CNMLMB5.DLL
2015-12-06 19:42 . 2015-12-06 19:42 -------- d-----w- c:\program files (x86)\InternetOff
2015-12-06 19:41 . 2015-12-06 19:56 -------- d-----w- c:\program files (x86)\Canon
2015-12-06 19:27 . 2015-12-06 19:27 -------- d-----w- c:\windows\system32\SPReview
2015-12-06 19:17 . 2010-11-20 04:33 6656 ----a-w- c:\windows\system32\drivers\cs-CZ\rdvgkmd.sys.mui
2015-12-06 19:17 . 2010-11-20 04:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2015-12-06 19:17 . 2010-11-20 04:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2015-12-06 19:17 . 2010-11-20 04:25 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbhub.sys.mui
2015-12-06 19:17 . 2010-11-20 04:32 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2015-12-06 19:17 . 2010-11-20 04:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2015-12-06 19:15 . 2010-11-20 04:33 95616 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-12-06 19:14 . 2015-12-06 19:14 -------- d-----w- c:\windows\system32\EventProviders
2015-12-06 19:12 . 2015-12-06 19:13 -------- d-----w- c:\program files (x86)\Kalendar
2015-12-06 19:10 . 2015-12-06 19:10 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2015-12-06 19:03 . 2015-12-06 19:36 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2015-12-06 19:03 . 2015-12-06 19:36 -------- d-----w- c:\program files\Microsoft Security Client
2015-12-06 19:01 . 2015-12-11 09:02 -------- d-----w- c:\program files\WinRAR
2015-12-06 19:01 . 2015-12-06 19:01 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2015-12-06 18:53 . 2015-12-06 18:53 -------- d-s---w- c:\windows\system32\CompatTel
2015-12-06 18:53 . 2015-12-06 18:53 -------- d-----w- c:\windows\system32\appraiser
2015-12-06 18:53 . 2015-12-06 18:53 -------- d-----w- c:\windows\Migration
2015-12-06 18:52 . 2015-12-06 18:53 -------- d-----w- c:\windows\system32\MRT
2015-12-06 18:52 . 2015-08-09 03:50 96752 ----a-w- c:\windows\SysWow64\OpenCL.DLL
2015-12-06 18:52 . 2015-08-09 03:50 92648 ----a-w- c:\windows\system32\OpenCL.DLL
2015-12-06 18:52 . 2015-12-06 18:52 -------- d-----w- c:\program files (x86)\Common Files\Intel
2015-12-06 18:51 . 2015-09-18 16:47 700416 ----a-w- c:\windows\system32\invagent.dll
2015-12-06 18:51 . 2015-09-18 16:47 766464 ----a-w- c:\windows\system32\generaltel.dll
2015-12-06 18:51 . 2015-09-18 16:47 503808 ----a-w- c:\windows\system32\devinv.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-12-07 09:38 . 2011-03-28 17:36 24288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-12-06 19:25 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2015-12-06 19:25 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2015-12-06 18:42 . 2015-03-23 23:34 800016 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys
2015-12-06 18:42 . 2015-03-23 23:34 390416 ----a-w- c:\windows\system32\drivers\iusb3hub.sys
2015-12-06 18:42 . 2015-03-23 23:34 22800 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
2015-12-06 18:42 . 2015-03-23 23:34 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-11-30 50509440]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Kalendar"="c:\program files (x86)\Kalendar\kalendar.exe" [2005-11-09 580608]
"InternetOff"="c:\program files (x86)\InternetOff\InternetOff.exe" [2012-02-23 2716160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2015-12-06 296216]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2010-12-17 5566176]
"SystemExplorerAutoStart"="e:\!.a programy-167 gb\!.A Programy\!.Informační a nastavovací\!!!!.SystemExplorer 6.4.2.5342\portable\SystemExplorer.exe" [2015-05-21 3391720]
"SAOB Monitor"="c:\program files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe" [2010-11-16 2536752]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 wfdrvr_vt_1_10_0_28;wfdrvr_vt_1_10_0_28;c:\windows\system32\drivers\wfdrvr_vt_1_10_0_28.sys;c:\windows\SYSNATIVE\drivers\wfdrvr_vt_1_10_0_28.sys [x]
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
R3 ALSysIO;ALSysIO;c:\users\jozunost\AppData\Local\Temp\ALSysIO64.sys;c:\users\jozunost\AppData\Local\Temp\ALSysIO64.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R4 afcdpsrv;Služba Acronis Nonstop Backup;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys;c:\windows\SYSNATIVE\DRIVERS\tdrpm273.sys [x]
S2 BootRacerServ;BootRacerServ;c:\program files (x86)\BootRacer\BootRacerServ.exe;c:\program files (x86)\BootRacer\BootRacerServ.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2015-12-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-07 14:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Služba Acronis Scheduler2"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2010-12-17 391144]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-30 1337000]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{2DC4DC01-6738-40A1-B989-3FBFBCAC1CDB}: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\jozunost\AppData\Roaming\Mozilla\Firefox\Profiles\z14hnui5.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{87011c4e-fcde-4476-9348-ecf16134fc1f} - (no file)
AddRemove-{1B9604EE-B104-45C8-8551-5F63BA631E23} - c:\programdata\{FA77A43D-F6ED-4924-87B5-517C061388C6}\WeatherBugSetup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-896869193-1015695412-2080020577-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-896869193-1015695412-2080020577-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.20"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-12-17 11:09:18
ComboFix-quarantined-files.txt 2015-12-17 10:09
ComboFix2.txt 2015-12-16 13:06
ComboFix3.txt 2015-12-16 10:29
ComboFix4.txt 2015-12-16 10:04
ComboFix5.txt 2015-12-16 13:38
.
Před spuštěním: Volných bajtů: 67 378 847 744
Po spuštění: Volných bajtů: 66 868 334 592
.
- - End Of File - - 8A3D0D5FA41AA9BF773C3C19D08476BB
A36C5E4F47E84449FF07ED3517B43A31
jozunost
ComboFix 15-12-16.01 - jozunost 17.12.2015 11:04:35.6.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8062.5974 [GMT 1:00]
Spuštěný z: c:\users\jozunost\Desktop\Prosím o kontrolu loga\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Public\Documents\bootracer.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-11-17 do 2015-12-17 )))))))))))))))))))))))))))))))
.
.
2015-12-17 10:07 . 2015-12-17 10:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-12-17 08:36 . 2015-12-17 08:36 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B77914B0-4115-40F4-8937-DB68C2FFF3C9}\offreg.1056.dll
2015-12-16 13:38 . 2015-12-16 13:44 -------- d-----w- C:\dddd
2015-12-16 12:45 . 2015-10-29 00:28 11138400 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B77914B0-4115-40F4-8937-DB68C2FFF3C9}\mpengine.dll
2015-12-16 11:06 . 2015-12-16 11:09 -------- d-----w- c:\program files\trend micro
2015-12-16 11:06 . 2015-12-16 11:07 -------- d-----w- C:\rsit
2015-12-16 10:15 . 2015-10-29 00:28 11138400 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-12-16 09:34 . 2015-12-16 10:14 -------- d-----w- c:\program files (x86)\PcMedik
2015-12-16 08:49 . 2015-12-16 08:49 -------- d-----w- C:\5-16.12.2015 (8.40 GB)
2015-12-15 11:17 . 2015-12-16 10:14 -------- d-----w- c:\program files\HWiNFO64
2015-12-14 16:59 . 2015-12-14 17:00 -------- d-----w- C:\totalcmd
2015-12-11 13:54 . 2015-12-11 13:54 -------- d-----w- c:\program files (x86)\Wise
2015-12-11 09:03 . 2015-12-11 09:03 -------- d-----w- C:\AdwCleaner
2015-12-10 12:23 . 2015-12-10 12:23 -------- d-----w- c:\program files (x86)\Glarysoft
2015-12-10 12:23 . 2015-12-10 12:23 -------- d-----w- C:\Extracted
2015-12-10 08:37 . 2015-12-06 19:04 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-12-10 08:37 . 2015-12-06 19:04 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BC7420C7-9685-41D7-B0A5-2BD170D12F2E}\gapaengine.dll
2015-12-09 18:33 . 2015-12-09 18:33 22200 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2015-12-08 15:31 . 2015-12-08 15:31 -------- d-----w- c:\program files (x86)\Double Driver
2015-12-08 14:00 . 2015-12-08 15:51 -------- d-----w- c:\program files\Soluto
2015-12-08 11:25 . 2015-12-08 11:25 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-12-08 11:25 . 2015-12-08 11:25 -------- d-----w- c:\programdata\Oracle
2015-12-08 11:25 . 2015-12-08 11:25 -------- d-----w- c:\program files (x86)\Java
2015-12-08 11:10 . 2015-12-08 11:10 -------- d-----w- c:\program files (x86)\Microsoft
2015-12-07 20:04 . 2015-12-07 20:04 -------- d-----w- c:\programdata\Ahead
2015-12-07 15:05 . 2015-12-08 14:00 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin
2015-12-07 15:05 . 2015-12-08 15:51 -------- dc----w- c:\windows\system32\DRVSTORE
2015-12-07 15:05 . 2015-12-08 15:51 -------- d-----w- c:\programdata\Soluto
2015-12-07 14:19 . 2015-12-16 10:16 -------- d-----w- c:\programdata\BootRacer
2015-12-07 14:17 . 2015-12-17 08:36 -------- d-----w- c:\program files (x86)\BootRacer
2015-12-07 13:38 . 2015-12-07 13:38 -------- d--h--w- c:\programdata\CanonIJMyPrinter
2015-12-07 13:34 . 2015-12-07 20:04 -------- d-----w- c:\program files (x86)\Common Files\Ahead
2015-12-07 13:34 . 2015-12-07 20:04 -------- d-----w- c:\programdata\Nero
2015-12-07 13:34 . 2015-12-07 13:34 -------- d-----w- c:\program files (x86)\Nero
2015-12-07 13:22 . 2015-12-08 13:30 -------- d-----w- c:\program files (x86)\Your Uninstaller! 7
2015-12-07 12:56 . 2015-12-07 12:56 -------- d-----w- c:\programdata\McAfee
2015-12-07 12:56 . 2015-12-11 14:45 796864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-12-07 12:56 . 2015-12-11 14:45 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-07 12:56 . 2015-12-08 13:29 -------- d-----w- c:\windows\SysWow64\Macromed
2015-12-07 12:56 . 2015-12-08 13:29 -------- d-----w- c:\windows\system32\Macromed
2015-12-07 12:26 . 2015-12-07 12:26 -------- d-----w- c:\programdata\Licenses
2015-12-07 10:48 . 2015-12-07 10:48 -------- d-----w- c:\program files (x86)\xchat
2015-12-07 10:45 . 2015-12-16 13:05 -------- d-----w- c:\program files (x86)\TeamViewer
2015-12-07 10:33 . 2015-12-07 10:33 -------- d-----r- C:\bootwiz
2015-12-07 09:39 . 2015-12-07 09:39 -------- d-----w- c:\windows\cs
2015-12-07 09:38 . 2015-12-07 09:38 -------- d-----w- c:\program files\Windows Live
2015-12-07 09:38 . 2010-06-02 03:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2015-12-07 09:38 . 2010-06-02 03:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll
2015-12-07 09:38 . 2010-06-02 03:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll
2015-12-07 09:38 . 2010-06-02 03:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2015-12-07 09:38 . 2010-05-26 10:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2015-12-07 09:38 . 2010-05-26 10:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2015-12-07 09:38 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2015-12-07 09:38 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll
2015-12-07 09:37 . 2015-12-07 09:37 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2015-12-07 09:37 . 2015-12-07 09:38 -------- d-----w- c:\program files (x86)\Windows Live
2015-12-07 09:36 . 2009-09-04 16:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2015-12-07 09:36 . 2009-09-04 16:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2015-12-07 09:36 . 2009-09-04 16:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2015-12-07 09:36 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2015-12-07 09:36 . 2006-11-29 12:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll
2015-12-07 09:36 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll
2015-12-07 09:36 . 2015-12-07 09:36 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2015-12-07 08:51 . 2015-12-11 09:02 -------- d-----w- c:\program files (x86)\Security Task Manager
2015-12-06 21:11 . 2015-12-06 21:11 285280 ----a-w- c:\windows\system32\drivers\afcdp.sys
2015-12-06 21:11 . 2015-12-06 21:11 1263200 ----a-w- c:\windows\system32\drivers\tdrpm273.sys
2015-12-06 21:11 . 2015-12-06 21:11 970336 ----a-w- c:\windows\system32\drivers\timntr.sys
2015-12-06 21:11 . 2015-12-06 21:11 277088 ----a-w- c:\windows\system32\drivers\snapman.sys
2015-12-06 20:53 . 2015-12-06 21:11 -------- d-----w- c:\program files (x86)\Common Files\Acronis
2015-12-06 20:53 . 2015-12-06 20:53 -------- d-----w- c:\program files (x86)\Acronis
2015-12-06 20:31 . 2015-12-06 20:31 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-12-06 20:29 . 2015-12-06 20:31 -------- d-----r- c:\program files (x86)\Skype
2015-12-06 20:22 . 2015-12-06 20:22 -------- d-----w- c:\programdata\Tmp0x0x
2015-12-06 20:22 . 2015-12-06 20:25 -------- d-----w- c:\program files (x86)\Opera
2015-12-06 20:14 . 2015-12-06 20:14 -------- d-----w- c:\windows\system32\appmgmt
2015-12-06 19:59 . 2015-12-06 20:31 -------- d-----w- c:\programdata\Skype
2015-12-06 19:57 . 2015-12-06 19:57 -------- d--h--w- c:\programdata\CanonIJQuickMenu
2015-12-06 19:57 . 2015-12-08 13:30 -------- d--h--w- c:\programdata\CanonIJEGV
2015-12-06 19:56 . 2015-12-17 08:51 -------- d-----w- c:\programdata\CanonIJPLM
2015-12-06 19:56 . 2012-02-08 15:34 320000 ----a-w- c:\windows\SysWow64\CNC_B5L.dll
2015-12-06 19:56 . 2012-01-16 13:21 103424 ----a-w- c:\windows\SysWow64\CNC_B5U.dll
2015-12-06 19:56 . 2008-08-25 17:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll
2015-12-06 19:53 . 2015-12-06 19:53 -------- d-----w- c:\program files\Common Files\CANON
2015-12-06 19:53 . 2015-12-06 19:53 -------- d-----w- c:\programdata\CanonIJWSpt
2015-12-06 19:50 . 2015-12-06 19:50 -------- d-----w- c:\windows\PCHEALTH
2015-12-06 19:49 . 2015-12-06 19:49 -------- d-----w- c:\program files\Microsoft Office
2015-12-06 19:49 . 2015-12-06 19:50 -------- d-----w- c:\programdata\Microsoft Help
2015-12-06 19:46 . 2015-12-06 19:46 -------- d-----w- c:\program files (x86)\VideoLAN
2015-12-06 19:45 . 2015-12-06 19:53 -------- d-----w- c:\program files\Canon
2015-12-06 19:44 . 2015-12-06 19:44 -------- d--h--w- c:\programdata\CanonBJ
2015-12-06 19:44 . 2012-03-26 04:00 30208 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDB5.DLL
2015-12-06 19:44 . 2012-03-26 04:00 100352 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPB5.DLL
2015-12-06 19:44 . 2015-12-06 19:44 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2015-12-06 19:44 . 2012-02-08 15:36 363520 ----a-w- c:\windows\system32\CNC_B5L.dll
2015-12-06 19:44 . 2012-01-16 13:21 287744 ----a-w- c:\windows\system32\CNC_B5C.dll
2015-12-06 19:44 . 2012-01-16 13:20 106496 ----a-w- c:\windows\system32\CNC_B5I.dll
2015-12-06 19:44 . 2008-08-25 17:02 17920 ----a-w- c:\windows\system32\CNHMCA6.dll
2015-12-06 19:44 . 2012-03-26 04:00 389120 ----a-w- c:\windows\system32\CNMLMB5.DLL
2015-12-06 19:42 . 2015-12-06 19:42 -------- d-----w- c:\program files (x86)\InternetOff
2015-12-06 19:41 . 2015-12-06 19:56 -------- d-----w- c:\program files (x86)\Canon
2015-12-06 19:27 . 2015-12-06 19:27 -------- d-----w- c:\windows\system32\SPReview
2015-12-06 19:17 . 2010-11-20 04:33 6656 ----a-w- c:\windows\system32\drivers\cs-CZ\rdvgkmd.sys.mui
2015-12-06 19:17 . 2010-11-20 04:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2015-12-06 19:17 . 2010-11-20 04:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2015-12-06 19:17 . 2010-11-20 04:25 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbhub.sys.mui
2015-12-06 19:17 . 2010-11-20 04:32 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2015-12-06 19:17 . 2010-11-20 04:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2015-12-06 19:15 . 2010-11-20 04:33 95616 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-12-06 19:14 . 2015-12-06 19:14 -------- d-----w- c:\windows\system32\EventProviders
2015-12-06 19:12 . 2015-12-06 19:13 -------- d-----w- c:\program files (x86)\Kalendar
2015-12-06 19:10 . 2015-12-06 19:10 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2015-12-06 19:03 . 2015-12-06 19:36 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2015-12-06 19:03 . 2015-12-06 19:36 -------- d-----w- c:\program files\Microsoft Security Client
2015-12-06 19:01 . 2015-12-11 09:02 -------- d-----w- c:\program files\WinRAR
2015-12-06 19:01 . 2015-12-06 19:01 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2015-12-06 18:53 . 2015-12-06 18:53 -------- d-s---w- c:\windows\system32\CompatTel
2015-12-06 18:53 . 2015-12-06 18:53 -------- d-----w- c:\windows\system32\appraiser
2015-12-06 18:53 . 2015-12-06 18:53 -------- d-----w- c:\windows\Migration
2015-12-06 18:52 . 2015-12-06 18:53 -------- d-----w- c:\windows\system32\MRT
2015-12-06 18:52 . 2015-08-09 03:50 96752 ----a-w- c:\windows\SysWow64\OpenCL.DLL
2015-12-06 18:52 . 2015-08-09 03:50 92648 ----a-w- c:\windows\system32\OpenCL.DLL
2015-12-06 18:52 . 2015-12-06 18:52 -------- d-----w- c:\program files (x86)\Common Files\Intel
2015-12-06 18:51 . 2015-09-18 16:47 700416 ----a-w- c:\windows\system32\invagent.dll
2015-12-06 18:51 . 2015-09-18 16:47 766464 ----a-w- c:\windows\system32\generaltel.dll
2015-12-06 18:51 . 2015-09-18 16:47 503808 ----a-w- c:\windows\system32\devinv.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-12-07 09:38 . 2011-03-28 17:36 24288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-12-06 19:25 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2015-12-06 19:25 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2015-12-06 18:42 . 2015-03-23 23:34 800016 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys
2015-12-06 18:42 . 2015-03-23 23:34 390416 ----a-w- c:\windows\system32\drivers\iusb3hub.sys
2015-12-06 18:42 . 2015-03-23 23:34 22800 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
2015-12-06 18:42 . 2015-03-23 23:34 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-11-30 50509440]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Kalendar"="c:\program files (x86)\Kalendar\kalendar.exe" [2005-11-09 580608]
"InternetOff"="c:\program files (x86)\InternetOff\InternetOff.exe" [2012-02-23 2716160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2015-12-06 296216]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2010-12-17 5566176]
"SystemExplorerAutoStart"="e:\!.a programy-167 gb\!.A Programy\!.Informační a nastavovací\!!!!.SystemExplorer 6.4.2.5342\portable\SystemExplorer.exe" [2015-05-21 3391720]
"SAOB Monitor"="c:\program files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe" [2010-11-16 2536752]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 wfdrvr_vt_1_10_0_28;wfdrvr_vt_1_10_0_28;c:\windows\system32\drivers\wfdrvr_vt_1_10_0_28.sys;c:\windows\SYSNATIVE\drivers\wfdrvr_vt_1_10_0_28.sys [x]
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
R3 ALSysIO;ALSysIO;c:\users\jozunost\AppData\Local\Temp\ALSysIO64.sys;c:\users\jozunost\AppData\Local\Temp\ALSysIO64.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R4 afcdpsrv;Služba Acronis Nonstop Backup;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys;c:\windows\SYSNATIVE\DRIVERS\tdrpm273.sys [x]
S2 BootRacerServ;BootRacerServ;c:\program files (x86)\BootRacer\BootRacerServ.exe;c:\program files (x86)\BootRacer\BootRacerServ.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2015-12-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-07 14:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Služba Acronis Scheduler2"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2010-12-17 391144]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-30 1337000]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{2DC4DC01-6738-40A1-B989-3FBFBCAC1CDB}: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\jozunost\AppData\Roaming\Mozilla\Firefox\Profiles\z14hnui5.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{87011c4e-fcde-4476-9348-ecf16134fc1f} - (no file)
AddRemove-{1B9604EE-B104-45C8-8551-5F63BA631E23} - c:\programdata\{FA77A43D-F6ED-4924-87B5-517C061388C6}\WeatherBugSetup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-896869193-1015695412-2080020577-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-896869193-1015695412-2080020577-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.20"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-12-17 11:09:18
ComboFix-quarantined-files.txt 2015-12-17 10:09
ComboFix2.txt 2015-12-16 13:06
ComboFix3.txt 2015-12-16 10:29
ComboFix4.txt 2015-12-16 10:04
ComboFix5.txt 2015-12-16 13:38
.
Před spuštěním: Volných bajtů: 67 378 847 744
Po spuštění: Volných bajtů: 66 868 334 592
.
- - End Of File - - 8A3D0D5FA41AA9BF773C3C19D08476BB
A36C5E4F47E84449FF07ED3517B43A31