Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Náhlé zpomalení pc.

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
RodenT
Návštěvník
Návštěvník
Příspěvky: 77
Registrován: 22 kvě 2013 16:01

Náhlé zpomalení pc.

#1 Příspěvek od RodenT »

Zdravím, prosím o kontrolu logu. Asi před týdnem se mi zpomalilo pc, především otevírání jakéhokoli souboru, programu, apod. Například pdfko se mi otevírá 30 s. Před tím cca 5 s.

Předem děkuji za pomoc.

Zde je log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Stepan at 2013-05-22 16:54:58
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 39 GB (13%) free of 291 GB
Total RAM: 2934 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:56:52, on 22/05/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16576)
Boot mode: Normal

Running processes:
C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Windows\PixArt\PAC207\Monitor.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\jmdp\stij.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files\trend micro\Stepan.exe
C:\Program Files (x86)\Opera\opera.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-search.com/?affID=122 ... F8DA315741
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~3\browse~2\261125~1.80\{c16c1~1\browse~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe (file missing)
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12821 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000660
taskeng.exe {5C3625B2-E754-4BF2-AFF2-9F2BA4359F04}
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe" /PROTECT
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\PixArt\PAC207\Monitor.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\dmwu.exe
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2740
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\SysWOW64\jmdp\stij.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Winamp\winamp.exe" -Embedding
"C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe" --tray
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe" "C:\Users\Stepan\Desktop\School-6.SEMESTR\Administrativa provozu\zapisky z prednasek.pdf"
"C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe" --channel=3668.0030F98C.33047641 --type=renderer "C:\Users\Stepan\Desktop\School-6.SEMESTR\Administrativa provozu\zapisky z prednasek.pdf"
"C:\Users\Stepan\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\HPCeeScheduleForStepan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-06 537576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-06 193512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-04 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-12-17 2480936]
"Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-04-06 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-04-06 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-04-06 416024]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-01-25 525312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easybits Recovery]
C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2011-03-16 61112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Quick Launch]
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-03-05 578944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPConnectionManager]
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-09-13 103992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2012-12-21 1090040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SafeQ Client]
C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2010-03-31 249856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-02-28 18642024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Stepan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Automatické vypnutí poèítaèe.lnk]
C:\PROGRA~2\AUTOMA~1\avp.exe [2004-12-28 443392]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-13 283160]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2010-07-23 111640]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2013-05-10 37960]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
""= []
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-08-19 379960]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-05-07 345312]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-04-06 390144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-05-14 52920]
"UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= []
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-05-22 16:54:58 ----D---- C:\rsit
2013-05-22 16:54:58 ----D---- C:\Program Files\trend micro
2013-05-15 09:58:46 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-05-15 09:58:46 ----A---- C:\Windows\system32\ieui.dll
2013-05-15 09:58:46 ----A---- C:\Windows\system32\ie4uinit.exe
2013-05-15 09:58:45 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-05-15 09:58:45 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-05-15 09:58:45 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-05-15 09:58:45 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-05-15 09:58:45 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-05-15 09:58:45 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-05-15 09:58:45 ----A---- C:\Windows\system32\msfeeds.dll
2013-05-15 09:58:45 ----A---- C:\Windows\system32\iesysprep.dll
2013-05-15 09:58:45 ----A---- C:\Windows\system32\iesetup.dll
2013-05-15 09:58:45 ----A---- C:\Windows\system32\iernonce.dll
2013-05-15 09:58:44 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-05-15 09:58:44 ----A---- C:\Windows\system32\iertutil.dll
2013-05-15 09:58:43 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-05-15 09:58:42 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-05-15 09:58:42 ----A---- C:\Windows\system32\urlmon.dll
2013-05-15 09:58:42 ----A---- C:\Windows\system32\jscript.dll
2013-05-15 09:58:41 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-05-15 09:58:41 ----A---- C:\Windows\system32\jscript9.dll
2013-05-15 09:58:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-05-15 09:58:39 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-05-15 09:58:39 ----A---- C:\Windows\system32\jsproxy.dll
2013-05-15 09:58:38 ----A---- C:\Windows\system32\wininet.dll
2013-05-15 09:58:36 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-05-15 09:58:33 ----A---- C:\Windows\system32\mshtml.dll
2013-05-15 09:58:32 ----A---- C:\Windows\system32\ieframe.dll
2013-05-15 09:58:31 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-05-15 09:47:08 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-05-15 09:47:08 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-05-15 09:47:08 ----A---- C:\Windows\system32\cdd.dll
2013-05-15 09:46:40 ----A---- C:\Windows\system32\shell32.dll
2013-05-15 09:46:39 ----A---- C:\Windows\system32\authui.dll
2013-05-15 09:46:37 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-05-15 09:46:37 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-05-15 09:46:37 ----A---- C:\Windows\system32\shdocvw.dll
2013-05-15 09:46:37 ----A---- C:\Windows\system32\consent.exe
2013-05-15 09:46:36 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-05-15 09:46:36 ----A---- C:\Windows\system32\appinfo.dll
2013-05-15 09:46:29 ----A---- C:\Windows\system32\wwansvc.dll
2013-05-15 09:46:29 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-05-15 09:46:28 ----A---- C:\Windows\system32\win32k.sys
2013-05-07 15:30:53 ----A---- C:\Windows\system32\drivers\avnetflt.sys
2013-05-06 10:24:07 ----D---- C:\Windows\pss
2013-05-01 14:09:47 ----RD---- C:\Program Files (x86)\Skype
2013-04-30 14:06:47 ----D---- C:\Users\Stepan\AppData\Roaming\StatSoft
2013-04-30 14:04:40 ----D---- C:\Users\Stepan\AppData\Roaming\Softland
2013-04-30 14:04:31 ----A---- C:\Windows\system32\GdiPlus.dll
2013-04-30 14:04:25 ----D---- C:\ProgramData\StatSoft
2013-04-30 14:00:15 ----D---- C:\Program Files\StatSoft
2013-04-26 10:51:31 ----A---- C:\Users\Stepan\AppData\Roaming\BabMaint.exe
2013-04-24 10:59:09 ----A---- C:\Windows\system32\drivers\ntfs.sys

======List of files/folders modified in the last 1 month======

2013-05-22 16:55:09 ----D---- C:\Windows\Prefetch
2013-05-22 16:55:03 ----D---- C:\Windows\Temp
2013-05-22 16:54:58 ----RD---- C:\Program Files
2013-05-22 16:24:39 ----D---- C:\Windows\inf
2013-05-22 16:18:59 ----SHD---- C:\Windows\Installer
2013-05-22 16:18:52 ----RSD---- C:\Windows\assembly
2013-05-22 16:18:50 ----RD---- C:\Program Files (x86)
2013-05-22 16:17:30 ----SHD---- C:\System Volume Information
2013-05-22 16:16:45 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-05-22 16:15:45 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-05-22 16:15:14 ----D---- C:\Users\Stepan\AppData\Roaming\Mozilla
2013-05-22 16:00:34 ----D---- C:\Windows\system32\Tasks
2013-05-22 15:59:18 ----D---- C:\Windows\system32\catroot
2013-05-22 15:59:17 ----D---- C:\Windows\system32\DriverStore
2013-05-22 15:59:16 ----D---- C:\Windows\system32\drivers
2013-05-22 15:40:17 ----D---- C:\Users\Stepan\AppData\Roaming\Winamp
2013-05-22 15:40:16 ----D---- C:\Users\Stepan\AppData\Roaming\uTorrent
2013-05-22 15:40:06 ----D---- C:\Windows
2013-05-22 14:50:38 ----D---- C:\Windows\System32
2013-05-22 14:50:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-22 14:45:39 ----A---- C:\Windows\SYSWOW64\log.txt
2013-05-22 12:33:35 ----D---- C:\Windows\system32\config
2013-05-21 13:02:26 ----D---- C:\Windows\system32\wdi
2013-05-20 01:01:30 ----AD---- C:\ProgramData\Temp
2013-05-18 01:37:05 ----SD---- C:\ProgramData\Microsoft
2013-05-17 16:43:46 ----D---- C:\Users\Stepan\AppData\Roaming\DAEMON Tools Lite
2013-05-17 16:43:39 ----D---- C:\Windows\Panther
2013-05-17 16:43:38 ----D---- C:\Windows\debug
2013-05-17 10:55:47 ----D---- C:\Windows\system32\catroot2
2013-05-17 02:34:59 ----D---- C:\Windows\SysWOW64
2013-05-16 18:01:59 ----D---- C:\Windows\Microsoft.NET
2013-05-15 22:08:07 ----D---- C:\Windows\rescache
2013-05-15 12:04:21 ----D---- C:\Program Files\Common Files
2013-05-15 10:40:59 ----D---- C:\Windows\winsxs
2013-05-15 10:34:18 ----D---- C:\Windows\AppPatch
2013-05-15 10:34:15 ----D---- C:\Windows\SYSWOW64\en-US
2013-05-15 10:34:15 ----D---- C:\Windows\system32\en-US
2013-05-15 10:34:13 ----D---- C:\Program Files (x86)\Internet Explorer
2013-05-15 10:34:12 ----D---- C:\Program Files\Internet Explorer
2013-05-15 10:30:17 ----D---- C:\ProgramData\Microsoft Help
2013-05-15 10:23:33 ----A---- C:\Windows\system32\MRT.exe
2013-05-14 20:59:01 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-05-13 13:48:04 ----D---- C:\ProgramData\BrowserProtect
2013-05-10 16:00:58 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-05-06 00:31:47 ----D---- C:\Users\Stepan\AppData\Roaming\_MDLogs
2013-05-05 11:08:38 ----D---- C:\Users\Stepan\AppData\Roaming\Skype
2013-05-02 21:51:06 ----SD---- C:\Users\Stepan\AppData\Roaming\Microsoft
2013-05-01 14:09:53 ----D---- C:\ProgramData\Skype
2013-05-01 14:09:47 ----D---- C:\Program Files (x86)\Common Files
2013-04-30 14:04:25 ----HD---- C:\ProgramData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-04-02 130016]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-04-02 28600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-11 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-04-02 100712]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-04-06 12310112]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2011-05-03 158976]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-04-06 317440]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2012-04-12 1860672]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-09-02 565352]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-01-25 520192]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-12-17 1403440]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 PAC207;Trust Webcam Live; C:\Windows\system32\DRIVERS\PFC027.SYS [2007-04-12 572928]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-02-15 335464]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-21 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-04-02 86752]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-04-02 110816]
R2 BrowserProtect;BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-04-08 2569168]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
R2 IBUpdaterService;IBUpdaterService; C:\Windows\system32\dmwu.exe [2013-04-07 1455408]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-02-19 2372096]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-07-23 268824]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2011-01-25 296448]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-07-23 2320920]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-14 256904]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-09-13 1098296]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-09-06 1001376]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-02 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119408
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Náhlé zpomalení pc.

#2 Příspěvek od Rudy »

Zdravím!
Nejprve spusťte tuto utilitu:
Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte na Search (hledat)
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
RodenT
Návštěvník
Návštěvník
Příspěvky: 77
Registrován: 22 kvě 2013 16:01

Re: Náhlé zpomalení pc.

#3 Příspěvek od RodenT »

Tady to je ;)

# AdwCleaner v2.301 - Logfile created 05/22/2013 at 17:45:35
# Updated 16/05/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Stepan - HRABOS
# Boot Mode : Normal
# Running from : C:\Users\Stepan\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****

Found : BrowserProtect
Found : IBUpdaterService

***** [Files / Folders] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\user.js
File Found : C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Found : C:\Users\Stepan\AppData\Roaming\BabMaint.exe
Folder Found : C:\Program Files (x86)\1ClickDownload
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\BrowserProtect
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\Stepan\AppData\Local\Conduit
Folder Found : C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Folder Found : C:\Users\Stepan\AppData\LocalLow\BabylonToolbar
Folder Found : C:\Users\Stepan\AppData\LocalLow\Conduit
Folder Found : C:\Users\Stepan\AppData\Roaming\BabSolution
Folder Found : C:\Users\Stepan\AppData\Roaming\Babylon
Folder Found : C:\Users\Stepan\AppData\Roaming\ExpressFiles
Folder Found : C:\Users\Stepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
Folder Found : C:\Users\Stepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Folder Found : C:\Users\Stepan\AppData\Roaming\OpenCandy
Folder Found : C:\Users\Stepan\AppData\Roaming\pdfforge
Folder Found : C:\Windows\SysWOW64\WNLT

***** [Registry] *****

Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~2\261125~1.80\{c16c1~1\browse~1.dll
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\BrowserMngr
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\ExpressFiles
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\WNLT
Key Found : HKCU\Software\5f08b8cbc35be12
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\BrowserMngr
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\oneclick
Key Found : HKLM\SOFTWARE\Classes\oneclickmg
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\ExpressFiles
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\Web Assistant
Key Found : HKLM\SOFTWARE\Wow6432Node\5f08b8cbc35be12
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Key Found : HKLM\SOFTWARE\Software
Key Found : HKLM\SOFTWARE\Tarma Installer
Key Found : HKLM\SOFTWARE\Web Assistant
Key Found : HKU\S-1-5-21-1898106693-3842486006-2196545916-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-1898106693-3842486006-2196545916-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKU\S-1-5-21-1898106693-3842486006-2196545916-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [{0F827075-B026-42F3-885D-98981EE7B1AE}]
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16576

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www1.delta-search.com/?affID=122304&babsrc=HP_ss&mntrId=46EEC0F8DA315741
[HKCU\Software\Microsoft\Internet Explorer\Main - BrowserMngr Start Page] = hxxp://search.babylon.com/?affID=109217&tt=120912_cpc_3712_7&babsrc=HP_ss&mntrId=46ee89bc000000000000c0f8da315740
[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://www1.delta-search.com/?affID=122304&babsrc=HP_ss&mntrId=46EEC0F8DA315741
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=109217&tt=120912_cpc_3712_7&babsrc=NT_ss&mntrId=46ee89bc000000000000c0f8da315740

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.15.1748.0

File : C:\Users\Stepan\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [9523 octets] - [22/05/2013 17:44:30]
AdwCleaner[R2].txt - [9484 octets] - [22/05/2013 17:45:35]

########## EOF - C:\AdwCleaner[R2].txt - [9544 octets] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119408
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Náhlé zpomalení pc.

#4 Příspěvek od Rudy »

Spusťte znovu ADWCleaner a klikněte na >Delete< (smazat). Vložte nový log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
RodenT
Návštěvník
Návštěvník
Příspěvky: 77
Registrován: 22 kvě 2013 16:01

Re: Náhlé zpomalení pc.

#5 Příspěvek od RodenT »

Teď mi to vyhodilo tohle:

# AdwCleaner v2.301 - Logfile created 05/22/2013 at 18:59:18
# Updated 16/05/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Stepan - HRABOS
# Boot Mode : Normal
# Running from : C:\Users\Stepan\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\user.js
File Deleted : C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Users\Stepan\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Stepan\AppData\Roaming\BabMaint.exe
Folder Deleted : C:\Program Files (x86)\1ClickDownload
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Stepan\AppData\Local\Conduit
Folder Deleted : C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Folder Deleted : C:\Users\Stepan\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Stepan\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Stepan\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Stepan\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Stepan\AppData\Roaming\ExpressFiles
Folder Deleted : C:\Users\Stepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
Folder Deleted : C:\Users\Stepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Folder Deleted : C:\Users\Stepan\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Stepan\AppData\Roaming\pdfforge
Folder Deleted : C:\Windows\SysWOW64\WNLT

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~2\261125~1.80\{c16c1~1\browse~1.dll
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\BrowserMngr
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\5f08b8cbc35be12
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BrowserMngr
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\oneclick
Key Deleted : HKLM\SOFTWARE\Classes\oneclickmg
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\ExpressFiles
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Web Assistant
Key Deleted : HKLM\SOFTWARE\Wow6432Node\5f08b8cbc35be12
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Key Deleted : HKLM\SOFTWARE\Web Assistant
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{0F827075-B026-42F3-885D-98981EE7B1AE}]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16576

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www1.delta-search.com/?affID=122304&babsrc=HP_ss&mntrId=46EEC0F8DA315741 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=109217&tt=120912_cpc_3712_7&babsrc=NT_ss&mntrId=46ee89bc000000000000c0f8da315740 --> hxxp://www.google.com

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.15.1748.0

File : C:\Users\Stepan\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [9523 octets] - [22/05/2013 17:44:30]
AdwCleaner[R2].txt - [9583 octets] - [22/05/2013 17:45:35]
AdwCleaner[S1].txt - [392 octets] - [22/05/2013 18:51:14]
AdwCleaner[S2].txt - [8568 octets] - [22/05/2013 18:59:18]

########## EOF - C:\AdwCleaner[S2].txt - [8628 octets] ##########
Nahoru
RodenT
Návštěvník
Návštěvník
Příspěvky: 77
Registrován: 22 kvě 2013 16:01

Re: Náhlé zpomalení pc.

#6 Příspěvek od RodenT »

a když jsem dal znovu search, tak tohle:

# AdwCleaner v2.301 - Logfile created 05/22/2013 at 19:04:52
# Updated 16/05/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Stepan - HRABOS
# Boot Mode : Normal
# Running from : C:\Users\Stepan\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\ProgramData\BrowserProtect
Folder Found : C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph

***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16576

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.15.1748.0

File : C:\Users\Stepan\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [9523 octets] - [22/05/2013 17:44:30]
AdwCleaner[R2].txt - [9583 octets] - [22/05/2013 17:45:35]
AdwCleaner[R3].txt - [1077 octets] - [22/05/2013 19:04:52]
AdwCleaner[S1].txt - [392 octets] - [22/05/2013 18:51:14]
AdwCleaner[S2].txt - [8671 octets] - [22/05/2013 18:59:18]

########## EOF - C:\AdwCleaner[R3].txt - [1256 octets] ##########
Nahoru
RodenT
Návštěvník
Návštěvník
Příspěvky: 77
Registrován: 22 kvě 2013 16:01

Re: Náhlé zpomalení pc.

#7 Příspěvek od RodenT »

No tak už šlape daleko líp. Moc díky! ! !
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119408
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Náhlé zpomalení pc.

#8 Příspěvek od Rudy »

To není zdaleka vše. Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
RodenT
Návštěvník
Návštěvník
Příspěvky: 77
Registrován: 22 kvě 2013 16:01

Re: Náhlé zpomalení pc.

#9 Příspěvek od RodenT »

Aha :)

Tak tady:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2021
Ran by uzivatel (administrator) on PC-SOLIDWORKS (Dell Inc. OptiPlex 3080) (02-11-2021 09:16:40)
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel
: Microsoft Windows 10 Pro Version 20H2 19042.1288 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation) C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe
(Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_b403dc0201a474ed\RstMwService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b342352537a96822\IntelCpHDCPSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b342352537a96822\IntelCpHeciSvc.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_dc8575dca42caa2c\LMS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a1020546271138b9\RtkAudUService64.exe <3>
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_e99a314c3593d5e7\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_e99a314c3593d5e7\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a1020546271138b9\RtkAudUService64.exe [1343072 2021-08-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_e99a314c3593d5e7\WavesSvc64.exe [4175056 2021-06-19] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [477064 2013-12-22] (Autodesk, Inc -> Autodesk Inc.)
HKU\S-1-5-21-2064044183-2917764295-2116049361-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [114000232 2021-10-11] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2064044183-2917764295-2116049361-1001\...\Run: [Spotify] => C:\Users\uzivatel\AppData\Roaming\Spotify\Spotify.exe [18682808 2021-11-01] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2064044183-2917764295-2116049361-1001\...\Run: [Opera Browser Assistant] => C:\Users\uzivatel\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2064044183-2917764295-2116049361-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35116160 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.54\Installer\chrmstp.exe [2021-10-20] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2021 Rychlé spuštění.lnk [2021-11-01]
ShortcutTarget: SOLIDWORKS 2021 Rychlé spuštění.lnk -> C:\Windows\Installer\{9C0A2571-4AAE-4FEE-B673-038B38B85EFC}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS Nástroj pro stahování na pozadí.lnk [2021-10-01]
ShortcutTarget: SOLIDWORKS Nástroj pro stahování na pozadí.lnk -> C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E082E1E-81F3-48F6-977E-CD8E27C22DC9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21978504 2021-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {14717A94-DA57-481B-BD8E-23548DBEF45B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1B141DE3-CEC4-4793-90F0-4E131DF4147D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21978504 2021-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {25129139-7EFC-4F94-9B93-2222DDDC881D} - System32\Tasks\Opera scheduled assistant Autoupdate 1633601370 => C:\Users\uzivatel\AppData\Local\Programs\Opera\launcher.exe [46227664 2021-10-20] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\uzivatel\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {2F88CA88-8B87-4255-AF69-B48E0A98E6CA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-10-19] (Piriform Software Ltd -> Piriform)
Task: {43B32187-C769-44C4-A175-61F62B0B47A6} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1060384 2021-08-20] (Dell Inc -> Dell Inc.)
Task: {50711110-3AF1-4AF9-9E4B-E3AE4F13FC0C} - System32\Tasks\CCleanerSkipUAC - uzivatel => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {66980DD8-F33F-4D89-B03A-0092F4703A09} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {86B0814F-852D-49F6-B689-01669997B4CB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {8EC2F8D0-B3B8-4C19-B8AE-532003D3CE37} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1CE0CAF-B5A1-4B90-9B0A-A66CE970DCF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B4E3220A-30A8-4E6A-9630-C006C42D9222} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {B886B6A4-1524-40E5-91CA-975725D267DE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {D8008148-3E8C-4C87-B95E-55A135EED146} - System32\Tasks\Opera scheduled Autoupdate 1633601367 => C:\Users\uzivatel\AppData\Local\Programs\Opera\launcher.exe [46227664 2021-10-20] (Opera Software AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{bea045d6-cdaf-4122-8de9-c468765e549c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e5d1f647-eac7-4085-8725-6aff69c81e81}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\uzivatel\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-01]

FireFox:
========
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> C:\PROGRA~1\SOLIDW~1\SOLIDW~2\Bin\NPCOMP~1.DLL [2021-06-16] (DASSAULT SYSTEMES SE -> Dassault Systemes)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> C:\PROGRA~1\SOLIDW~1\SOLIDW~2\Bin\x86\NPCOMP~1.DLL [2021-06-16] (DASSAULT SYSTEMES SE -> Dassault Systemes)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default [2021-11-01]
CHR Extension: (Prezentace) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-09-30]
CHR Extension: (Dokumenty) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-09-30]
CHR Extension: (Disk Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-09-30]
CHR Extension: (YouTube) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-09-30]
CHR Extension: (Tabulky) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-09-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-30]
CHR Extension: (Gmail) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-09-30]

Opera:
=======
OPR Profile: C:\Users\uzivatel\AppData\Roaming\Opera Software\Opera Stable [2021-11-02]
OPR Notifications: Opera Stable -> hxxps//meet.google.com
OPR DefaultSuggestURL: Opera Stable -> hxxps//www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\uzivatel\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-10-22]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\uzivatel\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-10-07]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [576904 2013-12-22] (Autodesk, Inc -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9251696 2021-10-19] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [426528 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3835424 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [452640 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; c:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [50888 2021-06-24] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1020584 2021-07-28] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2021-09-29] (Dell Inc -> Dell INC.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-07-20] (Dell Inc -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5414976 2021-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2021-10-01] (SolidWorks) [File not signed]
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-08-20] (Dell Inc -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe [2855512 2021-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe [128392 2021-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [43400 2021-07-28] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48520 2021-10-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [434424 2021-10-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-01 18:15 - 2021-11-01 18:56 - 000000000 _____ C:\Users\uzivatel\AppData\Local\Temptable.xml
2021-11-01 13:11 - 2021-11-01 13:12 - 000004302 _____ C:\Users\uzivatel\Desktop\Fixlog.txt
2021-11-01 13:10 - 2021-11-01 13:10 - 000000000 _____ C:\Users\uzivatel\Desktop\Nový textový dokument.txt
2021-11-01 11:55 - 2021-11-01 11:55 - 000000000 ____D C:\AdwCleaner
2021-11-01 11:54 - 2021-11-01 11:54 - 008553680 _____ (Malwarebytes) C:\Users\uzivatel\Desktop\adwcleaner_8.3.0.exe
2021-11-01 10:53 - 2021-11-01 10:54 - 000041693 _____ C:\Users\uzivatel\Desktop\Addition.txt
2021-11-01 10:52 - 2021-11-02 09:17 - 000018653 _____ C:\Users\uzivatel\Desktop\FRST.txt
2021-11-01 10:52 - 2021-11-02 09:16 - 000000000 ____D C:\FRST
2021-11-01 10:51 - 2021-11-01 10:51 - 002310656 _____ (Farbar) C:\Users\uzivatel\Desktop\FRST64.exe
2021-11-01 10:26 - 2021-11-01 10:26 - 000002915 _____ C:\Users\Public\Desktop\SOLIDWORKS Composer Player 2021.lnk
2021-11-01 10:10 - 2021-11-01 10:10 - 000559227 _____ C:\Users\uzivatel\Documents\swSettings.sldreg
2021-11-01 10:04 - 2021-11-01 10:04 - 000000860 _____ C:\Users\uzivatel\Documents\cc_20211101_100407.reg
2021-11-01 10:01 - 2021-11-01 10:01 - 000000000 ____D C:\Users\uzivatel\AppData\Roaming\SOLIDWORKS 2021
2021-11-01 09:02 - 2021-11-01 09:02 - 000000000 _____ C:\Windows\invcol.tmp
2021-10-30 12:15 - 2021-10-30 12:15 - 002112184 _____ (CPUID, Inc. ) C:\Users\uzivatel\Downloads\cpu-z_1.98-en.exe
2021-10-30 12:15 - 2021-10-30 12:15 - 000000916 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2021-10-30 12:15 - 2021-10-30 12:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2021-10-30 12:15 - 2021-10-30 12:15 - 000000000 ____D C:\Program Files\CPUID
2021-10-30 12:09 - 2021-10-30 12:09 - 000000000 ____D C:\Users\uzivatel\AppData\Local\CrashDumps
2021-10-30 12:05 - 2021-10-30 12:05 - 000000000 ____D C:\Users\uzivatel\AppData\Local\mbam
2021-10-30 12:04 - 2021-10-30 12:04 - 002101944 _____ (Malwarebytes) C:\Users\uzivatel\Downloads\MBSetup-10789.10789-consumer.exe
2021-10-30 11:20 - 2021-10-30 11:20 - 000017356 _____ C:\Users\uzivatel\Documents\cc_20211030_122010.reg
2021-10-30 11:20 - 2021-10-30 11:20 - 000002914 _____ C:\Users\uzivatel\Documents\cc_20211030_122019_2.reg
2021-10-30 11:20 - 2021-10-30 11:20 - 000000684 _____ C:\Users\uzivatel\Documents\cc_20211030_122030_3.reg
2021-10-30 11:20 - 2021-10-30 11:20 - 000000552 _____ C:\Users\uzivatel\Documents\cc_20211030_122040_4.reg
2021-10-30 09:59 - 2021-10-30 09:59 - 000036479 _____ C:\Users\uzivatel\Downloads\technický-popis.PDF
2021-10-29 19:26 - 2021-10-29 19:26 - 050029644 _____ C:\Users\uzivatel\Desktop\proHrabose_210824.zip
2021-10-29 12:26 - 2021-11-01 18:57 - 000007596 _____ C:\Users\uzivatel\AppData\Local\Resmon.ResmonCfg
2021-10-27 08:37 - 2021-08-26 00:56 - 000276848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTHDASIO64.dll
2021-10-27 08:37 - 2021-08-26 00:56 - 000231280 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTHDASIO.dll
2021-10-27 08:37 - 2021-08-26 00:46 - 048417716 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2021-10-23 08:04 - 2021-11-01 10:40 - 001815648 _____ C:\Windows\system32\FNTCACHE.DAT
2021-10-22 10:02 - 2021-10-22 10:03 - 000025911 _____ C:\Users\uzivatel\Downloads\selection_0.1-0.1.pdf
2021-10-21 12:13 - 2021-10-21 12:13 - 001189109 _____ C:\Users\uzivatel\Downloads\dokumentace.pdf
2021-10-16 18:24 - 2021-10-16 18:24 - 000000000 ____D C:\Users\uzivatel\Documents\Dell
2021-10-16 12:44 - 2021-10-16 12:44 - 000000000 ____D C:\Users\uzivatel\Downloads\Komoda_byt_Brno-20211016T114424Z-001
2021-10-16 11:39 - 2021-11-02 08:53 - 000000000 ____D C:\Program Files\CCleaner
2021-10-16 11:39 - 2021-10-30 11:18 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-10-16 11:39 - 2021-10-16 11:39 - 000002912 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - uzivatel
2021-10-16 11:39 - 2021-10-16 11:39 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-10-14 18:04 - 2021-10-14 18:04 - 000626961 _____ C:\Users\uzivatel\Desktop\Šablona.dwg
2021-10-14 17:58 - 2021-10-14 17:58 - 000000146 _____ C:\Users\uzivatel\Documents\acad.err
2021-10-14 17:37 - 2021-10-14 17:43 - 000000000 ____D C:\Users\uzivatel\AppData\Local\Autodesk
2021-10-14 17:37 - 2021-10-14 17:37 - 000002189 _____ C:\Users\Public\Desktop\AutoCAD 2015 – Čeština (Czech).lnk
2021-10-14 17:37 - 2021-10-14 17:37 - 000000000 ____D C:\Users\uzivatel\Documents\Inventor Server SDK ACAD 2015
2021-10-14 17:37 - 2021-10-14 17:37 - 000000000 ____D C:\Users\uzivatel\Documents\Autodesk Application Manager
2021-10-14 17:37 - 2021-10-14 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2015 – Čeština (Czech)
2021-10-14 17:32 - 2021-10-14 17:37 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2021-10-14 17:32 - 2021-10-14 17:32 - 000000000 ____D C:\Users\Public\Documents\Autodesk
2021-10-14 17:32 - 2021-10-14 17:32 - 000000000 ____D C:\Program Files\Autodesk
2021-10-14 17:32 - 2021-10-14 17:32 - 000000000 ____D C:\Program Files (x86)\Autodesk
2021-10-14 17:31 - 2021-10-14 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2021-10-14 17:30 - 2021-11-01 11:18 - 000000000 ____D C:\Users\uzivatel\Desktop\CAD
2021-10-13 17:49 - 2021-10-13 17:49 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2021-10-13 17:49 - 2021-10-13 17:49 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-10-13 17:49 - 2021-10-13 17:49 - 000000000 ____D C:\Program Files\MSBuild
2021-10-13 17:49 - 2021-10-13 17:49 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-10-13 17:49 - 2021-10-13 17:49 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-10-13 16:45 - 2021-10-13 16:45 - 000000000 ____D C:\Users\uzivatel\Documents\Vlastní šablony Office
2021-10-13 16:44 - 2021-11-02 09:15 - 000000000 ____D C:\Users\uzivatel\Desktop\KOZUBIK
2021-10-13 16:18 - 2021-10-13 16:18 - 000002385 _____ C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-10-13 16:18 - 2021-10-13 16:18 - 000002377 _____ C:\Users\uzivatel\Desktop\Microsoft Teams.lnk
2021-10-13 16:18 - 2021-10-13 16:18 - 000000000 ____D C:\Users\uzivatel\AppData\Roaming\Teams
2021-10-13 16:18 - 2021-10-13 16:18 - 000000000 ____D C:\Users\uzivatel\AppData\Local\SquirrelTemp
2021-10-13 15:41 - 2021-10-13 15:41 - 000000000 ____D C:\Users\uzivatel\Documents\SW Log Files
2021-10-13 14:09 - 2021-10-13 14:09 - 000001158 _____ C:\Users\uzivatel\Desktop\1_VE VÝROBĚ.lnk
2021-10-13 08:54 - 2021-10-13 08:54 - 000706536 _____ C:\Windows\system32\TextShaping.dll
2021-10-13 08:54 - 2021-10-13 08:54 - 000611960 _____ C:\Windows\SysWOW64\TextShaping.dll
2021-10-13 08:54 - 2021-10-13 08:54 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-10-13 08:54 - 2021-10-13 08:54 - 000449024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-10-13 08:54 - 2021-10-13 08:54 - 000011495 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-10-13 08:51 - 2021-10-13 08:51 - 000000000 ___HD C:\$WinREAgent
2021-10-07 19:57 - 2021-10-14 17:57 - 000000000 ____D C:\Users\uzivatel\AppData\Roaming\Autodesk
2021-10-07 19:57 - 2021-10-14 17:57 - 000000000 ____D C:\ProgramData\Autodesk
2021-10-07 18:19 - 2021-11-01 18:54 - 000000000 ____D C:\Users\uzivatel\AppData\Local\Spotify
2021-10-07 18:19 - 2021-10-07 18:19 - 000001867 _____ C:\Users\uzivatel\Desktop\Spotify.lnk
2021-10-07 18:19 - 2021-10-07 18:19 - 000001853 _____ C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2021-10-07 18:18 - 2021-11-02 08:50 - 000000000 ____D C:\Users\uzivatel\AppData\Roaming\Spotify
2021-10-07 17:22 - 2021-10-07 17:22 - 000000000 ____D C:\Users\uzivatel\Desktop\Moje projekty
2021-10-07 11:09 - 2021-10-22 09:20 - 000004222 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1633601367
2021-10-07 11:09 - 2021-10-22 09:20 - 000001420 _____ C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-10-07 11:09 - 2021-10-15 09:05 - 000004482 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1633601370
2021-10-07 11:09 - 2021-10-07 11:09 - 000001424 _____ C:\Users\uzivatel\Desktop\Prohlížeč Opera.lnk
2021-10-07 11:09 - 2021-10-07 11:09 - 000000000 ___HD C:\Users\uzivatel\Downloads\.opera
2021-10-07 11:09 - 2021-10-07 11:09 - 000000000 ____D C:\Users\uzivatel\AppData\Local\Opera Software
2021-10-07 11:07 - 2021-10-07 11:07 - 000000000 ____D C:\Users\uzivatel\AppData\Roaming\Opera Software
2021-10-03 18:20 - 2021-10-03 18:20 - 000000000 ____D C:\Users\uzivatel\AppData\Local\PeerDistRepub

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-02 09:07 - 2021-09-10 14:58 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-11-02 09:07 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-11-02 09:06 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-02 08:50 - 2021-10-01 07:39 - 000000000 ____D C:\Users\uzivatel\AppData\Local\SolidWorks
2021-11-02 08:50 - 2021-09-30 18:03 - 000000000 __SHD C:\Users\uzivatel\IntelGraphicsProfiles
2021-11-02 08:50 - 2021-09-10 15:13 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2021-11-01 18:59 - 2021-09-30 22:18 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-01 18:58 - 2021-09-10 15:43 - 000717008 _____ C:\Windows\system32\perfh005.dat
2021-11-01 18:58 - 2021-09-10 15:43 - 000145186 _____ C:\Windows\system32\perfc005.dat
2021-11-01 18:58 - 2021-09-10 15:06 - 001694140 _____ C:\Windows\system32\PerfStringBackup.INI
2021-11-01 18:53 - 2021-10-01 07:18 - 000000000 ____D C:\Users\uzivatel\AppData\Roaming\SOLIDWORKS
2021-11-01 18:52 - 2021-09-10 14:58 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-01 18:52 - 2021-09-10 14:58 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-11-01 18:52 - 2021-09-10 14:58 - 000000000 ____D C:\Intel
2021-11-01 18:52 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-11-01 13:19 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-11-01 13:15 - 2021-09-30 18:03 - 000000000 ____D C:\Users\uzivatel\AppData\Local\D3DSCache
2021-11-01 12:20 - 2021-10-01 08:03 - 000000000 ____D C:\Users\uzivatel\AppData\Local\TempAdresářZálohySW
2021-11-01 10:28 - 2021-10-01 07:33 - 000000000 ____D C:\Program Files\Common Files\SOLIDWORKS Shared
2021-11-01 10:28 - 2021-10-01 07:18 - 000000000 ____D C:\Users\uzivatel\Documents\SOLIDWORKS Downloads
2021-11-01 10:26 - 2021-10-01 07:36 - 000002739 _____ C:\Users\Public\Desktop\eDrawings 2021 x64 Edition.lnk
2021-11-01 10:26 - 2021-10-01 07:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS 2021
2021-11-01 10:26 - 2021-10-01 07:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje SOLIDWORKS 2021
2021-11-01 10:25 - 2021-10-01 07:34 - 000002890 _____ C:\Users\Public\Desktop\SOLIDWORKS 2021.lnk
2021-11-01 10:22 - 2021-10-01 07:35 - 000000000 ____D C:\SOLIDWORKS Data
2021-11-01 10:07 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-11-01 10:07 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-11-01 10:04 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-01 09:02 - 2021-09-10 15:11 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-30 11:25 - 2021-09-30 18:03 - 000000000 ____D C:\Users\uzivatel\AppData\Local\Intel
2021-10-29 10:54 - 2021-09-30 18:02 - 000000000 ____D C:\Users\uzivatel
2021-10-29 10:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2021-10-27 15:18 - 2021-09-30 18:03 - 000000000 ____D C:\Users\uzivatel\AppData\Local\Packages
2021-10-23 08:16 - 2021-09-10 15:16 - 000000000 ____D C:\ProgramData\Package Cache
2021-10-23 08:04 - 2021-09-10 15:38 - 000000000 ____D C:\Windows\Panther
2021-10-22 09:16 - 2021-09-30 18:04 - 000001820 _____ C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MaxxAudio Pro by Waves - Ovládání zvuku reproduktorů a mikrofonů a Nx 3D zvuk.lnk
2021-10-20 09:16 - 2021-09-30 22:22 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-20 09:16 - 2021-09-30 22:22 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-19 14:08 - 2021-09-10 15:14 - 000000000 ____D C:\Program Files\Microsoft Office
2021-10-15 14:26 - 2021-09-30 18:05 - 000000000 ____D C:\Users\uzivatel\AppData\Local\PlaceholderTileLogoFolder
2021-10-14 17:43 - 2021-10-01 07:39 - 000000000 ____D C:\ProgramData\FLEXnet
2021-10-14 17:37 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\Downloaded Program Files
2021-10-14 13:44 - 2021-09-30 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-10-14 09:53 - 2021-09-30 21:24 - 000000000 ____D C:\Users\uzivatel\AppData\Local\Adobe
2021-10-14 08:51 - 2019-12-07 10:51 - 000000000 ____D C:\Windows\OCR
2021-10-14 08:44 - 2021-09-30 21:30 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-10-14 08:44 - 2021-09-30 21:30 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-10-14 08:44 - 2021-09-30 21:30 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2021-10-14 08:37 - 2021-09-30 18:03 - 000000000 ____D C:\Users\uzivatel\AppData\Local\ConnectedDevicesPlatform
2021-10-13 17:49 - 2021-09-30 22:03 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2021-10-13 17:49 - 2021-09-10 15:38 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-10-13 17:49 - 2019-12-07 10:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-10-13 17:49 - 2019-12-07 10:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-10-13 17:49 - 2019-12-07 10:49 - 000000000 ____D C:\Windows\SysWOW64\winrm
2021-10-13 17:49 - 2019-12-07 10:49 - 000000000 ____D C:\Windows\SysWOW64\WCN
2021-10-13 17:49 - 2019-12-07 10:49 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2021-10-13 17:49 - 2019-12-07 10:49 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2021-10-13 17:49 - 2019-12-07 10:49 - 000000000 ____D C:\Windows\system32\winrm
2021-10-13 17:49 - 2019-12-07 10:49 - 000000000 ____D C:\Windows\system32\WCN
2021-10-13 17:49 - 2019-12-07 10:49 - 000000000 ____D C:\Windows\system32\slmgr
2021-10-13 17:49 - 2019-12-07 10:49 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2021-10-13 17:49 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2021-10-13 17:49 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2021-10-13 17:49 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\F12
2021-10-13 17:49 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-10-13 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-10-13 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\MUI
2021-10-13 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-10-13 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Com
2021-10-13 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-10-13 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-10-13 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2021-10-13 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Sysprep
2021-10-13 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-10-13 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\MUI
2021-10-13 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2021-10-13 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-10-13 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\IME
2021-10-13 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-10-13 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-10-13 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-10-13 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-10-13 17:49 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2021-10-13 17:48 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-10-13 17:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2021-10-13 17:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2021-10-13 17:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Com
2021-10-13 16:28 - 2021-09-10 15:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-10-13 08:38 - 2021-09-30 18:19 - 000000000 ____D C:\Windows\system32\MRT
2021-10-13 08:37 - 2021-09-30 18:19 - 139806512 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-10-13 08:27 - 2021-09-30 18:12 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-13 08:26 - 2021-09-10 15:10 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-13 08:26 - 2021-09-10 15:10 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-11 07:08 - 2021-09-10 14:58 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-10-07 11:38 - 2021-09-10 15:18 - 000000000 ____D C:\ProgramData\Packages

==================== Files in the root of some directories ========

2021-10-29 12:26 - 2021-11-01 18:57 - 000007596 _____ () C:\Users\uzivatel\AppData\Local\Resmon.ResmonCfg
2021-11-01 18:15 - 2021-11-01 18:56 - 000000000 _____ () C:\Users\uzivatel\AppData\Local\Temptable.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-10-2021
Ran by uzivatel (02-11-2021 09:17:21)
Running from C:\Users\uzivatel\Desktop
Microsoft Windows 10 Pro Version 20H2 19042.1288 (X64) (2021-09-30 16:48:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2064044183-2917764295-2116049361-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2064044183-2917764295-2116049361-503 - Limited - Disabled)
Guest (S-1-5-21-2064044183-2917764295-2116049361-501 - Limited - Disabled)
uzivatel (S-1-5-21-2064044183-2917764295-2116049361-1001 - Administrator - Enabled) => C:\Users\uzivatel
WDAGUtilityAccount (S-1-5-21-2064044183-2917764295-2116049361-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DEXPERIENCE Marketplace for SOLIDWORKS (HKLM\...\{0060450C-5B44-424B-BD42-559F2A5D820A}) (Version: 6.29.743 - Dassault Systemes SolidWorks Corp)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 21.007.20099 - Adobe)
AutoCAD 2015 – Čeština (Czech) (HKLM\...\{5783F2D7-E001-0000-0102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 1.0.59.0 - Autodesk)
Autodesk AutoCAD 2015 – Čeština (Czech) (HKLM\...\AutoCAD 2015 – Čeština (Czech)) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
CCleaner (HKLM\...\CCleaner) (Version: 5.86 - Piriform)
CPUID CPU-Z 1.98 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.98 - CPUID, Inc.)
Dell Command | Update for Windows 10 (HKLM\...\{4CCADC13-F3AE-454F-B724-33F6D4E52022}) (Version: 4.3.0 - Dell Inc.)
Dell Digital Delivery Services (HKLM-x32\...\{560DFD4A-23E2-45DD-A223-A4B3FA356913}) (Version: 4.0.92.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{9EF0AEB0-9AD2-40E6-8667-D7520C508941}) (Version: 3.10.3.3 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{E21419F5-2AA6-439C-B2C1-840083A05BC5}) (Version: 5.5.0.16041 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{db72dcd5-bf99-4888-b104-cb605b82ec8a}) (Version: 5.5.0.16041 - Dell Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{79DD0F5D-7B7F-40D2-AB07-230DA018224E}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.54 - Google LLC)
Import souborů SketchUp (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2117.15.0.2272 - Intel Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.40 - Microsoft Corporation)
Microsoft Office 2019 pro domácnosti a podnikatele - cs-cz (HKLM\...\HomeBusiness2019Retail - cs-cz) (Version: 16.0.14430.20306 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2064044183-2917764295-2116049361-1001\...\Teams) (Version: 1.4.00.26376 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27012 (HKLM-x32\...\{67f67547-9693-4937-aa13-56e296bd40f6}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{ab213ab7-4792-4c6f-a3fa-8485d06c3475}) (Version: 14.0.23829 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20306 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20306 - Microsoft Corporation) Hidden
Opera Stable 80.0.4170.63 (HKU\S-1-5-21-2064044183-2917764295-2116049361-1001\...\Opera 80.0.4170.63) (Version: 80.0.4170.63 - Opera Software)
Skype verze 8.77 (HKLM-x32\...\Skype_is1) (Version: 8.77 - Skype Technologies S.A.)
SOLIDWORKS 2021 Czech Resources (HKLM\...\{CD6AE51E-B16F-42CB-975C-A48B5BB2CD48}) (Version: 29.141.0001 - Název společnosti:) Hidden
SOLIDWORKS 2021 graphics support (HKLM-x32\...\{24397C0B-F9EC-4827-9DD1-5169D06583E5}) (Version: 1.0.1 - Dassault Systemes)
SOLIDWORKS 2021 SP04.1 (HKLM\...\{9C0A2571-4AAE-4FEE-B673-038B38B85EFC}) (Version: 29.141.0001 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2021 SP04.1 (HKLM-x32\...\SolidWorks Installation Manager 20210-40401-1100-100) (Version: 29.4.1.1 - SolidWorks Corporation)
SOLIDWORKS CAM 2021 SP04.1 (HKLM\...\{EFF51C01-6447-44F1-B1C6-567BA8E08A3C}) (Version: 29.41.0001 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Composer Player 2021 SP04.1 (HKLM\...\{38720B59-8277-4DB6-90FD-B070DBD81995}) (Version: 29.41.0001 - Název společnosti:) Hidden
SOLIDWORKS eDrawings 2021 SP04.1 (HKLM\...\{68158D28-0BC4-4D34-90A9-64484D604EB7}) (Version: 29.40.0037 - Společnost Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS File Utilities 2021 SP04.1 (HKLM\...\{8B08B929-B840-474F-81E6-419C933A4766}) (Version: 29.41.0001 - Společnost Dassault Systemes SolidWorks Corp) Hidden
Speciální aplikace Autodesk (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Spotify (HKU\S-1-5-21-2064044183-2917764295-2116049361-1001\...\Spotify) (Version: 1.1.71.560.gc21c3367 - Spotify AB)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)

Packages:
=========
Dell Command | Update -> C:\Program Files\WindowsApps\DellInc.DellCommandUpdate_4.3.12.0_x86__htrsf667h5kn2 [2021-09-30] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.92.0_x64__htrsf667h5kn2 [2021-09-30] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.6.0_x64__htrsf667h5kn2 [2021-09-30] (Dell Inc)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1020.0_x64__8j3eq9eme6ctt [2021-11-01] (INTEL CORP)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-09-30] (INTEL CORP) [Startup Task]
Partner Promo -> C:\Program Files\WindowsApps\DellInc.PartnerPromo_1.0.21.0_x64__htrsf667h5kn2 [2021-09-30] (Dell Inc)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-09-30] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell 2020 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2020_3.0.98.0_x64__fh4rh281wavaa [2021-09-30] (Waves Audio)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2064044183-2917764295-2116049361-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2064044183-2917764295-2116049361-1001_Classes\CLSID\{0BAD39CB-DD3E-4F21-9156-649B0156C28E}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_e99a314c3593d5e7\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.)
CustomCLSID: HKU\S-1-5-21-2064044183-2917764295-2116049361-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2064044183-2917764295-2116049361-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\uzivatel\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21161.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2064044183-2917764295-2116049361-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\cs-CZ\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_150d5bd6c9d549f0\OptaneShellExt.dll [2021-08-26] (Intel Corporation -> )
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-08-18] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2014-08-18] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_150d5bd6c9d549f0\OptaneShellExt.dll [2021-08-26] (Intel Corporation -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-09-30 22:18 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2021-09-30 18:50 - 2021-09-30 18:51 - 042803200 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.dll
2021-09-30 22:02 - 2021-09-30 22:02 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2021-09-30 22:02 - 2021-09-30 22:02 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2021-07-01 10:54 - 2021-07-01 10:54 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2064044183-2917764295-2116049361-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-2064044183-2917764295-2116049361-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-2064044183-2917764295-2116049361-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//www.msn.com/?pc=DCTE
HKU\S-1-5-21-2064044183-2917764295-2116049361-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//www.msn.com/?pc=DCTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-13] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\
HKU\S-1-5-21-2064044183-2917764295-2116049361-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKU\S-1-5-21-2064044183-2917764295-2116049361-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2064044183-2917764295-2116049361-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-2064044183-2917764295-2116049361-1001\...\StartupApproved\Run: => "Skype for Desktop"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EB74DE8C-6C89-4469-A78D-094B806010D9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F403E44C-3168-4CBC-A04C-8154E6E4EEA3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EC202ED0-C121-489A-A4A7-04E2D3952998}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8CE06B33-8725-4370-B82D-62786A00A17A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{77D8F427-2FF0-4330-9E31-6640DA9936B5}C:\users\uzivatel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\uzivatel\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{7ED4509B-7819-4626-8A8B-8AC8B7205046}C:\users\uzivatel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\uzivatel\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C52A6FB4-E42D-4602-8066-B104CB2C8436}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C86EA085-EEED-4181-BA9C-EF2D0927B1AC}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{133900C9-B6AF-4F25-958E-3848B6D9DBAB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F25D7973-DEEA-47DC-A6B4-02AE1CDF220A}] => (Allow) LPort=50248
FirewallRules: [TCP Query User{25C62C2D-AE80-4FCA-9EB0-79171B2F77B3}C:\users\uzivatel\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\uzivatel\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{3CA1334F-939E-4D70-B1C0-049B57D2C761}C:\users\uzivatel\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\uzivatel\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{758A2625-AEF1-41DC-8F4E-9E970A335E8B}C:\users\uzivatel\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\uzivatel\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{95E2A114-1E98-4BF4-BD51-7AAD802ACF54}C:\users\uzivatel\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\uzivatel\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{094EDF5C-CCEF-4DDC-BCA5-A5A457C9E2EC}] => (Allow) C:\Users\uzivatel\AppData\Local\Programs\Opera\80.0.4170.40\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{50F432F2-A73B-4CD8-A2CB-DD855168DB94}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{B88968D5-210B-4DDB-A63E-53CBEDBE667E}C:\users\uzivatel\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\uzivatel\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{F75519B5-4CBA-49AA-9FF7-6172114703E8}C:\users\uzivatel\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\uzivatel\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{6F4AAF69-12D1-4D1C-9DD7-91B170D5C792}C:\users\uzivatel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\uzivatel\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{6766E54F-7672-44A6-AD10-3FC7BA50CA20}C:\users\uzivatel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\uzivatel\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D33C1CB1-423D-4289-8005-178DF6FA0643}] => (Allow) C:\Users\uzivatel\AppData\Local\Programs\Opera\80.0.4170.63\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{9E826883-94E2-424E-A344-764189C129EC}C:\program files\solidworks corp\solidworks\swscheduler\dtsmonitor.exe] => (Allow) C:\program files\solidworks corp\solidworks\swscheduler\dtsmonitor.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
FirewallRules: [UDP Query User{07C4BFC3-640F-459D-AB29-773F005897A8}C:\program files\solidworks corp\solidworks\swscheduler\dtsmonitor.exe] => (Allow) C:\program files\solidworks corp\solidworks\swscheduler\dtsmonitor.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
FirewallRules: [TCP Query User{37932CF7-5A00-4A8B-910C-B256CC4BE7E6}C:\users\uzivatel\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\uzivatel\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{DA1B469B-362C-4503-8FD1-638F82D1BC5C}C:\users\uzivatel\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\uzivatel\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

14-10-2021 08:43:26 Instalační služba modulů systému Windows
19-10-2021 14:37:07 Dell Client Management Service
23-10-2021 08:14:18 Dell Client Management Service
01-11-2021 09:47:53 Naplánovaný kontrolní bod
01-11-2021 10:03:57 Dell Client Management Service
01-11-2021 18:39:21 Installed SOLIDWORKS 2021 graphics support

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/01/2021 01:58:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (11/01/2021 01:58:00 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (11/01/2021 01:58:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (11/01/2021 01:58:00 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (11/01/2021 01:12:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (11/01/2021 01:12:29 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (11/01/2021 12:28:34 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (11/01/2021 10:26:46 AM) (Source: eDrawings) (EventID: 999) (User: PC-SOLIDWORKS)
Description: eDrawings


System errors:
=============
Error: (11/01/2021 06:52:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Autodesk Content Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (11/01/2021 06:52:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Autodesk Content Service bylo dosaženo časového limitu (60000 ms).

Error: (11/01/2021 06:05:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Autodesk Content Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (11/01/2021 06:05:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Autodesk Content Service bylo dosaženo časového limitu (60000 ms).

Error: (11/01/2021 06:05:19 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (13:58:17, ‎01.‎11.‎2021) bylo neočekávané.

Error: (11/01/2021 06:05:14 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Při zpracování obnovovacích dat došlo k závažné chybě.

Error: (11/01/2021 01:58:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Autodesk Content Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (11/01/2021 01:58:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Autodesk Content Service bylo dosaženo časového limitu (60000 ms).


Windows Defender:
================
Date: 2021-11-01 11:36:52
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {31EDFAB9-C488-499B-A9FC-317A01E4D399}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-29 08:21:17
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {76455E50-89B4-465C-BCF6-8B5A09823D81}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-28 10:08:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A90AE28B-BC79-4D64-98A4-319C6205822C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-23 09:15:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {81360DCF-E05A-47F3-A223-4D972A077BE3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-21 12:08:06
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {833D9550-D75A-4B60-B5B9-2BBF67C34BAE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-14 18:50:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o obnovení položky z karantény.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
Závažnost: Vysoké
Kategorie: Nástroj
Uživatel: PC-SOLIDWORKS\uzivatel
Kód chyby: 0x80508014
Popis chyby: Položku v karanténě nelze obnovit.
Verze bezpečnostních informací: AV: 1.351.389.0, AS: 1.351.389.0
Verze modulu: 1.1.18600.4

CodeIntegrity:
===============
Date: 2021-10-30 13:05:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\uzivatel\AppData\Local\Programs\Opera\opera.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. 2.2.1 08/20/2021
Motherboard: Dell Inc. 04PT3G
Processor: Intel(R) Core(TM) i5-10505 CPU @ 3.20GHz
Percentage of memory in use: 31%
Total physical RAM: 16131.71 MB
Available physical RAM: 11113.21 MB
Total Virtual: 20483.71 MB
Available Virtual: 15063.41 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:235.86 GB) (Free:137.25 GB) NTFS

\\?\Volume{89b67c08-a957-4fc9-8ce0-0e4d811fb9fe}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.49 GB) NTFS
\\?\Volume{3f623262-6502-4e8a-bf31-a20a3dd4cd3d}\ (DELLSUPPORT) (Fixed) (Total:1.36 GB) (Free:0.53 GB) NTFS
\\?\Volume{a0f92ae1-859d-45e1-bee0-7d49c3873cd0}\ (ESP) (Fixed) (Total:0.14 GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: B7A3D70B)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119408
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Náhlé zpomalení pc.

#10 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
RodenT
Návštěvník
Návštěvník
Příspěvky: 77
Registrován: 22 kvě 2013 16:01

Re: Náhlé zpomalení pc.

#11 Příspěvek od RodenT »

Fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-10-2021
Ran by uzivatel (02-11-2021 10:34:46) Run:2
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11857343 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 3138930 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 415865988 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 4930 B
uzivatel => 91033396 B

RecycleBin => 172843728 B
EmptyTemp: => 662.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:35:03 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119408
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Náhlé zpomalení pc.

#12 Příspěvek od Rudy »

Smazáno. Log již bude OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
RodenT
Návštěvník
Návštěvník
Příspěvky: 77
Registrován: 22 kvě 2013 16:01

Re: Náhlé zpomalení pc.

#13 Příspěvek od RodenT »

Supr. Od rána už pracuji v Solidworks a asi kombinace všech kroků, co jsem udělal, pomohla.

Teď už je to tedy vše, ano?
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119408
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Náhlé zpomalení pc.

#14 Příspěvek od Rudy »

Z mé strany vše. :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
RodenT
Návštěvník
Návštěvník
Příspěvky: 77
Registrován: 22 kvě 2013 16:01

Re: Náhlé zpomalení pc.

#15 Příspěvek od RodenT »

Super,
Tak ještě jednou díky. Mějte se.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“