VIRY.CZ

Pomalý start PC, pomalé načítání programů. WIN 7, hybridní disk HD+SSD, po ruční reinstalaci systému, pomalé otvírání sdílených složek v síti (přes 10 sekund).

Log z RSIT:


info.txt logfile of random's system information tool 1.10 2018-02-17 09:14:29

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A7D829901000000010100DE033F043F000000863901008019150507FEFFFF004001000050780100FEFFFF07FEFFFF0090790100C0F6720000000000000000000000000000000055AA

======Uninstall list======

. . .-->MsiExec.exe /I{DB52A2D0-CAA1-4ED1-B122-29E7EDDE187F}
. . .-->MsiExec.exe /X{06DA421D-EE23-487D-878F-F0AF97EF69AD}
64 Bit HP CIO Components Installer-->MsiExec.exe /I{0EBC740B-4363-489B-8C27-98CE0740BA19}
Adobe Acrobat Reader DC - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AC0F074E4100}
Adobe Flash Player 24 NPAPI-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_Plugin.exe -maintain plugin
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824261196}
Aplikace Intel® PROSet/Wireless-->"C:\ProgramData\Package Cache\{544ecb18-5d76-44bb-ac33-8d06719e39e7}\Setup.exe" /uninstall
Apple Mobile Device Support-->MsiExec.exe /I{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}
Apple Software Update-->MsiExec.exe /I{19589375-5C58-4AFA-842F-8B34744CCEAD}
Arduino-->"C:\Program Files (x86)\Arduino\uninstall.exe"
Avast Free Antivirus-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel
Balíček ovladače systému Windows - FTDI CDM Driver Package - Bus/D2XX Driver (07/10/2015 2.12.06)-->C:\PROGRA~1\DIFX\C6AA632BE39BEA04\dpinst-amd64.exe /u C:\Windows\System32\DriverStore\FileRepository\ftdibus.inf_amd64_neutral_b81cf3639a0cfb75\ftdibus.inf
Balíček ovladače systému Windows - FTDI CDM Driver Package - VCP Driver (07/10/2015 2.12.06)-->C:\PROGRA~1\DIFX\C6AA632BE39BEA04\dpinst-amd64.exe /u C:\Windows\System32\DriverStore\FileRepository\ftdiport.inf_amd64_neutral_8922a19b275a3879\ftdiport.inf
Bonjour-->MsiExec.exe /X{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}
Canon LBP2900-->C:\Program Files\Canon\PrnUninstall\Canon LBP2900\CNAB4UND.EXE
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CompuGroup Medical - (PC DOKTOR / PC DENT)-->MsiExec.exe /X{81F07A4F-A47E-4E0F-A75D-D24BD09BB2D8}
CompuGroup Medical - CGM SERVER-->MsiExec.exe /X{8FE2C676-72E8-4024-9066-710FE32112E8}
CompuGroup Medical - Ecommunication-->MsiExec.exe /X{3850A53F-8A0E-45E1-9F11-D801237D3694}
CompuGroup Medical - Kniha objednávek-->MsiExec.exe /X{CF314AF7-682B-4C77-B164-6FB0080D2726}
CompuGroup Medical - MEDICAL NET-->MsiExec.exe /X{0726B7A2-A8F4-4BE1-A086-A93E9A5BA5BC}
ContiTech Suite 7.4-->"C:\Program Files (x86)\ContiTech Suite\uninst\unins000.exe"
Dassault Systemes Software VC11 Prerequisites x86-x64-->MsiExec.exe /X{C857169D-3F1A-4530-99A0-CAE966CE267E}
Dell SupportAssist-->C:\Program Files\Dell\SupportAssist\uninstaller.exe /arp
Dell SupportAssistAgent-->MsiExec.exe /X{8D7B279C-A661-465C-9658-F62FBD6A6B91}
Dell Touchpad-->C:\Program Files\DellTPad\Uninstap.exe ADDREMOVE
Dell Update-->MsiExec.exe /I{632610E3-5B12-403C-9C93-EF533ED1C113}
Edgecam 2016 R2-->"C:\Program Files\Vero Software\Edgecam 2016 R2\unins000.exe"
Edgecam CADLinks 2016 R2-->"C:\Program Files\Common Files\Vero Software\2016.20\Edgecam CADLinks\unins000.exe"
Edgecam Live Job Reports 2016 R2-->"C:\Program Files\Vero Software\Edgecam Live Job Reports 2016 R2\unins000.exe"
eDrawings 2017 x64-->MsiExec.exe /I{F36E59AF-DC22-43D9-A469-93A6267D6BAA}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.167\Installer\setup.exe" --uninstall --system-level --verbose-logging
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HSMWorks x64 2016 R2.40513-->"C:\Program Files\HSMWorks\unins000.exe"
iCloud-->MsiExec.exe /I{694E3E02-E14A-4BB2-A970-CF7F017FD5CC}
IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -remove -removeonly
Intel DnX USB Driver version 1.0.0-->"C:\Program Files\Intel\xFSTK\DnXUSBDriver\unins000.exe"
Intel Edison Device USB driver-->C:\Program Files (x86)\Intel Edison Device USB driver\uninst.exe
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) OpenCL CPU Runtime-->C:\Program Files (x86)\Intel\OpenCL SDK\1.5\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) Rapid Start Technology-->C:\Program Files (x86)\Intel\irstrt\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology-->"C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe" -uninstall
Intel(R) Rapid Storage Technology-->MsiExec.exe /I{96714280-14E6-4DF7-BACD-F797C0F17C3D}
Intel(R) USB 3.0 eXtensible Host Controller Driver-->C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Uninstall\setup.exe -uninstall
Intel® Driver Update Utility-->"C:\ProgramData\Package Cache\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}\Intel Driver Update Utility Installer.exe" /uninstall
Intel® PROSet/Wireless WiFi Software-->MsiExec.exe /I{11BD5062-5227-4A48-91AF-904B1802EEA8}
Intel® Trusted Connect Service Client-->MsiExec.exe /I{538B98C3-773F-4F20-9C66-802D104DCBE2}
IrfanView 64 (remove only)-->"C:\Program Files\IrfanView\iv_uninstall.exe"
iTunes-->MsiExec.exe /I{81C96689-EA5B-4B7D-A04F-16326EC51BC2}
LibreOffice 5.2 Help Pack (Czech)-->MsiExec.exe /I{828D5C85-F3A0-48D2-9B34-3D8A4422D8EA}
LibreOffice 5.2.1.2-->MsiExec.exe /I{30566BDB-4658-461F-AF23-09CF7E2BC1D1}
Microsoft .NET Framework 4.5.2-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\\Setup.exe /repair /x86 /x64
Microsoft .NET Framework 4.5.2-->MsiExec.exe /X{26784146-6E05-3FF9-9335-786C7C0FB5BE}
Microsoft Office 2003 Web Components-->MsiExec.exe /I{90120000-00A4-0409-0000-0000000FF1CE}
Microsoft Report Viewer 2012 Runtime-->MsiExec.exe /I{C58378BC-0B7B-474E-855C-9D02E5E75D71}
Microsoft SQL Server 2012 Native Client -->MsiExec.exe /I{49D665A2-4C2A-476E-9AB8-FCC425F526FC}
Microsoft SQL Server 2014 Express LocalDB -->MsiExec.exe /I{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}
Microsoft System CLR Types for SQL Server 2012 (x64)-->MsiExec.exe /I{F1949145-EB64-4DE7-9D81-E6D27937146C}
Microsoft Visual Basic for Applications 7.1 (x64) English-->MsiExec.exe /I{90F60409-7000-11D3-8CFE-0150048383C9}
Microsoft Visual Basic for Applications 7.1 (x64)-->MsiExec.exe /I{90120064-0070-0000-0000-4000000FF1CE}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501-->"C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005-->"C:\ProgramData\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005-->MsiExec.exe /X{929FBD26-9020-399B-9A7A-751D61F0B942}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005-->MsiExec.exe /X{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215-->"C:\ProgramData\Package Cache\{e2803110-78b3-4664-a479-3611a381656a}\VC_redist.x86.exe" /uninstall
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215-->MsiExec.exe /X{69BCE4AC-9572-3271-A2FB-9423BDA36A43}
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215-->MsiExec.exe /X{BBF2AC74-720C-3CB3-8291-5E34039232FA}
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU-->C:\Program Files\Microsoft Visual Studio 8\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU\install.exe
Microsoft Visual Studio 2005 Tools for Applications - ENU-->MsiExec.exe /X{D481EA96-2313-4A7C-98EE-710D1AF884AC}
Microsoft Visual Studio 2005 Tools for Applications - ENU-->MsiExec.exe /X{D481EA96-2313-4A7C-98EE-710D1AF884AC}
Monitor technologie Intel(R) Turbo Boost 2.0-->MsiExec.exe /X{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}
Mozilla Firefox 58.0.2 (x64 cs)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
Mozilla Thunderbird 45.8.0 (x86 cs)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
NVIDIA Ovladače grafiky 331.65-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{57C70748-89B5-4CEC-9AD0-90970BFB2E0B}\NVI2.DLL",UninstallPackage Display.Driver
Part Modeler 2016 R2-->"C:\Program Files (x86)\Vero Software\Part Modeler 2016 R2\unins000.exe"
Podpora aplikací Apple (32bitová)-->MsiExec.exe /I{D4C80B0C-CF67-43A7-90C3-466853543B54}
Podpora aplikací Apple (64bitová)-->MsiExec.exe /I{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}
PrimoPDF -- brought to you by Nitro PDF Software-->"C:\Program Files (x86)\Nitro PDF\PrimoPDF\uninstaller.exe"
Quickset64-->MsiExec.exe /I{87CF757E-C1F1-4D22-865C-00C6950B5258}
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek USB 2.0 Reader Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{62BBB2F0-E220-4821-A564-730807D2C34D}\setup.exe" -runfromtemp -removeonly
SafeZone Stable 4.58.2552.909-->"C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" /uninstall
Sentinel System Driver Installer 7.5.8-->MsiExec.exe /I{75BC36E7-AC24-4F35-8AE0-B5885F887744}
Skype™ 7.40-->MsiExec.exe /X{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}
Solidlink 2016.30-->"C:\Program Files\Common Files\Vero Software\2016.30\Solidlink\unins001.exe"
SOLIDWORKS 2015 x64 Czech Resources-->MsiExec.exe /X{ACB7E95C-794E-4009-9B54-0C094F661EAB}
SOLIDWORKS 2015 x64 Edition SP05-->"C:\Windows\SolidWorks\IM_20150-40500-1100-100 (3)\sldim\sldIM.exe" /remove "C:\Windows\SolidWorks\IM_20150-40500-1100-100 (3)\sldim\sldIM_installed.xml"
SOLIDWORKS 2015 x64 Edition SP05-->MsiExec.exe /X{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}
SOLIDWORKS 2016 x64 Czech Resources-->MsiExec.exe /X{BD37B53B-592C-41B4-BECA-D156E3D0B058}
SOLIDWORKS 2016 x64 Edition SP04-->"C:\Windows\SolidWorks\IM_20160-40400-1100-100\sldim\sldIM.exe" /remove "C:\Windows\SolidWorks\IM_20160-40400-1100-100\sldim\sldIM_installed.xml"
SOLIDWORKS 2016 x64 Edition SP04-->MsiExec.exe /X{768F3B65-1695-47B7-9002-B11400CB111D}
SOLIDWORKS Composer Player 2016 SP04 x64 Edition-->MsiExec.exe /I{8537E059-C18B-4DE6-AED6-CD9B90240C35}
SOLIDWORKS eDrawings 2016 x64 Edition SP04-->MsiExec.exe /I{B3DDA3FF-C213-42EA-808B-274C1E88EABD}
SOLIDWORKS Explorer 2015 SP05 x64 Edition-->MsiExec.exe /I{EACE15FF-59ED-4CBE-B1EB-616F4908745F}
SOLIDWORKS Explorer 2016 SP04 x64 Edition-->MsiExec.exe /I{41E08694-1890-4B39-9D1C-B9D27A1D67B3}
Total Commander 64-bit (Remove or Repair)-->C:\Program Files\totalcmd\tcunin64.exe
Vero Software CLS 2016.10-->MsiExec.exe /X{1CE6F900-3AEE-4096-A75E-26B20051485A}
WinRAR 5.40 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
WPTx64-->MsiExec.exe /I{0B2C58EB-67A2-225B-60B2-D1990E55DD33}

======System event log======

Computer Name: SUCODell2-NTB
Event Code: 7036
Message: Stav služby Načítání obrázků (WIA) byl změněn na: Spuštěno
Record Number: 10852
Source Name: Service Control Manager
Time Written: 20161017075217.003829-000
Event Type: Informace
User:

Computer Name: SUCODell2-NTB
Event Code: 7036
Message: Stav služby Podpora rozhraní NetBIOS nad protokolem TCP/IP byl změněn na: Zastaveno
Record Number: 10851
Source Name: Service Control Manager
Time Written: 20161017075216.917824-000
Event Type: Informace
User:

Computer Name: SUCODell2-NTB
Event Code: 7042
Message: Službě Podpora rozhraní NetBIOS nad protokolem TCP/IP byl úspěšně odeslán ovládací prvek Zastaveno.

Byl zadán důvod: 0x40030011 [Operační systém: Připojení k síti (Plánováno)]

Komentář: Žádné
Record Number: 10850
Source Name: Service Control Manager
Time Written: 20161017075216.916824-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: SUCODell2-NTB
Event Code: 7036
Message: Stav služby Podpora rozhraní NetBIOS nad protokolem TCP/IP byl změněn na: Spuštěno
Record Number: 10849
Source Name: Service Control Manager
Time Written: 20161017075216.123779-000
Event Type: Informace
User:

Computer Name: SUCODell2-NTB
Event Code: 1014
Message: Překlad názvu isatap.RT-G32 nebyl v požadované době dokončen. Žádný z nakonfigurovaných serverů DNS neodpověděl.
Record Number: 10848
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20161017075209.530402-000
Event Type: Upozornění
User: NT AUTHORITY\NETWORK SERVICE

=====Application event log=====

Computer Name: SUCODell2-NTB
Event Code: 100
Message: C:\PROGRA~2\EASYPH~1.1VC\binaries\mysql\bin\eds-mysqld.exe: Normal shutdown


For more information, see Help and Support Center at http://www.mysql.com.
Record Number: 5695
Source Name: MySQL
Time Written: 20161019182102.000000-000
Event Type: Informace
User:

Computer Name: SUCODell2-NTB
Event Code: 4101
Message: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://www.download.windowsupdate.com/m ... 6976AD.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.
Record Number: 5694
Source Name: Microsoft-Windows-CAPI2
Time Written: 20161019181720.761525-000
Event Type: Chyba
User:

Computer Name: SUCODell2-NTB
Event Code: 4101
Message: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://www.download.windowsupdate.com/m ... 6976AD.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.
Record Number: 5693
Source Name: Microsoft-Windows-CAPI2
Time Written: 20161019181719.321443-000
Event Type: Chyba
User:

Computer Name: SUCODell2-NTB
Event Code: 4101
Message: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://www.download.windowsupdate.com/m ... 6976AD.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.
Record Number: 5692
Source Name: Microsoft-Windows-CAPI2
Time Written: 20161019180921.621786-000
Event Type: Chyba
User:

Computer Name: SUCODell2-NTB
Event Code: 4101
Message: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://www.download.windowsupdate.com/m ... 6976AD.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.
Record Number: 5691
Source Name: Microsoft-Windows-CAPI2
Time Written: 20161019180921.620786-000
Event Type: Chyba
User:

=====Security event log=====

Computer Name: SUCODell2-NTB
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 1793
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160908115542.092724-000
Event Type: Úspěšný audit
User:

Computer Name: SUCODell2-NTB
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SUCODELL2-NTB$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x2dc
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 1792
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160908115542.092724-000
Event Type: Úspěšný audit
User:

Computer Name: SUCODell2-NTB
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 1791
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160908115511.977001-000
Event Type: Úspěšný audit
User:

Computer Name: SUCODell2-NTB
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SUCODELL2-NTB$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x2dc
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 1790
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160908115511.977001-000
Event Type: Úspěšný audit
User:

Computer Name: SUCODell2-NTB
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 1789
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160908115441.861279-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\1.5\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\1.5\bin\x64;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Skype\Phone\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=8
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=3a09
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"asl.log"=Destination=file

-----------------EOF-----------------

FRST log + addition.txt přiložen:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.02.2018
Ran by SUCODell2 (administrator) on SUCODELL2-NTB (17-02-2018 09:43:44)
Running from C:\Users\SUCODell2\Desktop
Loaded Profiles: SUCODell2 & UpdatusUser (Available Profiles: SUCODell2 & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(EasyPHP) C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Petr Laštovička) C:\Program Files\hotkeyp\HotkeyP.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Vero Software Limited) C:\Program Files (x86)\Common Files\Vero Software\2016.10\CLS\cls.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\mysql\bin\eds-mysqld.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Vero Software) C:\Program Files\Vero Software\Edgecam Live Job Reports 2016 R2\JobReports.WindowService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(HCS GmbH) C:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Vero Software) C:\Program Files\Vero Software\Edgecam Live Job Reports 2016 R2\JobReports.Manager.exe
(Microsoft) C:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe
(CompuGroup Medical Česká republika s.r.o.) C:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe
(CGM) C:\CGMSERVER\bin\core\cgm.servercore.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Oracle Corporation) C:\CGMSERVER\jre\bin\java.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Apache Software Foundation) C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\eds-httpd.exe
(Apache Software Foundation) C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\eds-httpd.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Jan Fiala) C:\Program Files (x86)\PSPad editor\PSPad.exe
(forum.viry.cz) C:\Users\SUCODell2\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [626552 2012-01-25] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-01-17] (IDT, Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [4367008 2012-01-08] (Dell Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2018-01-05] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-17] (Intel Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3122203273-1665005067-2304910959-1000\...\Run: [EasyPHP] => C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe [279552 2014-01-09] (EasyPHP)
HKU\S-1-5-21-3122203273-1665005067-2304910959-1000\...\Run: [HotkeyP] => C:\Program Files\hotkeyp\HotkeyP.exe [147456 2012-11-20] (Petr Laštovička)
HKU\S-1-5-21-3122203273-1665005067-2304910959-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Technologies S.A.)
HKU\S-1-5-21-3122203273-1665005067-2304910959-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd)
HKU\S-1-5-21-3122203273-1665005067-2304910959-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk [2016-11-09]
ShortcutTarget: Canon LBP2900 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE (CANON INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CLS 2016.10.lnk [2017-04-19]
ShortcutTarget: CLS 2016.10.lnk -> C:\Program Files (x86)\Common Files\Vero Software\2016.10\CLS\cls.exe (Vero Software Limited)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DB95013D-DAAF-43F5-A44B-C648ED00D3C6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E8D6F910-A93D-4092-82CC-2C42A839EBF9}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3122203273-1665005067-2304910959-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://docs.google.com/document/d/1jm-JotoSccDNBHh9GeJ4pgndJjv6J21N7lr6JV5hhKE/edit
HKU\S-1-5-21-3122203273-1665005067-2304910959-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3122203273-1665005067-2304910959-1000 -> DefaultScope {3041C8EE-81C0-4166-906C-C6F989F4B1C7} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-3122203273-1665005067-2304910959-1000 -> {3041C8EE-81C0-4166-906C-C6F989F4B1C7} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-3122203273-1665005067-2304910959-1000 -> {E19B6DC4-C607-4A7A-84B8-8A2C487D5C2D} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-11-20] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-20] (AVAST Software)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\SUCODell2\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default [2018-02-17]
FF Homepage: Mozilla\Firefox\Profiles\iQsF42px.default -> www.seznam.cz
FF Session Restore: Mozilla\Firefox\Profiles\iQsF42px.default -> is enabled.
FF Extension: (20-20 3D Viewer - IKEA) - C:\Users\SUCODell2\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\2020Player_IKEA@2020Technologies.com [2016-10-16] [Legacy]
FF Extension: (Avira Browser Safety) - C:\Users\SUCODell2\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\abs@avira.com.xpi [2017-12-29]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\SUCODell2\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\cs@dictionaries.addons.mozilla.org [2016-09-07] [Legacy]
FF Extension: (Lazarus: Form Recovery) - C:\Users\SUCODell2\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\lazarus@interclue.com.xpi [2016-04-28] [Legacy]
FF Extension: (Avast SafePrice) - C:\Users\SUCODell2\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\sp@avast.com.xpi [2017-12-29]
FF Extension: (Avast Online Security) - C:\Users\SUCODell2\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\wrc@avast.com.xpi [2017-10-29]
FF Extension: (Block site) - C:\Users\SUCODell2\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}.xpi [2017-12-29]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\SUCODell2\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-10-29]
FF SearchPlugin: C:\Users\SUCODell2\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\searchplugins\bing-.xml [2016-05-13]
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> C:\PROGRA~1\SOLIDW~2\SOLIDW~3\Bin\NPCOMP~1.DLL [2016-07-14] (Dassault Systemes)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-02-04] ()
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> C:\PROGRA~1\SOLIDW~2\SOLIDW~3\Bin\x86\NPCOMP~1.DLL [2016-07-14] (Dassault Systemes)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-02-04] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR DefaultSearchURL: Default -> hxxps://search.avira.com/#web/result?source=omnibar&q={searchTerms}
CHR DefaultSearchKeyword: Default -> Avira
CHR DefaultSuggestURL: Default -> hxxps://search.avira.com/suggestions?q={searchTerms}&li=ff&hl=en
CHR Profile: C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default [2018-02-11]
CHR Extension: (Prezentace) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-30]
CHR Extension: (Dokumenty) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-30]
CHR Extension: (Disk Google) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-21]
CHR Extension: (YouTube) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-21]
CHR Extension: (Avast SafePrice) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-10-24]
CHR Extension: (Tabulky) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-30]
CHR Extension: (Avira Browser Safety) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-03-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-21]
CHR Extension: (Avast Online Security) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-01-30]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2018-01-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-01-30]
CHR Extension: (Gmail) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-21]
CHR Extension: (Chrome Media Router) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2018-01-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-05] (AVAST Software)
R2 cgm.ebooking-1; C:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe [32864 2016-10-20] (Microsoft) [File not signed]
R2 cgm.ecommunication-1; C:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe [52320 2016-09-15] (CompuGroup Medical Česká republika s.r.o.) [File not signed]
R2 cgm.servercore; C:\CGMSERVER\bin\core\cgm.servercore.exe [54536 2016-04-20] (CGM)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2017-12-14] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294608 2017-12-14] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2017-12-14] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [232320 2017-11-21] (Dell Inc.)
R2 Edgecam Live Job Reports 2016 R2; C:\Program Files\Vero Software\Edgecam Live Job Reports 2016 R2\JobReports.WindowService.exe [30720 2016-04-26] (Vero Software) [File not signed]
S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
S3 HCS.MedConnect.Service; C:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe [48528 2015-02-11] (HCS GmbH) [File not signed]
R2 HCS.MEDCONNECT.SERVICEMANAGER; C:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe [87952 2015-02-11] (HCS GmbH) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193536 2011-12-22] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-01-20] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-08-04] ()
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2014-11-17] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2014-11-17] (Hewlett-Packard) [File not signed]
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2016-09-09] (SolidWorks) [File not signed]
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2017-12-22] (Dell Inc.)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-08-04] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [185096 2018-01-05] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321512 2018-01-05] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199448 2018-01-05] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343768 2018-01-05] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57696 2018-01-05] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [149344 2018-01-05] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-01-05] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [146648 2018-01-11] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110336 2018-01-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84384 2018-01-05] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1025176 2018-01-05] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [457896 2018-01-11] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [204456 2018-01-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [358672 2018-01-05] (AVAST Software)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141624 2014-10-28] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1448248 2014-11-26] (Motorola Solutions, Inc.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Dell Inc.)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [41208 2017-12-14] (Dell Computer Corporation)
S3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [88752 2016-10-04] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-30] (Intel Corporation)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-12-22] (Intel Corporation)
R3 isocusb; C:\Windows\System32\drivers\isocusb.sys [268288 2014-07-21] (Jungo Connectivity)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw01.sys [11534096 2015-05-04] (Intel Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [63568 2012-12-11] (SafeNet, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-17 09:43 - 2018-02-17 09:44 - 000024546 _____ C:\Users\SUCODell2\Desktop\FRST.txt
2018-02-17 09:41 - 2018-02-17 09:43 - 000000000 ____D C:\FRST
2018-02-17 09:15 - 2018-02-17 09:15 - 002405376 _____ (Farbar) C:\Users\SUCODell2\Desktop\FRST64.exe
2018-02-17 09:14 - 2018-02-17 09:14 - 000000000 ____D C:\rsit
2018-02-17 09:14 - 2018-02-17 09:14 - 000000000 ____D C:\Program Files\trend micro
2018-02-17 09:12 - 2018-02-17 09:12 - 001222144 _____ C:\Users\SUCODell2\Desktop\RSITx64.exe
2018-02-17 09:10 - 2018-02-17 09:10 - 000000000 ____D C:\Users\SUCODell2\Desktop\Viry.cz a odvirování
2018-02-17 08:51 - 2018-02-17 09:10 - 000112640 _____ (forum.viry.cz) C:\Users\SUCODell2\Desktop\FRSTLauncher.exe
2018-02-17 08:43 - 2018-02-17 08:43 - 000000000 ____D C:\Users\SUCODell2\AppData\LocalLow\PCDr
2018-02-16 19:40 - 2018-02-16 19:40 - 000000000 ____D C:\Users\SUCODell2\Desktop\16309024 Suchomel Plasty MiA5 All
2018-02-16 19:39 - 2018-02-16 19:39 - 001315363 _____ C:\Users\SUCODell2\Desktop\16309024 Suchomel Plasty MiA5 All.zip
2018-02-16 19:38 - 2018-02-16 19:38 - 000413926 _____ C:\Users\SUCODell2\Desktop\16309024 Suchomel Plasty MiA5 All.pdf
2018-02-16 19:27 - 2018-02-16 19:27 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-02-16 09:58 - 2018-02-16 09:58 - 000001810 _____ C:\Users\SUCODell2\Desktop\HP-Z240-PS.lnk
2018-02-11 11:55 - 2018-02-16 19:05 - 000000000 ___RD C:\Users\SUCODell2\iCloudDrive
2018-02-11 11:55 - 2018-02-11 11:55 - 000003872 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-02-11 11:55 - 2018-02-11 11:55 - 000002808 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-02-11 11:55 - 2018-02-11 11:55 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-02-11 11:55 - 2018-02-11 11:55 - 000000000 ____D C:\Users\SUCODell2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2018-02-11 11:55 - 2018-02-11 11:55 - 000000000 ____D C:\Users\SUCODell2\AppData\Local\Apple Inc
2018-02-11 11:55 - 2018-02-11 11:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-02-11 11:55 - 2018-02-11 11:55 - 000000000 ____D C:\Program Files\CCleaner
2018-02-11 11:40 - 2018-02-11 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2018-02-11 11:40 - 2018-02-11 11:40 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-02-11 11:33 - 2018-02-11 11:34 - 155166520 _____ (Apple Inc.) C:\Users\SUCODell2\Downloads\iCloudSetup.exe
2018-02-07 07:56 - 2018-02-07 07:56 - 000010446 _____ C:\Users\SUCODell2\Desktop\Pracovní výkaz HPP Petr Sejk za Leden 2018.xlsx
2018-01-20 13:06 - 2018-01-20 13:06 - 000000000 ____D C:\Users\SUCODell2\Documents\4. Hodkovičky

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-17 09:06 - 2016-11-19 16:39 - 000000000 ____D C:\Users\SUCODell2\AppData\LocalLow\Mozilla
2018-02-17 09:04 - 2016-09-12 07:58 - 000000000 ____D C:\Users\SUCODell2\AppData\Roaming\Skype
2018-02-17 09:04 - 2016-09-07 20:49 - 000000000 ____D C:\ProgramData\PCDr
2018-02-17 08:53 - 2016-09-07 18:31 - 000000000 ____D C:\Users\SUCODell2\Documents\www
2018-02-17 08:45 - 2016-09-07 20:49 - 000003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2018-02-17 08:42 - 2016-09-22 09:56 - 000007641 _____ C:\Users\SUCODell2\AppData\Local\Resmon.ResmonCfg
2018-02-16 19:38 - 2009-07-14 05:45 - 000021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-02-16 19:38 - 2009-07-14 05:45 - 000021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-02-16 19:34 - 2016-09-07 16:27 - 000003338 _____ C:\Windows\System32\Tasks\Intel® Rapid Start Technology Manager
2018-02-16 19:24 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-02-16 19:23 - 2016-09-07 17:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-16 19:11 - 2016-11-18 18:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-02-16 16:25 - 2016-09-09 14:53 - 000000000 ____D C:\Users\SUCODell2\AppData\Local\TempAdresářZálohySW
2018-02-14 11:31 - 2016-09-07 20:09 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-14 11:30 - 2016-09-07 20:09 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-14 08:01 - 2017-03-21 12:48 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-11 19:12 - 2016-09-08 01:49 - 000669414 _____ C:\Windows\system32\perfh005.dat
2018-02-11 19:12 - 2016-09-08 01:49 - 000141540 _____ C:\Windows\system32\perfc005.dat
2018-02-11 19:12 - 2009-07-14 06:13 - 001585684 _____ C:\Windows\system32\PerfStringBackup.INI
2018-02-11 19:12 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-02-11 12:21 - 2016-11-15 14:03 - 000000000 ___DC C:\Users\SUCODell2\AppData\Local\MigWiz
2018-02-11 12:21 - 2016-09-18 10:50 - 000000000 ____D C:\Windows\Minidump
2018-02-11 12:21 - 2016-09-08 01:51 - 000000000 ____D C:\Windows\Panther
2018-02-11 11:59 - 2016-10-22 20:32 - 000000000 ____D C:\Users\SUCODell2\AppData\Roaming\Apple Computer
2018-02-11 11:55 - 2016-09-07 15:54 - 000000000 ____D C:\Users\SUCODell2
2018-02-11 11:54 - 2016-09-07 20:43 - 000000000 ____D C:\Users\SUCODell2\Documents\INSTALL
2018-02-11 11:52 - 2016-10-22 20:32 - 000000000 ____D C:\Users\SUCODell2\AppData\Local\Apple Computer
2018-02-11 11:40 - 2016-10-22 20:31 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2018-02-11 11:40 - 2016-10-22 20:30 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-02-11 10:46 - 2018-01-07 11:41 - 000000000 ____D C:\Users\SUCODell2\Documents\3. Telefony
2018-02-01 08:17 - 2017-03-18 18:47 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update

==================== Files in the root of some directories =======

2017-04-15 21:18 - 2017-04-15 21:37 - 000006656 _____ () C:\Users\SUCODell2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-09-22 09:56 - 2018-02-17 08:42 - 000007641 _____ () C:\Users\SUCODell2\AppData\Local\Resmon.ResmonCfg
2016-09-30 09:13 - 2016-10-29 19:32 - 000000000 _____ () C:\Users\SUCODell2\AppData\Local\Temptable.xml
2016-09-07 16:22 - 2016-09-07 16:23 - 000002205 _____ () C:\Users\SUCODell2\AppData\Local\WiDiSetupLog.20160907.172239.txt

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\SUCODell2\Desktop" je 1745 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\SUCODell2\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\SUCODell2\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudDrive
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudPhotos
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files\iTunes\iTunesHelper.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner 7.0.8.0 - Logfile created on Sat Feb 17 11:26:03 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\MimarSinan


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

Plugin deleted: Avira SafeSearch Plus -


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1142 B] - [2018/2/17 11:21:50]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.02.2018
Ran by SUCODell2 (administrator) on SUCODELL2-NTB (17-02-2018 13:16:22)
Running from C:\Users\SUCODell2\Desktop
Loaded Profiles: SUCODell2 & UpdatusUser (Available Profiles: SUCODell2 & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(EasyPHP) C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe
(Petr Laštovička) C:\Program Files\hotkeyp\HotkeyP.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Vero Software Limited) C:\Program Files (x86)\Common Files\Vero Software\2016.10\CLS\cls.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\mysql\bin\eds-mysqld.exe
(CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Vero Software) C:\Program Files\Vero Software\Edgecam Live Job Reports 2016 R2\JobReports.WindowService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Apache Software Foundation) C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\eds-httpd.exe
(Apache Software Foundation) C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\eds-httpd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(HCS GmbH) C:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Vero Software) C:\Program Files\Vero Software\Edgecam Live Job Reports 2016 R2\JobReports.Manager.exe
(Microsoft) C:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe
(CompuGroup Medical Česká republika s.r.o.) C:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe
(CGM) C:\CGMSERVER\bin\core\cgm.servercore.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Oracle Corporation) C:\CGMSERVER\jre\bin\java.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\CGMSERVER\bin\pgsql\bin\postgres.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Jan Fiala) C:\Program Files (x86)\PSPad editor\PSPad.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Irfan Skiljan) C:\Program Files\IrfanView\i_view64.exe
(forum.viry.cz) C:\Users\SUCODell2\Desktop\FRST-OlderVersion\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [626552 2012-01-25] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-01-17] (IDT, Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [4367008 2012-01-08] (Dell Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2018-01-05] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-17] (Intel Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3122203273-1665005067-2304910959-1000\...\Run: [EasyPHP] => C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe [279552 2014-01-09] (EasyPHP)
HKU\S-1-5-21-3122203273-1665005067-2304910959-1000\...\Run: [HotkeyP] => C:\Program Files\hotkeyp\HotkeyP.exe [147456 2012-11-20] (Petr Laštovička)
HKU\S-1-5-21-3122203273-1665005067-2304910959-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Technologies S.A.)
HKU\S-1-5-21-3122203273-1665005067-2304910959-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd)
HKU\S-1-5-21-3122203273-1665005067-2304910959-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk [2016-11-09]
ShortcutTarget: Canon LBP2900 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE (CANON INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CLS 2016.10.lnk [2017-04-19]
ShortcutTarget: CLS 2016.10.lnk -> C:\Program Files (x86)\Common Files\Vero Software\2016.10\CLS\cls.exe (Vero Software Limited)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DB95013D-DAAF-43F5-A44B-C648ED00D3C6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E8D6F910-A93D-4092-82CC-2C42A839EBF9}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3122203273-1665005067-2304910959-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://docs.google.com/document/d/1jm-JotoSccDNBHh9GeJ4pgndJjv6J21N7lr6JV5hhKE/edit
HKU\S-1-5-21-3122203273-1665005067-2304910959-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3122203273-1665005067-2304910959-1000 -> DefaultScope {3041C8EE-81C0-4166-906C-C6F989F4B1C7} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-3122203273-1665005067-2304910959-1000 -> {3041C8EE-81C0-4166-906C-C6F989F4B1C7} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-3122203273-1665005067-2304910959-1000 -> {E19B6DC4-C607-4A7A-84B8-8A2C487D5C2D} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-11-20] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-20] (AVAST Software)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\SUCODell2\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default [2018-02-17]
FF Homepage: Mozilla\Firefox\Profiles\iQsF42px.default -> www.seznam.cz
FF Session Restore: Mozilla\Firefox\Profiles\iQsF42px.default -> is enabled.
FF Extension: (20-20 3D Viewer - IKEA) - C:\Users\SUCODell2\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\2020Player_IKEA@2020Technologies.com [2016-10-16] [Legacy]
FF Extension: (Avira Browser Safety) - C:\Users\SUCODell2\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\abs@avira.com.xpi [2017-12-29]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\SUCODell2\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\cs@dictionaries.addons.mozilla.org [2016-09-07] [Legacy]
FF Extension: (Lazarus: Form Recovery) - C:\Users\SUCODell2\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\lazarus@interclue.com.xpi [2016-04-28] [Legacy]
FF Extension: (Avast SafePrice) - C:\Users\SUCODell2\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\sp@avast.com.xpi [2017-12-29]
FF Extension: (Avast Online Security) - C:\Users\SUCODell2\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\wrc@avast.com.xpi [2017-10-29]
FF Extension: (Block site) - C:\Users\SUCODell2\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}.xpi [2017-12-29]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\SUCODell2\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-10-29]
FF SearchPlugin: C:\Users\SUCODell2\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\searchplugins\bing-.xml [2016-05-13]
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> C:\PROGRA~1\SOLIDW~2\SOLIDW~3\Bin\NPCOMP~1.DLL [2016-07-14] (Dassault Systemes)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-02-04] ()
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> C:\PROGRA~1\SOLIDW~2\SOLIDW~3\Bin\x86\NPCOMP~1.DLL [2016-07-14] (Dassault Systemes)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-02-04] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default [2018-02-17]
CHR Extension: (Prezentace) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-30]
CHR Extension: (Dokumenty) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-30]
CHR Extension: (Disk Google) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-21]
CHR Extension: (YouTube) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-21]
CHR Extension: (Avast SafePrice) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-10-24]
CHR Extension: (Tabulky) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-30]
CHR Extension: (Avira Browser Safety) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-03-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-21]
CHR Extension: (Avast Online Security) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-01-30]
CHR Extension: (No Name) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2018-01-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-01-30]
CHR Extension: (Gmail) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-21]
CHR Extension: (Chrome Media Router) - C:\Users\SUCODell2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2018-01-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-05] (AVAST Software)
R2 cgm.ebooking-1; C:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe [32864 2016-10-20] (Microsoft) [File not signed]
R2 cgm.ecommunication-1; C:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe [52320 2016-09-15] (CompuGroup Medical Česká republika s.r.o.) [File not signed]
R2 cgm.servercore; C:\CGMSERVER\bin\core\cgm.servercore.exe [54536 2016-04-20] (CGM)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2017-12-14] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294608 2017-12-14] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2017-12-14] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [232320 2017-11-21] (Dell Inc.)
R2 Edgecam Live Job Reports 2016 R2; C:\Program Files\Vero Software\Edgecam Live Job Reports 2016 R2\JobReports.WindowService.exe [30720 2016-04-26] (Vero Software) [File not signed]
S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
S3 HCS.MedConnect.Service; C:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe [48528 2015-02-11] (HCS GmbH) [File not signed]
R2 HCS.MEDCONNECT.SERVICEMANAGER; C:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe [87952 2015-02-11] (HCS GmbH) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193536 2011-12-22] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-01-20] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-08-04] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2014-11-17] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2014-11-17] (Hewlett-Packard) [File not signed]
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2016-09-09] (SolidWorks) [File not signed]
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2017-12-22] (Dell Inc.)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-08-04] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [185096 2018-01-05] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321512 2018-01-05] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199448 2018-01-05] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343768 2018-01-05] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57696 2018-01-05] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [149344 2018-01-05] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-01-05] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [146648 2018-01-11] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110336 2018-01-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84384 2018-01-05] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1025176 2018-01-05] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [457896 2018-01-11] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [204456 2018-01-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [358672 2018-01-05] (AVAST Software)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141624 2014-10-28] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1448248 2014-11-26] (Motorola Solutions, Inc.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Dell Inc.)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [41208 2017-12-14] (Dell Computer Corporation)
S3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [88752 2016-10-04] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-30] (Intel Corporation)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-12-22] (Intel Corporation)
R3 isocusb; C:\Windows\System32\drivers\isocusb.sys [268288 2014-07-21] (Jungo Connectivity)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw01.sys [11534096 2015-05-04] (Intel Corporation)
S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; c:\program files\dell\supportassist\pcdsrvc_x64.pkms [25584 2017-09-12] (PC-Doctor, Inc.)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [63568 2012-12-11] (SafeNet, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-17 13:16 - 2018-02-17 13:16 - 000000000 ____D C:\Users\SUCODell2\Desktop\FRST-OlderVersion
2018-02-17 12:32 - 2018-02-17 12:32 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-02-17 12:20 - 2018-02-17 12:26 - 000000000 ____D C:\AdwCleaner
2018-02-17 09:46 - 2018-02-17 09:46 - 000007188 _____ C:\Users\SUCODell2\Desktop\Addition 2018-02-17.rar
2018-02-17 09:43 - 2018-02-17 13:17 - 000024376 _____ C:\Users\SUCODell2\Desktop\FRST.txt
2018-02-17 09:41 - 2018-02-17 09:43 - 000000000 ____D C:\FRST
2018-02-17 09:15 - 2018-02-17 13:16 - 002403840 _____ (Farbar) C:\Users\SUCODell2\Desktop\FRST64.exe
2018-02-17 09:14 - 2018-02-17 09:14 - 000000000 ____D C:\rsit
2018-02-17 09:14 - 2018-02-17 09:14 - 000000000 ____D C:\Program Files\trend micro
2018-02-17 09:12 - 2018-02-17 09:12 - 001222144 _____ C:\Users\SUCODell2\Desktop\RSITx64.exe
2018-02-17 09:10 - 2018-02-17 12:20 - 000000000 ____D C:\Users\SUCODell2\Desktop\Viry.cz a odvirování
2018-02-17 08:43 - 2018-02-17 08:43 - 000000000 ____D C:\Users\SUCODell2\AppData\LocalLow\PCDr
2018-02-16 19:40 - 2018-02-16 19:40 - 000000000 ____D C:\Users\SUCODell2\Desktop\16309024 Suchomel Plasty MiA5 All
2018-02-16 19:39 - 2018-02-16 19:39 - 001315363 _____ C:\Users\SUCODell2\Desktop\16309024 Suchomel Plasty MiA5 All.zip
2018-02-16 19:38 - 2018-02-16 19:38 - 000413926 _____ C:\Users\SUCODell2\Desktop\16309024 Suchomel Plasty MiA5 All.pdf
2018-02-16 09:58 - 2018-02-16 09:58 - 000001810 _____ C:\Users\SUCODell2\Desktop\HP-Z240-PS.lnk
2018-02-11 11:55 - 2018-02-16 19:05 - 000000000 ___RD C:\Users\SUCODell2\iCloudDrive
2018-02-11 11:55 - 2018-02-11 11:55 - 000003872 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-02-11 11:55 - 2018-02-11 11:55 - 000002808 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-02-11 11:55 - 2018-02-11 11:55 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-02-11 11:55 - 2018-02-11 11:55 - 000000000 ____D C:\Users\SUCODell2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2018-02-11 11:55 - 2018-02-11 11:55 - 000000000 ____D C:\Users\SUCODell2\AppData\Local\Apple Inc
2018-02-11 11:55 - 2018-02-11 11:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-02-11 11:55 - 2018-02-11 11:55 - 000000000 ____D C:\Program Files\CCleaner
2018-02-11 11:40 - 2018-02-11 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2018-02-11 11:40 - 2018-02-11 11:40 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-02-11 11:33 - 2018-02-11 11:34 - 155166520 _____ (Apple Inc.) C:\Users\SUCODell2\Downloads\iCloudSetup.exe
2018-02-07 07:56 - 2018-02-07 07:56 - 000010446 _____ C:\Users\SUCODell2\Desktop\Pracovní výkaz HPP Petr Sejk za Leden 2018.xlsx
2018-01-20 13:06 - 2018-01-20 13:06 - 000000000 ____D C:\Users\SUCODell2\Documents\4. Hodkovičky

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-17 13:16 - 2016-09-12 07:58 - 000000000 ____D C:\Users\SUCODell2\AppData\Roaming\Skype
2018-02-17 12:41 - 2009-07-14 05:45 - 000021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-02-17 12:41 - 2009-07-14 05:45 - 000021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-02-17 12:36 - 2016-09-07 16:27 - 000003338 _____ C:\Windows\System32\Tasks\Intel® Rapid Start Technology Manager
2018-02-17 12:29 - 2016-11-19 16:39 - 000000000 ____D C:\Users\SUCODell2\AppData\LocalLow\Mozilla
2018-02-17 12:28 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-02-17 10:38 - 2016-09-07 20:49 - 000003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2018-02-17 09:04 - 2016-09-07 20:49 - 000000000 ____D C:\ProgramData\PCDr
2018-02-17 08:53 - 2016-09-07 18:31 - 000000000 ____D C:\Users\SUCODell2\Documents\www
2018-02-17 08:42 - 2016-09-22 09:56 - 000007641 _____ C:\Users\SUCODell2\AppData\Local\Resmon.ResmonCfg
2018-02-16 19:23 - 2016-09-07 17:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-16 19:11 - 2016-11-18 18:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-02-16 16:25 - 2016-09-09 14:53 - 000000000 ____D C:\Users\SUCODell2\AppData\Local\TempAdresářZálohySW
2018-02-14 11:31 - 2016-09-07 20:09 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-14 11:30 - 2016-09-07 20:09 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-14 08:01 - 2017-03-21 12:48 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-11 19:12 - 2016-09-08 01:49 - 000669414 _____ C:\Windows\system32\perfh005.dat
2018-02-11 19:12 - 2016-09-08 01:49 - 000141540 _____ C:\Windows\system32\perfc005.dat
2018-02-11 19:12 - 2009-07-14 06:13 - 001585684 _____ C:\Windows\system32\PerfStringBackup.INI
2018-02-11 19:12 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-02-11 12:21 - 2016-11-15 14:03 - 000000000 ___DC C:\Users\SUCODell2\AppData\Local\MigWiz
2018-02-11 12:21 - 2016-09-18 10:50 - 000000000 ____D C:\Windows\Minidump
2018-02-11 12:21 - 2016-09-08 01:51 - 000000000 ____D C:\Windows\Panther
2018-02-11 11:59 - 2016-10-22 20:32 - 000000000 ____D C:\Users\SUCODell2\AppData\Roaming\Apple Computer
2018-02-11 11:55 - 2016-09-07 15:54 - 000000000 ____D C:\Users\SUCODell2
2018-02-11 11:54 - 2016-09-07 20:43 - 000000000 ____D C:\Users\SUCODell2\Documents\INSTALL
2018-02-11 11:52 - 2016-10-22 20:32 - 000000000 ____D C:\Users\SUCODell2\AppData\Local\Apple Computer
2018-02-11 11:40 - 2016-10-22 20:31 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2018-02-11 11:40 - 2016-10-22 20:30 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-02-11 10:46 - 2018-01-07 11:41 - 000000000 ____D C:\Users\SUCODell2\Documents\3. Telefony
2018-02-01 08:17 - 2017-03-18 18:47 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update

==================== Files in the root of some directories =======

2017-04-15 21:18 - 2017-04-15 21:37 - 000006656 _____ () C:\Users\SUCODell2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-09-22 09:56 - 2018-02-17 08:42 - 000007641 _____ () C:\Users\SUCODell2\AppData\Local\Resmon.ResmonCfg
2016-09-30 09:13 - 2016-10-29 19:32 - 000000000 _____ () C:\Users\SUCODell2\AppData\Local\Temptable.xml
2016-09-07 16:22 - 2016-09-07 16:23 - 000002205 _____ () C:\Users\SUCODell2\AppData\Local\WiDiSetupLog.20160907.172239.txt

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\SUCODell2\Desktop" je 1755 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\SUCODell2\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\SUCODell2\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudDrive
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudPhotos
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files\iTunes\iTunesHelper.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Users\SUCODell2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini


EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\SUCODell2\Desktop" je 1755 MB.

To je příliš mnoho a může to způsobovat zpomalení startu systému. Vytvořte v C:\Users\SUCODell2 novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.02.2018
Ran by SUCODell2 (17-02-2018 21:16:45) Run:1
Running from C:\Users\SUCODell2\Desktop
Loaded Profiles: SUCODell2 & UpdatusUser (Available Profiles: SUCODell2 & UpdatusUser)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Users\SUCODell2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini


EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
C:\Users\SUCODell2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 3685421 B
Java, Flash, Steam htmlcache => 723 B
Windows/system/drivers => 2018832 B
Edge => 0 B
Chrome => 136552 B
Firefox => 415791814 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66356 B
systemprofile32 => 66228 B
LocalService => 0 B
NetworkService => 0 B
SUCODell2 => 58618856 B
UpdatusUser => 66228 B

RecycleBin => 373125748 B
EmptyTemp: => 822.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:17:14 ====

Smazáno. Nastala nějaká změna?

Zatím si nejsem jist. Dám vědět po delší době.

OK. Nechám to tu zatím otevřené.

Zdá se, že odvirování příliš nepomohlo.

Moje tipy, co by mohlo být špatně:
a) nekorektně přeinstalovaný systém s hybridním diskem
b) nekompletní driverová výbava
b) počítání cizích bitcoinů?

Další symptomy:
a) byl problém s otevíráním síťové složky (ostatní PC v síti ji otevřou během sekundy, tento během 10 sekund).

OK. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.