Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Ultra pomalý počítač - umírá HW, nebo je tam havěť?

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
turquoisefly
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 21 črc 2008 11:27

Ultra pomalý počítač - umírá HW, nebo je tam havěť?

#1 Příspěvek od turquoisefly »

Dobrý den,
chtěla bych poprosit o kontrolu. Počítač po startu nabíhá děsivě pomalu, po najetí šnečí tempo zůstává. I okna v prohlížeči se po čase sekají. Avastu se k tomu občas vypnou rezidentní štíty.

Díky!

Přikládám logy:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-11-2017 01
Ran by Vlasta (administrator) on VLASTA-PC (25-11-2017 21:36:20)
Running from C:\Users\Vlasta\Desktop
Loaded Profiles: Vlasta (Available Profiles: Vlasta & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Wacom Technology, Corp.) C:\Windows\System32\WTablet\Wacom_TabletUser.exe
(Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(forum.viry.cz) C:\Users\Vlasta\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2015-09-12] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-09] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2015-10-07] (Acresso Corporation)
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\MountPoints2: {c80db1f4-7e0c-11e5-9b5b-1c6f6581e2af} - F:\LGAutoRun.exe
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\MountPoints2: {d1fd5722-5b12-11e5-8991-1c6f6581e2af} - K:\Setup.exe
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\MountPoints2: {d9196e43-838a-11e5-917f-1c6f6581e2af} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\MountPoints2: {dbd7dbec-1e5c-11e6-8d16-1c6f6581e2af} - F:\OnePlus_setup.exe /s
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\MountPoints2: {f86734c0-9f50-11e6-ae19-1c6f6581e2af} - F:\OnePlus_setup.exe /s
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{38C51071-E42C-4DD1-BE12-142DF792C3FF}: [NameServer] 77.234.40.79
Tcpip\..\Interfaces\{6FCEA55B-256B-47C6-AF86-14D5763265A4}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-11-09] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-20] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-09] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-20] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: q37dqto0.default-1511563094783
FF ProfilePath: C:\Users\Vlasta\AppData\Roaming\Mozilla\Firefox\Profiles\q37dqto0.default-1511563094783 [2017-11-25]
FF Homepage: Mozilla\Firefox\Profiles\q37dqto0.default-1511563094783 -> hxxps://www.seznam.cz/
FF Extension: (Adblock Plus) - C:\Users\Vlasta\AppData\Roaming\Mozilla\Firefox\Profiles\q37dqto0.default-1511563094783\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-25]
FF Extension: (Disable Media WMF NV12 format) - C:\Users\Vlasta\AppData\Roaming\Mozilla\Firefox\Profiles\q37dqto0.default-1511563094783\features\{d1f9cf49-7a8c-4585-bd63-72756f4d6b11}\disable-media-wmf-nv12@mozilla.org.xpi [2017-11-24] [Lagacy]
FF HKLM\...\Firefox\Extensions: [jid1-r1tDuNiNb4SEww@jetpack] - C:\Program Files\AVAST Software\Avast\pam\FF => not found
FF HKLM-x32\...\Firefox\Extensions: [jid1-r1tDuNiNb4SEww@jetpack] - C:\Program Files\AVAST Software\Avast\pam\FF => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2015-10-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-21] (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2009-09-25] (Wacom, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2015-10-29] (Adobe Systems)

Chrome:
=======
CHR NewTab: Default -> "active": true,
"entry": "chrome-extension://bkgkclakjomadncofjgnekkfhkalpkpo/stubby.html"

CHR Profile: C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default [2017-07-22]
CHR Extension: (Dokumenty Google) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-04]
CHR Extension: (Disk Google) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-04]
CHR Extension: (YouTube) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-04]
CHR Extension: (Avast Online Security) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-09-04]
CHR Extension: (IE Tab) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2016-09-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-04]
CHR Extension: (Gmail) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-04]
CHR Extension: (Chrome Media Router) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-04]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
S2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-03] (Advanced Micro Devices, Inc.) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928 2017-11-09] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-09] (AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [125440 2016-03-09] (Dassault Systèmes) [File not signed]
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145736 2015-10-07] (Nuance Communications, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [6245744 2015-09-21] (Wacom Technology, Corp.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15546512 2017-06-19] (Copyright 2017.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [183584 2017-11-09] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321032 2017-11-09] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [198968 2017-11-09] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343288 2017-11-09] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57728 2017-11-09] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47008 2017-11-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-08-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [148288 2017-11-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110376 2017-11-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84416 2017-11-09] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026232 2017-11-09] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [455376 2017-11-21] (AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [203976 2017-11-09] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2015-09-14] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [364464 2017-11-09] (AVAST Software)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-09-14] (Disc Soft Ltd)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-08-07] (Apple, Inc.) [File not signed]
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-07-22] (Zemana Ltd.)
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-25 21:36 - 2017-11-25 21:36 - 000015553 _____ C:\Users\Vlasta\Desktop\FRST.txt
2017-11-25 21:36 - 2017-11-25 21:36 - 000000000 ____D C:\FRST
2017-11-25 21:34 - 2017-11-25 21:34 - 000112640 _____ (forum.viry.cz) C:\Users\Vlasta\Downloads\FRSTLauncher.exe
2017-11-25 21:34 - 2017-11-25 21:34 - 000112640 _____ (forum.viry.cz) C:\Users\Vlasta\Desktop\FRSTLauncher.exe
2017-11-25 21:24 - 2017-11-25 21:24 - 002393088 _____ (Farbar) C:\Users\Vlasta\Desktop\FRST64.exe
2017-11-25 21:20 - 2017-11-25 21:20 - 009452370 _____ C:\Users\Vlasta\Downloads\ccsetup537.zip
2017-11-25 21:20 - 2017-11-25 21:20 - 009452370 _____ C:\Users\Vlasta\Downloads\ccsetup537(1).zip
2017-11-25 21:14 - 2017-11-25 21:14 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-11-24 23:38 - 2017-11-24 23:38 - 000000000 ____D C:\Users\Vlasta\Desktop\Původní data aplikace Firefox
2017-11-21 23:11 - 2017-11-21 23:11 - 005304664 _____ C:\Windows\system32\FNTCACHE.DAT
2017-11-21 19:03 - 2017-11-21 19:03 - 003231147 _____ C:\Users\Vlasta\Downloads\SchemaPostupu20070315.pdf
2017-11-09 19:56 - 2017-11-09 19:55 - 000183584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2017-11-09 19:55 - 2017-11-09 19:55 - 000365168 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-10-28 22:17 - 2017-10-28 22:17 - 000131505 _____ C:\Users\Vlasta\Downloads\pyramida.PDF

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-25 21:36 - 2017-04-19 18:56 - 000054332 _____ C:\Windows\ZAM.krnl.trace
2017-11-25 21:23 - 2009-07-14 05:45 - 000025680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-25 21:23 - 2009-07-14 05:45 - 000025680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-25 21:20 - 2015-09-14 22:51 - 000823872 _____ C:\Windows\system32\perfh005.dat
2017-11-25 21:20 - 2015-09-14 22:51 - 000197994 _____ C:\Windows\system32\perfc005.dat
2017-11-25 21:20 - 2009-07-14 06:13 - 001802218 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-25 21:20 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-11-25 21:15 - 2015-09-21 19:38 - 000000000 ____D C:\Users\Vlasta\AppData\Roaming\WTablet
2017-11-25 21:14 - 2016-11-16 15:23 - 000000000 ____D C:\Users\Vlasta\AppData\LocalLow\Mozilla
2017-11-25 21:13 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-25 12:23 - 2015-09-14 18:37 - 000000000 ____D C:\Users\Vlasta\AppData\Local\Adobe
2017-11-21 23:13 - 2015-09-15 22:56 - 000000000 ____D C:\Users\Vlasta\Desktop\údržba PC
2017-11-21 22:28 - 2016-11-16 11:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-11-21 22:28 - 2015-09-14 13:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-21 20:40 - 2015-09-14 13:23 - 000000000 ____D C:\Users\Vlasta\AppData\Roaming\Mozilla
2017-11-21 19:34 - 2015-09-15 11:01 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-11-21 19:33 - 2015-09-15 11:00 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-21 19:07 - 2015-09-14 13:35 - 000003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-21 19:07 - 2015-09-14 13:35 - 000003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-21 19:04 - 2015-09-14 13:35 - 000455376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-11-14 21:22 - 2015-09-14 13:36 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-14 21:20 - 2015-10-15 07:16 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-11-14 21:20 - 2015-09-15 22:53 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-11-14 21:20 - 2015-09-15 22:53 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-14 21:20 - 2015-09-15 22:53 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-14 21:20 - 2015-09-14 18:51 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-09 19:56 - 2017-03-10 11:53 - 000003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-11-09 19:55 - 2017-03-10 11:53 - 000343288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-11-09 19:55 - 2017-03-10 11:53 - 000321032 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-11-09 19:55 - 2017-03-10 11:53 - 000198968 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-11-09 19:55 - 2017-03-10 11:53 - 000057728 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-11-09 19:55 - 2015-09-14 13:35 - 001026232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-11-09 19:55 - 2015-09-14 13:35 - 000364464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-11-09 19:55 - 2015-09-14 13:35 - 000203976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-11-09 19:55 - 2015-09-14 13:35 - 000148288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-11-09 19:55 - 2015-09-14 13:35 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-11-09 19:55 - 2015-09-14 13:35 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-11-09 19:55 - 2015-09-14 13:35 - 000047008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys

==================== Files in the root of some directories =======

2016-03-16 21:45 - 2016-03-16 21:45 - 000000132 _____ () C:\Users\Vlasta\AppData\Roaming\Adobe BMP Format CS6 Prefs
2016-01-26 15:44 - 2017-09-06 23:01 - 000000132 _____ () C:\Users\Vlasta\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-03-04 11:27 - 2016-03-04 11:27 - 000007605 _____ () C:\Users\Vlasta\AppData\Local\Resmon.ResmonCfg
2017-08-19 19:09 - 2017-08-19 19:09 - 000000000 _____ () C:\Users\Vlasta\AppData\Local\{50EE5B7E-F040-472B-8AE6-9A090D5D75CE}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-11-14 17:46

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:195.31 GB) (Free:80.31 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:736.2 GB) (Free:464.82 GB) NTFS
Drive f: (OnePlus Drivers) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS

Available physical RAM: 1889.71 MB
Total physical RAM: 4093.55 MB
Percentage of memory in use: 53%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 07E107E0)
Partition 1: (Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=736.2 GB) - (Type=OF Extended)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Windows\splwow64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atibtmon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BRCOI14A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d2d1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FWPUCLNT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icaapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icardagt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icardres.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\IKEEXT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\infocardapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDBASH.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDRU.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDRU1.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDTAT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDYAK.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mapistub.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MsRdpWebAccess.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nshwfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpcorekmts.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpendp_winip.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpwsx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdrmemptylst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scavengeui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\spoolsv.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbGDCoInstaller.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsWpfWrp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\usbaaplrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Wacom_Tablet.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winlogon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winsta.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wksprtPS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WpdMtp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WpdMtpUS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFCoinstaller.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFPlatform.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\BRLM03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\BRLMW03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\BRPRTINK.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\BRTCPCON.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d2d1.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\els.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FWPUCLNT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\icardagt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\icardres.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\infocardapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDBASH.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDRU.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDRU1.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDTAT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDYAK.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msjava.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msorcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MsRdpWebAccess.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nshwfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rdpcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rdpendp_winip.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\TsWpfWrp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\winsta.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wksprtPS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\fs_rec.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\monitor.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rdpvideominiport.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rdpwd.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\tdtcp.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tssecsrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\TsUsbFlt.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\TsUsbGD.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbaapl64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\wacommousefilter.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\wacomvhid.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\wdcsam64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\WUDFPf.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\WUDFRd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Administrator\Downloads\DraftSight64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Administrator\Downloads\DraftSight64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Administrator\Downloads\Firefox Setup Stub 44.0.2.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Administrator\Downloads\Firefox Setup Stub 44.0.2.exe:$CmdZnID [26]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\Users\Vlasta\Downloads\12374885_1015985978440780_3131453325804942424_o.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\12374885_1015985978440780_3131453325804942424_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\15629ec9-01ae-459f-ac7f-88c3843ed7cd.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\15629ec9-01ae-459f-ac7f-88c3843ed7cd.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1724898_422100_Letni_zahonKostelni_projdok.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1724898_422100_Letni_zahonKostelni_projdok.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1960-Green-Eggs-and-Ham-Dr.-Seuss.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1960-Green-Eggs-and-Ham-Dr.-Seuss.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1_2016-příloha 1-cestovní příkaz ČR-2016.xls:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1_2016-příloha 1-cestovní příkaz ČR-2016.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\2013-7_(KLARES)_2013-7 - Obnova zahrady domova seniorů Mistra Křišťana Prachatice.xls:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\2013-7_(KLARES)_2013-7 - Obnova zahrady domova seniorů Mistra Křišťana Prachatice.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\3_Praesentation5FStauden.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\3_Praesentation5FStauden.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Activation Presentation_Slides.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Activation Presentation_Slides.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\DraftSight64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\DraftSight64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\DraftSightenduserFAQ.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\DraftSightenduserFAQ.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Drenaz_Hydroakum_Filtr_Ochr.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Drenaz_Hydroakum_Filtr_Ochr.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\dtest-stovka-triku-obchodniku.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\gabiony-technologicky-postup.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\gabiony-technologicky-postup.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\gabiony_technologie.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\gabiony_technologie.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\INDEX_SEMINIUM2015_63.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\indiansunset.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Inspirace_01_2016.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Inspirace_01_2016.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Kopie - gantt-chart-template_en.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\mandate_en.doc:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\mandate_en.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\manual_logo-zkraceny.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\manual_logo-zkraceny.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\park pod plachtami.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\park pod plachtami.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Propočet pojišťovny_změna VZP.xlsx:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Propočet pojišťovny_změna VZP.xlsx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Sbornik_konf_DnyZKT_2015.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Sbornik_konf_DnyZKT_2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Scan.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Scan.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\schottermischung.xls:$CmdTcID [130]
AlternateDataStreams: C:\Users\Vlasta\Downloads\schottermischung.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\silbersommer.xls:$CmdTcID [130]
AlternateDataStreams: C:\Users\Vlasta\Downloads\silbersommer.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\sml.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\sml.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Starý Grundtvig.doc:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Starý Grundtvig.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\stranky_soubory-13.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\stranky_soubory-13.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\SU2KT_3_17.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\SU2KT_3_17.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\thumbd19c86e5f23a4888911f6d88c4a10aa5.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\x_zelene_strechy.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\x_zelene_strechy.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\yoga-camp-2016.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\yoga-camp-2016.pdf:$CmdZnID [26]

==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Vlasta\Desktop" je 95 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrHelp
C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrStsMon00
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter4
C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files\iTunes\iTunesHelper.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZAM
"C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /minimized [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================


Logfile of random's system information tool 1.10 (written by random/random)
Run by Vlasta at 2017-11-25 21:39:17
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 82 GB (41%) free of 200 GB
Total RAM: 4094 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:39:20, on 25.11.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\SysWOW64\notepad.exe
C:\Program Files\trend micro\Vlasta.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{38C51071-E42C-4DD1-BE12-142DF792C3FF}: NameServer = 77.234.40.79
O17 - HKLM\System\CS1\Services\Tcpip\..\{38C51071-E42C-4DD1-BE12-142DF792C3FF}: NameServer = 77.234.40.79
O17 - HKLM\System\CS2\Services\Tcpip\..\{38C51071-E42C-4DD1-BE12-142DF792C3FF}: NameServer = 77.234.40.79
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: DraftSight API Service - Dassault Systemes - C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TabletServiceWacom - Unknown owner - C:\Windows\system32\Wacom_Tablet.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

--
End of file - 8567 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
/QuitInfo:00000000000003F0;0000000000000444; /AddRef;
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
/QuitInfo:0000000000000448;0000000000000470; /AddRef;
/QuitInfo:0000000000000468;0000000000000474;
/loadhooks /Parent:0000000000000748
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
AvastUI.exe /nogui
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="2680.0.409547585\243096456" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" "C:\Users\Vlasta\AppData\LocalLow\Mozilla\Temp-{aea42b33-c523-4460-9330-10c8f1a208ce}" 2680 "\\.\pipe\gecko-crash-server-pipe.2680" gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="2680.3.1320739067\947614209" -childID 1 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|159:4;high|194:38;{aea42b33-c523-4460-9330-10c8f1a208ce}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 2680 "\\.\pipe\gecko-crash-server-pipe.2680" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="2680.13.2085310870\592968347" -childID 2 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|159:4;high|194:38;{aea42b33-c523-4460-9330-10c8f1a208ce}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 2680 "\\.\pipe\gecko-crash-server-pipe.2680" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="2680.27.1628611886\601296987" -childID 4 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|159:4;high|194:38;{aea42b33-c523-4460-9330-10c8f1a208ce}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 2680 "\\.\pipe\gecko-crash-server-pipe.2680" tab
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Wacom_Tablet.exe
"C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service
WTablet\Wacom_TabletUser.exe
Wacom_Tablet.exe au
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3c4e13bb-a003-460d-8db6-f1599cbfc8f5 -SystemEventPortName:HostProcess-fe6831fe-dae2-43a9-b84b-b1699be6bae1 -IoCancelEventPortName:HostProcess-f894efa7-6210-4737-a819-78de194714d9 -NonStateChangingEventPortName:HostProcess-e8cc176e-ea1e-44e9-965e-141f06282548 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:45ac3af3-a439-4943-b0dc-c0d735f5cf5b -DeviceGroupId:WpdFsGroup
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-27af680d-466e-4ad3-88da-32f94140cf87 -SystemEventPortName:HostProcess-cbdad803-7568-42d9-8159-9374d8c31cc2 -IoCancelEventPortName:HostProcess-9023c96b-f9f4-4724-ad45-a5ddce07f23e -NonStateChangingEventPortName:HostProcess-4d9f2423-6ef6-4687-9943-a0faf8a9c391 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:27899b78-3fed-4c08-85ab-094f787ef83b -DeviceGroupId:
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="2680.34.1386753227\1967138114" -childID 5 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|159:4;high|194:38;{aea42b33-c523-4460-9330-10c8f1a208ce}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 2680 "\\.\pipe\gecko-crash-server-pipe.2680" tab
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=renderer --disable-gpu-compositing --disable-pinch --no-sandbox --primordial-pipe-token=032F75C3CA643D61661FE30F3D751B9C --lang=en-US --lang=en-US --log-file="C:\Users\Vlasta\AppData\Roaming\AVAST Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.3.2987.1601 Safari/537.36 Avastium (17.8.2318)" --proxy-auto-detect --disable-webaudio --mute-audio --force-wave-audio --disable-gpu --disable-software-rasterizer --no-sandbox --disable-webgl --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --allow-file-access-from-files=1 --pack_loading_disabled=1 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=032F75C3CA643D61661FE30F3D751B9C --renderer-client-id=4 --mojo-platform-channel-handle=4060 /prefetch:1
ctfmon.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="2680.62.1999890422\429040265" -childID 9 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|159:4;high|194:38;{aea42b33-c523-4460-9330-10c8f1a208ce}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 2680 "\\.\pipe\gecko-crash-server-pipe.2680" tab
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\System32\svchost.exe -k WerSvcGroup
notepad FRST.txt
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Vlasta\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

=========Mozilla firefox=========

ProfilePath - C:\Users\Vlasta\AppData\Roaming\Mozilla\Firefox\Profiles\q37dqto0.default-1511563094783

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

"jid1-r1tDuNiNb4SEww@jetpack"=C:\Program Files\AVAST Software\Avast\pam\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.151.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.151.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npwacom.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-11-09 958328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-20 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-09 820672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-20 187968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-09-12 10144288]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-11-09 253344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2015-10-07 222496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrHelp]
C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2013-03-07 1944576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrStsMon00]
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2014-05-22 4513792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2017-06-30 9818328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter4]
C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2014-06-16 139776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-09-05 587288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZAM]
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [2017-06-19 15546512]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2017-11-25 21:39:17 ----D---- C:\rsit
2017-11-25 21:39:17 ----D---- C:\Program Files\trend micro
2017-11-25 21:36:04 ----D---- C:\FRST
2017-11-25 21:14:46 ----D---- C:\ProgramData\SWCUTemp
2017-11-21 23:11:32 ----A---- C:\Windows\system32\FNTCACHE.DAT
2017-11-09 19:56:19 ----A---- C:\Windows\system32\drivers\aswArPot.sys
2017-11-09 19:55:53 ----A---- C:\Windows\system32\aswBoot.exe

======List of files/folders modified in the last 1 month======

2017-11-25 21:39:17 ----RD---- C:\Program Files
2017-11-25 21:39:13 ----D---- C:\Windows\Temp
2017-11-25 21:37:08 ----D---- C:\Windows
2017-11-25 21:29:09 ----D---- C:\Windows\system32\config
2017-11-25 21:20:17 ----D---- C:\Windows\System32
2017-11-25 21:20:17 ----D---- C:\Windows\inf
2017-11-25 21:20:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-11-25 21:15:41 ----D---- C:\Users\Vlasta\AppData\Roaming\WTablet
2017-11-25 21:14:46 ----HD---- C:\ProgramData
2017-11-24 22:33:03 ----D---- C:\Windows\system32\drivers
2017-11-24 22:24:32 ----D---- C:\Windows\system32\DriverStore
2017-11-21 23:05:59 ----SHD---- C:\System Volume Information
2017-11-21 22:28:23 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-21 22:28:23 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-11-21 20:40:32 ----D---- C:\Users\Vlasta\AppData\Roaming\Mozilla
2017-11-21 19:34:57 ----SHD---- C:\Windows\Installer
2017-11-21 19:34:55 ----D---- C:\Windows\system32\Tasks
2017-11-21 19:33:23 ----D---- C:\Windows\SysWOW64
2017-11-21 19:07:38 ----RD---- C:\Program Files (x86)
2017-11-14 21:20:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-11-14 21:20:09 ----D---- C:\Windows\system32\Macromed
2017-11-14 21:20:08 ----D---- C:\Windows\SYSWOW64\Macromed
2017-11-11 11:02:39 ----D---- C:\Windows\winsxs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2017-11-09 198968]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2017-11-09 343288]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2017-11-09 57728]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-11-09 84416]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-11-09 364464]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-01-27 115312]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2017-11-09 183584]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2017-11-09 321032]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-08-31 41832]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-11-09 110376]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-11-09 1026232]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-11-21 455376]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 ZAM;ZAM Helper Driver; \??\C:\Windows\System32\drivers\zam64.sys [2017-07-22 203680]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-11-09 148288]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-08-04 21622784]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-08-04 665088]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2015-07-15 96256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-06 2337440]
R3 L8042Kbd;SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2007-01-23 35600]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-09-30 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-09-30 180736]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-22 347680]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2015-09-21 12848]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys [2015-09-21 16168]
R3 WinUSB;Brother WinUSB Port Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
S1 ZAM_Guard;ZAM Guard Driver; \??\C:\Windows\System32\drivers\zamguard64.sys []
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-11-09 203976]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-11-09 47008]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2015-09-14 44640]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-09-14 30264]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-09-15 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2015-09-15 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2015-09-15 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2015-08-07 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-11-05 23200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-08-23 2257016]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-08-04 246784]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-11-09 281416]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2015-10-07 145736]
R2 TabletServiceWacom;TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [2015-09-21 6245744]
R2 ZAMSvc;ZAM Controller Service; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [2017-06-19 15546512]
S2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2015-08-03 344064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-09-15 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-09-15 124088]
S2 DraftSight API Service;DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2016-03-09 125440]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-14 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-14 272384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-11-09 7549928]
S3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-09-25 282112]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2015-09-14 1484080]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-14 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-09-01 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-11-21 194000]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-09-15 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-09-15 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-09-15 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-09-15 139944]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Ultra pomalý počítač - umírá HW, nebo je tam havěť?

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

turquoisefly
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 21 črc 2008 11:27

Re: Ultra pomalý počítač - umírá HW, nebo je tam havěť?

#3 Příspěvek od turquoisefly »

Díky... tady je:

# AdwCleaner 7.0.4.0 - Logfile created on Sat Nov 25 21:44:17 2017
# Updated on 2017/27/10 by Malwarebytes
# Database: 11-23-2017.1
# Running on Windows 7 Professional (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.WebCompanion, C:\Windows\System32\config\systemprofile\AppData\Local\LavasoftTcpService
PUP.Optional.WebCompanion, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService


***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C1].txt - [1639 B] - [2016/4/15 10:50:24]
C:/AdwCleaner/AdwCleaner[S1].txt - [3032 B] - [2016/4/15 10:48:5]
C:/AdwCleaner/AdwCleaner[S2].txt - [1601 B] - [2016/4/15 10:53:13]


########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Ultra pomalý počítač - umírá HW, nebo je tam havěť?

#4 Příspěvek od Rudy »

Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

turquoisefly
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 21 črc 2008 11:27

Re: Ultra pomalý počítač - umírá HW, nebo je tam havěť?

#5 Příspěvek od turquoisefly »

Přikládám:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-11-2017 01
Ran by Vlasta (administrator) on VLASTA-PC (26-11-2017 17:18:44)
Running from C:\Users\Vlasta\Desktop
Loaded Profiles: Vlasta (Available Profiles: Vlasta & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Windows\System32\WTablet\Wacom_TabletUser.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Vlasta\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2015-09-12] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-09] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2015-10-07] (Acresso Corporation)
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\MountPoints2: {c80db1f4-7e0c-11e5-9b5b-1c6f6581e2af} - F:\LGAutoRun.exe
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\MountPoints2: {d1fd5722-5b12-11e5-8991-1c6f6581e2af} - K:\Setup.exe
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\MountPoints2: {d9196e43-838a-11e5-917f-1c6f6581e2af} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\MountPoints2: {dbd7dbec-1e5c-11e6-8d16-1c6f6581e2af} - F:\OnePlus_setup.exe /s
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\MountPoints2: {f86734c0-9f50-11e6-ae19-1c6f6581e2af} - F:\OnePlus_setup.exe /s
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{38C51071-E42C-4DD1-BE12-142DF792C3FF}: [NameServer] 77.234.40.79
Tcpip\..\Interfaces\{6FCEA55B-256B-47C6-AF86-14D5763265A4}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-11-09] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-20] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-09] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-20] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: q37dqto0.default-1511563094783
FF ProfilePath: C:\Users\Vlasta\AppData\Roaming\Mozilla\Firefox\Profiles\q37dqto0.default-1511563094783 [2017-11-26]
FF Homepage: Mozilla\Firefox\Profiles\q37dqto0.default-1511563094783 -> hxxps://www.seznam.cz/
FF Extension: (Adblock Plus) - C:\Users\Vlasta\AppData\Roaming\Mozilla\Firefox\Profiles\q37dqto0.default-1511563094783\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-25]
FF Extension: (Disable Media WMF NV12 format) - C:\Users\Vlasta\AppData\Roaming\Mozilla\Firefox\Profiles\q37dqto0.default-1511563094783\features\{d1f9cf49-7a8c-4585-bd63-72756f4d6b11}\disable-media-wmf-nv12@mozilla.org.xpi [2017-11-24] [Lagacy]
FF HKLM\...\Firefox\Extensions: [jid1-r1tDuNiNb4SEww@jetpack] - C:\Program Files\AVAST Software\Avast\pam\FF => not found
FF HKLM-x32\...\Firefox\Extensions: [jid1-r1tDuNiNb4SEww@jetpack] - C:\Program Files\AVAST Software\Avast\pam\FF => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2015-10-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-21] (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2009-09-25] (Wacom, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2015-10-29] (Adobe Systems)

Chrome:
=======
CHR NewTab: Default -> "active": true,
"entry": "chrome-extension://bkgkclakjomadncofjgnekkfhkalpkpo/stubby.html"

CHR Profile: C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default [2017-11-25]
CHR Extension: (Dokumenty Google) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-04]
CHR Extension: (Disk Google) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-04]
CHR Extension: (YouTube) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-04]
CHR Extension: (Avast Online Security) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-09-04]
CHR Extension: (IE Tab) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2016-09-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-04]
CHR Extension: (Gmail) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-04]
CHR Extension: (Chrome Media Router) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-04]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-03] (Advanced Micro Devices, Inc.) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928 2017-11-09] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-09] (AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [125440 2016-03-09] (Dassault Systèmes) [File not signed]
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145736 2015-10-07] (Nuance Communications, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [6245744 2015-09-21] (Wacom Technology, Corp.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15546512 2017-06-19] (Copyright 2017.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [183584 2017-11-09] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321032 2017-11-09] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [198968 2017-11-09] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343288 2017-11-09] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57728 2017-11-09] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47008 2017-11-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-08-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [148288 2017-11-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110376 2017-11-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84416 2017-11-09] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026232 2017-11-09] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [455376 2017-11-21] (AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [203976 2017-11-09] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2015-09-14] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [364464 2017-11-09] (AVAST Software)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-09-14] (Disc Soft Ltd)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-08-07] (Apple, Inc.) [File not signed]
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-07-22] (Zemana Ltd.)
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-26 17:17 - 2017-11-26 17:17 - 002393088 _____ (Farbar) C:\Users\Vlasta\Desktop\FRST64.exe
2017-11-26 17:17 - 2017-11-26 17:17 - 000112640 _____ (forum.viry.cz) C:\Users\Vlasta\Desktop\FRSTLauncher.exe
2017-11-25 22:42 - 2017-11-25 22:42 - 008261584 _____ (Malwarebytes) C:\Users\Vlasta\Desktop\adwcleaner_7.0.4.0.exe
2017-11-25 21:42 - 2017-11-25 21:42 - 000013543 _____ C:\Users\Vlasta\Desktop\dds.txt
2017-11-25 21:42 - 2017-11-25 21:42 - 000009874 _____ C:\Users\Vlasta\Desktop\attach.txt
2017-11-25 21:41 - 2017-11-25 21:41 - 000688992 ____R (Swearware) C:\Users\Vlasta\Desktop\dds.exe
2017-11-25 21:39 - 2017-11-25 21:39 - 000000000 ____D C:\rsit
2017-11-25 21:39 - 2017-11-25 21:39 - 000000000 ____D C:\Program Files\trend micro
2017-11-25 21:38 - 2017-11-25 21:38 - 001222144 _____ C:\Users\Vlasta\Desktop\RSITx64.exe
2017-11-25 21:36 - 2017-11-26 17:19 - 000015753 _____ C:\Users\Vlasta\Desktop\FRST.txt
2017-11-25 21:36 - 2017-11-26 17:18 - 000000000 ____D C:\FRST
2017-11-24 23:38 - 2017-11-24 23:38 - 000000000 ____D C:\Users\Vlasta\Desktop\Původní data aplikace Firefox
2017-11-21 23:11 - 2017-11-21 23:11 - 005304664 _____ C:\Windows\system32\FNTCACHE.DAT
2017-11-21 19:03 - 2017-11-21 19:03 - 003231147 _____ C:\Users\Vlasta\Downloads\SchemaPostupu20070315.pdf
2017-11-09 19:56 - 2017-11-09 19:55 - 000183584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2017-11-09 19:55 - 2017-11-09 19:55 - 000365168 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-10-28 22:17 - 2017-10-28 22:17 - 000131505 _____ C:\Users\Vlasta\Downloads\pyramida.PDF

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-26 17:19 - 2017-04-19 18:56 - 000067451 _____ C:\Windows\ZAM.krnl.trace
2017-11-26 10:51 - 2015-09-14 18:37 - 000000000 ____D C:\Users\Vlasta\AppData\Local\Adobe
2017-11-26 10:49 - 2009-07-14 05:45 - 000025680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-26 10:49 - 2009-07-14 05:45 - 000025680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-26 10:47 - 2015-09-14 22:51 - 000823872 _____ C:\Windows\system32\perfh005.dat
2017-11-26 10:47 - 2015-09-14 22:51 - 000197994 _____ C:\Windows\system32\perfc005.dat
2017-11-26 10:47 - 2009-07-14 06:13 - 001802218 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-26 10:47 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-11-26 10:45 - 2016-11-16 15:23 - 000000000 ____D C:\Users\Vlasta\AppData\LocalLow\Mozilla
2017-11-26 10:45 - 2015-09-21 19:38 - 000000000 ____D C:\Users\Vlasta\AppData\Roaming\WTablet
2017-11-26 10:40 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-25 22:43 - 2016-04-15 11:44 - 000000000 ____D C:\AdwCleaner
2017-11-21 23:13 - 2015-09-15 22:56 - 000000000 ____D C:\Users\Vlasta\Desktop\údržba PC
2017-11-21 22:28 - 2016-11-16 11:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-11-21 22:28 - 2015-09-14 13:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-21 20:40 - 2015-09-14 13:23 - 000000000 ____D C:\Users\Vlasta\AppData\Roaming\Mozilla
2017-11-21 19:34 - 2015-09-15 11:01 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-11-21 19:33 - 2015-09-15 11:00 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-21 19:07 - 2015-09-14 13:35 - 000003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-21 19:07 - 2015-09-14 13:35 - 000003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-21 19:04 - 2015-09-14 13:35 - 000455376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-11-14 21:22 - 2015-09-14 13:36 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-14 21:20 - 2015-10-15 07:16 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-11-14 21:20 - 2015-09-15 22:53 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-11-14 21:20 - 2015-09-15 22:53 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-14 21:20 - 2015-09-15 22:53 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-14 21:20 - 2015-09-14 18:51 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-09 19:56 - 2017-03-10 11:53 - 000003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-11-09 19:55 - 2017-03-10 11:53 - 000343288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-11-09 19:55 - 2017-03-10 11:53 - 000321032 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-11-09 19:55 - 2017-03-10 11:53 - 000198968 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-11-09 19:55 - 2017-03-10 11:53 - 000057728 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-11-09 19:55 - 2015-09-14 13:35 - 001026232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-11-09 19:55 - 2015-09-14 13:35 - 000364464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-11-09 19:55 - 2015-09-14 13:35 - 000203976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-11-09 19:55 - 2015-09-14 13:35 - 000148288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-11-09 19:55 - 2015-09-14 13:35 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-11-09 19:55 - 2015-09-14 13:35 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-11-09 19:55 - 2015-09-14 13:35 - 000047008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys

==================== Files in the root of some directories =======

2016-03-16 21:45 - 2016-03-16 21:45 - 000000132 _____ () C:\Users\Vlasta\AppData\Roaming\Adobe BMP Format CS6 Prefs
2016-01-26 15:44 - 2017-09-06 23:01 - 000000132 _____ () C:\Users\Vlasta\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-03-04 11:27 - 2016-03-04 11:27 - 000007605 _____ () C:\Users\Vlasta\AppData\Local\Resmon.ResmonCfg
2017-08-19 19:09 - 2017-08-19 19:09 - 000000000 _____ () C:\Users\Vlasta\AppData\Local\{50EE5B7E-F040-472B-8AE6-9A090D5D75CE}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-11-14 17:46

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:195.31 GB) (Free:79.65 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:736.2 GB) (Free:464.82 GB) NTFS

Available physical RAM: 1565.1 MB
Total physical RAM: 4093.55 MB
Percentage of memory in use: 61%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 07E107E0)
Partition 1: (Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=736.2 GB) - (Type=OF Extended)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Windows\splwow64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atibtmon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BRCOI14A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d2d1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FWPUCLNT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icaapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icardagt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icardres.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\IKEEXT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\infocardapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDBASH.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDRU.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDRU1.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDTAT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDYAK.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mapistub.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MsRdpWebAccess.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nshwfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpcorekmts.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpendp_winip.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpwsx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdrmemptylst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scavengeui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\spoolsv.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbGDCoInstaller.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsWpfWrp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\usbaaplrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Wacom_Tablet.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winlogon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winsta.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wksprtPS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WpdMtp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WpdMtpUS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFCoinstaller.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFPlatform.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\BRLM03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\BRLMW03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\BRPRTINK.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\BRTCPCON.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d2d1.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\els.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FWPUCLNT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\icardagt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\icardres.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\infocardapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDBASH.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDRU.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDRU1.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDTAT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDYAK.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msjava.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msorcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MsRdpWebAccess.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nshwfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rdpcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rdpendp_winip.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\TsWpfWrp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\winsta.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wksprtPS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\fs_rec.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\monitor.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rdpvideominiport.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rdpwd.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\tdtcp.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tssecsrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\TsUsbFlt.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\TsUsbGD.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbaapl64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\wacommousefilter.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\wacomvhid.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\wdcsam64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\WUDFPf.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\WUDFRd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Administrator\Downloads\DraftSight64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Administrator\Downloads\DraftSight64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Administrator\Downloads\Firefox Setup Stub 44.0.2.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Administrator\Downloads\Firefox Setup Stub 44.0.2.exe:$CmdZnID [26]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\Users\Vlasta\Downloads\12374885_1015985978440780_3131453325804942424_o.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\12374885_1015985978440780_3131453325804942424_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\15629ec9-01ae-459f-ac7f-88c3843ed7cd.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\15629ec9-01ae-459f-ac7f-88c3843ed7cd.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1724898_422100_Letni_zahonKostelni_projdok.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1724898_422100_Letni_zahonKostelni_projdok.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1960-Green-Eggs-and-Ham-Dr.-Seuss.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1960-Green-Eggs-and-Ham-Dr.-Seuss.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1_2016-příloha 1-cestovní příkaz ČR-2016.xls:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1_2016-příloha 1-cestovní příkaz ČR-2016.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\2013-7_(KLARES)_2013-7 - Obnova zahrady domova seniorů Mistra Křišťana Prachatice.xls:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\2013-7_(KLARES)_2013-7 - Obnova zahrady domova seniorů Mistra Křišťana Prachatice.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\3_Praesentation5FStauden.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\3_Praesentation5FStauden.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Activation Presentation_Slides.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Activation Presentation_Slides.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\DraftSight64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\DraftSight64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\DraftSightenduserFAQ.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\DraftSightenduserFAQ.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Drenaz_Hydroakum_Filtr_Ochr.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Drenaz_Hydroakum_Filtr_Ochr.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\dtest-stovka-triku-obchodniku.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\gabiony-technologicky-postup.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\gabiony-technologicky-postup.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\gabiony_technologie.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\gabiony_technologie.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\INDEX_SEMINIUM2015_63.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\indiansunset.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Inspirace_01_2016.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Inspirace_01_2016.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Kopie - gantt-chart-template_en.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\mandate_en.doc:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\mandate_en.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\manual_logo-zkraceny.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\manual_logo-zkraceny.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\park pod plachtami.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\park pod plachtami.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Propočet pojišťovny_změna VZP.xlsx:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Propočet pojišťovny_změna VZP.xlsx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Sbornik_konf_DnyZKT_2015.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Sbornik_konf_DnyZKT_2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Scan.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Scan.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\schottermischung.xls:$CmdTcID [130]
AlternateDataStreams: C:\Users\Vlasta\Downloads\schottermischung.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\silbersommer.xls:$CmdTcID [130]
AlternateDataStreams: C:\Users\Vlasta\Downloads\silbersommer.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\sml.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\sml.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Starý Grundtvig.doc:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Starý Grundtvig.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\stranky_soubory-13.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\stranky_soubory-13.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\SU2KT_3_17.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\SU2KT_3_17.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\thumbd19c86e5f23a4888911f6d88c4a10aa5.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\x_zelene_strechy.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\x_zelene_strechy.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\yoga-camp-2016.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\yoga-camp-2016.pdf:$CmdZnID [26]

==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Vlasta\Desktop" je 105 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrHelp
C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrStsMon00
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter4
C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files\iTunes\iTunesHelper.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZAM
"C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /minimized [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Ultra pomalý počítač - umírá HW, nebo je tam havěť?

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\MountPoints2: {c80db1f4-7e0c-11e5-9b5b-1c6f6581e2af} - F:\LGAutoRun.exe
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\MountPoints2: {d1fd5722-5b12-11e5-8991-1c6f6581e2af} - K:\Setup.exe
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\MountPoints2: {d9196e43-838a-11e5-917f-1c6f6581e2af} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\MountPoints2: {dbd7dbec-1e5c-11e6-8d16-1c6f6581e2af} - F:\OnePlus_setup.exe /s
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\MountPoints2: {f86734c0-9f50-11e6-ae19-1c6f6581e2af} - F:\OnePlus_setup.exe /s
GroupPolicy: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
FF HKLM\...\Firefox\Extensions: [jid1-r1tDuNiNb4SEww@jetpack] - C:\Program Files\AVAST Software\Avast\pam\FF => not found
FF HKLM-x32\...\Firefox\Extensions: [jid1-r1tDuNiNb4SEww@jetpack] - C:\Program Files\AVAST Software\Avast\pam\FF => not found
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15546512 2017-06-19] (Copyright 2017.)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-07-22] (Zemana Ltd.)
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
AlternateDataStreams: C:\Windows\splwow64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atibtmon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BRCOI14A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d2d1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FWPUCLNT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icaapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icardagt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icardres.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\IKEEXT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\infocardapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDBASH.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDRU.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDRU1.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDTAT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDYAK.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mapistub.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MsRdpWebAccess.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nshwfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpcorekmts.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpendp_winip.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpwsx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdrmemptylst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scavengeui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\spoolsv.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbGDCoInstaller.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsWpfWrp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\usbaaplrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Wacom_Tablet.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winlogon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winsta.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wksprtPS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WpdMtp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WpdMtpUS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFCoinstaller.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFPlatform.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\BRLM03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\BRLMW03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\BRPRTINK.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\BRTCPCON.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d2d1.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\els.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FWPUCLNT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\icardagt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\icardres.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\infocardapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDBASH.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDRU.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDRU1.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDTAT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDYAK.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msjava.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msorcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MsRdpWebAccess.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nshwfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rdpcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rdpendp_winip.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\TsWpfWrp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\winsta.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wksprtPS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\fs_rec.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\monitor.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rdpvideominiport.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rdpwd.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\tdtcp.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tssecsrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\TsUsbFlt.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\TsUsbGD.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbaapl64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\wacommousefilter.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\wacomvhid.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\wdcsam64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\WUDFPf.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\WUDFRd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Administrator\Downloads\DraftSight64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Administrator\Downloads\DraftSight64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Administrator\Downloads\Firefox Setup Stub 44.0.2.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Administrator\Downloads\Firefox Setup Stub 44.0.2.exe:$CmdZnID [26]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\Users\Vlasta\Downloads\12374885_1015985978440780_3131453325804942424_o.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\12374885_1015985978440780_3131453325804942424_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\15629ec9-01ae-459f-ac7f-88c3843ed7cd.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\15629ec9-01ae-459f-ac7f-88c3843ed7cd.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1724898_422100_Letni_zahonKostelni_projdok.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1724898_422100_Letni_zahonKostelni_projdok.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1960-Green-Eggs-and-Ham-Dr.-Seuss.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1960-Green-Eggs-and-Ham-Dr.-Seuss.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1_2016-příloha 1-cestovní příkaz ČR-2016.xls:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1_2016-příloha 1-cestovní příkaz ČR-2016.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\2013-7_(KLARES)_2013-7 - Obnova zahrady domova seniorů Mistra Křišťana Prachatice.xls:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\2013-7_(KLARES)_2013-7 - Obnova zahrady domova seniorů Mistra Křišťana Prachatice.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\3_Praesentation5FStauden.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\3_Praesentation5FStauden.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Activation Presentation_Slides.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Activation Presentation_Slides.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\DraftSight64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\DraftSight64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\DraftSightenduserFAQ.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\DraftSightenduserFAQ.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Drenaz_Hydroakum_Filtr_Ochr.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Drenaz_Hydroakum_Filtr_Ochr.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\dtest-stovka-triku-obchodniku.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\gabiony-technologicky-postup.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\gabiony-technologicky-postup.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\gabiony_technologie.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\gabiony_technologie.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\INDEX_SEMINIUM2015_63.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\indiansunset.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Inspirace_01_2016.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Inspirace_01_2016.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Kopie - gantt-chart-template_en.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\mandate_en.doc:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\mandate_en.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\manual_logo-zkraceny.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\manual_logo-zkraceny.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\park pod plachtami.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\park pod plachtami.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Propočet pojišťovny_změna VZP.xlsx:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Propočet pojišťovny_změna VZP.xlsx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Sbornik_konf_DnyZKT_2015.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Sbornik_konf_DnyZKT_2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Scan.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Scan.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\schottermischung.xls:$CmdTcID [130]
AlternateDataStreams: C:\Users\Vlasta\Downloads\schottermischung.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\silbersommer.xls:$CmdTcID [130]
AlternateDataStreams: C:\Users\Vlasta\Downloads\silbersommer.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\sml.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\sml.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Starý Grundtvig.doc:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Starý Grundtvig.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\stranky_soubory-13.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\stranky_soubory-13.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\SU2KT_3_17.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\SU2KT_3_17.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\thumbd19c86e5f23a4888911f6d88c4a10aa5.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\x_zelene_strechy.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\x_zelene_strechy.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\yoga-camp-2016.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\yoga-camp-2016.pdf:$CmdZnID [26
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]/64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZAM]/64

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

turquoisefly
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 21 črc 2008 11:27

Re: Ultra pomalý počítač - umírá HW, nebo je tam havěť?

#7 Příspěvek od turquoisefly »

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-11-2017
Ran by Vlasta (26-11-2017 19:57:31) Run:1
Running from C:\Users\Vlasta\Desktop
Loaded Profiles: Vlasta (Available Profiles: Vlasta & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\MountPoints2: {c80db1f4-7e0c-11e5-9b5b-1c6f6581e2af} - F:\LGAutoRun.exe
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\MountPoints2: {d1fd5722-5b12-11e5-8991-1c6f6581e2af} - K:\Setup.exe
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\MountPoints2: {d9196e43-838a-11e5-917f-1c6f6581e2af} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\MountPoints2: {dbd7dbec-1e5c-11e6-8d16-1c6f6581e2af} - F:\OnePlus_setup.exe /s
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\...\MountPoints2: {f86734c0-9f50-11e6-ae19-1c6f6581e2af} - F:\OnePlus_setup.exe /s
GroupPolicy: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
FF HKLM\...\Firefox\Extensions: [jid1-r1tDuNiNb4SEww@jetpack] - C:\Program Files\AVAST Software\Avast\pam\FF => not found
FF HKLM-x32\...\Firefox\Extensions: [jid1-r1tDuNiNb4SEww@jetpack] - C:\Program Files\AVAST Software\Avast\pam\FF => not found
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15546512 2017-06-19] (Copyright 2017.)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-07-22] (Zemana Ltd.)
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
AlternateDataStreams: C:\Windows\splwow64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atibtmon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BRCOI14A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d2d1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FWPUCLNT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icaapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icardagt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\icardres.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\IKEEXT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\infocardapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDBASH.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDRU.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDRU1.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDTAT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDYAK.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mapistub.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MsRdpWebAccess.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nshwfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpcorekmts.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpendp_winip.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpwsx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdrmemptylst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scavengeui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\spoolsv.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbGDCoInstaller.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsWpfWrp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\usbaaplrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Wacom_Tablet.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winlogon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winsta.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wksprtPS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WpdMtp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WpdMtpUS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFCoinstaller.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFPlatform.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\BRLM03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\BRLMW03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\BRPRTINK.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\BRTCPCON.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d2d1.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\els.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FWPUCLNT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\icardagt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\icardres.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\infocardapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDBASH.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDRU.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDRU1.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDTAT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDYAK.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msjava.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msorcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MsRdpWebAccess.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nshwfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rdpcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rdpendp_winip.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\TsWpfWrp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\winsta.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wksprtPS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\fs_rec.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\monitor.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rdpvideominiport.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rdpwd.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\tdtcp.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tssecsrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\TsUsbFlt.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\TsUsbGD.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbaapl64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\wacommousefilter.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\wacomvhid.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\wdcsam64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\WUDFPf.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\WUDFRd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Administrator\Downloads\DraftSight64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Administrator\Downloads\DraftSight64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Administrator\Downloads\Firefox Setup Stub 44.0.2.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Administrator\Downloads\Firefox Setup Stub 44.0.2.exe:$CmdZnID [26]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\Users\Vlasta\Downloads\12374885_1015985978440780_3131453325804942424_o.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\12374885_1015985978440780_3131453325804942424_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\15629ec9-01ae-459f-ac7f-88c3843ed7cd.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\15629ec9-01ae-459f-ac7f-88c3843ed7cd.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1724898_422100_Letni_zahonKostelni_projdok.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1724898_422100_Letni_zahonKostelni_projdok.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1960-Green-Eggs-and-Ham-Dr.-Seuss.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1960-Green-Eggs-and-Ham-Dr.-Seuss.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1_2016-p��loha 1-cestovn� p��kaz �R-2016.xls:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\1_2016-p��loha 1-cestovn� p��kaz �R-2016.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\2013-7_(KLARES)_2013-7 - Obnova zahrady domova senior� Mistra K�i��ana Prachatice.xls:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\2013-7_(KLARES)_2013-7 - Obnova zahrady domova senior� Mistra K�i��ana Prachatice.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\3_Praesentation5FStauden.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\3_Praesentation5FStauden.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Activation Presentation_Slides.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Activation Presentation_Slides.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\DraftSight64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\DraftSight64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\DraftSightenduserFAQ.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\DraftSightenduserFAQ.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Drenaz_Hydroakum_Filtr_Ochr.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Drenaz_Hydroakum_Filtr_Ochr.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\dtest-stovka-triku-obchodniku.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\gabiony-technologicky-postup.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\gabiony-technologicky-postup.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\gabiony_technologie.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\gabiony_technologie.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\INDEX_SEMINIUM2015_63.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\indiansunset.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Inspirace_01_2016.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Inspirace_01_2016.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Kopie - gantt-chart-template_en.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\mandate_en.doc:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\mandate_en.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\manual_logo-zkraceny.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\manual_logo-zkraceny.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\park pod plachtami.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\park pod plachtami.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Propo�et poji��ovny_zm�na VZP.xlsx:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Propo�et poji��ovny_zm�na VZP.xlsx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Sbornik_konf_DnyZKT_2015.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Sbornik_konf_DnyZKT_2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Scan.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Scan.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\schottermischung.xls:$CmdTcID [130]
AlternateDataStreams: C:\Users\Vlasta\Downloads\schottermischung.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\silbersommer.xls:$CmdTcID [130]
AlternateDataStreams: C:\Users\Vlasta\Downloads\silbersommer.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\sml.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\sml.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Star� Grundtvig.doc:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\Star� Grundtvig.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\stranky_soubory-13.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\stranky_soubory-13.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\SU2KT_3_17.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\SU2KT_3_17.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\thumbd19c86e5f23a4888911f6d88c4a10aa5.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\x_zelene_strechy.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\x_zelene_strechy.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Vlasta\Downloads\yoga-camp-2016.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Vlasta\Downloads\yoga-camp-2016.pdf:$CmdZnID [26
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]/64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZAM]/64

EmptyTemp:
End
*****************

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key removed successfully
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c80db1f4-7e0c-11e5-9b5b-1c6f6581e2af} => key removed successfully
HKLM\Software\Classes\CLSID\{c80db1f4-7e0c-11e5-9b5b-1c6f6581e2af} => key not found
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d1fd5722-5b12-11e5-8991-1c6f6581e2af} => key removed successfully
HKLM\Software\Classes\CLSID\{d1fd5722-5b12-11e5-8991-1c6f6581e2af} => key not found
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d9196e43-838a-11e5-917f-1c6f6581e2af} => key removed successfully
HKLM\Software\Classes\CLSID\{d9196e43-838a-11e5-917f-1c6f6581e2af} => key not found
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dbd7dbec-1e5c-11e6-8d16-1c6f6581e2af} => key removed successfully
HKLM\Software\Classes\CLSID\{dbd7dbec-1e5c-11e6-8d16-1c6f6581e2af} => key not found
HKU\S-1-5-21-1798250770-3132299582-3692676531-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f86734c0-9f50-11e6-ae19-1c6f6581e2af} => key removed successfully
HKLM\Software\Classes\CLSID\{f86734c0-9f50-11e6-ae19-1c6f6581e2af} => key not found
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\Mozilla\Firefox\Extensions\\jid1-r1tDuNiNb4SEww@jetpack => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\jid1-r1tDuNiNb4SEww@jetpack => value removed successfully
ZAMSvc => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\ZAMSvc => key removed successfully
ZAMSvc => service removed successfully
ZAM => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\ZAM => key removed successfully
ZAM => service removed successfully
HKLM\System\CurrentControlSet\Services\ZAM_Guard => key removed successfully
ZAM_Guard => service removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Windows\splwow64.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\aeinv.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\aepic.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\atibtmon.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\ATIODCLI.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\ATIODE.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\audiodg.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\AudioEng.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\AUDIOKSE.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\AudioSes.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\audiosrv.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\blackbox.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\BRCOI14A.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\catsrvut.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\COLORCNV.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\CPFilters.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\cryptsp.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\cryptui.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\d2d1.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\d3d10warp.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\D3DCompiler_37.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\D3DCompiler_41.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\d3dx10_37.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\d3dx10_41.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\d3dx9_30.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\D3DX9_37.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\devenum.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\drmmgrtn.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\drmv2clt.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\EncDec.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\EncDump.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\evr.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\fixmapi.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\FWPUCLNT.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\icaapi.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\icardagt.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\icardres.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\IKEEXT.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\infocardapi.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\InkEd.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\KBDBASH.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\KBDRU.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\KBDRU1.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\KBDTAT.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\KBDYAK.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\ksproxy.ax => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\ksuser.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\mapistub.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\mcmde.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\mf.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\mferror.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\mfplat.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\mfpmp.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\mfps.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\mfvdsp.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\MFWMAAEC.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\MP3DMOD.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\MP43DECD.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\MP4SDECD.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\MPG4DECD.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\msmpeg2adec.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\MSMPEG2ENC.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\msmpeg2vdec.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\msnetobj.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\MsRdpWebAccess.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\msscp.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\mstsc.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\mtxoci.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\nshwfp.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\pcadm.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\pcaevts.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\pcalua.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\pcasvc.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\pcawrk.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\qasf.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\qdvd.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\qedit.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\rdpcore.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\rdpcorekmts.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\rdpcorets.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\rdpendp_winip.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\RdpGroupPolicyExtension.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\rdpudd.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\rdpwsx.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\rdrmemptylst.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\RESAMPLEDMO.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\rrinstaller.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\scavengeui.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\spoolsv.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\SysFxUI.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\TsUsbGDCoInstaller.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\TsWpfWrp.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\usbaaplrc.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\VIDRESZR.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Wacom_Tablet.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\winlogon.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\winsta.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\wksprtPS.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\WMADMOD.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\WMADMOE.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\WMALFXGFXDSP.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\wmdrmsdk.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\wmi.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\wmpmde.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\WMSPDMOD.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\WMSPDMOE.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\WMVDECOD.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\WMVENCOD.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\WMVSDECD.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\WMVSENCD.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\WMVXENCD.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\WpdMtp.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\WpdMtpUS.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\wshrm.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\WUDFCoinstaller.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\WUDFHost.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\WUDFPlatform.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\WUDFSvc.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\WUDFx.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\AudioEng.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\AUDIOKSE.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\AudioSes.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\blackbox.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\BRLM03A.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\BRLMW03A.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\BRPRTINK.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\BRTCPCON.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\catsrvut.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\COLORCNV.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\comsvcs.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\CPFilters.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\cryptsp.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\cryptui.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\d2d1.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\d3d10warp.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\D3DCompiler_37.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\D3DCompiler_41.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\d3dx10_37.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\d3dx10_41.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\d3dx9_30.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\D3DX9_37.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\D3DX9_41.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\devenum.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\drmmgrtn.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\drmv2clt.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\els.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\EncDec.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\evr.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\fixmapi.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\FWPUCLNT.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\icardagt.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\icardres.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\infocardapi.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\InkEd.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\KBDBASH.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\KBDRU.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\KBDRU1.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\KBDTAT.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\KBDYAK.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\ksproxy.ax => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\ksuser.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\mapi32.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\mapistub.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\mf.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\mferror.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\mfplat.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\mfpmp.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\mfps.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\mfvdsp.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\MFWMAAEC.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\MP3DMOD.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\MP43DECD.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\MP4SDECD.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\MPG4DECD.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\msjava.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\msmpeg2adec.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\MSMPEG2ENC.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\msmpeg2vdec.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\msnetobj.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\msorcl32.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\MsRdpWebAccess.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\msscp.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\mstsc.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\mtxoci.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\nshwfp.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\qasf.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\qdvd.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\qedit.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\rdpcore.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\rdpendp_winip.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\RESAMPLEDMO.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\rrinstaller.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\TsWpfWrp.exe => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\VIDRESZR.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\winsta.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\wksprtPS.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\WMADMOD.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\WMADMOE.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\wmdrmsdk.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\wmi.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\WMPhoto.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\wmpmde.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\WMSPDMOD.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\WMSPDMOE.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\WMVDECOD.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\WMVENCOD.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\WMVSDECD.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\WMVSENCD.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\WMVXENCD.DLL => ":$CmdTcID" ADS removed successfully
C:\Windows\SysWOW64\wshrm.dll => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\drmk.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\fs_rec.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\monitor.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\PEAuth.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\portcls.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\rdpvideominiport.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\rdpwd.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\tdtcp.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\tssecsrv.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\TsUsbFlt.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\TsUsbGD.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\usbaapl64.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\wacommousefilter.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\wacomvhid.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\wdcsam64.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\WUDFPf.sys => ":$CmdTcID" ADS removed successfully
C:\Windows\system32\Drivers\WUDFRd.sys => ":$CmdTcID" ADS removed successfully
C:\Users\Administrator\Downloads\DraftSight64.exe => ":$CmdTcID" ADS removed successfully
C:\Users\Administrator\Downloads\DraftSight64.exe => ":$CmdZnID" ADS removed successfully
C:\Users\Administrator\Downloads\Firefox Setup Stub 44.0.2.exe => ":$CmdTcID" ADS removed successfully
C:\Users\Administrator\Downloads\Firefox Setup Stub 44.0.2.exe => ":$CmdZnID" ADS removed successfully
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`27hfm" ADS removed successfully
C:\Users\Vlasta\Downloads\12374885_1015985978440780_3131453325804942424_o.jpg => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\12374885_1015985978440780_3131453325804942424_o.jpg => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\15629ec9-01ae-459f-ac7f-88c3843ed7cd.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\15629ec9-01ae-459f-ac7f-88c3843ed7cd.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\1724898_422100_Letni_zahonKostelni_projdok.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\1724898_422100_Letni_zahonKostelni_projdok.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\1960-Green-Eggs-and-Ham-Dr.-Seuss.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\1960-Green-Eggs-and-Ham-Dr.-Seuss.pdf => ":$CmdZnID" ADS removed successfully
"C:\Users\Vlasta\Downloads\1_2016-p��loha 1-cestovn� p��kaz �R-2016.xls" => ":$CmdTcID" ADS not found.
"C:\Users\Vlasta\Downloads\1_2016-p��loha 1-cestovn� p��kaz �R-2016.xls" => ":$CmdZnID" ADS not found.
"C:\Users\Vlasta\Downloads\2013-7_(KLARES)_2013-7 - Obnova zahrady domova senior� Mistra K�i��ana Prachatice.xls" => ":$CmdTcID" ADS not found.
"C:\Users\Vlasta\Downloads\2013-7_(KLARES)_2013-7 - Obnova zahrady domova senior� Mistra K�i��ana Prachatice.xls" => ":$CmdZnID" ADS not found.
C:\Users\Vlasta\Downloads\3_Praesentation5FStauden.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\3_Praesentation5FStauden.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\Activation Presentation_Slides.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\Activation Presentation_Slides.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\DraftSight64.exe => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\DraftSight64.exe => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\DraftSightenduserFAQ.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\DraftSightenduserFAQ.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\Drenaz_Hydroakum_Filtr_Ochr.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\Drenaz_Hydroakum_Filtr_Ochr.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\dtest-stovka-triku-obchodniku.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\gabiony-technologicky-postup.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\gabiony-technologicky-postup.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\gabiony_technologie.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\gabiony_technologie.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\INDEX_SEMINIUM2015_63.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\indiansunset.xls => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\Inspirace_01_2016.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\Inspirace_01_2016.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\Kopie - gantt-chart-template_en.xls => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\mandate_en.doc => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\mandate_en.doc => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\manual_logo-zkraceny.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\manual_logo-zkraceny.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\park pod plachtami.zip => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\park pod plachtami.zip => ":$CmdZnID" ADS removed successfully
"C:\Users\Vlasta\Downloads\Propo�et poji��ovny_zm�na VZP.xlsx" => ":$CmdTcID" ADS not found.
"C:\Users\Vlasta\Downloads\Propo�et poji��ovny_zm�na VZP.xlsx" => ":$CmdZnID" ADS not found.
C:\Users\Vlasta\Downloads\Sbornik_konf_DnyZKT_2015.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\Sbornik_konf_DnyZKT_2015.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\Scan.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\Scan.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\schottermischung.xls => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\schottermischung.xls => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\silbersommer.xls => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\silbersommer.xls => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\sml.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\sml.pdf => ":$CmdZnID" ADS removed successfully
"C:\Users\Vlasta\Downloads\Star� Grundtvig.doc" => ":$CmdTcID" ADS not found.
"C:\Users\Vlasta\Downloads\Star� Grundtvig.doc" => ":$CmdZnID" ADS not found.
C:\Users\Vlasta\Downloads\stranky_soubory-13.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\stranky_soubory-13.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\SU2KT_3_17.zip => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\SU2KT_3_17.zip => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\thumbd19c86e5f23a4888911f6d88c4a10aa5.jpg => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\x_zelene_strechy.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\x_zelene_strechy.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\Vlasta\Downloads\yoga-camp-2016.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\Vlasta\Downloads\yoga-camp-2016.pdf => ":$CmdZnID" ADS removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched/64 => key not found
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZAM/64 => key not found

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 167580107 B
Java, Flash, Steam htmlcache => 1339 B
Windows/system/drivers => 24130161 B
Edge => 0 B
Chrome => 349184 B
Firefox => 383335334 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 58575036 B
systemprofile32 => 11070960 B
LocalService => 66228 B
NetworkService => 66228 B
Vlasta => 147873258 B
Administrator => 372955 B

RecycleBin => 20724600 B
EmptyTemp: => 784.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:58:11 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Ultra pomalý počítač - umírá HW, nebo je tam havěť?

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

turquoisefly
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 21 črc 2008 11:27

Re: Ultra pomalý počítač - umírá HW, nebo je tam havěť?

#9 Příspěvek od turquoisefly »

Měla jsem tam nějaké mrchy, nebo to bylo jen zauzlované? :)

Je to rychlejší, určitě. I když je to asi starý dědek, ze kterého už první kosmickou nevytáhnu. Děkuju za pomoc.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Ultra pomalý počítač - umírá HW, nebo je tam havěť?

#10 Příspěvek od Rudy »

Nějaká AdWary a zbytečnosti. Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno