Problém s háčky u n, d, t.

[bape]

Zdravím, mám problém s háčky nad písmeny n, d, t. Několikrát mi napíše bez háčků a pak dá i s háčkem. Je to nepravidelný - párkrát bez, jednou to dá. Projeto Avastem - Test po restartu, MBAM v nouzovém režimu i normálně, použit Adw clean se standartním nastavením a nic. Dělá to i v nouzovém režimu a všude. Vygooglil jsem o tom vše a už opravdu nevím. Používám funkci Klávesnice na obrazovce vzhledem ke svému tělesnému postižení. Prosím o pomoc.

HP Elitebook 8460p, Windows 7 Pro.

Výpis z First:


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.09.2018
Ran by Bape (administrator) on BAPE-HP (09-09-2018 21:30:23)
Running from C:\Users\Bape\Desktop
Loaded Profiles: Bape (Available Profiles: Bape & moni)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Cybereason) C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFreeServiceHost.exe
() C:\Windows\System32\SCPwrSetSvr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(Cybereason) C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFree.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2208448 2018-03-13] (COMODO)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2816240 2016-09-02] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-09-08] (AVAST Software)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\Policies\Explorer: [NoDrives] 1
HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\MountPoints2: G - G:\AUTORUN\AUTORUN.EXE
HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\MountPoints2: {6d02c475-70e8-11e6-908f-100ba928b780} - G:\setup.exe
HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\MountPoints2: {7457a9ae-5f29-11e8-acc5-101f74fbe7cb} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\MountPoints2: {94ac21a8-67cf-11e8-b9a1-101f74fbe7cb} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\MountPoints2: {9e086d2c-3b43-11e8-9670-101f74fbe7cb} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{0E4E7E32-73C8-42AD-B9B6-844207BC4FE1}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{B2547369-A0AA-4C1D-8D3A-78AEEB2B6282}: [NameServer] 83.240.0.135,83.240.0.215

Internet Explorer:
==================
HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-07-30] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-30] (Oracle Corporation)
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
IE Session Restore: HKU\S-1-5-21-1050733673-4065207461-4260594767-1000 -> is enabled.

FireFox:
========
FF DefaultProfile:
FF DefaultProfile: 5r46ctii.default
FF ProfilePath: C:\Users\Bape\AppData\Roaming\Mozilla\Firefox\Profiles\5r46ctii.default [2018-09-09]
FF Homepage: Mozilla\Firefox\Profiles\5r46ctii.default -> hxxps://www.seznam.cz/
FF NetworkProxy: Mozilla\Firefox\Profiles\5r46ctii.default -> type", 0
FF Session Restore: Mozilla\Firefox\Profiles\5r46ctii.default -> is enabled.
FF Extension: (Test Pilot) - C:\Users\Bape\AppData\Roaming\Mozilla\Firefox\Profiles\5r46ctii.default\Extensions\@testpilot-addon.xpi [2018-08-29]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Bape\AppData\Roaming\Mozilla\Firefox\Profiles\5r46ctii.default\Extensions\cs@dictionaries.addons.mozilla.org [2016-12-06] [Legacy]
FF Extension: (S3.Translator) - C:\Users\Bape\AppData\Roaming\Mozilla\Firefox\Profiles\5r46ctii.default\Extensions\s3google@translator.xpi [2018-09-08]
FF Extension: (snoozetabs) - C:\Users\Bape\AppData\Roaming\Mozilla\Firefox\Profiles\5r46ctii.default\Extensions\snoozetabs@mozilla.com.xpi [2018-01-20]
FF Extension: (Tab Groups) - C:\Users\Bape\AppData\Roaming\Mozilla\Firefox\Profiles\5r46ctii.default\Extensions\tabgroups@quicksaver.xpi [2017-01-28] [Legacy]
FF Extension: (Avast Online Security) - C:\Users\Bape\AppData\Roaming\Mozilla\Firefox\Profiles\5r46ctii.default\Extensions\wrc@avast.com.xpi [2018-05-25]
FF Extension: (Malwarebytes Browser Extension) - C:\Users\Bape\AppData\Roaming\Mozilla\Firefox\Profiles\5r46ctii.default\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2018-08-13]
FF Extension: (Adblock Plus) - C:\Users\Bape\AppData\Roaming\Mozilla\Firefox\Profiles\5r46ctii.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-08-31]
FF Extension: (Always on Top) - C:\Users\Bape\AppData\Roaming\Mozilla\Firefox\Profiles\5r46ctii.default\Extensions\{E6C93316-271E-4b3d-8D7E-FE11B4350AEB}.xpi [2018-05-10]
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-30] (Oracle Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-09-08] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-09-08] (AVAST Software)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11395096 2018-03-13] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2018-03-13] (COMODO)
R2 CybereasonRansomFree; C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFreeServiceHost.exe [13824 2017-11-20] (Cybereason) [File not signed]
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-09-01] (HP)
S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-09-13] (HP Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-03] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 SCPwrSetSvr; C:\Windows\system32\SCPwrSetSvr.exe [99096 2013-07-19] ()
S4 STacSV; C:\Program Files\IDT\WDM\stacsv64.exe [327680 2012-10-24] (IDT, Inc.) [File not signed]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-08-13] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [199712 2018-09-08] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229384 2018-09-08] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201320 2018-09-08] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-09-08] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59568 2018-09-08] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-09-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163272 2018-09-08] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111864 2018-09-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87904 2018-09-08] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-09-08] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467320 2018-09-08] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215728 2018-09-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381560 2018-09-08] (AVAST Software)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [34280 2018-02-01] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [846624 2018-02-01] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [59096 2018-02-01] (COMODO)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-09-01] (REALiX(tm))
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [123544 2018-02-01] (COMODO)
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2012-07-16] (JMicron Technology Corp.)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-09-09] (Malwarebytes)
R1 SpyEmrg; C:\Windows\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\Windows\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgGuard; C:\Windows\System32\Drivers\spyemrg_guard.sys [19768 2015-03-09] (NETGATE Technologies s.r.o.)
R3 SzCCID; C:\Windows\System32\DRIVERS\SzCCID.sys [39936 2013-09-24] (Generic)
R3 ALSysIO; \??\C:\Users\Bape\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 SPUVCbv; System32\Drivers\SPUVCbv_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-09 21:30 - 2018-09-09 21:31 - 000013769 _____ C:\Users\Bape\Desktop\FRST.txt
2018-09-09 21:29 - 2018-09-09 21:29 - 000000000 ____D C:\Users\Bape\Desktop\FRST-OlderVersion
2018-09-09 19:06 - 2018-09-09 19:06 - 000000000 __SHD C:\Users\Bape\Desktop\0K, this directory is for Ransomware detection (just leave it here)
2018-09-09 19:05 - 2018-09-09 19:06 - 000000000 ___HD C:\Users\Bape\Documents\Eversions7
2018-09-09 19:05 - 2018-09-09 19:05 - 000524957 ____N C:\Users\Akb1abtt\violatecoarseprovides.xlsx
2018-09-09 19:05 - 2018-09-09 19:05 - 000504230 ____N C:\Users\Qmbphau\wars.testament.cholesterol.xlsx
2018-09-09 19:05 - 2018-09-09 19:05 - 000220596 ____N C:\Users\Qmbphau\decisions unite office until.mdb
2018-09-09 19:05 - 2018-09-09 19:05 - 000216273 ____N C:\Users\Akb1abtt\loosen_hired_larger.mdb
2018-09-09 19:05 - 2018-09-09 19:05 - 000070188 ____N C:\Users\Akb1abtt\wounded.ultimate.able.controversy.xls
2018-09-09 19:05 - 2018-09-09 19:05 - 000062867 ____N C:\Users\Qmbphau\cycle_violate_literature_manager.xls
2018-09-09 19:05 - 2018-09-09 19:05 - 000057439 ____N C:\Users\Akb1abtt\academy night.pem
2018-09-09 19:05 - 2018-09-09 19:05 - 000052126 ____N C:\Users\Qmbphau\handed-tremendous-practical-studied.pem
2018-09-09 19:05 - 2018-09-09 19:05 - 000036502 ____N C:\Users\Akb1abtt\subdivide-remaining-allowing-placed.txt
2018-09-09 19:05 - 2018-09-09 19:05 - 000021818 ____N C:\Users\Akb1abtt\front.found.formula.sql
2018-09-09 19:05 - 2018-09-09 19:05 - 000020281 ____N C:\Users\Qmbphau\jealousconfidentialbeautystumbled.txt
2018-09-09 19:05 - 2018-09-09 19:05 - 000012552 ____N C:\Users\Qmbphau\platform-elsewhere-cotton-die.sql
2018-09-09 19:05 - 2018-09-09 19:05 - 000000000 ___HD C:\Users\Qmbphau
2018-09-09 19:05 - 2018-09-09 19:05 - 000000000 ___HD C:\Users\Bape\Documents\Ardates39
2018-09-09 19:05 - 2018-09-09 19:05 - 000000000 ___HD C:\Users\Akb1abtt
2018-09-09 19:05 - 2018-09-09 19:05 - 000000000 ____D C:\xstore144
2018-09-09 19:05 - 2018-09-09 19:05 - 000000000 ____D C:\Acdate160
2018-09-09 18:28 - 2018-09-09 18:28 - 002940488 _____ (KRyLack Software) C:\Users\Bape\Downloads\hashtool.exe
2018-09-09 17:52 - 2018-09-09 17:52 - 003596264 _____ () C:\Users\Bape\Downloads\Windows ISO Downloader.exe
2018-09-09 13:45 - 2018-09-09 16:43 - 000288708 _____ C:\Windows\ntbtlog.txt
2018-09-09 02:42 - 2018-09-09 21:30 - 000000000 ____D C:\FRST
2018-09-09 02:42 - 2018-09-09 21:29 - 002413568 _____ (Farbar) C:\Users\Bape\Desktop\FRST64.exe
2018-09-09 02:16 - 2018-09-09 13:48 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-09-09 01:52 - 2018-09-09 01:54 - 000000000 ____D C:\AdwCleaner
2018-09-09 01:52 - 2018-09-09 01:52 - 007571152 _____ (Malwarebytes) C:\Users\Bape\Downloads\adwcleaner_7.2.3.1.exe
2018-09-09 00:46 - 2018-09-09 00:46 - 000388608 _____ (Trend Micro Inc.) C:\Users\Bape\Downloads\hijackthis.exe
2018-09-08 23:29 - 2018-09-08 23:29 - 000379608 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-09-08 18:57 - 2018-09-08 18:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters
2018-09-08 18:57 - 2018-09-08 18:57 - 000000000 ____D C:\Program Files (x86)\LAV Filters
2018-08-31 17:16 - 2018-08-22 00:15 - 000396992 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-08-31 17:16 - 2018-08-21 21:57 - 000350232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-08-31 17:16 - 2018-08-21 13:29 - 025745920 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-31 17:16 - 2018-08-21 13:20 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-08-31 17:16 - 2018-08-21 13:20 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-08-31 17:16 - 2018-08-21 13:09 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-31 17:16 - 2018-08-21 13:08 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-08-31 17:16 - 2018-08-21 13:07 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-31 17:16 - 2018-08-21 13:07 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-31 17:16 - 2018-08-21 13:07 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-08-31 17:16 - 2018-08-21 13:07 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-08-31 17:16 - 2018-08-21 13:01 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-08-31 17:16 - 2018-08-21 13:00 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-08-31 17:16 - 2018-08-21 12:58 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-31 17:16 - 2018-08-21 12:57 - 005777408 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-31 17:16 - 2018-08-21 12:57 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-31 17:16 - 2018-08-21 12:57 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-31 17:16 - 2018-08-21 12:57 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-08-31 17:16 - 2018-08-21 12:57 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-08-31 17:16 - 2018-08-21 12:52 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-31 17:16 - 2018-08-21 12:49 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-08-31 17:16 - 2018-08-21 12:44 - 020286976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-08-31 17:16 - 2018-08-21 12:43 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-31 17:16 - 2018-08-21 12:42 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-31 17:16 - 2018-08-21 12:42 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-08-31 17:16 - 2018-08-21 12:39 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-08-31 17:16 - 2018-08-21 12:39 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-08-31 17:16 - 2018-08-21 12:38 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-08-31 17:16 - 2018-08-21 12:37 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-08-31 17:16 - 2018-08-21 12:36 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-08-31 17:16 - 2018-08-21 12:28 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-08-31 17:16 - 2018-08-21 12:28 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-08-31 17:16 - 2018-08-21 12:28 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-08-31 17:16 - 2018-08-21 12:27 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-08-31 17:16 - 2018-08-21 12:27 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-31 17:16 - 2018-08-21 12:27 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-08-31 17:16 - 2018-08-21 12:25 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-08-31 17:16 - 2018-08-21 12:25 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-31 17:16 - 2018-08-21 12:24 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-31 17:16 - 2018-08-21 12:23 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-31 17:16 - 2018-08-21 12:23 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-08-31 17:16 - 2018-08-21 12:23 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-08-31 17:16 - 2018-08-21 12:22 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-08-31 17:16 - 2018-08-21 12:21 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-08-31 17:16 - 2018-08-21 12:20 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-31 17:16 - 2018-08-21 12:20 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-08-31 17:16 - 2018-08-21 12:20 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-08-31 17:16 - 2018-08-21 12:20 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-08-31 17:16 - 2018-08-21 12:16 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-31 17:16 - 2018-08-21 12:13 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-08-31 17:16 - 2018-08-21 12:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-08-31 17:16 - 2018-08-21 12:09 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-08-31 17:16 - 2018-08-21 12:09 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-08-31 17:16 - 2018-08-21 12:07 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-08-31 17:16 - 2018-08-21 12:06 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-08-31 17:16 - 2018-08-21 12:06 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-08-31 17:16 - 2018-08-21 12:05 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-08-31 17:16 - 2018-08-21 12:05 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-08-31 17:16 - 2018-08-21 12:04 - 001554944 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-31 17:16 - 2018-08-21 12:03 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-08-31 17:16 - 2018-08-21 12:00 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-08-31 17:16 - 2018-08-21 11:58 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-08-31 17:16 - 2018-08-21 11:58 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-08-31 17:16 - 2018-08-21 11:58 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-08-31 17:16 - 2018-08-21 11:52 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-31 17:16 - 2018-08-21 11:45 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-08-31 17:16 - 2018-08-21 11:41 - 001329152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-08-31 17:16 - 2018-08-21 11:39 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-08-31 17:16 - 2018-06-27 15:20 - 000419648 _____ C:\Windows\SysWOW64\locale.nls
2018-08-31 17:16 - 2018-06-27 15:19 - 000419648 _____ C:\Windows\system32\locale.nls
2018-08-24 01:32 - 2018-08-24 01:32 - 113983488 _____ (Oracle Corporation) C:\Users\Bape\Downloads\VirtualBox-5.2.18-124319-Win.exe
2018-08-21 20:46 - 2018-08-21 20:46 - 000000000 ____D C:\Users\Bape\Documents\Ashampoo Burning Studio FREE
2018-08-16 11:50 - 2018-09-06 20:56 - 000000000 ___RD C:\Users\Bape\Documents\DŮLEŽITÉ
2018-08-15 12:10 - 2018-08-02 05:05 - 005553760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-15 12:10 - 2018-08-02 04:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-08-15 12:10 - 2018-08-02 04:16 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-08-15 12:10 - 2018-08-02 04:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-08-15 12:10 - 2018-08-02 04:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-08-15 12:10 - 2018-08-02 04:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-08-15 12:10 - 2018-07-13 21:19 - 001894080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-08-15 12:10 - 2018-06-29 17:55 - 000695808 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2018-08-15 12:10 - 2018-06-29 17:55 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2018-08-15 12:10 - 2018-06-29 17:55 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2018-08-15 12:10 - 2018-06-29 17:14 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2018-08-15 12:09 - 2018-08-03 17:55 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-15 12:09 - 2018-08-03 17:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-08-15 12:09 - 2018-08-02 05:20 - 000708272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-08-15 12:09 - 2018-08-02 05:18 - 000096864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-08-15 12:09 - 2018-08-02 05:07 - 000263776 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-08-15 12:09 - 2018-08-02 05:06 - 000156256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-08-15 12:09 - 2018-08-02 05:02 - 001665320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-15 12:09 - 2018-08-02 05:00 - 000633080 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-08-15 12:09 - 2018-08-02 04:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-08-15 12:09 - 2018-08-02 04:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-08-15 12:09 - 2018-08-02 04:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-08-15 12:09 - 2018-08-02 04:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-08-15 12:09 - 2018-08-02 04:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-08-15 12:09 - 2018-08-02 04:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-08-15 12:09 - 2018-08-02 04:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-08-15 12:09 - 2018-08-02 04:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-08-15 12:09 - 2018-08-02 04:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-08-15 12:09 - 2018-08-02 04:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-08-15 12:09 - 2018-08-02 04:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-08-15 12:09 - 2018-08-02 04:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-08-15 12:09 - 2018-08-02 04:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-08-15 12:09 - 2018-08-02 04:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-08-15 12:09 - 2018-08-02 04:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-08-15 12:09 - 2018-08-02 04:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-08-15 12:09 - 2018-08-02 04:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-08-15 12:09 - 2018-08-02 04:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-08-15 12:09 - 2018-08-02 04:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-08-15 12:09 - 2018-08-02 04:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-08-15 12:09 - 2018-08-02 04:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-08-15 12:09 - 2018-08-02 04:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-08-15 12:09 - 2018-08-02 04:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-08-15 12:09 - 2018-08-02 04:58 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-08-15 12:09 - 2018-08-02 04:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-08-15 12:09 - 2018-08-02 04:58 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-08-15 12:09 - 2018-08-02 04:58 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-08-15 12:09 - 2018-08-02 04:58 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:45 - 003959984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-08-15 12:09 - 2018-08-02 04:43 - 001315512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-08-15 12:09 - 2018-08-02 04:42 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-08-15 12:09 - 2018-08-02 04:42 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-08-15 12:09 - 2018-08-02 04:42 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-08-15 12:09 - 2018-08-02 04:42 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-08-15 12:09 - 2018-08-02 04:42 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-08-15 12:09 - 2018-08-02 04:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-08-15 12:09 - 2018-08-02 04:41 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-08-15 12:09 - 2018-08-02 04:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-08-15 12:09 - 2018-08-02 04:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-08-15 12:09 - 2018-08-02 04:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-08-15 12:09 - 2018-08-02 04:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-08-15 12:09 - 2018-08-02 04:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-08-15 12:09 - 2018-08-02 04:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-08-15 12:09 - 2018-08-02 04:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-08-15 12:09 - 2018-08-02 04:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-08-15 12:09 - 2018-08-02 04:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-08-15 12:09 - 2018-08-02 04:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:26 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-08-15 12:09 - 2018-08-02 04:26 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-15 12:09 - 2018-08-02 04:26 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-08-15 12:09 - 2018-08-02 04:25 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-08-15 12:09 - 2018-08-02 04:22 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-08-15 12:09 - 2018-08-02 04:21 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-08-15 12:09 - 2018-08-02 04:21 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-08-15 12:09 - 2018-08-02 04:17 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-08-15 12:09 - 2018-08-02 04:17 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-08-15 12:09 - 2018-08-02 04:17 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-08-15 12:09 - 2018-08-02 04:16 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-08-15 12:09 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-08-15 12:09 - 2018-08-02 04:16 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-08-15 12:09 - 2018-08-02 04:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-08-15 12:09 - 2018-08-02 04:11 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-08-15 12:09 - 2018-08-02 04:11 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-08-15 12:09 - 2018-08-02 04:11 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-08-15 12:09 - 2018-08-02 04:10 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-08-15 12:09 - 2018-08-02 04:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-08-15 12:09 - 2018-08-02 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-08-15 12:09 - 2018-07-13 21:19 - 000377024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-08-15 12:09 - 2018-07-13 21:19 - 000287936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-08-15 12:09 - 2018-07-08 18:08 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-08-15 12:09 - 2018-07-08 18:02 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-15 12:09 - 2018-07-08 18:02 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-15 12:09 - 2018-07-08 18:02 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-08-15 12:09 - 2018-07-08 18:01 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-08-15 12:09 - 2018-07-08 18:01 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-08-15 12:09 - 2018-07-08 17:47 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-08-15 12:09 - 2018-07-08 17:42 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-08-15 12:09 - 2018-07-08 17:42 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-08-15 12:09 - 2018-07-08 17:41 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-08-15 12:09 - 2018-07-08 17:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-08-15 12:09 - 2018-07-08 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-08-15 12:09 - 2018-07-07 17:24 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-15 12:09 - 2018-07-06 18:09 - 000947904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-15 12:09 - 2018-07-06 18:03 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-08-15 12:09 - 2018-07-06 18:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-08-15 12:09 - 2018-07-06 17:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-08-15 12:09 - 2018-07-06 17:48 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-08-15 12:09 - 2018-06-29 17:55 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2018-08-15 12:09 - 2018-06-29 17:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2018-08-15 12:09 - 2018-06-29 17:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2018-08-15 12:09 - 2018-06-27 18:01 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-08-15 12:09 - 2018-06-27 17:55 - 003246592 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-15 12:09 - 2018-06-27 17:55 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-08-15 12:09 - 2018-06-27 17:55 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-15 12:09 - 2018-06-27 17:55 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-08-15 12:09 - 2018-06-27 17:54 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-15 12:09 - 2018-06-27 17:54 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-08-15 12:09 - 2018-06-27 17:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-08-15 12:09 - 2018-06-27 17:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-08-15 12:09 - 2018-06-27 17:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-08-15 12:09 - 2018-06-27 17:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-08-15 12:09 - 2018-06-27 17:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-08-15 12:09 - 2018-06-27 17:21 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-15 12:09 - 2018-06-27 17:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-08-15 12:09 - 2018-06-21 05:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-08-15 12:09 - 2018-06-21 05:09 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-08-12 00:30 - 2018-08-12 00:30 - 000001038 _____ C:\Users\Bape\Desktop\GREEN BUTTON.lnk
2018-08-12 00:30 - 2018-08-12 00:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verbatim GREEN BUTTON
2018-08-12 00:30 - 2018-08-12 00:30 - 000000000 ____D C:\Program Files (x86)\Verbatim GREEN BUTTON
2018-08-12 00:26 - 2018-08-12 00:26 - 000853231 _____ C:\Users\Bape\Downloads\Verbatim Green Button 1.49.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-09 19:13 - 2009-07-14 06:45 - 000021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-09 19:13 - 2009-07-14 06:45 - 000021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-09 19:07 - 2016-11-18 15:18 - 000000000 ____D C:\Users\Bape\AppData\LocalLow\Mozilla
2018-09-09 19:04 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-09 18:59 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-09-09 17:58 - 2016-02-03 20:25 - 000001905 _____ C:\Users\Bape\Desktop\poznámky.txt
2018-09-09 17:26 - 2016-09-01 12:50 - 000000000 ____D C:\Users\Bape\AppData\Roaming\Hewlett-Packard
2018-09-09 17:20 - 2016-08-26 22:33 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2018-09-09 17:13 - 2016-09-01 12:44 - 000000000 ____D C:\swsetup
2018-09-09 01:15 - 2009-07-14 06:45 - 000300136 _____ C:\Windows\system32\FNTCACHE.DAT
2018-09-09 01:14 - 2016-08-31 12:24 - 000000000 ____D C:\Users\Bape\AppData\Roaming\uTorrent
2018-09-09 01:06 - 2016-08-26 21:58 - 000065152 _____ C:\Users\Bape\AppData\Local\GDIPFONTCACHEV1.DAT
2018-09-08 23:53 - 2016-08-27 19:30 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-09-08 23:29 - 2018-02-01 18:21 - 000467320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-09-08 23:29 - 2018-02-01 18:21 - 000381560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-09-08 23:29 - 2018-02-01 18:21 - 000215728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-09-08 23:29 - 2018-02-01 18:21 - 000199712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-09-08 23:29 - 2018-02-01 18:21 - 000163272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-09-08 23:29 - 2018-02-01 18:21 - 000111864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-09-08 23:29 - 2018-02-01 18:21 - 000087904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-09-08 23:29 - 2018-02-01 18:21 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-09-08 23:29 - 2017-02-21 15:04 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-09-08 23:28 - 2018-02-01 18:21 - 001027720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-09-08 23:28 - 2018-02-01 18:21 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-09-08 23:28 - 2018-02-01 18:21 - 000229384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-09-08 23:28 - 2018-02-01 18:21 - 000201320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-09-08 23:28 - 2018-02-01 18:21 - 000059568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-09-08 23:28 - 2016-08-27 04:01 - 000000000 ____D C:\Users\Bape\AppData\Roaming\KeePass
2018-09-08 20:09 - 2016-09-01 13:55 - 000003180 _____ C:\Windows\System32\Tasks\HPCeeScheduleForBape
2018-09-08 20:09 - 2016-09-01 13:55 - 000000328 _____ C:\Windows\Tasks\HPCeeScheduleForBape.job
2018-09-08 19:20 - 2018-03-24 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2018-09-08 19:20 - 2018-03-24 16:22 - 000000000 ____D C:\Program Files\MKVToolNix
2018-09-07 12:14 - 2018-08-09 16:04 - 000001310 _____ C:\Users\Public\Desktop\Skype.lnk
2018-09-07 12:14 - 2018-06-12 17:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-09-07 10:41 - 2011-04-12 10:34 - 000754786 _____ C:\Windows\system32\perfh005.dat
2018-09-07 10:41 - 2011-04-12 10:34 - 000194622 _____ C:\Windows\system32\perfc005.dat
2018-09-07 10:41 - 2009-07-14 07:13 - 001724512 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-07 10:11 - 2017-06-30 14:33 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-07 10:11 - 2016-08-27 03:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-06 23:38 - 2016-12-31 16:00 - 000000000 ____D C:\Users\Bape\AppData\Roaming\avidemux
2018-09-06 19:25 - 2016-08-27 21:53 - 000000000 ____D C:\Users\Bape\AppData\Roaming\vlc
2018-09-06 18:07 - 2018-07-10 13:02 - 000000000 ____D C:\Users\Bape\Documents\Bandicam
2018-09-06 17:35 - 2017-11-17 19:03 - 000000000 ____D C:\Users\Bape\Downloads\Piráti
2018-09-03 22:33 - 2018-06-11 10:50 - 000000000 ____D C:\Users\Bape\temp
2018-09-02 15:24 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-09-01 20:06 - 2016-09-22 12:49 - 000000000 ____D C:\Users\Bape\AppData\Roaming\Kuki
2018-08-31 17:20 - 2016-08-27 02:32 - 001700162 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-08-25 14:57 - 2009-07-14 07:08 - 000032568 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-08-22 20:05 - 2017-12-01 19:48 - 000001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2018-08-22 20:05 - 2017-12-01 19:48 - 000001035 _____ C:\Users\Public\Desktop\TeamViewer 13.lnk
2018-08-15 22:31 - 2016-08-27 18:06 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-12 20:59 - 2017-07-27 10:18 - 000003168 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1050733673-4065207461-4260594767-1000
2018-08-12 20:59 - 2016-08-27 21:25 - 000002143 _____ C:\Users\Bape\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2018-08-12 00:28 - 2018-08-07 19:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verbatim
2018-08-12 00:28 - 2018-08-07 19:36 - 000000000 ____D C:\Program Files (x86)\Verbatim

==================== Files in the root of some directories =======

2017-07-10 13:12 - 2017-07-10 13:12 - 000000836 _____ () C:\Users\Bape\AppData\Local\recently-used.xbel
2016-11-04 23:19 - 2016-11-04 23:26 - 000007605 _____ () C:\Users\Bape\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-09 07:02

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.09.2018
Ran by Bape (09-09-2018 21:31:50)
Running from C:\Users\Bape\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-08-26 19:45:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1050733673-4065207461-4260594767-500 - Administrator - Disabled)
Bape (S-1-5-21-1050733673-4065207461-4260594767-1000 - Administrator - Enabled) => C:\Users\Bape
Guest (S-1-5-21-1050733673-4065207461-4260594767-501 - Limited - Disabled)
moni (S-1-5-21-1050733673-4065207461-4260594767-1001 - Limited - Enabled) => C:\Users\moni

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Advanced Protection (Enabled - Up to date) {B3D9AA4C-EA4D-5505-9BB0-0420509C2BBB}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Enabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\{F24F876B-7D71-4BD6-88E9-614D3BB84238}) (Version: 1.7.38.0 - Alcor Micro Corp.) Hidden
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.38.0 - Alcor Micro Corp.)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.16.161230 - )
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.)
Backup and Sync from Google (HKLM\...\{AEFBDB5B-899F-4AE6-B789-BA56A652A476}) (Version: 3.42.9858.3671 - Google, Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.1.1.1073 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.5.3 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.00.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon TS3100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS3100_series) (Version: 1.00 - Canon Inc.)
COMODO Firewall (HKLM\...\{EC925096-5689-4BE3-B675-D16D0394B4A0}) (Version: 10.2.0.6526 - COMODO Security Solutions Inc.)
Core Temp 1.2 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.2 - Alcpu)
Cybereason RansomFree 2.4.2.0 (HKLM-x32\...\{2A15E1FB-A1F5-4F11-B033-D8DB1E37C1E9}) (Version: 2.4.2.0 - Cybereason Inc.)
GENERAL V 8.1.3.1 (HKLM-x32\...\GENERAL V 8.1.3.1) (Version: - )
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
HAPPYneuron Brain Jogging (HKLM-x32\...\CD_EntrainementCerebral_CZ) (Version: - )
HP 3D DriveGuard (HKLM\...\{95518B59-44D9-430A-B12C-A582F18F5752}) (Version: 4.1.16.1 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{EE5F1911-EA95-4F1A-AF97-495972F5032D}) (Version: 2.4.3.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6433.0 - IDT)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.2 - Intel)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{BEE86606-EFB5-4353-9F34-29E0C59CDCFA}) (Version: 15.2.0.0284 - Intel Corporation)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Java 8 Update 172 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
KeePass Password Safe 2.35 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.35 - Dominik Reichl)
Kuki (HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\Kuki) (Version: 20160616.000 - SMART Comp. a.s.)
LAV Filters 0.72 (HKLM-x32\...\lavfilters_is1) (Version: 0.72 - Hendrik Leppkes)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MKVToolNix 26.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 26.0.0 - Moritz Bunkus)
Mozilla Firefox 62.0 (x64 cs) (HKLM\...\Mozilla Firefox 62.0 (x64 cs)) (Version: 62.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 62.0.0.6816 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
Mumble 1.2.19 (HKLM-x32\...\{97B3A307-D592-4888-9439-7FB9FBF8F1C3}) (Version: 1.2.19 - Thorvald Natvig)
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
OpenShot Video Editor verze 2.4.0 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.4.0 - OpenShot Studios, LLC)
PhotoFiltre 7 (HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\PhotoFiltre 7) (Version: - )
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Registrace tiskárny (HKLM-x32\...\Canon EISRegistration) (Version: 1.1.0 - Canon Inc.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.36.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.36.0 - Renesas Electronics Corporation)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Shotcut (HKLM-x32\...\Shotcut) (Version: - )
Skype verze 8.29 (HKLM-x32\...\Skype_is1) (Version: 8.29 - Skype Technologies S.A.)
Splash (HKLM-x32\...\Mirillis Splash) (Version: 2.0.4 - Mirillis)
Stratagus (HKLM-x32\...\Stratagus) (Version: 2.3.0 - )
Subtitle Edit 3.4.13 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.4.13.0 - Nikse)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.23 - Synaptics Incorporated)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.14327 - TeamViewer)
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
Verbatim GREEN BUTTON 1.49 (HKLM-x32\...\Verbatim GREEN BUTTON_is1) (Version: - Verbatim)
Verbatim Product Update 1.06 (HKLM-x32\...\Verbatim Product Update_is1) (Version: - Verbatim)
VIP Access SDK (1.0.1.5) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.5 - Symantec Inc.)
Vivaldi (HKLM-x32\...\Vivaldi) (Version: 1.15.1147.47 - Vivaldi)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Wargus (HKLM-x32\...\Wargus) (Version: 2.3 - )
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{F92064F6-BDE8-46FC-A19F-4E12D311BE3A}) (Version: 1.0.30 - Microsoft Corporation)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.4) (Version: 1.3.4 - Xvid Team)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-08] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-08] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-08] (AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-03-13] (COMODO)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-05-30] (Google)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-03-13] (COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-08] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-03] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-05-30] (Google)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-08] (AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-03-13] (COMODO)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-03] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1B9E32B5-CCEC-42EB-B8F4-AAC8B4196FC5} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {1F338257-C2D7-40DE-9F69-004760F80B29} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2018-03-13] (COMODO)
Task: {1FC7E135-C4A4-4FDA-A26A-ED7F676EFBF8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {3197AF77-459F-418D-A9C2-4587B06DB47B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-27] (Google Inc.)
Task: {4874B55D-7180-4FA3-AC60-9902A857AE9A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-08-19] (AVAST Software)
Task: {494B4D57-A4A0-4FC5-89A7-8DD91C0B847E} - System32\Tasks\{F4D8E215-A75B-4D9F-AA0D-DCCEFA72D733} => C:\Windows\system32\pcalua.exe -a "F:\HP Soft\SWSETUP\SP59885\HPUCDSilent.exe" -d "F:\HP Soft\SWSETUP\SP59885"
Task: {4E6ECB7A-723D-449D-80AD-E8FF492B783F} - System32\Tasks\{ED21BF16-45AF-4A72-9714-4664A263AE39} => C:\Windows\system32\pcalua.exe -a "F:\HP Soft\SWSETUP\SP59885\Chicony\setup.exe" -d "F:\HP Soft\SWSETUP\SP59885\Chicony"
Task: {5230D0A3-E7ED-4A88-A584-E7A3C2895F34} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-09-08] (AVAST Software)
Task: {5B8CEEB8-5A3C-44FA-AFBC-7A73F4B94E04} - System32\Tasks\SafeZone scheduled Autoupdate 1472299585 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {98A3E896-82AE-4277-9A86-42A3E4699A60} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {99E5340E-981D-41AC-B384-53AB8ADBECBC} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {9A2CAF72-545D-456D-83CB-CAB827914D47} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2018-03-13] (COMODO)
Task: {9B8A9E5C-6AAB-42A6-B145-6486D179B67E} - System32\Tasks\Core Temp Autostart Bape => C:\Program Files\Core Temp\Core Temp.exe [2017-09-19] (ALCPU)
Task: {B158AB10-E11C-459B-AB56-AEDCB9F912AA} - System32\Tasks\Cybereason RansomFree Autostart => C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFree.exe [2017-11-20] (Cybereason)
Task: {B7756F70-EFC1-49E0-865D-C7550B7F95B5} - System32\Tasks\Cybereason RansomFree Keepalive => C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFree.exe [2017-11-20] (Cybereason)
Task: {C18EF710-FCAA-429E-9A81-0A2023AD0299} - System32\Tasks\{991635FF-73B7-4A97-B5B1-34B531EE63F5} => C:\Windows\system32\pcalua.exe -a C:\Users\Bape\Downloads\sp52437.exe -d C:\Users\Bape\Downloads
Task: {D71778E3-0E01-4261-8BCB-32BCD8B6864D} - System32\Tasks\{4E3D8F2E-ED2A-45ED-91B2-EED0731BF53E} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.27.0.101/cs/abandoninstall?source=lightinstaller&page=tsMain
Task: {E4B0B24C-19FC-4363-B0AD-550F2E698A67} - System32\Tasks\{ADCB3DBC-CE94-45B5-8D84-5FEA1086E89F} => C:\Windows\system32\pcalua.exe -a C:\Users\Bape\Downloads\sp59885.exe -d C:\Users\Bape\Downloads
Task: {EB4E3302-5CDD-499D-8BB8-3AC672D1654A} - System32\Tasks\{B0F8770D-DD11-4F48-BE51-C4AB73DEB985} => C:\Windows\system32\pcalua.exe -a "D:\Instalace\HP Soft\SWSETUP\sp81892.exe" -d "D:\Instalace\HP Soft\SWSETUP"
Task: {ED7AFBCA-563E-4F01-A504-7607703C89E5} - System32\Tasks\HPCeeScheduleForBape => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-09-23] (HP Development Company, L.P.)
Task: {F07FA95B-A7D1-4F59-B038-2CB0F64E6C55} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {FBA28A69-500E-486A-9C2B-41AA4EC1B9CE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-27] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\HPCeeScheduleForBape.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-07-10 07:25 - 2018-03-13 19:17 - 000107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2016-07-10 07:26 - 2018-03-13 19:17 - 000244416 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2013-07-19 14:09 - 2013-07-19 14:09 - 000099096 _____ () C:\Windows\system32\SCPwrSetSvr.exe
2018-09-08 23:28 - 2018-09-08 23:28 - 000703192 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2013-08-05 08:15 - 2013-08-05 08:15 - 000070712 _____ () C:\Windows\system32\bdmpega64.acm
2018-09-08 23:28 - 2018-09-08 23:28 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-09-08 23:29 - 2018-09-08 23:29 - 000896216 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-09-08 23:28 - 2018-09-08 23:28 - 000541400 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-09-08 23:28 - 2018-09-08 23:28 - 000986840 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-09-09 19:06 - 2018-09-09 19:06 - 005692560 _____ () C:\Program Files\AVAST Software\Avast\defs\18090904\algo.dll
2018-03-12 11:44 - 2018-03-12 11:44 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\accelerometerdll.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amdpcom64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiadlxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticalcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticaldd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticalrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atidemgy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atieclxx.exe:$CMDTCID [0]
AlternateDataStreams: C:\Windows\system32\atiesrxx.exe:$CMDTCID [0]
AlternateDataStreams: C:\Windows\system32\atig6pxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atig6txx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atimpc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atimuixx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atio6axx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atitmm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiu9p64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiumd6a.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcdedit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\chajei.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\coinst_15.20.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DelayAPO.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\e1cmsg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\HPMDPCoInst12.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hpservice.exe:$CMDTCID [0]
AlternateDataStreams: C:\Windows\system32\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\imkr80.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\NETwNc64.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\NETwNr64.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\NicInstC.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\OpenVideo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\OVDecode64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\phon.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PROUnstl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\quick.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scavengeui.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\SynTPCo19.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UIAnimation.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WpdMtp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WpdMtpUS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManMigrationPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsmplpxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsmprovhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdocl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdpcom32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiadlxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticalcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticaldd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticalrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticfx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atidxx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atigktxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atimpc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atioglxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiu9pag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiumdag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiumdva.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiuxpag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\chajei.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_43.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_43.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\imkr80.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\OpenVideo.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\OVDecode.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\phon.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\pintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\quick.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\SynCom.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\SynTPCom.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\UIAnimation.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WSManMigrationPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsmplpxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsmprovhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\Accelerometer.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ati2erec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\atikmdag.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\bowser.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\e1c62x64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\hpdskflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\NETwNs64.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\SynTP.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Bape\Desktop\evlist_uzivatelP.doc:$CmdTcID [64]
AlternateDataStreams: C:\Users\Bape\Desktop\evlist_uzivatelP.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Bape\Desktop\MediaCreationTool.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Bape\Desktop\MediaCreationTool.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Bape\Downloads\Documents.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Bape\Downloads\Documents.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Bape\Downloads\logotyp_na_bile_transparentni_pozadi.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Bape\Downloads\memostation-setup-cs.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Bape\Downloads\memostation-setup-cs.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Bape\Downloads\pytel-blech--62'-DVBT_CZ-(romin).avi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Bape\Downloads\pytel-blech--62'-DVBT_CZ-(romin).avi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Bape\Downloads\unetbootin-windows-625.exe:$CmdZnID [26]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\1-se.com -> 1-se.com

There are 11402 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2018-09-09 00:47 - 000000851 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bape\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 83.240.0.135 - 83.240.0.215
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: IObitUnSvr => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupreg: f.lux => "C:\Users\Bape\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{545E7112-A8A8-4BCB-81F4-A13994A873DC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{CF5BD543-561C-4999-984D-00FACD69B7B9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{74C44C13-78CB-4C8E-8EDB-90D41B2A6D2E}C:\users\bape\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bape\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{66ED80CE-6457-4B43-B923-16FC0AB0B2E4}C:\users\bape\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bape\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{9DFF00B2-53CA-47C8-B677-2EA546C08618}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FDE19334-09FF-433B-BFFD-76BBAEB7708E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4C2946D4-4C17-4D4A-9D1D-04C7233B5B6D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{54AC3A73-D378-4874-9AD9-A029F84F43B0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DACE189A-FB56-4E97-9B17-16DFB1C39179}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3A68E6B0-6C7D-4BDF-B7E2-F533DDE557FD}] => (Allow) C:\Program Files (x86)\Kuki\addons\skin.netboxkuki\proxies\proxy2.exe
FirewallRules: [{E8AD4026-2AD9-45AE-99EC-75139634D1E9}] => (Allow) C:\Program Files (x86)\Kuki\addons\skin.netboxkuki\proxies\proxy2.exe

==================== Restore Points =========================

27-08-2018 22:58:17 Naplánovaný kontrolní bod
31-08-2018 17:17:19 Windows Update
09-09-2018 07:09:38 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name: Intel(R) Centrino(R) Advanced-N 6205
Description: Intel(R) Centrino(R) Advanced-N 6205
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: NETwNs64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Zařízení Bluetooth (síť PAN)
Description: Zařízení Bluetooth (síť PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Sériový port sběrnice PCI
Description: Sériový port sběrnice PCI
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/09/2018 07:05:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/09/2018 05:24:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.1.7601.23537 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 4d8

Čas spuštění: 01d4484e395c362d

Čas ukončení: 60000

Cesta k aplikaci: C:\Windows\Explorer.EXE

ID hlášení: 1bac3445-b444-11e8-b428-101f74fbe7cb

Error: (09/09/2018 04:46:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/09/2018 01:47:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/09/2018 06:33:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/09/2018 01:56:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/09/2018 01:16:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/08/2018 03:44:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (09/09/2018 07:06:17 PM) (Source: WMPNetworkSvc) (EventID: 14338) (User: )
Description: Nový server médií nebyl inicializován, protože u funkce CoCreateInstance(CLSID_UPnPRegistrar) došlo k chybě 0x80070422. Ověřte, zda je spuštěná služba UPnPHost a zda je správně nainstalovaná součást systému Windows UPnPHost.

Error: (09/09/2018 07:06:17 PM) (Source: WMPNetworkSvc) (EventID: 14338) (User: )
Description: Nový server médií nebyl inicializován, protože u funkce CoCreateInstance(CLSID_UPnPRegistrar) došlo k chybě 0x80070422. Ověřte, zda je spuštěná služba UPnPHost a zda je správně nainstalovaná součást systému Windows UPnPHost.

Error: (09/09/2018 07:06:13 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Naslouchací proces domácí skupiny ukončena s chybou %%-2147023143 = Pro mapovač koncových bodů nejsou k dispozici další koncové body., specifickou pro službu.

Error: (09/09/2018 05:03:25 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Naslouchací proces domácí skupiny ukončena s chybou %%-2147023143 = Pro mapovač koncových bodů nejsou k dispozici další koncové body., specifickou pro službu.

Error: (09/09/2018 05:03:23 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error: (09/09/2018 05:03:16 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error: (09/09/2018 04:48:38 PM) (Source: WMPNetworkSvc) (EventID: 14338) (User: )
Description: Nový server médií nebyl inicializován, protože u funkce CoCreateInstance(CLSID_UPnPRegistrar) došlo k chybě 0x80070422. Ověřte, zda je spuštěná služba UPnPHost a zda je správně nainstalovaná součást systému Windows UPnPHost.

Error: (09/09/2018 04:48:38 PM) (Source: WMPNetworkSvc) (EventID: 14338) (User: )
Description: Nový server médií nebyl inicializován, protože u funkce CoCreateInstance(CLSID_UPnPRegistrar) došlo k chybě 0x80070422. Ověřte, zda je spuštěná služba UPnPHost a zda je správně nainstalovaná součást systému Windows UPnPHost.


CodeIntegrity:
===================================

Date: 2018-09-09 21:31:57.881
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-09-09 21:31:48.405
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-09-09 21:30:59.962
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-09-09 21:30:57.892
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-09-09 21:30:55.869
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-09-09 21:30:53.905
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-09-09 21:30:51.893
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-09-09 21:30:49.928
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 51%
Total physical RAM: 8142.36 MB
Available physical RAM: 3963.27 MB
Total Virtual: 20353.5 MB
Available Virtual: 15142.46 MB

==================== Drives ================================

Drive a: () (Network) (Total:116.36 GB) (Free:19.3 GB) NTFS
Drive c: () (Fixed) (Total:116.36 GB) (Free:19.3 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: () (Fixed) (Total:180.9 GB) (Free:20.87 GB) NTFS
Drive e: (Bape 104) (CDROM) (Total:4.14 GB) (Free:0 GB) UDF
Drive f: (Verbatim) (Fixed) (Total:1863 GB) (Free:1194.01 GB) exFAT
Drive h: (Expansion Drive) (Fixed) (Total:1863.01 GB) (Free:279.3 GB) NTFS

\\?\Volume{62c59243-4086-11e7-b992-806e6f6e6963}\ () (Fixed) (Total:0.82 GB) (Free:0.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 8B37352D)
Partition 1: (Active) - (Size=116.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=844 MB) - (Type=27)
Partition 3: (Not Active) - (Size=180.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: BB8F31F9)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: B2144158)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[Rudy]

Zdravím!
Můžete mít problém, zvaný keylogger, ale může to být způsobeno instalací nějakého programu, nebo systémová chyba. Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[bape]

To už jsem udělal a nic. Moc nevěřím že tam mám keylogger, mám tam Avast, projíždím pravidelně MBAM, mám firewall Comodo se zapnutým HIPS, vše aktuální. Neklikám na vše. Porno už taky nesjíždím - jsem ženatej. Pomozte prosím co dál.

[Rudy]

Teď bych chtěl vidět log z ADW.

[bape]

Odinstaloval jsem zatím Javu a Cyberreason ransom free a beze změny.

Je to tu:

# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: 2018-09-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-10-2018
# Duration: 00:00:25
# OS: Windows 7 Professional
# Scanned: 41904
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1749 octets] - [09/09/2018 01:52:50]
AdwCleaner[C00].txt - [1823 octets] - [09/09/2018 01:54:15]
AdwCleaner[S01].txt - [1379 octets] - [09/09/2018 01:58:29]
AdwCleaner[S02].txt - [1440 octets] - [09/09/2018 02:01:51]
AdwCleaner[S03].txt - [1501 octets] - [09/09/2018 16:21:08]
AdwCleaner[S04].txt - [1562 octets] - [09/09/2018 22:54:16]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\MountPoints2: G - G:\AUTORUN\AUTORUN.EXE
HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\MountPoints2: {6d02c475-70e8-11e6-908f-100ba928b780} - G:\setup.exe
HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\MountPoints2: {7457a9ae-5f29-11e8-acc5-101f74fbe7cb} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\MountPoints2: {94ac21a8-67cf-11e8-b9a1-101f74fbe7cb} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\MountPoints2: {9e086d2c-3b43-11e8-9670-101f74fbe7cb} - I:\HiSuiteDownLoader.exe
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
Task: {494B4D57-A4A0-4FC5-89A7-8DD91C0B847E} - System32\Tasks\{F4D8E215-A75B-4D9F-AA0D-DCCEFA72D733} => C:\Windows\system32\pcalua.exe -a "F:\HP Soft\SWSETUP\SP59885\HPUCDSilent.exe" -d "F:\HP Soft\SWSETUP\SP59885"
Task: {4E6ECB7A-723D-449D-80AD-E8FF492B783F} - System32\Tasks\{ED21BF16-45AF-4A72-9714-4664A263AE39} => C:\Windows\system32\pcalua.exe -a "F:\HP Soft\SWSETUP\SP59885\Chicony\setup.exe" -d "F:\HP Soft\SWSETUP\SP59885\Chicony"
Task: {E4B0B24C-19FC-4363-B0AD-550F2E698A67} - System32\Tasks\{ADCB3DBC-CE94-45B5-8D84-5FEA1086E89F} => C:\Windows\system32\pcalua.exe -a C:\Users\Bape\Downloads\sp59885.exe -d C:\Users\Bape\Downloads
Task: {EB4E3302-5CDD-499D-8BB8-3AC672D1654A} - System32\Tasks\{B0F8770D-DD11-4F48-BE51-C4AB73DEB985} => C:\Windows\system32\pcalua.exe -a "D:\Instalace\HP Soft\SWSETUP\sp81892.exe" -d "D:\Instalace\HP Soft\SWSETUP"
Task: {3197AF77-459F-418D-A9C2-4587B06DB47B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-27] (Google Inc.)
Task: {FBA28A69-500E-486A-9C2B-41AA4EC1B9CE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-27] (Google Inc.)
AlternateDataStreams: C:\Windows\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\accelerometerdll.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amdpcom64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiadlxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticalcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticaldd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticalrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atidemgy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atieclxx.exe:$CMDTCID [0]
AlternateDataStreams: C:\Windows\system32\atiesrxx.exe:$CMDTCID [0]
AlternateDataStreams: C:\Windows\system32\atig6pxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atig6txx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atimpc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atimuixx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atio6axx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atitmm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiu9p64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiumd6a.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcdedit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\chajei.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\coinst_15.20.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DelayAPO.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\e1cmsg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\HPMDPCoInst12.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hpservice.exe:$CMDTCID [0]
AlternateDataStreams: C:\Windows\system32\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\imkr80.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\NETwNc64.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\NETwNr64.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\NicInstC.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\OpenVideo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\OVDecode64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\phon.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PROUnstl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\quick.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scavengeui.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\SynTPCo19.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UIAnimation.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WpdMtp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WpdMtpUS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManMigrationPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsmplpxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsmprovhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdocl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdpcom32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiadlxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticalcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticaldd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticalrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticfx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atidxx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atigktxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atimpc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atioglxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiu9pag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiumdag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiumdva.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiuxpag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\chajei.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_43.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_43.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\imkr80.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\OpenVideo.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\OVDecode.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\phon.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\pintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\quick.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\SynCom.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\SynTPCom.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\UIAnimation.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WSManMigrationPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsmplpxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsmprovhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\Accelerometer.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ati2erec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\atikmdag.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\bowser.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\e1c62x64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\hpdskflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\NETwNs64.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\SynTP.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Bape\Desktop\evlist_uzivatelP.doc:$CmdTcID [64]
AlternateDataStreams: C:\Users\Bape\Desktop\evlist_uzivatelP.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Bape\Desktop\MediaCreationTool.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Bape\Desktop\MediaCreationTool.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Bape\Downloads\Documents.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Bape\Downloads\Documents.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Bape\Downloads\logotyp_na_bile_transparentni_pozadi.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Bape\Downloads\memostation-setup-cs.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Bape\Downloads\memostation-setup-cs.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Bape\Downloads\pytel-blech--62'-DVBT_CZ-(romin).avi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Bape\Downloads\pytel-blech--62'-DVBT_CZ-(romin).avi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Bape\Downloads\unetbootin-windows-625.exe:$CmdZnID [26]

EmptyTemp:
Hosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[bape]

Žádná změna.


Fix result of Farbar Recovery Scan Tool (x64) Version: 09.09.2018
Ran by Bape (10-09-2018 15:09:41) Run:1
Running from C:\Users\Bape\Desktop
Loaded Profiles: Bape (Available Profiles: Bape & moni)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\MountPoints2: G - G:\AUTORUN\AUTORUN.EXE
HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\MountPoints2: {6d02c475-70e8-11e6-908f-100ba928b780} - G:\setup.exe
HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\MountPoints2: {7457a9ae-5f29-11e8-acc5-101f74fbe7cb} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\MountPoints2: {94ac21a8-67cf-11e8-b9a1-101f74fbe7cb} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\...\MountPoints2: {9e086d2c-3b43-11e8-9670-101f74fbe7cb} - I:\HiSuiteDownLoader.exe
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
Task: {494B4D57-A4A0-4FC5-89A7-8DD91C0B847E} - System32\Tasks\{F4D8E215-A75B-4D9F-AA0D-DCCEFA72D733} => C:\Windows\system32\pcalua.exe -a "F:\HP Soft\SWSETUP\SP59885\HPUCDSilent.exe" -d "F:\HP Soft\SWSETUP\SP59885"
Task: {4E6ECB7A-723D-449D-80AD-E8FF492B783F} - System32\Tasks\{ED21BF16-45AF-4A72-9714-4664A263AE39} => C:\Windows\system32\pcalua.exe -a "F:\HP Soft\SWSETUP\SP59885\Chicony\setup.exe" -d "F:\HP Soft\SWSETUP\SP59885\Chicony"
Task: {E4B0B24C-19FC-4363-B0AD-550F2E698A67} - System32\Tasks\{ADCB3DBC-CE94-45B5-8D84-5FEA1086E89F} => C:\Windows\system32\pcalua.exe -a C:\Users\Bape\Downloads\sp59885.exe -d C:\Users\Bape\Downloads
Task: {EB4E3302-5CDD-499D-8BB8-3AC672D1654A} - System32\Tasks\{B0F8770D-DD11-4F48-BE51-C4AB73DEB985} => C:\Windows\system32\pcalua.exe -a "D:\Instalace\HP Soft\SWSETUP\sp81892.exe" -d "D:\Instalace\HP Soft\SWSETUP"
Task: {3197AF77-459F-418D-A9C2-4587B06DB47B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-27] (Google Inc.)
Task: {FBA28A69-500E-486A-9C2B-41AA4EC1B9CE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-27] (Google Inc.)
AlternateDataStreams: C:\Windows\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\accelerometerdll.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amdpcom64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiadlxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticalcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticaldd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticalrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atidemgy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atieclxx.exe:$CMDTCID [0]
AlternateDataStreams: C:\Windows\system32\atiesrxx.exe:$CMDTCID [0]
AlternateDataStreams: C:\Windows\system32\atig6pxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atig6txx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atimpc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atimuixx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atio6axx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atitmm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiu9p64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiumd6a.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcdedit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\chajei.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\coinst_15.20.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DelayAPO.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\e1cmsg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\HPMDPCoInst12.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hpservice.exe:$CMDTCID [0]
AlternateDataStreams: C:\Windows\system32\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\imkr80.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\NETwNc64.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\NETwNr64.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\NicInstC.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\OpenVideo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\OVDecode64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\phon.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PROUnstl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\quick.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scavengeui.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\SynTPCo19.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UIAnimation.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WpdMtp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WpdMtpUS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManMigrationPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsmplpxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsmprovhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdocl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdpcom32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiadlxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticalcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticaldd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticalrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticfx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atidxx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atigktxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atimpc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atioglxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiu9pag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiumdag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiumdva.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiuxpag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\chajei.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_43.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_43.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\imkr80.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\OpenVideo.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\OVDecode.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\phon.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\pintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\quick.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\SynCom.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\SynTPCom.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\UIAnimation.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WSManMigrationPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsmplpxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsmprovhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\Accelerometer.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ati2erec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\atikmdag.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\bowser.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\e1c62x64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\hpdskflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\NETwNs64.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\SynTP.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Bape\Desktop\evlist_uzivatelP.doc:$CmdTcID [64]
AlternateDataStreams: C:\Users\Bape\Desktop\evlist_uzivatelP.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Bape\Desktop\MediaCreationTool.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Bape\Desktop\MediaCreationTool.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Bape\Downloads\Documents.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Bape\Downloads\Documents.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Bape\Downloads\logotyp_na_bile_transparentni_pozadi.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Bape\Downloads\memostation-setup-cs.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Bape\Downloads\memostation-setup-cs.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Bape\Downloads\pytel-blech--62'-DVBT_CZ-(romin).avi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Bape\Downloads\pytel-blech--62'-DVBT_CZ-(romin).avi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Bape\Downloads\unetbootin-windows-625.exe:$CmdZnID [26]

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
"HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G" => removed successfully
"HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d02c475-70e8-11e6-908f-100ba928b780}" => removed successfully
HKLM\Software\Classes\CLSID\{6d02c475-70e8-11e6-908f-100ba928b780} => not found
"HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7457a9ae-5f29-11e8-acc5-101f74fbe7cb}" => removed successfully
HKLM\Software\Classes\CLSID\{7457a9ae-5f29-11e8-acc5-101f74fbe7cb} => not found
"HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94ac21a8-67cf-11e8-b9a1-101f74fbe7cb}" => removed successfully
HKLM\Software\Classes\CLSID\{94ac21a8-67cf-11e8-b9a1-101f74fbe7cb} => not found
"HKU\S-1-5-21-1050733673-4065207461-4260594767-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e086d2c-3b43-11e8-9670-101f74fbe7cb}" => removed successfully
HKLM\Software\Classes\CLSID\{9e086d2c-3b43-11e8-9670-101f74fbe7cb} => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" => removed successfully
HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{494B4D57-A4A0-4FC5-89A7-8DD91C0B847E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{494B4D57-A4A0-4FC5-89A7-8DD91C0B847E}" => removed successfully
C:\Windows\System32\Tasks\{F4D8E215-A75B-4D9F-AA0D-DCCEFA72D733} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F4D8E215-A75B-4D9F-AA0D-DCCEFA72D733}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E6ECB7A-723D-449D-80AD-E8FF492B783F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E6ECB7A-723D-449D-80AD-E8FF492B783F}" => removed successfully
C:\Windows\System32\Tasks\{ED21BF16-45AF-4A72-9714-4664A263AE39} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ED21BF16-45AF-4A72-9714-4664A263AE39}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E4B0B24C-19FC-4363-B0AD-550F2E698A67}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4B0B24C-19FC-4363-B0AD-550F2E698A67}" => removed successfully
C:\Windows\System32\Tasks\{ADCB3DBC-CE94-45B5-8D84-5FEA1086E89F} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ADCB3DBC-CE94-45B5-8D84-5FEA1086E89F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB4E3302-5CDD-499D-8BB8-3AC672D1654A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB4E3302-5CDD-499D-8BB8-3AC672D1654A}" => removed successfully
C:\Windows\System32\Tasks\{B0F8770D-DD11-4F48-BE51-C4AB73DEB985} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B0F8770D-DD11-4F48-BE51-C4AB73DEB985}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3197AF77-459F-418D-A9C2-4587B06DB47B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3197AF77-459F-418D-A9C2-4587B06DB47B}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FBA28A69-500E-486A-9C2B-41AA4EC1B9CE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FBA28A69-500E-486A-9C2B-41AA4EC1B9CE}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\Windows\explorer.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\accelerometerdll.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\adsmsext.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\amdpcom64.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\atiadlxx.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\atiapfxx.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\aticalcl64.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\aticaldd64.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\aticalrt64.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\atidemgy.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\atieclxx.exe => ":$CMDTCID" ADS could not remove.
C:\Windows\system32\atiesrxx.exe => ":$CMDTCID" ADS could not remove.
C:\Windows\system32\atig6pxx.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\atig6txx.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\atiglpxx.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\atimpc64.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\atimuixx.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\atio6axx.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\atitmm64.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\atiu9p64.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\atiumd64.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\atiumd6a.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\audiodg.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\AudioEng.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\AUDIOKSE.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\AudioSes.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\audiosrv.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\bcdedit.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\blackbox.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\chajei.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\cintlgnt.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\clinfo.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\coinst_15.20.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\cryptsp.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\cryptui.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\davclnt.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\DelayAPO.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\diagtrack.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\drmmgrtn.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\drmv2clt.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\e1cmsg.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\EncDump.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\evr.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\HPMDPCoInst12.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\hpservice.exe => ":$CMDTCID" ADS could not remove.
C:\Windows\system32\IMJP10.IME => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\IMJP10K.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\imkr80.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\input.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\mfplat.dll => ":$CmdTcID" ADS could not remove.
"C:\Windows\system32\MRT.exe" => ":$CmdTcID" ADS not found.
C:\Windows\system32\msnetobj.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\msscp.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\msxml3.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\msxml3r.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\NETwNc64.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\NETwNr64.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\NicInstC.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\nlsbres.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\OpenCL.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\OpenVideo64.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\OVDecode64.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\pcadm.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\pcaevts.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\pcalua.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\pcasvc.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\pcawrk.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\phon.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\pintlgnt.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\poqexec.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\PROUnstl.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\qdvd.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\qintlgnt.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\quick.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\scavengeui.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\SynTPCo19.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\tintlgnt.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\UIAnimation.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\user32.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\UtcResources.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\WebClnt.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\wmdrmsdk.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\WpdMtp.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\WpdMtpUS.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\WSManHTTPConfig.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\WSManMigrationPlugin.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\WsmAuto.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\wsmplpxy.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\wsmprovhost.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\WsmRes.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\WsmSvc.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\WsmWmiPl.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\adsmsext.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\amdocl.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\amdpcom32.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\atiadlxy.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\aticalcl.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\aticaldd.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\aticalrt.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\aticfx32.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\atidxx32.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\atigktxx.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\atiglpxx.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\atimpc32.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\atioglxx.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\atiu9pag.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\atiumdag.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\atiumdva.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\atiuxpag.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\AudioEng.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\AUDIOKSE.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\AudioSes.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\blackbox.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\chajei.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\cintlgnt.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\cryptsp.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\cryptui.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\D3DCompiler_43.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\D3DX9_43.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\davclnt.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\drmmgrtn.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\drmv2clt.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\evr.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\explorer.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\IMJP10.IME => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\IMJP10K.DLL => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\imkr80.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\input.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\mfplat.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\msnetobj.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\msscp.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\msxml3.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\msxml3r.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\nlsbres.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\OpenCL.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\OpenVideo.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\OVDecode.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\phon.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\pintlgnt.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\poqexec.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\qdvd.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\qintlgnt.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\quick.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\SynCom.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\SynTPCom.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\tintlgnt.ime => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\UIAnimation.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\user32.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\WebClnt.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\wmdrmsdk.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\WSManHTTPConfig.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\WSManMigrationPlugin.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\WsmAuto.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\wsmplpxy.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\wsmprovhost.exe => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\WsmRes.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\WsmSvc.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\SysWOW64\WsmWmiPl.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\Accelerometer.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\ati2erec.dll => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\atikmdag.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\atikmpag.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\bowser.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\e1c62x64.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\hpdskflt.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\mrxdav.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\NETwNs64.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\PEAuth.sys => ":$CmdTcID" ADS could not remove.
C:\Windows\system32\Drivers\SynTP.sys => ":$CmdTcID" ADS could not remove.
C:\Users\Bape\Desktop\evlist_uzivatelP.doc => ":$CmdTcID" ADS could not remove.
C:\Users\Bape\Desktop\evlist_uzivatelP.doc => ":$CmdZnID" ADS removed successfully
C:\Users\Bape\Desktop\MediaCreationTool.exe => ":$CmdTcID" ADS could not remove.
C:\Users\Bape\Desktop\MediaCreationTool.exe => ":$CmdZnID" ADS removed successfully
C:\Users\Bape\Downloads\Documents.zip => ":$CmdTcID" ADS could not remove.
C:\Users\Bape\Downloads\Documents.zip => ":$CmdZnID" ADS removed successfully
C:\Users\Bape\Downloads\logotyp_na_bile_transparentni_pozadi.png => ":$CmdZnID" ADS removed successfully
C:\Users\Bape\Downloads\memostation-setup-cs.exe => ":$CmdTcID" ADS could not remove.
C:\Users\Bape\Downloads\memostation-setup-cs.exe => ":$CmdZnID" ADS removed successfully
C:\Users\Bape\Downloads\pytel-blech--62'-DVBT_CZ-(romin).avi => ":$CmdTcID" ADS could not remove.
C:\Users\Bape\Downloads\pytel-blech--62'-DVBT_CZ-(romin).avi => ":$CmdZnID" ADS removed successfully
C:\Users\Bape\Downloads\unetbootin-windows-625.exe => ":$CmdZnID" ADS removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 36379087 B
Java, Flash, Steam htmlcache => 519 B
Windows/system/drivers => 37503941 B
Edge => 0 B
Chrome => 0 B
Firefox => 1065620847 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66228 B
systemprofile32 => 66228 B
LocalService => 0 B
NetworkService => 66228 B
Bape => 595228425 B
moni => 4908070 B

RecycleBin => 7642838 B
EmptyTemp: => 1.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:12:18 ====

[Rudy]

Ještě udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte. Opravdu to vypadá na systémový problém.

[bape]

Mám to. Snad je to ono.


Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 10.09.18
Čas skenování: 16:24
Logovací soubor: 3af2d95f-b505-11e8-badd-101f74fbe7cb.json
Správce: Ano

-Informace o softwaru-
Verze: 3.5.1.2522
Verze komponentů: 1.0.365
Aktualizovat verzi balíku komponent: 1.0.6749
Licence: Bezplatný

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: Bape-HP\Bape

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 263041
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 9 min, 0 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

[Rudy]

Ano, je. Tušil jsem, že toto nebude problém malware. Máte 2 možnosti:

1. Obnovu systému k datu, kda korketně fungoval.
2. Opravu systému pomocí utility WinRepair: http://www.stahuj.cz/utility_a_ostatni/ ... ws-repair/ .

[bape]

Zkusím WinRepair. Obnovu systému dělat nebudu, to to radši smáznu celý. Takže havět tam žádná není?

[Rudy]

Není. PC je čistý. Obnova není nic jiného, než přepsání systémových souborů a registry do stavu k danému datu. Přijdete jen o všchny instalace, které jste instaloval mezi oním datem a dneškem, nastavení a aktualizace systému. Vaše soubory zůstanou zachovány.