Vypadavani site, prepinani do sleep

[deii]

Ahoj, prosim o kontrolu. Pocitac se chova delsi dobu divne: vypadava sit, prepina se do sleep rezimu, obcas modra smrt. Projel jsem ho Adwcleanerem a MBAM - neco malo nasly. Prikladam vypisy vcetne FRSTLauncher:

all.zip

(41.51 KiB) Staženo 44 x

(bylo to moc velke do prizpevku)

[Rudy]

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-2833470715-1743641123-588181605-1000\...\MountPoints2: {60fcb1de-dcfc-11e4-84d8-f82fa8e4ac83} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2833470715-1743641123-588181605-1000\...\MountPoints2: {657ed7d8-8478-11e3-9a16-f82fa8e4ac83} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2833470715-1743641123-588181605-1016\...\RunOnce: [] => [X]
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\gcswf32.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\pdf.dll => No File
CHR Plugin: (Norton Confidential) - C:\Users\deii\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll => No File
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\DP45977C.lfl
C:\Users\deii\SoapUI-x64-5.2.1.exe
C:\Users\deii\AppData\Local\Temp
AlternateDataStreams: C:\Windows\avastSS.scr:$CmdTcID [64]
AlternateDataStreams: C:\Windows\PWMBTHLV.EXE:$CmdTcID [64]
AlternateDataStreams: C:\Windows\RtlExUpd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AERTAC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\coin95ip.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\coin95itp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DDPA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DDPD64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DDPO64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DDPP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\FMAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\GEARAspi64.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ibmpmctl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ibmpmsvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MsRdpWebAccess.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PWMCP64V.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\RCoInstII64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\RtkApi64.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\RtkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SFSS_APO.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\SynCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SynTPAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SynTPCo14.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\TPHDEXLG64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tpinspm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TpShCTL.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TpShEvUI.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TpShocks.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TpShUI.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbGDCoInstaller.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\usbaaplrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WavesGUILib64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WdfCoInstaller01011.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wksprtPS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\els.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerInstaller.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\GEARAspi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MsRdpWebAccess.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\SynCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\SynTPCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\wksprtPS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\dc3d.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\drmkaud.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\DZHDD64.SYS:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\e1c62x64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\GEARAspiWDM.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ibmpmdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\intelaud.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\iusb3hcs.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\iusb3hub.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\iusb3xhc.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\iwdbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ndis.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\NETwsw00.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\point64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\Smb_driver_Intel.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\SynTP.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\TPPWR64V.SYS:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\TsUsbFlt.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usb3Hub.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\USB3Ver.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbaapl64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\VBoxDrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\VBoxNetAdp6.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\VBoxNetLwf.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\VBoxUSBMon.sys:$CmdTcID [64]
AlternateDataStreams: C:\ProgramData\TEMP:054203E4 [130]
AlternateDataStreams: C:\Users\deii\SoapUI-x64-5.2.1.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Desktop\05.svg:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Desktop\mraky.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Desktop\new-horizons__2.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Desktop\nh-pluto-moonlight.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Desktop\OV5642DS.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Desktop\pitko.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Desktop\P_LORRI_FULLFRAME_BW.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Desktop\zemeplocha.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Desktop\[CZE]X14DVBEUH-1.113-0626.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\207-celomasiv-irena_web.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\207-celomasiv-irena_web.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\A150303_ZUK_001_DANE_2014.XLS:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\A150303_ZUK_001_DANE_2014.XLS:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\alfresco_34.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\alfresco_34.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\archetype-models-2.5-SNAPSHOT.pom:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\archetype-models-2.5-SNAPSHOT.pom:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\atlassian-bitbucket-4.1.0-x64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\atlassian-bitbucket-4.1.0-x64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\burpsuite_free_v1.6.jar:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\burpsuite_free_v1.6.jar:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\ClientWithResponseHandler.java:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\ClientWithResponseHandler.java:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\ConEmuSetup.151202.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\ConEmuSetup.151202.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\Developer Guide.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\Developer Guide.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\Dieta purinová.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\eCare Cockpit Report.rtf:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\eCare Cockpit Report.rtf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\eng.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\eng.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\for_Avast.doc:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\for_Avast.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\GE00331 - SDP API Specification.doc:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\GE00331 - SDP API Specification.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\Git-2.7.1-64-bit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\Git-2.7.1-64-bit.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\gpg4win-2.2.4.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\gpg4win-2.2.4.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\HIST_249491730_201503072024.slk:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\HIST_249491730_201503072024.slk:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\ideaIU-15.0.2.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\ideaIU-15.0.2.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\IVR_vo_backendlog_FupLimit_2015-06-24.xls:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\jacoco-0.7.6-20151002.081900-29.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\jacoco-0.7.6-20151002.081900-29.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\jacoco-maven-plugin-0.7.5.201505241946-sources.jar:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\jacoco-maven-plugin-0.7.5.201505241946-sources.jar:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\jacoco.exec:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\jacoco.exec:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\Jinja2-2.8.tar.gz:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\kids_fest_map.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\krok_1_uvod_pohyblivost.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\learning_puppet_vm.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\learning_puppet_vm.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\MarcoPolo.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\MarcoPolo.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\maven.xml:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\maven.xml:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\Messaging architecture.png:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\Messaging architecture.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\Messaging architecture.xml:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\Messaging architecture.xml:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\ntlmaps-setup-0.9.9.6.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\ntlmaps-setup-0.9.9.6.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\otp_win64_18.2.1.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\otp_win64_18.2.1.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\output_LL3lhW.gif:$CmdTcID [130]
AlternateDataStreams: C:\Users\deii\Downloads\output_LL3lhW.gif:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\puttygen.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\puttygen.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\PyYAML-3.11.tar.gz:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\PyYAML-3.11.tar.gz:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\rabbitmq-server-3.6.0.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\rabbitmq-server-3.6.0.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\Reference Check Template VFMM(1).docx:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\Reference Check Template VFMM(1).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\Reference Check Template VFMM.docx:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\Reference Check Template VFMM.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\RESTful-Java-Client-ApacheHttpClient-Example.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\RESTful-Java-Client-ApacheHttpClient-Example.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\SDPDesign-2983521-110116-1558-7.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\SDPDesign-2983521-110116-1558-7.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\setup-x86_64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\setup-x86_64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\SIEMENS SE 25267.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\SIEMENS SE 25267.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\Sorry leden 2015.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\Sorry leden 2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\SourceTreeSetup_1.7.0.32509.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\SourceTreeSetup_1.7.0.32509.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\ticketdirect776445589.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\ticketdirect776445589.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\vccbs-ear-1411.34.ear:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\vccbs-ear-1411.34.ear:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Documents\7091888.pdf:$CmdZnID [26]
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[deii]

Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by deii (2016-03-25 16:47:07) Run:1
Running from C:\Users\deii\Desktop
Loaded Profiles: deii & atlbitbucket (Available Profiles: deii & atlbitbucket)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-2833470715-1743641123-588181605-1000\...\MountPoints2: {60fcb1de-dcfc-11e4-84d8-f82fa8e4ac83} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2833470715-1743641123-588181605-1000\...\MountPoints2: {657ed7d8-8478-11e3-9a16-f82fa8e4ac83} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2833470715-1743641123-588181605-1016\...\RunOnce: [] => [X]
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\gcswf32.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\pdf.dll => No File
CHR Plugin: (Norton Confidential) - C:\Users\deii\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll => No File
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\DP45977C.lfl
C:\Users\deii\SoapUI-x64-5.2.1.exe
C:\Users\deii\AppData\Local\Temp
AlternateDataStreams: C:\Windows\avastSS.scr:$CmdTcID [64]
AlternateDataStreams: C:\Windows\PWMBTHLV.EXE:$CmdTcID [64]
AlternateDataStreams: C:\Windows\RtlExUpd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AERTAC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\coin95ip.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\coin95itp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DDPA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DDPD64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DDPO64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DDPP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\FMAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\GEARAspi64.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ibmpmctl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ibmpmsvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MsRdpWebAccess.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\PWMCP64V.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\RCoInstII64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\RtkApi64.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\RtkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SFSS_APO.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\SynCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SynTPAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SynTPCo14.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\TPHDEXLG64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tpinspm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TpShCTL.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TpShEvUI.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TpShocks.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TpShUI.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbGDCoInstaller.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\usbaaplrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WavesGUILib64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WdfCoInstaller01011.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wksprtPS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\els.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerInstaller.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\GEARAspi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MsRdpWebAccess.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\SynCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\SynTPCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\wksprtPS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\dc3d.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\drmkaud.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\DZHDD64.SYS:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\e1c62x64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\GEARAspiWDM.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ibmpmdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\intelaud.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\iusb3hcs.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\iusb3hub.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\iusb3xhc.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\iwdbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ndis.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\NETwsw00.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\point64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\Smb_driver_Intel.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\SynTP.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\TPPWR64V.SYS:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\TsUsbFlt.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usb3Hub.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\USB3Ver.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbaapl64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\VBoxDrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\VBoxNetAdp6.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\VBoxNetLwf.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\VBoxUSBMon.sys:$CmdTcID [64]
AlternateDataStreams: C:\ProgramData\TEMP:054203E4 [130]
AlternateDataStreams: C:\Users\deii\SoapUI-x64-5.2.1.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Desktop\05.svg:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Desktop\mraky.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Desktop\new-horizons__2.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Desktop\nh-pluto-moonlight.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Desktop\OV5642DS.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Desktop\pitko.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Desktop\P_LORRI_FULLFRAME_BW.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Desktop\zemeplocha.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Desktop\[CZE]X14DVBEUH-1.113-0626.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\207-celomasiv-irena_web.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\207-celomasiv-irena_web.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\A150303_ZUK_001_DANE_2014.XLS:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\A150303_ZUK_001_DANE_2014.XLS:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\alfresco_34.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\alfresco_34.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\archetype-models-2.5-SNAPSHOT.pom:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\archetype-models-2.5-SNAPSHOT.pom:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\atlassian-bitbucket-4.1.0-x64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\atlassian-bitbucket-4.1.0-x64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\burpsuite_free_v1.6.jar:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\burpsuite_free_v1.6.jar:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\ClientWithResponseHandler.java:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\ClientWithResponseHandler.java:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\ConEmuSetup.151202.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\ConEmuSetup.151202.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\Developer Guide.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\Developer Guide.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\Dieta purinová.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\eCare Cockpit Report.rtf:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\eCare Cockpit Report.rtf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\eng.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\eng.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\for_Avast.doc:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\for_Avast.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\GE00331 - SDP API Specification.doc:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\GE00331 - SDP API Specification.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\Git-2.7.1-64-bit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\Git-2.7.1-64-bit.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\gpg4win-2.2.4.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\gpg4win-2.2.4.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\HIST_249491730_201503072024.slk:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\HIST_249491730_201503072024.slk:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\ideaIU-15.0.2.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\ideaIU-15.0.2.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\IVR_vo_backendlog_FupLimit_2015-06-24.xls:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\jacoco-0.7.6-20151002.081900-29.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\jacoco-0.7.6-20151002.081900-29.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\jacoco-maven-plugin-0.7.5.201505241946-sources.jar:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\jacoco-maven-plugin-0.7.5.201505241946-sources.jar:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\jacoco.exec:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\jacoco.exec:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\Jinja2-2.8.tar.gz:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\kids_fest_map.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\krok_1_uvod_pohyblivost.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\learning_puppet_vm.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\learning_puppet_vm.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\MarcoPolo.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\MarcoPolo.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\maven.xml:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\maven.xml:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\Messaging architecture.png:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\Messaging architecture.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\Messaging architecture.xml:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\Messaging architecture.xml:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\ntlmaps-setup-0.9.9.6.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\ntlmaps-setup-0.9.9.6.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\otp_win64_18.2.1.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\otp_win64_18.2.1.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\output_LL3lhW.gif:$CmdTcID [130]
AlternateDataStreams: C:\Users\deii\Downloads\output_LL3lhW.gif:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\puttygen.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\puttygen.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\PyYAML-3.11.tar.gz:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\PyYAML-3.11.tar.gz:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\rabbitmq-server-3.6.0.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\rabbitmq-server-3.6.0.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\Reference Check Template VFMM(1).docx:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\Reference Check Template VFMM(1).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\Reference Check Template VFMM.docx:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\Reference Check Template VFMM.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\RESTful-Java-Client-ApacheHttpClient-Example.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\RESTful-Java-Client-ApacheHttpClient-Example.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\SDPDesign-2983521-110116-1558-7.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\SDPDesign-2983521-110116-1558-7.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\setup-x86_64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\setup-x86_64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\SIEMENS SE 25267.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\SIEMENS SE 25267.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\Sorry leden 2015.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\Sorry leden 2015.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\SourceTreeSetup_1.7.0.32509.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\SourceTreeSetup_1.7.0.32509.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\ticketdirect776445589.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\ticketdirect776445589.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Downloads\vccbs-ear-1411.34.ear:$CmdTcID [64]
AlternateDataStreams: C:\Users\deii\Downloads\vccbs-ear-1411.34.ear:$CmdZnID [26]
AlternateDataStreams: C:\Users\deii\Documents\7091888.pdf:$CmdZnID [26]
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKU\S-1-5-21-2833470715-1743641123-588181605-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60fcb1de-dcfc-11e4-84d8-f82fa8e4ac83}" => key removed successfully
HKCR\CLSID\{60fcb1de-dcfc-11e4-84d8-f82fa8e4ac83} => key not found.
"HKU\S-1-5-21-2833470715-1743641123-588181605-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{657ed7d8-8478-11e3-9a16-f82fa8e4ac83}" => key removed successfully
HKCR\CLSID\{657ed7d8-8478-11e3-9a16-f82fa8e4ac83} => key not found.
HKU\S-1-5-21-2833470715-1743641123-588181605-1016\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ => value removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
C:\Program Files (x86)\Google\Google Toolbar => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\gcswf32.dll => not found.
c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\ppGoogleNaClPluginChrome.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\pdf.dll => not found.
C:\Users\deii\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll => not found.
C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll => not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
C:\Users\deii\SoapUI-x64-5.2.1.exe => moved successfully

"C:\Users\deii\AppData\Local\Temp" folder move:

Could not move "C:\Users\deii\AppData\Local\Temp" => Scheduled to move on reboot.

"C:\Windows\avastSS.scr" => ":$CmdTcID" ADS not found.
C:\Windows\PWMBTHLV.EXE => ":$CmdTcID" ADS removed successfully.
C:\Windows\RtlExUpd.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\AERTAC64.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\audiodg.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\AudioEng.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\AUDIOKSE.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\AudioSes.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\audiosrv.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\blackbox.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\cewmdm.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\ci.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\clfsw32.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\coin95ip.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\coin95itp.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\COLORCNV.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\comctl32.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\CONEQMSAPOGUILibrary.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\crypt32.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\cryptnet.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\cryptsp.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\cryptsvc.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\cryptui.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\DDPA64.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\DDPD64A.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\DDPO64A.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\DDPP64A.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\devenum.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\diskperf.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\drmmgrtn.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\drmv2clt.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\EncDump.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\evr.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\FMAPO64.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\GEARAspi64.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\ibmpmctl.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\ibmpmsvc.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\ksproxy.ax => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\ksuser.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\logman.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\mcmde.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\mf.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\mferror.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\mfplat.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\mfpmp.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\mfps.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\mfvdsp.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\MFWMAAEC.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\MP3DMOD.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\MP43DECD.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\MP4SDECD.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\MPG4DECD.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\msi.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\msiexec.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\msihnd.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\msimsg.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\msmpeg2adec.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\MSMPEG2ENC.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\msmpeg2vdec.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\msnetobj.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\MsRdpWebAccess.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\msscp.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\mstsc.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\pcadm.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\pcaevts.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\pcalua.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\pcasvc.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\pcawrk.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\poqexec.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\PWMCP64V.cpl => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\qasf.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\qdvd.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\quartz.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\RCoInstII64.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\relog.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\RESAMPLEDMO.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\rrinstaller.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\RtkApi64.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\RtkAPO64.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\RtPgEx64.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\scesrv.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\sechost.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\SFSS_APO.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\SynCOM.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\SynTPAPI.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\SynTPCo14.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\SysFxUI.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\TPHDEXLG64.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\tpinspm.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\TpShCTL.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\TpShEvUI.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\TpShocks.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\TpShUI.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\tracerpt.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\TsUsbGDCoInstaller.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\typeperf.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\usbaaplrc.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\VIDRESZR.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\WavesGUILib64.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\WdfCoInstaller01011.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\WindowsCodecs.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\winload.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\winresume.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\wintrust.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\wksprtPS.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\WMADMOD.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\WMADMOE.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\WMALFXGFXDSP.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\wmdrmsdk.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\wmpmde.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\WMSPDMOD.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\WMSPDMOE.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\WMVDECOD.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\WMVENCOD.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\WMVSDECD.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\WMVSENCD.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\WMVXENCD.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\wpdshext.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\AudioEng.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\AUDIOKSE.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\AudioSes.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\blackbox.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\cewmdm.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\clfsw32.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\COLORCNV.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\comctl32.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\crypt32.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\cryptnet.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\cryptsp.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\cryptsvc.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\cryptui.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\devenum.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\diskperf.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\drmmgrtn.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\drmv2clt.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\els.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\evr.dll => ":$CmdTcID" ADS removed successfully.
"C:\Windows\SysWOW64\FlashPlayerInstaller.exe" => ":$CmdTcID" ADS not found.
C:\Windows\SysWOW64\gdi32.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\GEARAspi.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\ksproxy.ax => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\ksuser.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\logman.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\mf.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\mferror.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\mfplat.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\mfpmp.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\mfps.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\mfvdsp.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\MFWMAAEC.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\MP3DMOD.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\MP43DECD.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\MP4SDECD.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\MPG4DECD.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\msi.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\msiexec.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\msihnd.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\msimsg.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\msmpeg2adec.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\MSMPEG2ENC.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\msmpeg2vdec.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\msnetobj.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\MsRdpWebAccess.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\msscp.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\mstsc.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\poqexec.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\qasf.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\qdvd.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\qedit.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\quartz.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\relog.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\RESAMPLEDMO.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\rrinstaller.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\scesrv.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\sechost.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\SynCOM.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\SynTPCOM.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\tracerpt.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\typeperf.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\VIDRESZR.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\WindowsCodecs.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\wintrust.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\wksprtPS.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\WMADMOD.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\WMADMOE.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\wmdrmsdk.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\WMPhoto.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\wmpmde.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\WMSPDMOD.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\WMSPDMOE.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\WMVDECOD.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\WMVENCOD.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\WMVSDECD.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\WMVSENCD.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\WMVXENCD.DLL => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\wpdshext.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\dc3d.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\drmk.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\drmkaud.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\DZHDD64.SYS => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\e1c62x64.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\GEARAspiWDM.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\ibmpmdrv.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\intelaud.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\iusb3hcs.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\iusb3hub.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\iusb3xhc.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\iwdbus.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\ndis.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\NETwsw00.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\PEAuth.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\point64.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\portcls.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\RTKVHD64.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\Smb_driver_Intel.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\SynTP.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\TPPWR64V.SYS => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\TsUsbFlt.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\usb3Hub.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\USB3Ver.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\usbaapl64.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\VBoxDrv.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\VBoxNetAdp6.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\VBoxNetLwf.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\VBoxUSBMon.sys => ":$CmdTcID" ADS removed successfully.
C:\ProgramData\TEMP => ":054203E4" ADS removed successfully.
"C:\Users\deii\SoapUI-x64-5.2.1.exe" => ":$CmdTcID" ADS not found.
C:\Users\deii\Desktop\05.svg => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Desktop\mraky.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Desktop\new-horizons__2.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Desktop\nh-pluto-moonlight.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Desktop\OV5642DS.pdf => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Desktop\pitko.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Desktop\P_LORRI_FULLFRAME_BW.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Desktop\zemeplocha.jpg => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Desktop\[CZE]X14DVBEUH-1.113-0626.pdf => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\207-celomasiv-irena_web.pdf => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\207-celomasiv-irena_web.pdf => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\A150303_ZUK_001_DANE_2014.XLS => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\A150303_ZUK_001_DANE_2014.XLS => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\alfresco_34.pdf => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\alfresco_34.pdf => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\archetype-models-2.5-SNAPSHOT.pom => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\archetype-models-2.5-SNAPSHOT.pom => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\atlassian-bitbucket-4.1.0-x64.exe => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\atlassian-bitbucket-4.1.0-x64.exe => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\burpsuite_free_v1.6.jar => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\burpsuite_free_v1.6.jar => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\ClientWithResponseHandler.java => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\ClientWithResponseHandler.java => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\ConEmuSetup.151202.exe => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\ConEmuSetup.151202.exe => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\Developer Guide.pdf => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\Developer Guide.pdf => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\Dieta purinová.doc => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\eCare Cockpit Report.rtf => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\eCare Cockpit Report.rtf => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\eng.pdf => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\eng.pdf => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\for_Avast.doc => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\for_Avast.doc => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\GE00331 - SDP API Specification.doc => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\GE00331 - SDP API Specification.doc => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\Git-2.7.1-64-bit.exe => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\Git-2.7.1-64-bit.exe => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\gpg4win-2.2.4.exe => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\gpg4win-2.2.4.exe => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\HIST_249491730_201503072024.slk => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\HIST_249491730_201503072024.slk => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\ideaIU-15.0.2.exe => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\ideaIU-15.0.2.exe => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\IVR_vo_backendlog_FupLimit_2015-06-24.xls => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\jacoco-0.7.6-20151002.081900-29.zip => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\jacoco-0.7.6-20151002.081900-29.zip => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\jacoco-maven-plugin-0.7.5.201505241946-sources.jar => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\jacoco-maven-plugin-0.7.5.201505241946-sources.jar => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\jacoco.exec => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\jacoco.exec => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\Jinja2-2.8.tar.gz => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\kids_fest_map.pdf => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\krok_1_uvod_pohyblivost.pdf => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\learning_puppet_vm.zip => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\learning_puppet_vm.zip => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\MarcoPolo.pdf => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\MarcoPolo.pdf => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\maven.xml => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\maven.xml => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\Messaging architecture.png => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\Messaging architecture.png => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\Messaging architecture.xml => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\Messaging architecture.xml => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\ntlmaps-setup-0.9.9.6.exe => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\ntlmaps-setup-0.9.9.6.exe => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\otp_win64_18.2.1.exe => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\otp_win64_18.2.1.exe => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\output_LL3lhW.gif => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\output_LL3lhW.gif => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\pdf => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\puttygen.exe => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\puttygen.exe => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\PyYAML-3.11.tar.gz => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\PyYAML-3.11.tar.gz => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\rabbitmq-server-3.6.0.exe => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\rabbitmq-server-3.6.0.exe => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\Reference Check Template VFMM(1).docx => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\Reference Check Template VFMM(1).docx => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\Reference Check Template VFMM.docx => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\Reference Check Template VFMM.docx => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\RESTful-Java-Client-ApacheHttpClient-Example.zip => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\RESTful-Java-Client-ApacheHttpClient-Example.zip => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\SDPDesign-2983521-110116-1558-7.pdf => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\SDPDesign-2983521-110116-1558-7.pdf => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\setup-x86_64.exe => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\setup-x86_64.exe => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\SIEMENS SE 25267.pdf => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\SIEMENS SE 25267.pdf => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\Sorry leden 2015.pdf => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\Sorry leden 2015.pdf => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\SourceTreeSetup_1.7.0.32509.exe => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\SourceTreeSetup_1.7.0.32509.exe => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\ticketdirect776445589.pdf => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\ticketdirect776445589.pdf => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Downloads\vccbs-ear-1411.34.ear => ":$CmdTcID" ADS removed successfully.
C:\Users\deii\Downloads\vccbs-ear-1411.34.ear => ":$CmdZnID" ADS removed successfully.
C:\Users\deii\Documents\7091888.pdf => ":$CmdZnID" ADS removed successfully.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-03-25 16:49:35)

C:\ProgramData\DP45977C.lfl => Is moved successfully
C:\Users\deii\AppData\Local\Temp => moved successfully

==== End of Fixlog 16:49:35 ====

[Rudy]

Smazáno. Nastala nějaká změna?