Podivné chování PC

Zpráva

Vendy89 · #1 Příspěvek od **Vendy89** » 16 srp 2016 16:46

Zdravím, prosím o kontrolu PC. Je relativně nový a začal se velmi podivně chovat. Z ničeho nic začnou vyskakovat okna,otevírají se různá okna programů a skáče to sem tam mezi okny jako by se počítač zbláznil, objevují se průhledné bublinky nebo čtverce a celkově PC přestane reagovat a pracovat. Další problém je s klávesnicí některá písmenka se nechtějí psát po úderu do klávesnice musí se zmáčknout i několikrát tudíž plynulé psaní nepřipadá moc v úvahu. Vkládám log RSIT. Moc díky za pomoc.

Logfile of random's system information tool 1.10 (written by random/random)
Run by lenag at 2016-08-16 17:28:38
Microsoft Windows 10 Home
System drive C: has 374 GB (87%) free of 430 GB
Total RAM: 8073 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:28:46, on 16.8.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.17071)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Model\cmssservice\cmssservice.exe
C:\Model\java\bin\java.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\trend micro\lenag.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo15.msn.com/?pc=LCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {C66D064F-82FE-4E1A-B06A-B2490BA48B18} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll
O3 - Toolbar: Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll
O4 - HKCU\..\Run: [OneDrive] "C:\Users\lenag\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: addToTrustedSites.vbs
O4 - Global Startup: cmssservice.lnk = C:\Model\cmssservice\cmssservice.exe
O4 - Global Startup: runModel.vbs
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.http://127.0.0.1
O15 - Trusted Zone: *.http://localhost
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus 16.0.0 (AVP16.0.0) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @oem2.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\SysWOW64\esif_uf.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FastbootService - Lenovo - C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel Bluetooth Service (ibtsiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: System Interface Foundation Service (ImControllerService) - Unknown owner - c:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LenovoPortalService - Unknown owner - C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\SysWOW64\SecUPDUtilSvc.exe
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Agent (UpdateAgentService) - Unknown owner - C:\Program Files\update\UpdateAgent.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ymc - Lenovo - C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
O23 - Service: YogaPLService - Unknown owner - C:\ProgramData\Lenovo\PLHotkeyService\PLHotkeyService.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 10564 bytes

======Listing Processes======

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3b1d8097-e15a-41a7-8d2c-c16cf6b1fbc9 -SystemEventPortName:HostProcess-c0f1d1fa-daa6-4201-8e90-690841320ee3 -IoCancelEventPortName:HostProcess-9eee1d0a-dd1a-4fdc-8950-de225a35b306 -NonStateChangingEventPortName:HostProcess-3b823b65-e98e-44fd-85db-720aafd5d639 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9ead167f-3785-4931-9233-56a32578ffb8 -DeviceGroupId:
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c410fa56-b108-41c4-a85c-36fef062d520 -SystemEventPortName:HostProcess-5c9fa4db-531b-4f40-9bc7-49a9eca878fa -IoCancelEventPortName:HostProcess-9fe0e644-92b5-400e-a5cd-f63f83bd32a3 -NonStateChangingEventPortName:HostProcess-eb1dac5e-4471-46dc-a482-502a05d869b4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:45bf3ae6-a870-474f-8bd9-1198c89ae6dc -DeviceGroupId:WudfDefaultDevicePool
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe"
C:\Windows\system32\CxAudMsg64.exe
C:\Windows\SysWOW64\esif_uf.exe
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe"
"C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\SysWOW64\SAsrv.exe
C:\Windows\SysWOW64\SecUPDUtilSvc.exe
"c:\Program Files (x86)\eLiska4\MSSQL10_50.ELISKA4CLIENT\MSSQL\Binn\sqlservr.exe" -sELISKA4CLIENT
C:\Windows\system32\svchost.exe -k appmodel
"C:\Program Files\update\UpdateAgent.exe"
"C:\ProgramData\Lenovo\PLHotkeyService\PLHotkeyService.exe"
C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"

dashost.exe {0febfce0-02db-464e-bf13b4cc7a778552}
C:\Windows\system32\WLANExt.exe 889094711280
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files (x86)\eLiska4\eLiska.exe" preloadbackground
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey 9851A0ED-BB8B-4334-1AE8-0D08FE1FCD04 -Reinvoke
C:\Windows\system32\SearchIndexer.exe /Embedding

C:\Windows\system32\DllHost.exe /Processid:{478B41E6-3257-4519-BDA8-E971F9843849}
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\WinLogon.exe -SpecialSession
"dwm.exe"
C:\Windows\System32\svchost.exe -k smphost
"C:\Windows\TEMP\DPTF\esif_assist_64.exe"
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\Explorer.EXE
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
/QuitInfo:0000000000000F34;00000000000007C8;
/loadhooks /Parent:0000000000001b80
C:\Windows\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"C:\Model\cmssservice\cmssservice.exe"
C:\Windows\system32\cmd.exe /c ""C:\Model\runServer.bat" "
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Model\java\bin\java" -Djava.util.logging.config.file="C:\Model\apache_tomcat\conf\logging.properties" -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.endorsed.dirs="C:\Model\apache_tomcat\endorsed" -classpath "C:\Model\apache_tomcat\bin\bootstrap.jar;C:\Model\apache_tomcat\bin\tomcat-juli.jar" -Dcatalina.base="C:\Model\apache_tomcat" -Dcatalina.home="C:\Model\apache_tomcat" -Djava.io.tmpdir="C:\Model\apache_tomcat\temp" org.apache.catalina.startup.Bootstrap start
"C:\Program Files\lenovo\QuickOptimizer\QuickOptimizerIcon.exe"
"C:\Program Files\lenovo\BatteryGauge\BatteryGaugeIcon.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\lenag\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=52.0.2743.116 --handshake-handle=0x170
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4340.0.1593084747\1060048439" --mojo-application-channel-token=180F85A10F2D4D661A9B6690797B5861 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,*PreconnectMore<PreconnectMore,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteEvaluatorGroup/EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_24/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,13,27,47,55 --gpu-vendor-id=0x8086 --gpu-device-id=0x1616 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4256 --gpu-driver-date=7-17-2015 --mojo-platform-channel-handle=1220 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,*PreconnectMore<PreconnectMore,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteEvaluatorGroup/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_24/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=36893169C553229C22C18136C1CC8532 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=4461C94921D6C0D3099880BBD2225AF5 --mojo-application-channel-token=05D71A2D4A0E7250416511CE5BB92FB2 --channel="4340.3.374679594\917282984" --mojo-platform-channel-handle=2752 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,*PreconnectMore<PreconnectMore,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteEvaluatorGroup/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_24/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=109F0AE41B6CA2FCDF180780FD58D2BB --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=00F65567E3E219DEDDE65FADEB72DEDA --mojo-application-channel-token=283B04CB8C4BAC6EB80FA5E8709CD951 --channel="4340.4.981301192\2108572289" --mojo-platform-channel-handle=2856 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,*PreconnectMore<PreconnectMore,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteEvaluatorGroup/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_24/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=3B796EEB984AEF017B5B7FC62AD7C2AE --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=00C36FB0A33E040E33CA49E2BBF64A1B --mojo-application-channel-token=17CA2B9F3B3FA2E028F7C60610F42000 --channel="4340.12.343992029\731097445" --mojo-platform-channel-handle=5076 /prefetch:1
C:\Windows\System32\InstallAgent.exe -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 616 620 628 8192 624
rundll32.exe AppXDeploymentExtensions.dll,ShellRefresh

"C:\Users\lenag\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\TrackerAutoUpdate.job - C:\Program Files\Tracker Software\Update\TrackerUpdate.exe -CheckUpdate

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C66D064F-82FE-4E1A-B06A-B2490BA48B18}]
Kaspersky Protection plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-06 800216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C66D064F-82FE-4E1A-B06A-B2490BA48B18}]
Kaspersky Protection plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-06 584664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3507FA00-ADA2-4A02-99B9-51AD26CA9120} - Kaspersky Protection toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-06 800216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{3507FA00-ADA2-4A02-99B9-51AD26CA9120} - Kaspersky Protection toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-06 584664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2014-11-20 919768]
"WavesSvc"=C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [2015-03-02 609200]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2014-04-10 1830616]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-06-24 36352]
"LenovoUtility"=C:\Program Files\Lenovo\LenovoUtility\utility.exe [2015-08-23 791848]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2016-06-10 3945672]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2012-03-09 462712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\lenag\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-06-10 554184]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-06-01 8722136]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
addToTrustedSites.vbs
cmssservice.lnk - C:\Model\cmssservice\cmssservice.exe
runModel.vbs

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"FilterAdministratorToken"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-08-16 17:28:38 ----D---- C:\rsit
2016-08-16 17:28:38 ----D---- C:\Program Files\trend micro
2016-08-15 18:05:02 ----D---- C:\AdwCleaner
2016-08-14 16:24:03 ----N---- C:\Windows\system32\MpSigStub.exe
2016-08-11 16:36:39 ----A---- C:\Windows\system32\win32kbase.sys
2016-08-11 16:36:39 ----A---- C:\Windows\system32\jscript9.dll
2016-08-11 16:36:38 ----A---- C:\Windows\system32\win32kfull.sys
2016-08-11 16:36:38 ----A---- C:\Windows\system32\drivers\tcpip.sys
2016-08-11 16:36:37 ----A---- C:\Windows\system32\edgehtml.dll
2016-08-11 16:36:36 ----A---- C:\Windows\system32\wuaueng.dll
2016-08-11 16:36:36 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-08-11 16:36:36 ----A---- C:\Windows\system32\Chakra.dll
2016-08-11 16:36:35 ----A---- C:\Windows\system32\mshtml.dll
2016-08-11 16:36:34 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-08-11 16:36:34 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2016-08-11 16:36:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-08-11 16:36:32 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2016-08-11 16:36:31 ----A---- C:\Windows\system32\sppsvc.exe
2016-08-11 16:36:31 ----A---- C:\Windows\system32\sppobjs.dll
2016-08-11 16:36:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-08-11 16:36:30 ----A---- C:\Windows\system32\ie4uinit.exe
2016-08-11 16:36:29 ----A---- C:\Windows\system32\ieframe.dll
2016-08-11 16:36:28 ----A---- C:\Windows\SYSWOW64\NetSetupEngine.dll
2016-08-11 16:36:27 ----A---- C:\Windows\system32\NetSetupEngine.dll
2016-08-11 16:36:26 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2016-08-11 16:36:25 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2016-08-11 16:36:25 ----A---- C:\Windows\system32\mstscax.dll
2016-08-11 16:36:24 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2016-08-11 16:36:24 ----A---- C:\Windows\SYSWOW64\D3DCompiler_47.dll
2016-08-11 16:36:23 ----A---- C:\Windows\SYSWOW64\DbgModel.dll
2016-08-11 16:36:23 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2016-08-11 16:36:23 ----A---- C:\Windows\SYSWOW64\dbgcore.dll
2016-08-11 16:36:23 ----A---- C:\Windows\system32\dbgeng.dll
2016-08-11 16:36:23 ----A---- C:\Windows\system32\dbgcore.dll
2016-08-11 16:36:23 ----A---- C:\Windows\system32\D3DCompiler_47.dll
2016-08-11 16:36:22 ----A---- C:\Windows\SYSWOW64\NaturalLanguage6.dll
2016-08-11 16:36:22 ----A---- C:\Windows\SYSWOW64\MsSpellCheckingFacility.dll
2016-08-11 16:36:22 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2016-08-11 16:36:22 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2016-08-11 16:36:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.dll
2016-08-11 16:36:20 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-08-11 16:36:19 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2016-08-11 16:36:19 ----A---- C:\Windows\system32\wininet.dll
2016-08-11 16:36:18 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-08-11 16:36:18 ----A---- C:\Windows\system32\Windows.UI.Search.dll
2016-08-11 16:36:17 ----A---- C:\Windows\SYSWOW64\provcore.dll
2016-08-11 16:36:17 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2016-08-11 16:36:17 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-08-11 16:36:17 ----A---- C:\Windows\system32\iertutil.dll
2016-08-11 16:36:17 ----A---- C:\Windows\system32\CertEnroll.dll
2016-08-11 16:36:17 ----A---- C:\Windows\system32\certcli.dll
2016-08-11 16:36:16 ----A---- C:\Windows\system32\provcore.dll
2016-08-11 16:36:15 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2016-08-11 16:36:15 ----A---- C:\Windows\system32\WpcWebSync.dll
2016-08-11 16:36:15 ----A---- C:\Windows\system32\WpcMon.exe
2016-08-11 16:36:15 ----A---- C:\Windows\system32\Wpc.dll
2016-08-11 16:36:14 ----A---- C:\Windows\SYSWOW64\Windows.UI.Search.dll
2016-08-11 16:36:14 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-08-11 16:36:14 ----A---- C:\Windows\SYSWOW64\licensingdiag.exe
2016-08-11 16:36:14 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-08-11 16:36:14 ----A---- C:\Windows\system32\urlmon.dll
2016-08-11 16:36:14 ----A---- C:\Windows\system32\licensingdiag.exe
2016-08-11 16:36:14 ----A---- C:\Windows\system32\ieapfltr.dll
2016-08-11 16:36:13 ----A---- C:\Windows\system32\ole32.dll
2016-08-11 16:36:12 ----A---- C:\Windows\system32\tquery.dll
2016-08-11 16:36:11 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2016-08-11 16:36:11 ----A---- C:\Windows\SYSWOW64\aclui.dll
2016-08-11 16:36:11 ----A---- C:\Windows\system32\WSShared.dll
2016-08-11 16:36:11 ----A---- C:\Windows\system32\IKEEXT.DLL
2016-08-11 16:36:11 ----A---- C:\Windows\system32\aclui.dll
2016-08-11 16:36:10 ----A---- C:\Windows\SYSWOW64\tquery.dll
2016-08-11 16:36:10 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2016-08-11 16:36:10 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-08-11 16:36:10 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-08-11 16:36:10 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2016-08-11 16:36:10 ----A---- C:\Windows\system32\rdvidcrl.dll
2016-08-11 16:36:09 ----A---- C:\Windows\SYSWOW64\mos.dll
2016-08-11 16:36:08 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-08-11 16:36:08 ----A---- C:\Windows\system32\SHCore.dll
2016-08-11 16:36:08 ----A---- C:\Windows\system32\mssrch.dll
2016-08-11 16:36:08 ----A---- C:\Windows\system32\drivers\cng.sys
2016-08-11 16:36:08 ----A---- C:\Windows\system32\BFE.DLL
2016-08-11 16:36:08 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-08-11 16:36:07 ----A---- C:\Windows\SYSWOW64\UIRibbon.dll
2016-08-11 16:36:07 ----A---- C:\Windows\system32\vbscript.dll
2016-08-11 16:36:07 ----A---- C:\Windows\system32\msfeeds.dll
2016-08-11 16:36:07 ----A---- C:\Windows\system32\AzureSettingSyncProvider.dll
2016-08-11 16:36:06 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-08-11 16:36:06 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2016-08-11 16:36:06 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-08-11 16:36:06 ----A---- C:\Windows\system32\sppwinob.dll
2016-08-11 16:36:06 ----A---- C:\Windows\system32\DbgModel.dll
2016-08-11 16:36:05 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll
2016-08-11 16:36:05 ----A---- C:\Windows\SYSWOW64\Chakradiag.dll
2016-08-11 16:36:05 ----A---- C:\Windows\SYSWOW64\AzureSettingSyncProvider.dll
2016-08-11 16:36:05 ----A---- C:\Windows\system32\winmde.dll
2016-08-11 16:36:05 ----A---- C:\Windows\system32\MFMediaEngine.dll
2016-08-11 16:36:04 ----A---- C:\Windows\SYSWOW64\InputService.dll
2016-08-11 16:36:04 ----A---- C:\Windows\system32\twinui.dll
2016-08-11 16:36:03 ----A---- C:\Windows\system32\wmp.dll
2016-08-11 16:36:02 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2016-08-11 16:36:02 ----A---- C:\Windows\system32\eappprxy.dll
2016-08-11 16:36:02 ----A---- C:\Windows\system32\eapphost.dll
2016-08-11 16:36:02 ----A---- C:\Windows\system32\eappcfg.dll
2016-08-11 16:36:02 ----A---- C:\Windows\system32\eapp3hst.dll
2016-08-11 16:36:01 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2016-08-11 16:36:01 ----A---- C:\Windows\SYSWOW64\eappprxy.dll
2016-08-11 16:36:01 ----A---- C:\Windows\SYSWOW64\eapphost.dll
2016-08-11 16:36:01 ----A---- C:\Windows\SYSWOW64\eappcfg.dll
2016-08-11 16:36:01 ----A---- C:\Windows\SYSWOW64\eapp3hst.dll
2016-08-11 16:36:01 ----A---- C:\Windows\system32\policymanager.dll
2016-08-11 16:36:01 ----A---- C:\Windows\system32\MbaeApiPublic.dll
2016-08-11 16:36:01 ----A---- C:\Windows\system32\Chakradiag.dll
2016-08-11 16:36:01 ----A---- C:\Windows\system32\apprepsync.dll
2016-08-11 16:36:01 ----A---- C:\Windows\system32\apprepapi.dll
2016-08-11 16:36:00 ----A---- C:\Windows\SYSWOW64\policymanager.dll
2016-08-11 16:36:00 ----A---- C:\Windows\system32\WSSync.dll
2016-08-11 16:36:00 ----A---- C:\Windows\system32\WSClient.dll
2016-08-11 16:36:00 ----A---- C:\Windows\system32\UIRibbon.dll
2016-08-11 16:36:00 ----A---- C:\Windows\system32\GdiPlus.dll
2016-08-11 16:35:59 ----A---- C:\Windows\SYSWOW64\twinui.dll
2016-08-11 16:35:59 ----A---- C:\Windows\SYSWOW64\MbaeApiPublic.dll
2016-08-11 16:35:59 ----A---- C:\Windows\system32\WPTaskScheduler.dll
2016-08-11 16:35:59 ----A---- C:\Windows\system32\wmpps.dll
2016-08-11 16:35:59 ----A---- C:\Windows\system32\SearchIndexer.exe
2016-08-11 16:35:58 ----A---- C:\Windows\SYSWOW64\WSSync.dll
2016-08-11 16:35:58 ----A---- C:\Windows\SYSWOW64\WSClient.dll
2016-08-11 16:35:58 ----A---- C:\Windows\SYSWOW64\oemlicense.dll
2016-08-11 16:35:58 ----A---- C:\Windows\SYSWOW64\apprepsync.dll
2016-08-11 16:35:58 ----A---- C:\Windows\SYSWOW64\apprepapi.dll
2016-08-11 16:35:58 ----A---- C:\Windows\system32\WUDFPlatform.dll
2016-08-11 16:35:58 ----A---- C:\Windows\system32\winsrv.dll
2016-08-11 16:35:58 ----A---- C:\Windows\system32\RecoveryDrive.exe
2016-08-11 16:35:58 ----A---- C:\Windows\system32\InputService.dll
2016-08-11 16:35:57 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-08-11 16:35:57 ----A---- C:\Windows\SYSWOW64\iassvcs.dll
2016-08-11 16:35:57 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2016-08-11 16:35:57 ----A---- C:\Windows\system32\iassvcs.dll
2016-08-11 16:35:56 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2016-08-11 16:35:56 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2016-08-11 16:35:55 ----A---- C:\Windows\SYSWOW64\IdCtrls.dll
2016-08-11 16:35:55 ----A---- C:\Windows\SYSWOW64\eappgnui.dll
2016-08-11 16:35:55 ----A---- C:\Windows\SYSWOW64\BingMaps.dll
2016-08-11 16:35:55 ----A---- C:\Windows\system32\SettingSyncHost.exe
2016-08-11 16:35:55 ----A---- C:\Windows\system32\oemlicense.dll
2016-08-11 16:35:55 ----A---- C:\Windows\system32\IdCtrls.dll
2016-08-11 16:35:55 ----A---- C:\Windows\system32\eappgnui.dll
2016-08-11 16:35:54 ----A---- C:\Windows\SYSWOW64\winmde.dll
2016-08-11 16:35:54 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-08-11 16:35:54 ----A---- C:\Windows\SYSWOW64\Clipc.dll
2016-08-11 16:35:54 ----A---- C:\Windows\system32\KernelBase.dll
2016-08-11 16:35:54 ----A---- C:\Windows\system32\Clipc.dll
2016-08-11 16:35:53 ----A---- C:\Windows\SYSWOW64\SettingSyncHost.exe
2016-08-11 16:35:53 ----A---- C:\Windows\SYSWOW64\NAPCRYPT.DLL
2016-08-11 16:35:53 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2016-08-11 16:35:53 ----A---- C:\Windows\system32\wmpmde.dll
2016-08-11 16:35:53 ----A---- C:\Windows\system32\TpmTasks.dll
2016-08-11 16:35:53 ----A---- C:\Windows\system32\hevcdecoder.dll
2016-08-11 16:35:52 ----A---- C:\Windows\SYSWOW64\wldp.dll
2016-08-11 16:35:52 ----A---- C:\Windows\system32\wldp.dll
2016-08-11 16:35:52 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2016-08-11 16:35:52 ----A---- C:\Windows\system32\NetSetupSvc.dll
2016-08-11 16:35:52 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-08-11 16:35:52 ----A---- C:\Windows\system32\BingMaps.dll
2016-08-11 16:35:51 ----A---- C:\Windows\SYSWOW64\WWAHost.exe
2016-08-11 16:35:51 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-08-11 16:35:51 ----A---- C:\Windows\SYSWOW64\hevcdecoder.dll
2016-08-11 16:35:51 ----A---- C:\Windows\system32\WWAHost.exe
2016-08-11 16:35:51 ----A---- C:\Windows\system32\mssph.dll
2016-08-11 16:35:51 ----A---- C:\Windows\system32\ClipUp.exe
2016-08-11 16:35:51 ----A---- C:\Windows\system32\ActiveSyncProvider.dll
2016-08-11 16:35:50 ----A---- C:\Windows\SYSWOW64\TextInputFramework.dll
2016-08-11 16:35:50 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2016-08-11 16:35:50 ----A---- C:\Windows\SYSWOW64\mssph.dll
2016-08-11 16:35:50 ----A---- C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2016-08-11 16:35:50 ----A---- C:\Windows\system32\OneDriveSettingSyncProvider.dll
2016-08-11 16:35:50 ----A---- C:\Windows\system32\mssphtb.dll
2016-08-11 16:35:50 ----A---- C:\Windows\system32\MapConfiguration.dll
2016-08-11 16:35:50 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-08-11 16:35:49 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-08-11 16:35:49 ----A---- C:\Windows\system32\mssvp.dll
2016-08-11 16:35:49 ----A---- C:\Windows\system32\mfps.dll
2016-08-11 16:35:49 ----A---- C:\Windows\system32\lsasrv.dll
2016-08-11 16:35:49 ----A---- C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2016-08-11 16:35:48 ----A---- C:\Windows\system32\WSService.dll
2016-08-11 16:35:48 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-11 16:35:48 ----A---- C:\Windows\system32\mssprxy.dll
2016-08-11 16:35:48 ----A---- C:\Windows\system32\mfcore.dll
2016-08-11 16:35:48 ----A---- C:\Windows\system32\MapsStore.dll
2016-08-11 16:35:48 ----A---- C:\Windows\system32\CoreUIComponents.dll
2016-08-11 16:35:47 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-11 16:35:47 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2016-08-11 16:35:47 ----A---- C:\Windows\SYSWOW64\CoreUIComponents.dll
2016-08-11 16:35:47 ----A---- C:\Windows\SYSWOW64\combase.dll
2016-08-11 16:35:47 ----A---- C:\Windows\system32\wpccpl.dll
2016-08-11 16:35:47 ----A---- C:\Windows\system32\UIRibbonRes.dll
2016-08-11 16:35:47 ----A---- C:\Windows\system32\TextInputFramework.dll
2016-08-11 16:35:47 ----A---- C:\Windows\system32\ClipSVC.dll
2016-08-11 16:35:46 ----A---- C:\Windows\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2016-08-11 16:35:46 ----A---- C:\Windows\SYSWOW64\MapConfiguration.dll
2016-08-11 16:35:46 ----A---- C:\Windows\system32\moshostcore.dll
2016-08-11 16:35:46 ----A---- C:\Windows\system32\jscript9diag.dll
2016-08-11 16:35:45 ----A---- C:\Windows\SYSWOW64\OneDriveSettingSyncProvider.dll
2016-08-11 16:35:45 ----A---- C:\Windows\system32\workfolderssvc.dll
2016-08-11 16:35:45 ----A---- C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2016-08-11 16:35:45 ----A---- C:\Windows\system32\mos.dll
2016-08-11 16:35:44 ----A---- C:\Windows\SYSWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-11 16:35:44 ----A---- C:\Windows\SYSWOW64\UIRibbonRes.dll
2016-08-11 16:35:44 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2016-08-11 16:35:44 ----A---- C:\Windows\SYSWOW64\MosHostClient.dll
2016-08-11 16:35:44 ----A---- C:\Windows\system32\reseteng.dll
2016-08-11 16:35:44 ----A---- C:\Windows\system32\msscntrs.dll
2016-08-11 16:35:44 ----A---- C:\Windows\system32\MosHostClient.dll
2016-08-11 16:35:44 ----A---- C:\Windows\system32\moshost.dll
2016-08-11 16:35:44 ----A---- C:\Windows\system32\GamePanel.exe
2016-08-11 16:35:43 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2016-08-11 16:35:43 ----A---- C:\Windows\SYSWOW64\GamePanel.exe
2016-07-31 18:23:25 ----D---- C:\Users\lenag\AppData\Roaming\hypocalc
2016-07-27 20:11:37 ----D---- C:\Users\lenag\AppData\Roaming\Mozilla
2016-07-22 18:05:35 ----N---- C:\Windows\SYSWOW64\SecUPDUtilSvc.exe
2016-07-22 18:05:35 ----N---- C:\Windows\system32\SecUPDUtilSvc.exe
2016-07-22 18:05:33 ----N---- C:\Windows\system32\DlgSearchEngine.dll
2016-07-22 18:05:33 ----A---- C:\Windows\system32\us00alm.dll
2016-07-22 18:05:33 ----A---- C:\Windows\system32\us00aci.exe
2016-07-22 18:05:33 ----A---- C:\Windows\system32\us00aci.dll

======List of files/folders modified in the last 1 month======

2016-08-16 17:28:45 ----D---- C:\Windows\prefetch
2016-08-16 17:28:38 ----RD---- C:\Program Files
2016-08-16 17:28:30 ----D---- C:\Windows\Temp
2016-08-16 17:28:28 ----HD---- C:\Program Files\WindowsApps
2016-08-16 17:28:21 ----D---- C:\Windows\AppReadiness
2016-08-16 17:24:47 ----D---- C:\Windows\system32\sru
2016-08-16 17:22:27 ----D---- C:\Windows\System32
2016-08-16 17:22:27 ----A---- C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-08-16 17:22:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-08-16 17:22:09 ----D---- C:\Windows\INF
2016-08-15 18:15:10 ----D---- C:\ProgramData\Kaspersky Lab
2016-08-15 18:14:44 ----SHD---- C:\System Volume Information
2016-08-15 18:08:47 ----D---- C:\Windows
2016-08-15 17:53:31 ----D---- C:\Program Files (x86)\eLiska4
2016-08-15 17:53:29 ----D---- C:\Windows\system32\config
2016-08-15 15:32:50 ----HD---- C:\ProgramData
2016-08-14 19:02:08 ----D---- C:\Windows\rescache
2016-08-14 18:47:27 ----D---- C:\Windows\Microsoft.NET
2016-08-14 18:46:35 ----RSD---- C:\Windows\assembly
2016-08-14 18:10:24 ----D---- C:\Windows\system32\DriverStore
2016-08-14 18:09:35 ----D---- C:\Windows\WinSxS
2016-08-14 18:05:47 ----D---- C:\Windows\system32\catroot2
2016-08-14 16:25:50 ----D---- C:\Windows\debug
2016-08-14 16:18:25 ----D---- C:\Windows\SYSWOW64\oobe
2016-08-14 16:18:25 ----D---- C:\Windows\SYSWOW64\migration
2016-08-14 16:18:24 ----D---- C:\Windows\SYSWOW64\en-US
2016-08-14 16:18:24 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-08-14 16:18:24 ----D---- C:\Windows\syswow64
2016-08-14 16:18:18 ----D---- C:\Windows\system32\oobe
2016-08-14 16:18:18 ----D---- C:\Windows\system32\migration
2016-08-14 16:18:18 ----D---- C:\Windows\system32\en-US
2016-08-14 16:18:18 ----D---- C:\Windows\system32\cs-CZ
2016-08-14 16:18:13 ----RD---- C:\Windows\ImmersiveControlPanel
2016-08-14 16:18:13 ----RD---- C:\Windows\DevicesFlow
2016-08-14 16:18:13 ----D---- C:\Program Files\Windows Defender
2016-08-14 16:18:13 ----D---- C:\Program Files (x86)\Windows Defender
2016-08-14 16:18:13 ----D---- C:\Program Files (x86)\Internet Explorer
2016-08-14 16:18:12 ----D---- C:\Windows\system32\drivers
2016-08-14 16:18:12 ----D---- C:\Program Files\Internet Explorer
2016-08-14 16:18:06 ----D---- C:\Program Files\Windows Journal
2016-08-11 17:18:03 ----D---- C:\Windows\CbsTemp
2016-08-11 17:16:41 ----SHD---- C:\Windows\Installer
2016-08-11 17:16:36 ----D---- C:\ProgramData\Microsoft Help
2016-08-11 17:16:03 ----D---- C:\Windows\system32\MRT
2016-08-11 17:10:37 ----AC---- C:\Windows\system32\MRT.exe
2016-08-11 17:10:32 ----D---- C:\Windows\system32\SecureBootUpdates
2016-08-05 09:18:45 ----D---- C:\Windows\SoftwareDistribution
2016-08-03 08:45:18 ----A---- C:\Windows\SYSWOW64\PrintConfig.dll
2016-07-29 16:01:48 ----RD---- C:\Program Files (x86)
2016-07-29 16:01:46 ----D---- C:\Windows\Tasks
2016-07-28 17:05:03 ----DC---- C:\Windows\Panther
2016-07-22 18:06:40 ----D---- C:\ProgramData\Samsung
2016-07-22 18:05:34 ----D---- C:\Users\lenag\AppData\Roaming\Samsung
2016-07-22 18:05:34 ----D---- C:\Program Files (x86)\Samsung

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak); C:\Windows\system32\DRIVERS\cm_km.sys [2015-07-06 389816]
R0 Fastboot;Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [2015-08-23 67608]
R0 FBFsmon;FBFsmon; C:\Windows\System32\DRIVERS\FBFsmon.sys [2015-08-23 39448]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2015-06-24 1455552]
R0 IntelHSWPcc;IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [2015-06-10 88256]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2015-06-22 478392]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [2015-06-06 53432]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2015-12-01 8192]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\Windows\system32\DRIVERS\klbackupflt.sys [2015-06-27 70512]
R1 klhk;Kaspersky Lab service driver; C:\Windows\system32\DRIVERS\klhk.sys [2016-06-12 238000]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2016-06-12 933808]
R1 KLIM6;@oem29.inf,%KLIM6_Desc%;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2016-06-12 49240]
R1 klpd;Kaspersky Lab format recognizer driver; C:\Windows\system32\DRIVERS\klpd.sys [2015-12-06 41352]
R1 klwfp;klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [2016-06-12 87984]
R1 Klwtp;Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [2015-06-16 102584]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2015-06-23 187056]
R1 pfmfs_853;pfmfs_853; C:\Windows\system32\Drivers\pfmfs_853.sys [2013-04-10 251128]
R2 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2016-06-12 77728]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2014-08-18 11576]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\Windows\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 ACPIVPC;@oem10.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\Windows\System32\drivers\AcpiVpc.sys [2015-06-15 42328]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2015-07-10 84992]
R3 CnxtHdAudService;@oem11.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2015-03-10 1535680]
R3 dptf_cpu;dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [2015-05-26 43000]
R3 esif_lf;esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [2015-05-26 251384]
R3 ibtusb;@oem9.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\Windows\system32\DRIVERS\ibtusb.sys [2015-06-09 255728]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2016-06-10 6389688]
R3 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2015-12-06 181640]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2015-06-06 41656]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2015-06-07 41656]
R3 MEIx64;@oem20.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\TeeDriverW8x64.sys [2015-06-12 183584]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\Windows\System32\drivers\Netwbw02.sys [2015-06-22 3776792]
R3 RTSUER;@oem23.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\Windows\system32\Drivers\RtsUer.sys [2016-06-10 410880]
R3 SensorsHIDClassDriver;@SensorsHidClassDriver.inf,%WudfSensorsHIDClassDriverDisplayName%;UMDF Reflector service for Sensors HID Class Driver; C:\Windows\System32\drivers\WUDFRd.sys [2015-07-10 214016]
R3 SmbDrvI;SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [2016-06-10 42696]
R3 SPUVCbv;@oem18.inf,%SPUVCb.ServiceName%;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2015-06-22 744928]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2015-07-10 12800]
R3 SynTP;@oem27.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\System32\drivers\SynTP.sys [2016-06-10 618696]
S0 klelam;klelam; C:\Windows\system32\DRIVERS\klelam.sys [2015-06-24 30328]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\Windows\System32\drivers\storufs.sys [2015-07-10 40288]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2015-07-10 105984]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2016-03-16 238080]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-09-17 929280]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2015-09-17 36352]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2015-07-10 116736]
S3 fcvsc;fcvsc; C:\Windows\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 IntcDAud;@oem25.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-07-16 472872]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\Windows\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 ptun0901;@oem5.inf,%DeviceDescription%;TAP Adapter V9 for Private Tunnel; C:\Windows\System32\drivers\ptun0901.sys [2014-08-08 27136]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2015-08-23 934752]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-07-10 167936]
S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2015-07-08 33448]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\Windows\System32\Drivers\UcmCx.sys [2015-07-10 61952]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\Windows\System32\drivers\UcmUcsi.sys [2015-08-23 46080]
S3 UdeCx;USB Device Emulation Support Library; C:\Windows\system32\drivers\udecx.sys [2015-07-10 44032]
S3 Ufx01000;USB Function Class Extension; C:\Windows\system32\drivers\ufx01000.sys [2015-07-10 245088]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\Windows\System32\drivers\UfxChipidea.sys [2015-07-10 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\Windows\System32\drivers\ufxsynopsys.sys [2015-07-10 127840]
S4 RsFx0153;RsFx0153 Driver; C:\Windows\system32\DRIVERS\RsFx0153.sys [2015-03-30 322736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2014-10-20 207576]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 39856]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R2 esifsvc;@oem2.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\Windows\SysWOW64\esif_uf.exe [2015-05-26 1385640]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2015-06-12 640928]
R2 FastbootService;FastbootService; C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe [2015-08-23 288768]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-06-24 18856]
R2 ibtsiva;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [2015-06-09 150256]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2016-06-10 351120]
R2 LenovoPortalService;LenovoPortalService; C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe [2015-08-23 24312]
R2 MSSQL$ELISKA4CLIENT;SQL Server (ELISKA4CLIENT); c:\Program Files (x86)\eLiska4\MSSQL10_50.ELISKA4CLIENT\MSSQL\Binn\sqlservr.exe [2015-03-30 62382256]
R2 OneSyncSvc_Session2;Hostitel synchronizace_Session2; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R2 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2015-06-12 157088]
R2 SamsungUPDUtilSvc;Samsung UPD Utility Service; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [2016-07-22 143664]
R2 SAService;Conexant SmartAudio service; C:\Windows\system32\SAsrv.exe []
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 146272]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 39856]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-18 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 39856]
R3 PimIndexMaintenanceSvc_Session2;Data kontaktů_Session2; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S2 AVP16.0.0;Služba Kaspersky Anti-Virus 16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [2015-12-06 194000]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-10 154440]
S2 ImControllerService;System Interface Foundation Service; c:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2015-07-16 30624]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc_Session5;Hostitel synchronizace_Session5; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2016-06-10 283024]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-10 154440]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2015-06-12 268192]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\lsass.exe [2015-07-10 56344]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 PimIndexMaintenanceSvc_Session5;Data kontaktů_Session5; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2015-08-23 1031680]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744]
S4 SQLAgent$ELISKA4CLIENT;SQL Server Agent (ELISKA4CLIENT); c:\Program Files (x86)\eLiska4\MSSQL10_50.ELISKA4CLIENT\MSSQL\Binn\SQLAGENT.EXE [2015-03-30 442536]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2015-03-30 278704]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 16 srp 2016 17:49

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Vendy89 · #3 Příspěvek od **Vendy89** » 16 srp 2016 18:36

# AdwCleaner v6.000 - *Logfile created 16/08/2016 *at 19:28:43
# *Updated on 12/08/2016 by ToolsLib
# *Database : 2016-08-16.1 [*Server]
# *Operating System : Windows 10 Home (X64)
# *Username : lenag - DESKTOP-LAQUQLI
# *Running from : C:\Users\lenag\Desktop\adwcleaner_6.000.exe
# *Mode: Clean
# *Support : https://toolslib.net/forum

***** [ *Services ] *****

***** [ *Folders ] *****

***** [ *Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ *Shortcuts ] *****

***** [ *Scheduled Tasks ] *****

***** [ *Registry ] *****

[-] *Key deleted: [x64] HKLM\SOFTWARE\Description

***** [ *Browsers ] *****

*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1035 *Bytes] - [15/08/2016 18:07:53]
C:\AdwCleaner\AdwCleaner[C2].txt - [879 *Bytes] - [16/08/2016 19:28:43]
C:\AdwCleaner\AdwCleaner[S0].txt - [1170 *Bytes] - [15/08/2016 18:05:59]
C:\AdwCleaner\AdwCleaner[S1].txt - [1318 *Bytes] - [16/08/2016 19:28:02]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1100 *Bytes] ##########

#4 Příspěvek od **Rudy** » 16 srp 2016 18:55

Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Vendy89 · #5 Příspěvek od **Vendy89** » 16 srp 2016 20:23

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2016 01
Ran by lenag (administrator) on DESKTOP-LAQUQLI (16-08-2016 21:13:21)
Running from C:\Users\lenag\Desktop
Loaded Profiles: lenag (Available Profiles: lenag)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
() C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\syswow64\esif_uf.exe
(Lenovo) C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Windows\syswow64\SecUPDUtilSvc.exe
(Conexant Systems, Inc.) C:\Windows\syswow64\SASrv.exe
(Microsoft Corporation) C:\Program Files (x86)\eLiska4\MSSQL10_50.ELISKA4CLIENT\MSSQL\Binn\sqlservr.exe
() C:\Program Files\update\UpdateAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
() C:\ProgramData\Lenovo\PLHotkeyService\PLHotkeyService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(www.logos.cz) C:\Program Files (x86)\eLiska4\eLiska.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
() C:\Model\cmssservice\cmssservice.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Oracle Corporation) C:\Model\java\bin\java.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo) C:\Program Files\Lenovo\BatteryGauge\BatteryGaugeIcon.exe
(Lenovo) C:\Program Files\Lenovo\QuickOptimizer\QuickOptimizerIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc.)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [609200 2015-03-02] (Waves Audio Ltd.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-24] (Intel Corporation)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2015-08-23] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945672 2016-06-10] (Synaptics Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKU\S-1-5-21-3375223873-3819052571-2082627980-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8722136 2016-06-01] (Piriform Ltd)
ShellIconOverlayIdentifiers: [{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}] -> {4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B} => C:\Windows\system32\pfmshx_853.dll [2013-04-10] (Pismo Technic Inc.)
ShellIconOverlayIdentifiers-x32: [{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}] -> {4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B} => C:\Windows\SysWow64\pfmshx_853.dll [2013-04-10] (Pismo Technic Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\addToTrustedSites.vbs [2013-11-04] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\cmssservice.lnk [2016-07-11]
ShortcutTarget: cmssservice.lnk -> C:\Model\cmssservice\cmssservice.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\runModel.vbs [2013-05-15] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0602aef9-3d50-4771-ba99-5f7402ef3130}: [DhcpNameServer] 150.202.100.1
Tcpip\..\Interfaces\{f5874f8f-7ecc-4d6b-9880-1ab49b7b8391}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3375223873-3819052571-2082627980-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.cz/
HKU\S-1-5-21-3375223873-3819052571-2082627980-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3375223873-3819052571-2082627980-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-3375223873-3819052571-2082627980-1001 -> DefaultScope {6C705CBA-649E-4693-812A-02C2CC85CEBF} URL =
SearchScopes: HKU\S-1-5-21-3375223873-3819052571-2082627980-1001 -> {6C705CBA-649E-4693-812A-02C2CC85CEBF} URL =
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-06] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-06] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-06] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-06] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\lenag\AppData\Roaming\Mozilla\Firefox\Profiles\kql9qn9h.default
FF Homepage: hxxps://mail.google.com/mail/u/0/#inbox
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-03-22] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-03-22] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-03-22] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-03-22] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3375223873-3819052571-2082627980-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-03-22] (Tracker Software Products (Canada) Ltd.)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-06-12]

Chrome:
=======
CHR Profile: C:\Users\lenag\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\lenag\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-10]
CHR Extension: (Dokumenty Google) - C:\Users\lenag\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-11]
CHR Extension: (Disk Google) - C:\Users\lenag\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-10]
CHR Extension: (YouTube) - C:\Users\lenag\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-10]
CHR Extension: (Adblock Plus) - C:\Users\lenag\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-30]
CHR Extension: (Ochrana Kaspersky) - C:\Users\lenag\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-06-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\lenag\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lenag\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-10]
CHR Extension: (Gmail) - C:\Users\lenag\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-10]
CHR Extension: (Chrome Media Router) - C:\Users\lenag\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-11]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-12-06] (Kaspersky Lab ZAO)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1385640 2015-05-26] (Intel Corporation)
R2 FastbootService; C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe [288768 2015-08-23] (Lenovo) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-24] (Intel Corporation)
R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [150256 2015-06-09] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2016-06-10] (Intel Corporation)
S2 ImControllerService; c:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [30624 2015-07-16] ()
R2 LenovoPortalService; C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe [24312 2015-08-23] ()
R2 MSSQL$ELISKA4CLIENT; c:\Program Files (x86)\eLiska4\MSSQL10_50.ELISKA4CLIENT\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2016-07-22] ()
S4 SQLAgent$ELISKA4CLIENT; c:\Program Files (x86)\eLiska4\MSSQL10_50.ELISKA4CLIENT\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation)
R2 UpdateAgentService; C:\Program Files\update\UpdateAgent.exe [226216 2015-08-23] ()
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24856 2016-08-03] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [30480 2015-07-07] (Lenovo)
R2 YogaPLService; C:\ProgramData\Lenovo\PLHotkeyService\PLHotkeyService.exe [29112 2015-06-27] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [43000 2015-05-26] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [251384 2015-05-26] (Intel Corporation)
R0 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [67608 2015-08-23] (Windows (R) Win 7 DDK provider) [File not signed]
R0 FBFsmon; C:\Windows\System32\DRIVERS\FBFsmon.sys [39448 2015-08-23] (Windows (R) Win 7 DDK provider) [File not signed]
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [255728 2015-06-09] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [88256 2015-06-10] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [77728 2016-06-12] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-12-06] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [238000 2016-06-12] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [933808 2016-06-12] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [49240 2016-06-12] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-12-06] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-06-12] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [183584 2015-06-12] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3776792 2015-06-22] (Intel Corporation)
R1 pfmfs_853; C:\Windows\System32\Drivers\pfmfs_853.sys [251128 2013-04-10] (Pismo Technic Inc.)
S3 ptun0901; C:\Windows\System32\drivers\ptun0901.sys [27136 2014-08-08] (The OpenVPN Project)
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2015-03-30] (Microsoft Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2016-06-10] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-07-08] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [42696 2016-06-10] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [744928 2015-06-22] (Sunplus)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-16 21:13 - 2016-08-16 21:13 - 00018396 _____ C:\Users\lenag\Desktop\FRST.txt
2016-08-16 21:12 - 2016-08-16 21:13 - 00000000 ____D C:\FRST
2016-08-16 21:10 - 2016-08-16 21:11 - 02394624 _____ (Farbar) C:\Users\lenag\Desktop\FRST64.exe
2016-08-16 21:08 - 2016-08-16 21:08 - 00016148 _____ C:\Windows\system32\DESKTOP-LAQUQLI_lenag_HistoryPrediction.bin
2016-08-16 19:58 - 2016-08-16 19:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-08-16 19:57 - 2016-08-16 19:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2016-08-16 19:57 - 2016-08-16 19:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2016-08-16 19:52 - 2016-08-16 19:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2016-08-16 19:51 - 2016-08-16 19:51 - 00000000 __RHD C:\MSOCache
2016-08-16 17:28 - 2016-08-16 17:28 - 01222144 _____ C:\Users\lenag\Desktop\RSITx64.exe
2016-08-16 17:28 - 2016-08-16 17:28 - 00000000 ____D C:\rsit
2016-08-16 17:28 - 2016-08-16 17:28 - 00000000 ____D C:\Program Files\trend micro
2016-08-15 18:05 - 2016-08-16 19:28 - 00000000 ____D C:\AdwCleaner
2016-08-15 18:04 - 2016-08-15 18:04 - 03784256 _____ C:\Users\lenag\Desktop\adwcleaner_6.000.exe
2016-08-15 15:32 - 2016-08-15 15:32 - 03209034 _____ C:\Users\lenag\Desktop\DOC_1433340244_MMH_analýza_2015.pdf
2016-08-15 11:16 - 2016-08-15 11:16 - 00206695 _____ C:\Users\lenag\Desktop\STAVEBNI_SPORENI.pdf
2016-08-15 10:59 - 2016-08-15 10:59 - 00312614 _____ C:\Users\lenag\Desktop\Kotousová SS.pdf
2016-08-14 19:07 - 2016-08-14 19:07 - 00042496 _____ C:\Users\lenag\Desktop\DOC_1470293626_Portály banka.xls
2016-08-14 19:06 - 2016-08-14 19:06 - 00120320 _____ C:\Users\lenag\Desktop\DOC_1425318614_MM kontakty za ČS.xls
2016-08-14 16:24 - 2016-07-27 21:25 - 00504488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-08-11 17:52 - 2016-08-11 17:52 - 00050815 _____ C:\Users\lenag\Desktop\8-2016.xlsm
2016-08-11 16:36 - 2016-08-03 08:25 - 00953472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-08-11 16:36 - 2016-08-03 08:25 - 00365120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-08-11 16:36 - 2016-08-03 08:15 - 02881624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-08-11 16:36 - 2016-08-03 08:15 - 00468832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-08-11 16:36 - 2016-08-03 08:14 - 00565648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2016-08-11 16:36 - 2016-08-03 08:09 - 00185952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2016-08-11 16:36 - 2016-08-03 07:46 - 08016728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-08-11 16:36 - 2016-08-03 07:46 - 02816016 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2016-08-11 16:36 - 2016-08-03 07:46 - 01561360 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2016-08-11 16:36 - 2016-08-03 07:46 - 01538168 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-08-11 16:36 - 2016-08-03 07:46 - 01314496 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-08-11 16:36 - 2016-08-03 07:46 - 00632680 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-08-11 16:36 - 2016-08-03 07:46 - 00601336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-08-11 16:36 - 2016-08-03 07:46 - 00432352 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-08-11 16:36 - 2016-08-03 07:44 - 02429792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-08-11 16:36 - 2016-08-03 07:39 - 00660320 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-08-11 16:36 - 2016-08-03 07:38 - 06525424 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-08-11 16:36 - 2016-08-03 07:38 - 03625928 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-11 16:36 - 2016-08-03 07:38 - 00724168 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2016-08-11 16:36 - 2016-08-03 07:33 - 00224704 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2016-08-11 16:36 - 2016-08-03 07:09 - 00954368 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-08-11 16:36 - 2016-08-03 07:03 - 16708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-08-11 16:36 - 2016-08-03 06:57 - 24604160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-11 16:36 - 2016-08-03 06:57 - 21862912 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-08-11 16:36 - 2016-08-03 06:54 - 11557888 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-08-11 16:36 - 2016-08-03 06:53 - 13027328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-08-11 16:36 - 2016-08-03 06:52 - 02418688 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-08-11 16:36 - 2016-08-03 06:50 - 02902528 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2016-08-11 16:36 - 2016-08-03 06:49 - 06305792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2016-08-11 16:36 - 2016-08-03 06:48 - 06788096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-08-11 16:36 - 2016-08-03 06:47 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-08-11 16:36 - 2016-08-03 06:47 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2016-08-11 16:36 - 2016-08-03 06:46 - 02238464 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-08-11 16:36 - 2016-08-03 06:46 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2016-08-11 16:36 - 2016-08-03 06:46 - 00963072 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2016-08-11 16:36 - 2016-08-03 06:46 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2016-08-11 16:36 - 2016-08-03 06:45 - 14241792 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-08-11 16:36 - 2016-08-03 06:45 - 12514304 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-11 16:36 - 2016-08-03 06:45 - 04847616 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2016-08-11 16:36 - 2016-08-03 06:44 - 19337216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-08-11 16:36 - 2016-08-03 06:44 - 00893440 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2016-08-11 16:36 - 2016-08-03 06:44 - 00814592 _____ (Microsoft Corporation) C:\Windows\system32\provcore.dll
2016-08-11 16:36 - 2016-08-03 06:44 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2016-08-11 16:36 - 2016-08-03 06:43 - 00326656 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2016-08-11 16:36 - 2016-08-03 06:43 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2016-08-11 16:36 - 2016-08-03 06:42 - 02839040 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2016-08-11 16:36 - 2016-08-03 06:42 - 02598912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2016-08-11 16:36 - 2016-08-03 06:42 - 02253824 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2016-08-11 16:36 - 2016-08-03 06:42 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2016-08-11 16:36 - 2016-08-03 06:41 - 04398592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2016-08-11 16:36 - 2016-08-03 06:41 - 03119104 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-11 16:36 - 2016-08-03 06:41 - 01823232 _____ C:\Windows\SysWOW64\InputService.dll
2016-08-11 16:36 - 2016-08-03 06:41 - 01686528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-11 16:36 - 2016-08-03 06:41 - 01606656 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-11 16:36 - 2016-08-03 06:40 - 05160960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-08-11 16:36 - 2016-08-03 06:40 - 01918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-08-11 16:36 - 2016-08-03 06:40 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-08-11 16:36 - 2016-08-03 06:40 - 00572928 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-11 16:36 - 2016-08-03 06:40 - 00338944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-08-11 16:36 - 2016-08-03 06:39 - 05448704 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2016-08-11 16:36 - 2016-08-03 06:39 - 00846848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2016-08-11 16:36 - 2016-08-03 06:39 - 00806912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2016-08-11 16:36 - 2016-08-03 06:39 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-11 16:36 - 2016-08-03 06:39 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-11 16:36 - 2016-08-03 06:38 - 06101504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-08-11 16:36 - 2016-08-03 06:38 - 03873280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2016-08-11 16:36 - 2016-08-03 06:38 - 03527168 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2016-08-11 16:36 - 2016-08-03 06:38 - 00819712 _____ (Microsoft Corporation) C:\Windows\system32\licensingdiag.exe
2016-08-11 16:36 - 2016-08-03 06:38 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2016-08-11 16:36 - 2016-08-03 06:38 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2016-08-11 16:36 - 2016-08-03 06:37 - 04453888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2016-08-11 16:36 - 2016-08-03 06:37 - 04168704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2016-08-11 16:36 - 2016-08-03 06:37 - 02558976 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2016-08-11 16:36 - 2016-08-03 06:36 - 07524352 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-08-11 16:36 - 2016-08-03 06:36 - 07502848 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-08-11 16:36 - 2016-08-03 06:36 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\provcore.dll
2016-08-11 16:36 - 2016-08-03 06:36 - 00279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2016-08-11 16:36 - 2016-08-03 06:36 - 00215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2016-08-11 16:36 - 2016-08-03 06:35 - 18799616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-08-11 16:36 - 2016-08-03 06:35 - 04791296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-11 16:36 - 2016-08-03 06:35 - 03584000 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-08-11 16:36 - 2016-08-03 06:35 - 01717760 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-08-11 16:36 - 2016-08-03 06:35 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-08-11 16:36 - 2016-08-03 06:35 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2016-08-11 16:36 - 2016-08-03 06:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll
2016-08-11 16:36 - 2016-08-03 06:34 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2016-08-11 16:36 - 2016-08-03 06:33 - 02587136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-08-11 16:36 - 2016-08-03 06:33 - 02198016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2016-08-11 16:36 - 2016-08-03 06:33 - 01387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-08-11 16:36 - 2016-08-03 06:32 - 01492992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-08-11 16:36 - 2016-08-03 06:32 - 00939008 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2016-08-11 16:36 - 2016-08-03 06:32 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-08-11 16:36 - 2016-08-03 06:32 - 00679936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-08-11 16:36 - 2016-08-03 06:32 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-08-11 16:36 - 2016-08-03 06:32 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-08-11 16:36 - 2016-08-03 06:32 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-08-11 16:36 - 2016-08-03 06:31 - 05329408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2016-08-11 16:36 - 2016-08-03 06:31 - 01096192 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2016-08-11 16:36 - 2016-08-03 06:31 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\DbgModel.dll
2016-08-11 16:36 - 2016-08-03 06:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-08-11 16:36 - 2016-08-03 06:30 - 02748416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2016-08-11 16:36 - 2016-08-03 06:30 - 00617472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licensingdiag.exe
2016-08-11 16:36 - 2016-08-03 06:30 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\dbgcore.dll
2016-08-11 16:36 - 2016-08-03 06:28 - 03692032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2016-08-11 16:36 - 2016-08-03 06:28 - 03579392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-08-11 16:36 - 2016-08-03 06:27 - 11270656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-08-11 16:36 - 2016-08-03 06:27 - 03443200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2016-08-11 16:36 - 2016-08-03 06:27 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2016-08-11 16:36 - 2016-08-03 06:26 - 06713856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-08-11 16:36 - 2016-08-03 06:26 - 05454848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-08-11 16:36 - 2016-08-03 06:25 - 00565760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2016-08-11 16:36 - 2016-08-03 06:22 - 00716288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2016-08-11 16:36 - 2016-08-03 06:21 - 00854016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2016-08-11 16:36 - 2016-08-03 06:21 - 00404992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DbgModel.dll
2016-08-11 16:36 - 2016-08-03 06:21 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-08-11 16:36 - 2016-08-03 06:20 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgcore.dll
2016-08-11 16:35 - 2016-08-03 08:24 - 02152744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-08-11 16:35 - 2016-08-03 08:24 - 01767008 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2016-08-11 16:35 - 2016-08-03 08:24 - 01531368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-08-11 16:35 - 2016-08-03 08:24 - 01356368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2016-08-11 16:35 - 2016-08-03 08:24 - 00439648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-08-11 16:35 - 2016-08-03 08:24 - 00046480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2016-08-11 16:35 - 2016-08-03 08:23 - 01895576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hevcdecoder.dll
2016-08-11 16:35 - 2016-08-03 08:22 - 01811360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-08-11 16:35 - 2016-08-03 08:15 - 00700256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-08-11 16:35 - 2016-08-03 08:15 - 00046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NAPCRYPT.DLL
2016-08-11 16:35 - 2016-08-03 08:13 - 00065096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Clipc.dll
2016-08-11 16:35 - 2016-08-03 07:46 - 03467776 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2016-08-11 16:35 - 2016-08-03 07:46 - 02463704 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-08-11 16:35 - 2016-08-03 07:46 - 01951864 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-08-11 16:35 - 2016-08-03 07:46 - 01563480 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-08-11 16:35 - 2016-08-03 07:46 - 00552288 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-08-11 16:35 - 2016-08-03 07:46 - 00158048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-11 16:35 - 2016-08-03 07:46 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2016-08-11 16:35 - 2016-08-03 07:44 - 02495776 _____ C:\Windows\system32\CoreUIComponents.dll
2016-08-11 16:35 - 2016-08-03 07:44 - 02156400 _____ (Microsoft Corporation) C:\Windows\system32\hevcdecoder.dll
2016-08-11 16:35 - 2016-08-03 07:44 - 02115936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-08-11 16:35 - 2016-08-03 07:44 - 00388896 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2016-08-11 16:35 - 2016-08-03 07:44 - 00243760 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-08-11 16:35 - 2016-08-03 07:38 - 01134792 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2016-08-11 16:35 - 2016-08-03 07:38 - 00801632 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-08-11 16:35 - 2016-08-03 07:38 - 00252760 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2016-08-11 16:35 - 2016-08-03 07:38 - 00078040 _____ (Microsoft Corporation) C:\Windows\system32\Clipc.dll
2016-08-11 16:35 - 2016-08-03 07:37 - 00658568 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2016-08-11 16:35 - 2016-08-03 07:32 - 00983904 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2016-08-11 16:35 - 2016-08-03 06:57 - 00694784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-08-11 16:35 - 2016-08-03 06:57 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2016-08-11 16:35 - 2016-08-03 06:55 - 00290304 _____ (Microsoft Corporation) C:\Windows\system32\oemlicense.dll
2016-08-11 16:35 - 2016-08-03 06:53 - 07569408 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-08-11 16:35 - 2016-08-03 06:51 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-08-11 16:35 - 2016-08-03 06:49 - 02446336 _____ C:\Windows\system32\InputService.dll
2016-08-11 16:35 - 2016-08-03 06:49 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-11 16:35 - 2016-08-03 06:47 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2016-08-11 16:35 - 2016-08-03 06:47 - 00293376 _____ C:\Windows\system32\TextInputFramework.dll
2016-08-11 16:35 - 2016-08-03 06:47 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oemlicense.dll
2016-08-11 16:35 - 2016-08-03 06:46 - 01416704 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-11 16:35 - 2016-08-03 06:46 - 00780288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-08-11 16:35 - 2016-08-03 06:46 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-11 16:35 - 2016-08-03 06:45 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\iassvcs.dll
2016-08-11 16:35 - 2016-08-03 06:44 - 09889792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-08-11 16:35 - 2016-08-03 06:44 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-08-11 16:35 - 2016-08-03 06:43 - 07055872 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-08-11 16:35 - 2016-08-03 06:43 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2016-08-11 16:35 - 2016-08-03 06:42 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-08-11 16:35 - 2016-08-03 06:41 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2016-08-11 16:35 - 2016-08-03 06:40 - 00420352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2016-08-11 16:35 - 2016-08-03 06:40 - 00200704 _____ C:\Windows\SysWOW64\TextInputFramework.dll
2016-08-11 16:35 - 2016-08-03 06:39 - 00587776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2016-08-11 16:35 - 2016-08-03 06:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-11 16:35 - 2016-08-03 06:39 - 00153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2016-08-11 16:35 - 2016-08-03 06:39 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2016-08-11 16:35 - 2016-08-03 06:38 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2016-08-11 16:35 - 2016-08-03 06:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2016-08-11 16:35 - 2016-08-03 06:37 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iassvcs.dll
2016-08-11 16:35 - 2016-08-03 06:36 - 00671232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2016-08-11 16:35 - 2016-08-03 06:36 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\WPTaskScheduler.dll
2016-08-11 16:35 - 2016-08-03 06:36 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2016-08-11 16:35 - 2016-08-03 06:35 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2016-08-11 16:35 - 2016-08-03 06:35 - 00832512 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-08-11 16:35 - 2016-08-03 06:35 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2016-08-11 16:35 - 2016-08-03 06:35 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2016-08-11 16:35 - 2016-08-03 06:34 - 01522176 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-08-11 16:35 - 2016-08-03 06:34 - 00763904 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2016-08-11 16:35 - 2016-08-03 06:34 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2016-08-11 16:35 - 2016-08-03 06:34 - 00394752 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2016-08-11 16:35 - 2016-08-03 06:34 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-08-11 16:35 - 2016-08-03 06:34 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2016-08-11 16:35 - 2016-08-03 06:34 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-08-11 16:35 - 2016-08-03 06:34 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-08-11 16:35 - 2016-08-03 06:34 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll
2016-08-11 16:35 - 2016-08-03 06:33 - 12589056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-08-11 16:35 - 2016-08-03 06:33 - 01844736 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2016-08-11 16:35 - 2016-08-03 06:33 - 01418240 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2016-08-11 16:35 - 2016-08-03 06:33 - 01061888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2016-08-11 16:35 - 2016-08-03 06:33 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2016-08-11 16:35 - 2016-08-03 06:33 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2016-08-11 16:35 - 2016-08-03 06:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2016-08-11 16:35 - 2016-08-03 06:32 - 05079552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-08-11 16:35 - 2016-08-03 06:31 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-11 16:35 - 2016-08-03 06:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2016-08-11 16:35 - 2016-08-03 06:30 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll
2016-08-11 16:35 - 2016-08-03 06:29 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2016-08-11 16:35 - 2016-08-03 06:29 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2016-08-11 16:35 - 2016-08-03 06:26 - 01467392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-08-11 16:35 - 2016-08-03 06:26 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2016-08-11 16:35 - 2016-08-03 06:26 - 00282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-08-11 16:35 - 2016-08-03 06:26 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2016-08-11 16:35 - 2016-08-03 06:26 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2016-08-11 16:35 - 2016-08-03 06:25 - 00712192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2016-08-11 16:35 - 2016-08-03 06:25 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2016-08-11 16:35 - 2016-08-03 06:25 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2016-08-11 16:35 - 2016-08-03 06:25 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2016-08-11 16:35 - 2016-08-03 06:25 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll
2016-08-11 16:35 - 2016-08-03 06:25 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2016-08-11 13:05 - 2016-08-15 08:57 - 00000000 ____D C:\Users\lenag\Desktop\Sekyrková
2016-08-11 12:46 - 2016-08-11 12:46 - 00220369 _____ C:\Users\lenag\Desktop\Petra N tophypo.pdf
2016-08-10 18:23 - 2016-08-10 18:23 - 00205217 _____ C:\Users\lenag\Desktop\KB Petra N.pdf
2016-08-10 18:03 - 2016-08-10 18:03 - 00027136 _____ C:\Users\lenag\Desktop\ČMSS - provize pro MM_červenec_2016.xls
2016-08-10 17:53 - 2016-08-10 17:53 - 00000000 ____D C:\Users\lenag\Desktop\Vyhnálková
2016-08-10 08:23 - 2016-08-10 08:23 - 00232253 _____ C:\Users\lenag\Desktop\op1 já.jpeg.jpeg
2016-08-10 08:22 - 2016-08-10 08:21 - 00273608 _____ C:\Users\lenag\Desktop\op já.jpeg
2016-08-09 19:33 - 2016-08-09 19:33 - 00204778 _____ C:\Users\lenag\Desktop\KB Šnejdar.pdf
2016-08-09 19:02 - 2016-08-09 19:02 - 00000000 ____D C:\Users\lenag\Desktop\Doan Thi
2016-08-02 15:28 - 2016-08-02 15:29 - 00000000 ____D C:\Users\lenag\Desktop\Lažek
2016-07-31 18:23 - 2016-07-31 18:25 - 00000000 ____D C:\Users\lenag\AppData\Roaming\hypocalc
2016-07-31 18:23 - 2016-07-31 18:23 - 00001188 _____ C:\Users\lenag\Desktop\Hypoteční kalkulačka.lnk
2016-07-31 18:23 - 2016-07-31 18:23 - 00000000 ____D C:\Users\lenag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Česká spořitelna
2016-07-31 18:23 - 2016-07-31 18:23 - 00000000 ____D C:\Users\lenag\AppData\Local\hypocalc
2016-07-31 18:23 - 2016-07-31 18:23 - 00000000 ____D C:\Users\lenag\AppData\Local\CEF
2016-07-31 18:14 - 2016-07-31 18:22 - 01226959 _____ C:\Users\lenag\Desktop\DOC_1467292628_Equa_Kalkulace_Hypo_20160704.xlsx
2016-07-28 06:43 - 2016-07-28 06:44 - 00219530 _____ C:\Users\lenag\Downloads\STAVEBNI_SPORENI.pdf
2016-07-27 20:11 - 2016-07-27 20:18 - 00000000 ____D C:\Users\lenag\AppData\Local\Mozilla
2016-07-27 20:11 - 2016-07-27 20:12 - 00000000 ____D C:\Users\lenag\AppData\Roaming\Mozilla
2016-07-27 07:04 - 2016-08-09 19:02 - 00000000 ____D C:\Users\lenag\Desktop\Osipau
2016-07-27 07:04 - 2016-07-27 07:04 - 00000000 ____D C:\Users\lenag\Desktop\Hanzlíková
2016-07-27 07:03 - 2016-07-28 17:02 - 00000000 ____D C:\Users\lenag\Desktop\Ramajzlová
2016-07-22 18:05 - 2016-07-22 18:05 - 00143664 ____N C:\Windows\SysWOW64\SecUPDUtilSvc.exe
2016-07-22 18:05 - 2016-07-22 18:05 - 00143664 ____N C:\Windows\system32\SecUPDUtilSvc.exe
2016-07-22 18:05 - 2016-03-24 05:56 - 02817536 ____N C:\Windows\system32\DlgSearchEngine.dll
2016-07-22 18:05 - 2015-03-12 04:43 - 00158016 _____ C:\Windows\system32\us00aci.exe
2016-07-22 18:05 - 2015-03-12 04:43 - 00089600 _____ (SS) C:\Windows\system32\us00aci.dll
2016-07-22 18:05 - 2015-03-12 04:43 - 00022528 _____ () C:\Windows\system32\us00alm.dll
2016-07-21 17:36 - 2016-07-29 18:48 - 00000000 ____D C:\Users\lenag\Desktop\Dlugoš
2016-07-21 17:36 - 2016-07-21 17:36 - 00000000 ____D C:\Users\lenag\Desktop\Pavlíková

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-16 21:08 - 2016-06-10 22:23 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-08-16 21:08 - 2016-06-10 19:08 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-08-16 21:08 - 2016-06-10 18:51 - 00000988 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-16 21:08 - 2016-06-10 18:36 - 00000000 __SHD C:\Users\lenag\IntelGraphicsProfiles
2016-08-16 19:57 - 2016-06-10 21:25 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-16 19:57 - 2016-06-10 21:16 - 00000000 ____D C:\Windows\ShellNew
2016-08-16 19:57 - 2015-08-23 12:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-08-16 19:56 - 2016-06-10 21:16 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-16 19:53 - 2016-07-10 13:33 - 00000000 ____D C:\Program Files\Microsoft Office
2016-08-16 19:52 - 2015-07-10 13:04 - 00000167 _____ C:\Windows\win.ini
2016-08-16 19:33 - 2016-06-10 21:24 - 00814756 _____ C:\Windows\system32\perfh005.dat
2016-08-16 19:33 - 2016-06-10 21:24 - 00175470 _____ C:\Windows\system32\perfc005.dat
2016-08-16 19:33 - 2016-06-10 21:12 - 00000000 ____D C:\Windows\INF
2016-08-16 19:33 - 2015-07-16 17:54 - 01949906 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-16 19:29 - 2016-06-10 22:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-16 19:29 - 2016-06-10 21:03 - 00131072 ___SH C:\Windows\system32\config\BBI
2016-08-16 19:06 - 2016-06-10 18:51 - 00000992 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-16 18:02 - 2016-06-10 22:17 - 00422224 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-16 17:29 - 2016-06-10 21:16 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-16 17:29 - 2016-06-10 21:16 - 00000000 ____D C:\Windows\AppReadiness
2016-08-15 17:53 - 2016-06-14 14:46 - 00000000 ____D C:\Program Files (x86)\eLiska4
2016-08-14 19:05 - 2016-06-12 09:19 - 00000000 ____D C:\Users\lenag\Desktop\M§M
2016-08-14 19:02 - 2016-06-10 21:16 - 00000000 ____D C:\Windows\rescache
2016-08-14 16:22 - 2016-06-10 18:34 - 00000000 ____D C:\Users\lenag
2016-08-14 16:18 - 2016-06-10 21:16 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-08-14 16:18 - 2016-06-10 21:16 - 00000000 ___RD C:\Windows\DevicesFlow
2016-08-14 16:18 - 2016-06-10 21:16 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-08-14 16:18 - 2016-06-10 21:16 - 00000000 ____D C:\Windows\system32\oobe
2016-08-14 16:18 - 2016-06-10 21:16 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-14 16:18 - 2016-06-10 21:16 - 00000000 ____D C:\Program Files\Windows Defender
2016-08-14 16:18 - 2016-06-10 21:16 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-08-11 17:18 - 2016-06-10 21:09 - 00000000 ____D C:\Windows\CbsTemp
2016-08-11 17:16 - 2016-06-22 12:57 - 00000000 ____D C:\Windows\system32\MRT
2016-08-11 17:10 - 2016-06-22 12:57 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-11 17:10 - 2016-06-10 21:16 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2016-08-11 12:23 - 2016-06-12 09:19 - 00000000 ____D C:\Users\lenag\Desktop\formuláře
2016-08-11 11:45 - 2016-06-14 18:43 - 00000000 ___RD C:\Users\lenag\Documents\Scanned Documents
2016-08-09 13:06 - 2016-06-10 18:52 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-08 19:37 - 2016-06-12 09:20 - 00000000 ____D C:\Users\lenag\Desktop\Pozdnyakov
2016-08-08 19:37 - 2016-06-12 09:20 - 00000000 ____D C:\Users\lenag\Desktop\Novák Petr
2016-08-04 09:57 - 2016-06-12 09:19 - 00000000 ____D C:\Users\lenag\Desktop\Janota
2016-08-03 08:45 - 2016-06-10 22:44 - 02718208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2016-07-31 17:40 - 2016-06-12 09:19 - 00000000 ____D C:\Users\lenag\Desktop\Fridvaldská
2016-07-29 16:01 - 2016-06-10 18:51 - 00004050 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-29 16:01 - 2016-06-10 18:51 - 00003818 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-28 17:05 - 2016-06-10 21:29 - 00000000 ___DC C:\Windows\Panther
2016-07-28 06:07 - 2016-06-12 09:19 - 00000000 ____D C:\Users\lenag\Desktop\Kešel
2016-07-27 19:58 - 2016-06-12 09:19 - 00000000 ____D C:\Users\lenag\Desktop\Červinkovi
2016-07-27 07:02 - 2016-06-16 18:57 - 00000000 ____D C:\Users\lenag\Desktop\MMfaktury
2016-07-22 18:06 - 2016-06-11 18:53 - 00000000 ____D C:\ProgramData\Samsung
2016-07-22 18:05 - 2016-06-11 18:56 - 00000000 ____D C:\Users\lenag\AppData\Roaming\Samsung
2016-07-22 18:05 - 2016-06-11 18:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2016-07-22 18:05 - 2016-06-11 18:53 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-07-22 17:56 - 2016-06-10 18:36 - 00000000 ____D C:\Users\lenag\AppData\Local\Packages

Some files in TEMP:
====================
C:\Users\lenag\AppData\Local\Temp\libeay32.dll
C:\Users\lenag\AppData\Local\Temp\msvcr120.dll
C:\Users\lenag\AppData\Local\Temp\ose00000.exe
C:\Users\lenag\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-08-11 06:06

==================== End of FRST.txt ============================

#6 Příspěvek od **Rudy** » 16 srp 2016 21:08

Otevřte poznámkový blok a zkopírujte do něj:

Start
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\addToTrustedSites.vbs [2013-11-04] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\cmssservice.lnk [2016-07-11]
ShortcutTarget: cmssservice.lnk -> C:\Model\cmssservice\cmssservice.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\runModel.vbs [2013-05-15] ()
SearchScopes: HKU\S-1-5-21-3375223873-3819052571-2082627980-1001 -> DefaultScope {6C705CBA-649E-4693-812A-02C2CC85CEBF} URL =
SearchScopes: HKU\S-1-5-21-3375223873-3819052571-2082627980-1001 -> {6C705CBA-649E-4693-812A-02C2CC85CEBF} URL =
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\lenag\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

VIRY.CZ

Podivné chování PC

Podivné chování PC

Re: Podivné chování PC

Re: Podivné chování PC

Re: Podivné chování PC

Re: Podivné chování PC

Re: Podivné chování PC