Prosba o kontrolu logu - samovolný pohyb kurzoru

Zpráva

Valda09 · #1 Příspěvek od **Valda09** » 03 led 2017 10:39

Zdravím, prosím o kontrolu logu RSIT, v počítači se začaly samovolně otevírat okna a pohybuje se kurzor.... Díky. Log zde:

Logfile of random's system information tool 1.14 (written by random/random)
Run by PBL at 2017-01-03 10:36:51
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 63 GB (63%) free of 100 GB
Total RAM: 8108 MB (79% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:37:01, on 3.1.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\PBL_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {2E38825B-8815-42CF-9126-C58BC28D4591} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll
O3 - Toolbar: Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Kaspersky Anti-Virus Service 17.0.0 (AVP17.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dolby DAX2 API Service (DAX2API) - Unknown owner - C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel Bluetooth Service (iBtSiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: klvssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 7138 bytes

======Enumerating Processes======

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 27711088
\??\C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe" -r
C:\Windows\system32\taskhost.exe
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\system32\taskeng.exe
"C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe" -hidden
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe" -Hide
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\igfxEM.exe
C:\Windows\system32\igfxHK.exe
C:\Windows\system32\igfxTray.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\PBL\Downloads\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
C:\Windows\system32\tasks\{78DE5DB2-9C07-4BA0-A4D4-49E019D6A320} - "c:\program files (x86)\mozilla firefox\firefox.exe" http://www.skype.com/go/downloading?sou ... tError=404
C:\Windows\system32\tasks\{D654074B-03A6-47F1-BBAF-C5B6A6D91D0C} - "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/7.28.0.101/cs/ ... age=tsBing
C:\Windows\system32\tasks\{E275FB72-C058-49CD-A7A4-D493D2B5ACE9} - "c:\program files (x86)\mozilla firefox\firefox.exe" http://www.skype.com/go/downloading?sou ... tError=404
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1566663738-324147775-427891311-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\PBL\AppData\Roaming\Mozilla\Firefox\Profiles\c5xr1ndm.default

"light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

C:\Users\PBL\AppData\Roaming\Mozilla\Firefox\Profiles\c5xr1ndm.default\addons.json

C:\Users\PBL\AppData\Roaming\Mozilla\Firefox\Profiles\c5xr1ndm.default\extensions.json
Kaspersky Protection - extension - light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

C:\Users\PBL\AppData\Roaming\Mozilla\Firefox\Profiles\c5xr1ndm.default\pluginreg.dat
Plugin - Adobe Acrobat - 15.20.20039.7108 - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Plugin - Google Update - 1.3.31.5 - C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

=========Google Chrome=========

C:\Users\PBL\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Web Store 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Google Docs 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Google Drive 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bgjpfhpjcgdppjbgnpnjllokbmcdllig 0 Seznam Lištička - Email 1.3.19
Extension blmojkbhnkkphngknkmgccmlenfaelkd 0 Seznam Lištička - Slovník 1.4.3
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension dbhjdbfgekjfcfkkfjjmlmojhbllhbho
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension felcaaldnbdncclmgdcncolpebgiejap
Extension fhoibnponjcgjgcnfacekaijdbbplhib 0 Kaspersky Protection 5.0.141.0
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Google Docs Offline 1.4
Extension kknchebceolpcbkfahjigahlblgpbied
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension ldildmkoeoicfkknedfdpjmgjmpkpooc 0 Cryptoplus KB - podepisovací modul 1.6
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Chrome Web Store Payments 1.0.0.0
Extension olfeabkoenfaoljndfecamgilllcpiak 0 Seznam Lištička - Rychlá volba 1.8.5
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5516.1005.0.3
Homepage: http://www.google.com
default_search_provider.search_url:
C:\Users\PBL\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib]
"Path"=https://chrome.google.com/webstore/deta ... ijdbbplhib

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E38825B-8815-42CF-9126-C58BC28D4591}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07 1253736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E38825B-8815-42CF-9126-C58BC28D4591}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-07 1028968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{093F479D-712E-46CD-9E06-62E734A05F68} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07 1253736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{093F479D-712E-46CD-9E06-62E734A05F68} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-07 1028968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-09-15 2811560]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-10-02 16404224]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-10-02 1407744]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-10-02 1407744]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-10-02 1407744]
"DAX2_APP"=C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [2015-06-16 628736]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2015-04-20 7822312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-09-12 29635712]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2015-06-15 296216]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-01-03 10:36:51 ----D---- C:\rsit
2017-01-03 10:36:51 ----D---- C:\Program Files\trend micro
2016-12-12 14:35:17 ----D---- C:\Users\PBL\AppData\Roaming\Software602
2016-12-12 14:35:01 ----D---- C:\Users\PBL\AppData\Roaming\602XML
2016-12-12 14:34:52 ----D---- C:\Users\PBL\AppData\Roaming\602Installer
2016-12-12 14:34:35 ----D---- C:\Program Files (x86)\Software602
2016-12-05 10:24:05 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2017-01-03 10:37:01 ----D---- C:\Windows\Prefetch
2017-01-03 10:36:51 ----RD---- C:\Program Files
2017-01-03 10:35:11 ----D---- C:\Windows\Temp
2017-01-03 10:34:33 ----D---- C:\Windows\System32
2017-01-03 10:34:30 ----D---- C:\ProgramData\Kaspersky Lab
2017-01-03 10:34:26 ----SHD---- C:\System Volume Information
2017-01-03 10:33:13 ----RD---- C:\Program Files (x86)
2017-01-03 10:33:01 ----D---- C:\Windows\inf
2017-01-03 10:33:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-01-03 10:31:08 ----D---- C:\Windows\Tasks
2017-01-03 10:31:08 ----D---- C:\Windows\system32\wfp
2017-01-03 10:31:07 ----D---- C:\Windows\system32\wbem
2017-01-03 10:31:07 ----D---- C:\Windows
2017-01-03 10:30:44 ----D---- C:\Windows\system32\config
2017-01-03 10:30:42 ----HD---- C:\Windows\system32\WLANProfiles
2017-01-03 10:30:42 ----D---- C:\Windows\system32\Tasks
2017-01-03 10:30:42 ----D---- C:\Windows\system32\DriverStore
2017-01-03 10:30:42 ----D---- C:\Windows\system32\drivers
2017-01-03 10:30:42 ----D---- C:\Windows\system32\catroot2
2017-01-03 10:30:41 ----SHD---- C:\Windows\Installer
2017-01-03 10:30:41 ----D---- C:\Windows\system32\drivers\UMDF
2017-01-03 10:30:41 ----D---- C:\Windows\AppCompat
2017-01-03 10:30:41 ----D---- C:\Users\PBL\AppData\Roaming\IrfanView
2017-01-03 10:30:38 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-03 10:30:34 ----D---- C:\Windows\SysWOW64
2017-01-03 10:30:34 ----D---- C:\Windows\registration
2017-01-03 10:30:32 ----D---- C:\Windows\system32\catroot
2017-01-03 10:30:31 ----D---- C:\Users\PBL\AppData\Roaming\Skype

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 cm_km;AO Kaspersky Lab Cryptographic Module x64 (56 bit); C:\Windows\system32\DRIVERS\cm_km.sys [2016-06-10 238936]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2016-06-02 554416]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [2016-06-07 63920]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\Windows\system32\DRIVERS\klbackupflt.sys [2016-06-14 86352]
R1 klhk;Kaspersky Lab service driver; C:\Windows\system32\DRIVERS\klhk.sys [2016-10-23 305496]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2016-12-07 1036512]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2016-12-07 57936]
R1 klpd;Kaspersky Lab format recognizer driver; C:\Windows\system32\DRIVERS\klpd.sys [2016-05-31 45488]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2016-05-17 75696]
R1 Klwtp;KLwtp - WFP callout traffic inspector; C:\Windows\system32\DRIVERS\klwtp.sys [2016-12-07 134880]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2016-06-14 194480]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2016-05-31 78216]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-21 80384]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2015-05-12 141800]
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2015-01-13 1448248]
R3 ibtusb;Aplikace Intel(R) Wireless Bluetooth(R); C:\Windows\system32\DRIVERS\ibtusb.sys [2015-08-07 257264]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-09-04 6406544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-10-02 4606208]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-09-04 473864]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2015-06-26 403752]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2015-06-30 814376]
R3 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2016-06-26 189264]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2016-05-18 52144]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2015-06-07 41648]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2015-07-07 178976]
R3 NETwNs64;___ Ovladač adaptéru Intel(R) Wireless pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw02.sys [2015-08-23 4008176]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-01-15 977624]
R3 rtsuvc;Lenovo EasyCamera; C:\Windows\system32\DRIVERS\rtsuvc.sys [2015-06-11 3059416]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2015-09-15 555176]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2010-11-21 552448]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RTSUER;Realtek USB Card Reader - UER; C:\Windows\system32\Drivers\RtsUer.sys [2015-08-18 404184]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP17.0.0;Kaspersky Anti-Virus Service 17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [2016-06-28 241544]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2015-01-27 1198456]
R2 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2015-05-06 1714216]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2015-01-27 1161592]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2015-08-13 640928]
R2 iBtSiva;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [2015-09-04 149608]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-09-04 350312]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2015-08-13 157088]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2015-08-13 3831712]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 DAX2API;Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [2015-09-15 176640]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-09-04 282216]
S3 klvssbrigde64;klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [2016-06-28 77328]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-12-05 172488]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2015-08-13 268192]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-19 144200]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-19 144200]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-07-25 324224]

-----------------EOF-----------------

#2 Příspěvek od **JaRon** » 03 led 2017 10:43

ahoj,
1. doporucujem vymenit mys
2. doporucujem nainstalovat MSIE11

Valda09 · #3 Příspěvek od **Valda09** » 03 led 2017 11:56

Ahoj, díky za odpověď. Myš jsem měnil a dělají to všechny, děje se to i když není zapojena myš vůbec.... IE11 jsem nainstaloval.

#4 Příspěvek od **JaRon** » 03 led 2017 13:55

prescanuj PC s MBAM log sem

Valda09 · #5 Příspěvek od **Valda09** » 03 led 2017 17:38

Spadnul při tom počítač (modrá obrazovka s nějakou kontrolou) ale potom text dojel:

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 03.01.17
Čas skenování: 17:12
Logovací soubor:
Správce: Ano

-Informace o softwaru-
Verze: 3.0.5.1299
Verze komponentů: 1.0.43
Aktualizovat verzi balíku komponent: 1.0.914
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: PBL-PC\PBL

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 192972
Uplynulý čas: 23 min, 0 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

#6 Příspěvek od **JaRon** » 03 led 2017 18:22

No nevypada to na virovy problem
Vloz oba logy FRST, zajtra pozriem

Valda09 · #7 Příspěvek od **Valda09** » 04 led 2017 09:54

Tady jsou, ale asi to bude hardwarový problém, když vypnu touchpad tak se situace už neopakovala....

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
Ran by PBL (administrator) on PBL-PC (04-01-2017 09:51:46)
Running from C:\Users\PBL\Desktop
Loaded Profiles: PBL (Available Profiles: PBL)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16404224 2015-10-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-10-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-10-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-10-02] (Realtek Semiconductor)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [628736 2015-06-16] ()
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2811560 2015-09-15] (Synaptics Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-06-15] (Intel Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{41BE898E-8E5E-4A6F-94F8-79110F25BA7E}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1566663738-324147775-427891311-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-1566663738-324147775-427891311-1000 -> Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)

FireFox:
========
FF DefaultProfile: c5xr1ndm.default
FF ProfilePath: C:\Users\PBL\AppData\Roaming\Mozilla\Firefox\Profiles\c5xr1ndm.default [2017-01-04]
FF user.js: detected! => C:\Users\PBL\AppData\Roaming\Mozilla\Firefox\Profiles\c5xr1ndm.default\user.js [2016-10-19]
FF Session Restore: Mozilla\Firefox\Profiles\c5xr1ndm.default -> is enabled.
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-07]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\PBL\AppData\Local\Google\Chrome\User Data\Default [2017-01-03]
CHR Extension: (Google Docs) - C:\Users\PBL\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-23]
CHR Extension: (Google Drive) - C:\Users\PBL\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-24]
CHR Extension: (Seznam Lištička - Email) - C:\Users\PBL\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-01-03]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\PBL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-12-01]
CHR Extension: (YouTube) - C:\Users\PBL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-23]
CHR Extension: (Kaspersky Protection) - C:\Users\PBL\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2016-10-23]
CHR Extension: (Google Docs Offline) - C:\Users\PBL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-23]
CHR Extension: (Cryptoplus KB - podepisovací modul) - C:\Users\PBL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldildmkoeoicfkknedfdpjmgjmpkpooc [2016-10-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PBL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-19]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\PBL\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-01-03]
CHR Extension: (Gmail) - C:\Users\PBL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\PBL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-03]
CHR Profile: C:\Users\PBL\AppData\Local\Google\Chrome\User Data\System Profile [2016-12-15]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [176640 2015-09-15] () [File not signed]
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [149608 2015-09-04] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [350312 2015-09-04] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-08-13] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-08-13] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141800 2015-05-12] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1448248 2015-01-13] (Motorola Solutions, Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [257264 2015-08-07] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-14] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [189264 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [305496 2016-10-23] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1036512 2016-12-07] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [57936 2016-12-07] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-18] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75696 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [134880 2016-12-07] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176064 2017-01-03] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [102856 2017-01-04] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-01-04] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [250816 2017-01-04] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [81696 2017-01-04] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [178976 2015-07-07] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [4008176 2015-08-23] (Intel Corporation)
S3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [404184 2015-08-18] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [3059416 2015-06-11] (Realtek Semiconductor Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-04 09:51 - 2017-01-04 09:52 - 00013788 _____ C:\Users\PBL\Desktop\FRST.txt
2017-01-04 09:51 - 2017-01-04 09:51 - 00000000 ____D C:\FRST
2017-01-04 09:50 - 2017-01-04 09:50 - 02418176 _____ (Farbar) C:\Users\PBL\Desktop\FRST64.exe
2017-01-03 17:53 - 2017-01-03 17:54 - 98727968 _____ (Lenovo Group Limited ) C:\Users\PBL\Downloads\6p5a02wf.exe
2017-01-03 17:02 - 2017-01-03 17:02 - 560069438 _____ C:\Windows\MEMORY.DMP
2017-01-03 17:02 - 2017-01-03 17:02 - 00312952 _____ C:\Windows\Minidump\010317-13244-01.dmp
2017-01-03 17:02 - 2017-01-03 17:02 - 00000000 ____D C:\Windows\Minidump
2017-01-03 16:58 - 2017-01-03 16:58 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-01-03 16:57 - 2017-01-04 09:41 - 00081696 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-01-03 16:57 - 2017-01-04 09:40 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-03 16:57 - 2017-01-04 09:40 - 00102856 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-01-03 16:57 - 2017-01-04 09:40 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-01-03 16:57 - 2017-01-03 16:57 - 00001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-03 16:57 - 2017-01-03 16:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-03 16:57 - 2017-01-03 16:57 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-03 16:57 - 2017-01-03 16:57 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-03 16:57 - 2016-12-14 12:55 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-01-03 16:56 - 2017-01-03 16:56 - 54199488 _____ (Malwarebytes ) C:\Users\PBL\Downloads\mb3-setup-consumer-3.0.5.1299.exe
2017-01-03 12:03 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-01-03 12:03 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-01-03 12:03 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-01-03 12:03 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-01-03 12:03 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-01-03 12:03 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-01-03 12:03 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-01-03 12:03 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-01-03 12:03 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-01-03 12:03 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-01-03 12:03 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-01-03 12:03 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-01-03 12:03 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-01-03 12:03 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-01-03 11:58 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2017-01-03 11:54 - 2017-01-03 11:54 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-01-03 11:54 - 2017-01-03 11:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-01-03 11:54 - 2017-01-03 11:54 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-01-03 11:54 - 2017-01-03 11:54 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-01-03 11:54 - 2017-01-03 11:54 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-01-03 11:54 - 2017-01-03 11:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2017-01-03 11:54 - 2017-01-03 11:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2017-01-03 11:54 - 2017-01-03 11:54 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-01-03 11:54 - 2017-01-03 11:54 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-01-03 11:54 - 2017-01-03 11:54 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-01-03 11:54 - 2017-01-03 11:54 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-01-03 11:54 - 2017-01-03 11:54 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-01-03 11:54 - 2017-01-03 11:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-01-03 11:54 - 2017-01-03 11:54 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-01-03 11:54 - 2017-01-03 11:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-01-03 11:54 - 2017-01-03 11:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-01-03 11:54 - 2017-01-03 11:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-01-03 11:53 - 2017-01-03 11:53 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-01-03 11:53 - 2017-01-03 11:53 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-01-03 11:52 - 2017-01-03 11:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2017-01-03 11:52 - 2017-01-03 11:52 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2017-01-03 11:50 - 2017-01-03 11:50 - 58794192 _____ (Microsoft Corporation) C:\Users\PBL\Downloads\IE11-Windows6.1-x64-cs-cz.exe
2017-01-03 10:36 - 2017-01-03 10:37 - 00000000 ____D C:\rsit
2017-01-03 10:36 - 2017-01-03 10:37 - 00000000 ____D C:\Program Files\trend micro
2017-01-03 10:36 - 2017-01-03 10:36 - 01323520 _____ C:\Users\PBL\Downloads\RSITx64.exe
2017-01-02 18:50 - 2017-01-03 09:40 - 00030276 _____ C:\Users\PBL\Desktop\CP Dolenský Ovocná slavnost.ods
2017-01-02 18:40 - 2017-01-02 19:14 - 00030197 _____ C:\Users\PBL\Desktop\CP Dolenský 11-12_2016.ods
2017-01-02 18:39 - 2017-01-02 19:14 - 00030130 _____ C:\Users\PBL\Desktop\CP Dolenský 09-10_2016.ods
2017-01-02 18:27 - 2017-01-02 18:27 - 00029944 _____ C:\Users\PBL\Desktop\CP Dolenský-Praha 12.ods
2017-01-02 18:10 - 2017-01-02 18:10 - 00019161 _____ C:\Users\PBL\Desktop\Mzdy_AMPI 12__2016.ods
2017-01-02 18:09 - 2017-01-02 18:09 - 00017299 _____ C:\Users\PBL\Downloads\Mzdy_AMPI 12__2016.ods
2017-01-02 17:57 - 2017-01-02 17:57 - 00050908 _____ C:\Users\PBL\Downloads\Vypis_z_uctu-2201035145_20161001-20161130_cislo-2 (1) (1).pdf
2017-01-02 17:56 - 2017-01-02 17:56 - 00045890 _____ C:\Users\PBL\Downloads\Vypis_z_uctu-2201035145_20160727-20160930_cislo-1 (1).pdf
2017-01-02 17:24 - 2017-01-02 17:24 - 00069459 _____ C:\Users\PBL\Downloads\FAV_25_2016_Ekumenická akademie.pdf
2017-01-02 16:22 - 2017-01-02 16:28 - 00018228 _____ C:\Users\PBL\Desktop\DPP_AMPI_2016_Kotíková (1).xlsx
2017-01-02 16:19 - 2017-01-02 16:22 - 00033280 _____ C:\Users\PBL\Downloads\DPP_AMPI_2016_Kotíková (1).xls
2017-01-02 16:17 - 2017-01-02 16:17 - 00018944 _____ C:\Users\PBL\Downloads\DPP_AMPI_2016_Kotíková.xls
2017-01-02 15:16 - 2017-01-02 15:16 - 00030898 _____ C:\Users\PBL\Downloads\Faktura vystavená_116002_05102016.pdf
2017-01-02 15:15 - 2017-01-02 15:15 - 00031093 _____ C:\Users\PBL\Downloads\Faktura vystavená_116001_22062016.pdf
2017-01-02 15:04 - 2017-01-02 15:04 - 00061608 _____ C:\Users\PBL\Downloads\Vypis_z_uctu-2600575691_20161201-20161231_cislo-12 (1).pdf
2017-01-02 15:04 - 2017-01-02 15:04 - 00061608 _____ C:\Users\PBL\Desktop\Vypis_z_uctu-2600575691_20161201-20161231_cislo-12.pdf
2017-01-02 15:03 - 2017-01-02 15:03 - 00061608 _____ C:\Users\PBL\Downloads\Vypis_z_uctu-2600575691_20161201-20161231_cislo-12.pdf
2016-12-22 15:27 - 2016-12-22 15:27 - 00265728 _____ C:\Users\PBL\Downloads\HomeTicket.pdf
2016-12-20 12:16 - 2016-12-20 12:16 - 00061826 _____ C:\Users\PBL\Downloads\Souhlas s realizací projektu_Dětský klub Kuchyňka.pdf
2016-12-20 11:04 - 2016-12-20 11:04 - 00178688 _____ C:\Users\PBL\Downloads\popis prosemináře.doc
2016-12-19 12:54 - 2016-12-19 12:54 - 00011387 _____ C:\Users\PBL\Downloads\Odborné doporučení_Dětský klub Kuchyňka.odt
2016-12-16 15:14 - 2016-12-16 15:14 - 00010900 _____ C:\Users\PBL\Desktop\Prohlášení zájmu rodiče o dětský klub Kuchyńka.docx
2016-12-16 15:14 - 2016-12-16 15:14 - 00000162 ____H C:\Users\PBL\Desktop\~$ohlášení zájmu rodiče o dětský klub Kuchyńka.docx
2016-12-16 15:13 - 2016-12-16 15:13 - 00004634 _____ C:\Users\PBL\Downloads\Prohlášení zájmu rodiče o dětský klub Kuchyńka.docx
2016-12-15 13:42 - 2016-12-15 13:43 - 02258967 _____ C:\Users\PBL\Downloads\potravinove_komunity_tisnovsko.pdf
2016-12-15 13:40 - 2016-12-15 13:40 - 00090195 _____ C:\Users\PBL\Downloads\prezentaceKPZ_komunity.pptx
2016-12-15 13:31 - 2016-12-15 13:31 - 00366620 _____ C:\Users\PBL\Downloads\Plakát-KPZ-final2.pdf
2016-12-15 10:50 - 2016-12-15 10:31 - 00410939 _____ C:\Users\PBL\Desktop\Prohlášení o zájmu o EVP 2017-1.pdf
2016-12-15 10:50 - 2016-12-15 10:30 - 00258784 _____ C:\Users\PBL\Desktop\Prohlášení o zájmu o EVP 2017-2.pdf
2016-12-15 09:56 - 2016-12-15 09:56 - 04058180 _____ C:\Users\PBL\Downloads\Zapoj-se-do-KPZ-booklet-finální-verze.pdf
2016-12-14 11:42 - 2016-12-14 11:42 - 00273459 _____ C:\Users\PBL\Downloads\424837169_0_Jursova.pdf
2016-12-14 11:42 - 2016-12-14 11:42 - 00273459 _____ C:\Users\PBL\Desktop\424837169_0_Jursova.pdf
2016-12-14 11:41 - 2016-12-14 11:41 - 00101810 _____ C:\Users\PBL\Desktop\424480207_0_00206BA2121B161212091534_sign.pdf
2016-12-14 11:40 - 2016-12-14 11:40 - 00101810 _____ C:\Users\PBL\Downloads\424480207_0_00206BA2121B161212091534_sign.pdf
2016-12-12 15:07 - 2016-12-12 15:07 - 00010951 _____ C:\Users\PBL\Desktop\Prohlášení o spolupráci_Asociace AMPI.docx
2016-12-12 15:06 - 2016-12-12 15:06 - 00010958 _____ C:\Users\PBL\Downloads\Prohlášení o spolupráci_předloha.odt
2016-12-12 15:06 - 2016-12-12 15:06 - 00004713 _____ C:\Users\PBL\Downloads\Prohlášení o spolupráci_předloha.docx
2016-12-12 14:38 - 2016-12-12 14:38 - 00472810 _____ C:\Users\PBL\Desktop\Vyplneno_2325711_726310_grantyZP2017_formularOCPMHMP_20161128.zfo
2016-12-12 14:35 - 2016-12-12 14:35 - 00000000 ____D C:\Users\PBL\AppData\Roaming\Software602
2016-12-12 14:35 - 2016-12-12 14:35 - 00000000 ____D C:\Users\PBL\AppData\Roaming\602XML
2016-12-12 14:34 - 2016-12-12 14:34 - 00000000 ____D C:\Users\PBL\AppData\Roaming\602Installer
2016-12-12 14:34 - 2016-12-12 14:34 - 00000000 ____D C:\Program Files (x86)\Software602
2016-12-12 14:32 - 2016-12-12 14:32 - 00468160 _____ C:\Users\PBL\Downloads\2325711_726310_grantyZP2017_formularOCPMHMP_20161128.zfo
2016-12-12 14:32 - 2016-12-12 14:32 - 00062976 _____ C:\Users\PBL\Downloads\2313596_714889__2_Cestne_prohlaseni_PO_3v1.doc
2016-12-12 13:58 - 2016-12-12 13:59 - 00117751 _____ C:\Users\PBL\Desktop\Smlouva PRAHA 12.pdf
2016-12-12 13:58 - 2016-12-12 13:58 - 00113897 _____ C:\Users\PBL\Downloads\Smlouva PRAHA 12.pdf
2016-12-12 13:31 - 2016-12-12 13:31 - 00278110 _____ C:\Users\PBL\Desktop\dýnobraní _ praha 12.jpg
2016-12-12 10:58 - 2016-12-12 10:58 - 01860342 _____ C:\Users\PBL\Desktop\letak_poznej_svoji_pudu_praha_12_2016-2017_0 (1).pdf
2016-12-12 10:14 - 2016-12-12 10:14 - 00016947 _____ C:\Users\PBL\Downloads\Mzdy_AMPI 11__2016 (1).ods
2016-12-12 10:10 - 2016-12-12 10:10 - 00067891 _____ C:\Users\PBL\Downloads\Ampi - najemni smlouva.pdf
2016-12-12 10:08 - 2016-12-12 10:08 - 00230873 _____ C:\Users\PBL\Downloads\Smlouva Mžp 2016.pdf
2016-12-12 10:08 - 2016-12-12 10:08 - 00123443 _____ C:\Users\PBL\Downloads\Smlouva praha 6.pdf
2016-12-12 10:05 - 2016-12-12 10:14 - 00000000 ____D C:\Users\PBL\Desktop\Doplnění dokladů
2016-12-12 10:05 - 2016-12-12 10:05 - 00007328 _____ C:\Users\PBL\Downloads\nejasné platby_AMPI.pdf
2016-12-12 10:04 - 2016-12-12 10:04 - 00060267 _____ C:\Users\PBL\Downloads\FAV_18_2016_Ovocná slavnost_Na Ovoce.pdf
2016-12-12 10:03 - 2016-12-12 10:03 - 00069840 _____ C:\Users\PBL\Downloads\FAV_13_Lysolajské lišky.pdf
2016-12-12 10:03 - 2016-12-12 10:03 - 00047145 _____ C:\Users\PBL\Downloads\FAV_15_2016_Jablkobraní.pdf
2016-12-12 10:03 - 2016-12-12 10:03 - 00046156 _____ C:\Users\PBL\Downloads\FAV_14_2016_Biodožínky Nenačovice.pdf
2016-12-12 09:28 - 2016-12-12 09:28 - 00006927 _____ C:\Users\PBL\Downloads\dp.pdf
2016-12-12 09:27 - 2016-12-12 09:27 - 00005835 _____ C:\Users\PBL\Downloads\příkaz mzdy.pdf
2016-12-12 09:11 - 2016-12-12 09:11 - 00118613 _____ C:\Users\PBL\Downloads\AMPI_08-0916.pdf
2016-12-12 09:08 - 2016-12-12 09:08 - 00070144 _____ C:\Users\PBL\Downloads\Vanocni hra 2016 (10 12 16) (2).doc
2016-12-12 09:08 - 2016-12-12 09:08 - 00070144 _____ C:\Users\PBL\Downloads\Vanocni hra 2016 (10 12 16) (1).doc
2016-12-12 09:04 - 2016-12-12 09:04 - 00070144 _____ C:\Users\PBL\Downloads\Vanocni hra 2016 (10 12 16).doc
2016-12-07 09:17 - 2016-12-07 09:17 - 01860342 _____ C:\Users\PBL\Downloads\letak_poznej_svoji_pudu_praha_12_2016-2017_0.pdf
2016-12-07 09:17 - 2016-12-07 09:17 - 01855292 _____ C:\Users\PBL\Desktop\letak_poznej_svoji_pudu_praha_12_2016-2017_0.pdf
2016-12-07 08:46 - 2016-12-07 08:46 - 00089831 _____ C:\Users\PBL\Downloads\Praha 6 - tisk stránky.pdf
2016-12-06 15:43 - 2016-12-06 15:43 - 02524216 _____ C:\Users\PBL\Downloads\naskenováno_20161206-1521(1).pdf
2016-12-06 15:32 - 2016-12-06 15:32 - 02524216 _____ C:\Users\PBL\Downloads\naskenováno_20161206-1521.pdf
2016-12-06 12:02 - 2016-12-06 12:02 - 00045890 _____ C:\Users\PBL\Downloads\Vypis_z_uctu-2201035145_20160727-20160930_cislo-1.pdf
2016-12-06 12:01 - 2016-12-06 12:01 - 00050908 _____ C:\Users\PBL\Downloads\Vypis_z_uctu-2201035145_20161001-20161130_cislo-2.pdf
2016-12-06 11:43 - 2017-01-04 09:46 - 00000000 ____D C:\Users\PBL\AppData\LocalLow\Mozilla
2016-12-05 15:08 - 2016-12-05 15:08 - 00016948 _____ C:\Users\PBL\Downloads\Mzdy_AMPI 11__2016.ods
2016-12-05 14:11 - 2016-12-06 15:49 - 00000000 ____D C:\Users\PBL\Desktop\Doklady pro účetní 11 2016
2016-12-05 13:53 - 2016-12-05 13:53 - 00336930 _____ C:\Users\PBL\Downloads\2324795_717229_Pravidla_grantu_Priloha_c._1_k_usneseni_Rady_HMP_2737.pdf
2016-12-05 13:37 - 2016-12-05 13:37 - 00073706 _____ C:\Users\PBL\Downloads\Vypis_z_uctu-2600575691_20161101-20161130_cislo-11.pdf
2016-12-05 10:24 - 2017-01-03 11:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-05 10:08 - 2016-12-05 10:08 - 00123443 _____ C:\Users\PBL\Downloads\Image051216094643.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-04 09:47 - 2009-07-14 05:45 - 00021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-04 09:47 - 2009-07-14 05:45 - 00021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-04 09:46 - 2011-04-12 09:34 - 00634546 _____ C:\Windows\system32\perfh005.dat
2017-01-04 09:46 - 2011-04-12 09:34 - 00123104 _____ C:\Windows\system32\perfc005.dat
2017-01-04 09:46 - 2009-07-14 06:13 - 01478586 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-04 09:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-04 09:40 - 2016-10-19 09:53 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-01-04 09:40 - 2016-10-18 12:34 - 00000000 __SHD C:\Users\PBL\IntelGraphicsProfiles
2017-01-04 09:40 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-03 18:17 - 2016-10-23 09:10 - 00003032 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2017-01-03 16:26 - 2016-10-19 10:15 - 00003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-01-03 16:26 - 2016-10-19 10:15 - 00003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-01-03 12:00 - 2016-10-19 10:21 - 00000000 ____D C:\Users\PBL\AppData\Roaming\Adobe
2017-01-03 12:00 - 2016-10-18 00:24 - 00001413 _____ C:\Users\PBL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-01-03 11:59 - 2016-10-18 12:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-03 11:59 - 2009-07-14 05:45 - 00442952 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-03 11:58 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-01-03 11:14 - 2016-10-18 12:20 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-01-03 11:14 - 2016-10-18 12:20 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-01-03 10:31 - 2016-10-18 00:24 - 00000000 ____D C:\Users\PBL
2017-01-03 10:30 - 2016-10-19 10:25 - 00000000 ____D C:\Users\PBL\AppData\Roaming\Skype
2017-01-03 10:30 - 2016-10-19 10:14 - 00000000 ____D C:\Users\PBL\AppData\Roaming\IrfanView
2017-01-03 10:30 - 2016-10-18 12:17 - 00000000 ___HD C:\Windows\system32\WLANProfiles
2017-01-03 10:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2017-01-03 10:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2016-12-15 16:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\config\RegBack
2016-12-07 12:10 - 2016-10-19 09:53 - 01036512 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-12-07 12:10 - 2016-06-20 16:29 - 00057936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2016-12-07 12:10 - 2014-11-22 13:12 - 00134880 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2016-12-06 13:08 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-12-06 11:43 - 2016-10-18 00:24 - 00000000 ____D C:\Users\PBL\AppData\LocalLow

==================== Files in the root of some directories =======

2016-10-18 12:38 - 2016-10-18 12:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\PBL\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
C:\Users\PBL\AppData\Local\Temp\ose00000.exe
C:\Users\PBL\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-15 16:17

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2017
Ran by PBL (04-01-2017 09:52:14)
Running from C:\Users\PBL\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-10-17 23:24:04)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1566663738-324147775-427891311-500 - Administrator - Disabled)
Guest (S-1-5-21-1566663738-324147775-427891311-501 - Limited - Disabled)
PBL (S-1-5-21-1566663738-324147775-427891311-1000 - Administrator - Enabled) => C:\Users\PBL

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Aplikace Intel(R) Wireless Bluetooth(R)(patch version 17.1.1532.1813) (HKLM\...\{302600C1-6BDF-4FD1-1507-148929CC1385}) (Version: 17.1.1507.0532 - Intel Corporation)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
Dolby Audio X2 Windows API SDK (HKLM\...\{6A478BF2-F67F-4ABC-A7F1-B6B5BA862371}) (Version: 0.5.2.32 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.4.0.22 - Dolby Laboratories, Inc.)
FastStone Image Viewer 5.7 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.7 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4279 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Malwarebytes verze 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-GB)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla)
OKI Color Swatch Utility (HKLM-x32\...\{A344F95E-E51A-450C-8F84-C940BF61903E}) (Version: 2.1.10 - Okidata)
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10240.31217 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7624 - Realtek Semiconductor Corp.)
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.147 - Synaptics Incorporated)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06900BF6-5FFA-4260-9F13-5D9E058A81F0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {2E312B77-0954-4D75-A095-7340E2FB73EA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-19] (Google Inc.)
Task: {376C7C1D-2F4F-4E47-A364-E32B05364311} - System32\Tasks\{E275FB72-C058-49CD-A7A4-D493D2B5ACE9} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lig ... tError=404
Task: {425E426D-6856-45CC-A1A9-CDE7C64645CA} - System32\Tasks\{78DE5DB2-9C07-4BA0-A4D4-49E019D6A320} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lig ... tError=404
Task: {6F31FACA-F9C3-49DC-9679-87EF8A0A6D64} - System32\Tasks\{D654074B-03A6-47F1-BBAF-C5B6A6D91D0C} => Firefox.exe hxxp://ui.skype.com/ui/0/7.28.0.101/cs/abandoninstall?page=tsBing
Task: {C28A0953-B530-4BF2-942E-BC5697D8212F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-19] (Google Inc.)
Task: {DC812EE7-94F5-4381-8468-E5BFE494CC57} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2016-07-11] (AO Kaspersky Lab)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2017-01-03 16:57 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-01-03 16:57 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2017-01-03 16:57 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-10-18 12:31 - 2015-09-04 21:10 - 00395880 _____ () C:\Windows\system32\igfxTray.exe
2015-06-16 02:53 - 2015-06-16 02:53 - 00628736 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
2016-06-27 23:19 - 2016-06-27 23:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1566663738-324147775-427891311-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PBL\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3DFB7D0C-A5FE-4572-922C-2D7147AD87DD}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{B652213A-B38B-45B6-AC4B-E641608E52D0}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7D50B697-6E4C-4C03-9CF0-28AA39F9AEEA}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{604FDB73-D146-4243-8AFE-17C48B81E049}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{35ABD4F2-2BDB-4FF0-B75E-2806ACE50A4C}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

07-12-2016 13:13:10 Naplánovaný kontrolní bod
12-12-2016 14:34:27 Installed Software602 Form Filler.
03-01-2017 10:29:05 Operace obnovení
03-01-2017 11:14:32 Windows Update
03-01-2017 11:52:31 Instalační služba modulů systému Windows
03-01-2017 12:02:55 Windows Update

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Video adaptér
Description: Video adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/04/2017 09:40:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/03/2017 06:01:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/03/2017 05:56:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/03/2017 05:55:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/03/2017 05:02:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/03/2017 04:57:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (01/03/2017 04:57:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (01/03/2017 04:57:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (01/03/2017 04:57:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (01/03/2017 04:57:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

System errors:
=============
Error: (01/04/2017 09:41:04 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/04/2017 09:40:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Dolby DAX2 API Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/04/2017 09:40:04 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Dolby DAX2 API Service bylo dosaženo časového limitu (30000 ms).

Error: (01/03/2017 06:02:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/03/2017 06:01:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Dolby DAX2 API Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/03/2017 06:01:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Dolby DAX2 API Service bylo dosaženo časového limitu (30000 ms).

Error: (01/03/2017 05:56:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Dolby DAX2 API Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/03/2017 05:56:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Dolby DAX2 API Service bylo dosaženo časového limitu (30000 ms).

Error: (01/03/2017 05:55:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Dolby DAX2 API Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/03/2017 05:55:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Dolby DAX2 API Service bylo dosaženo časového limitu (30000 ms).

CodeIntegrity:
===================================
Date: 2016-12-21 14:56:18.678
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-12-21 14:56:18.676
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-12-21 14:56:18.675
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-12-21 14:56:18.651
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-12-21 14:56:18.649
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-12-21 14:56:18.648
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-12-15 16:18:12.551
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-12-15 16:18:12.549
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-12-15 16:18:12.547
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-12-15 16:18:12.530
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz
Percentage of memory in use: 61%
Total physical RAM: 8107.86 MB
Available physical RAM: 3151.12 MB
Total Virtual: 16213.89 MB
Available Virtual: 11419.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.56 GB) (Free:56.2 GB) NTFS
Drive d: () (Fixed) (Total:833.85 GB) (Free:833.74 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=833.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#8 Příspěvek od **JaRon** » 04 led 2017 10:02

log je OK
mozes este skusit preinstalovat drivery: chipset, touchpad, mys -
prip. skus slimdrivers a daj vyhladat vyssieuvedene

VIRY.CZ

Prosba o kontrolu logu - samovolný pohyb kurzoru

Prosba o kontrolu logu - samovolný pohyb kurzoru

Re: Prosba o kontrolu logu - samovolný pohyb kurzoru

Re: Prosba o kontrolu logu - samovolný pohyb kurzoru

Re: Prosba o kontrolu logu - samovolný pohyb kurzoru

Re: Prosba o kontrolu logu - samovolný pohyb kurzoru

Re: Prosba o kontrolu logu - samovolný pohyb kurzoru

Re: Prosba o kontrolu logu - samovolný pohyb kurzoru

Re: Prosba o kontrolu logu - samovolný pohyb kurzoru