VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Zatížení ntb, prosím o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=143749

Stránka 1 z 4

Zatížení ntb, prosím o kontrolu logu

Napsal: 30 bře 2015 20:42
od KatieLe
Dobrý den, v poslední době mám problém s notebookem. Seká se, je zpomalený, při otevření správce úloh zjišťuji, že mám vysoké zatížení disku, RAMek a procesoru. Nedávno jsem dávala ntb do reklamace s tím, že se daný problém vyřeší a nevyřešil se. Proto prosím o kontrolu logu a postup jak se zbavit havěti. Děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by Kateřina at 2015-03-30 21:20:54
Microsoft Windows 8
System drive C: has 232 GB (91%) free of 256 GB
Total RAM: 1893 MB (11% free)

HijackThis download failed

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
dashost.exe {80c0e5c2-5698-4d94-bec00caf3a452d9f}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\windows\system32\mfevtps.exe"
"C:\Program Files\McAfee\MSC\McAPExe.exe"
"C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-cc1148b2-1367-4164-8d90-c24fdc549623 -SystemEventPortName:HostProcess-9d93899a-e778-47a0-a809-89f509355285 -IoCancelEventPortName:HostProcess-d0ae27a0-3bdc-4884-832d-b5201eeb7625 -NonStateChangingEventPortName:HostProcess-d2347e95-51b6-4b57-8776-5151c0cfde3d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5a88526f-c309-4abb-8c18-bbcf8b0b2273 -DeviceGroupId:WudfDefaultDevicePool
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc
C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe {CF10C3DD-7FC1-476f-8546-A12D7DA24BBF}|{327c188b-e480-4b8d-aebb-24ef3878f8e5}
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\windows\system32\svchost.exe -k imgsvc
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\System32\WinLogon.exe -SpecialSession
-hiberboot
taskhostex.exe
C:\windows\Explorer.EXE
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\windows\WinStore\WSHost.exe -Embedding
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"C:\Program Files (x86)\Lenovo EasyCamera\Monitor.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2448.0.782921818\485870226" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,40 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2843 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_6/PasswordGeneration/Disabled/QUIC/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=2448 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="2448.2.1825405240\1536752994" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_6/PasswordGeneration/Disabled/QUIC/Enabled/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=2448 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="2448.3.1777468078\1475722932" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_6/PasswordGeneration/Disabled/QUIC/Enabled/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=2448 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="2448.4.529095920\2116336429" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_6/PasswordGeneration/Disabled/QUIC/Enabled/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=2448 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="2448.5.652046414\1354045588" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_6/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Enabled/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=2448 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="2448.11.1073437935\2071177091" /prefetch:673131151
"C:\Program Files\Internet Explorer\iexplore.exe" http://www.amazon.co.uk/gp/bit/pin?tagb ... .0&url=%2f
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4300 CREDAT:267521 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2448.12.546703170\1805825878" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702

"C:\PROGRA~1\McAfee\MSC\MCMIGR~1.EXE"
"c:\PROGRA~1\COMMON~1\mcafee\updmgr\30259~1.1\MCUPDA~1.EXE" -Embedding
"c:\PROGRA~1\mcafee\msc\MCMIGR~1.EXE" -Embedding
C:\windows\servicing\TrustedInstaller.exe
C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe -Embedding
"C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /simplemode /platui
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe34_ Global\UsGthrCtrlFltPipeMssGthrPipe34 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 556 560 568 65536 564
"C:\Users\Kateřina\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2012-08-24 170304]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2012-08-24 398656]
"Persistence"=C:\windows\system32\igfxpers.exe [2012-08-24 441152]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-02 12921488]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-06-13 1212560]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2012-06-26 366720]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-08-09 2864016]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-10-17 17079376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-10-17 191568]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-02-13 169768]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-04-23 508256]
"Lenovo EasyCamera_Monitor"=C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe [2010-08-24 257224]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2012-07-27 167024]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2014-04-25 537992]
"mcpltui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2014-04-25 537992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2012-08-23 441856]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-30 21:21:01 ----D---- C:\Program Files\trend micro
2015-03-30 21:20:54 ----D---- C:\rsit
2015-03-29 21:32:07 ----A---- C:\windows\system32\netcfg-35462500.txt
2015-03-29 21:31:04 ----A---- C:\windows\system32\netcfg-35399265.txt
2015-03-29 21:27:07 ----A---- C:\windows\system32\netcfg-35162671.txt
2015-03-29 21:27:01 ----A---- C:\windows\system32\netcfg-35156218.txt
2015-03-29 21:26:56 ----A---- C:\windows\system32\netcfg-35151156.txt
2015-03-29 21:26:42 ----A---- C:\windows\system32\netcfg-35137765.txt
2015-03-29 21:22:51 ----A---- C:\windows\system32\netcfg-34906593.txt
2015-03-29 21:22:42 ----A---- C:\windows\system32\netcfg-34897531.txt
2015-03-29 20:54:57 ----D---- C:\Users\Kateřina\AppData\Roaming\Apple Computer
2015-03-29 20:54:13 ----A---- C:\windows\system32\drivers\GEARAspiWDM.sys
2015-03-29 20:54:12 ----DC---- C:\windows\system32\DRVSTORE
2015-03-29 20:52:21 ----D---- C:\Program Files (x86)\iTunes
2015-03-29 20:52:20 ----D---- C:\Program Files\iPod
2015-03-29 20:51:59 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-29 20:51:59 ----D---- C:\ProgramData\Apple Computer
2015-03-29 20:51:59 ----D---- C:\Program Files\iTunes
2015-03-29 20:45:21 ----D---- C:\Program Files (x86)\Apple Software Update
2015-03-29 20:44:40 ----D---- C:\Program Files\Bonjour
2015-03-29 20:44:40 ----D---- C:\Program Files (x86)\Bonjour
2015-03-29 20:44:04 ----D---- C:\Program Files\Common Files\Apple
2015-03-29 20:43:26 ----D---- C:\ProgramData\Apple
2015-03-29 12:20:39 ----A---- C:\windows\system32\netcfg-2381062.txt
2015-03-29 11:46:48 ----A---- C:\windows\system32\netcfg-356562.txt
2015-03-29 11:44:59 ----A---- C:\windows\system32\netcfg-247453.txt
2015-03-29 11:43:08 ----A---- C:\windows\system32\netcfg-136703.txt
2015-03-29 11:42:22 ----A---- C:\windows\system32\netcfg-90453.txt
2015-03-29 11:40:18 ----A---- C:\windows\system32\netcfg-216228750.txt
2015-03-29 11:38:36 ----A---- C:\windows\system32\netcfg-216127265.txt
2015-03-29 11:37:49 ----A---- C:\windows\system32\netcfg-216080234.txt
2015-03-29 11:36:46 ----A---- C:\windows\system32\netcfg-216017421.txt
2015-03-29 11:36:42 ----A---- C:\windows\system32\netcfg-216012890.txt
2015-03-29 11:36:29 ----A---- C:\windows\system32\netcfg-215999906.txt
2015-03-29 11:36:26 ----A---- C:\windows\system32\netcfg-215996734.txt
2015-03-29 11:25:00 ----D---- C:\Program Files (x86)\GUM63E0.tmp
2015-03-29 11:25:00 ----A---- C:\Program Files (x86)\GUT63E1.tmp
2015-03-29 11:17:03 ----D---- C:\Program Files (x86)\Google
2015-03-29 11:08:10 ----A---- C:\windows\system32\drivers\HipShieldK.sys
2015-03-29 11:07:30 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-03-29 11:07:29 ----A---- C:\windows\SYSWOW64\wups.dll
2015-03-29 11:07:29 ----A---- C:\windows\system32\wudriver.dll
2015-03-29 11:07:29 ----A---- C:\windows\system32\storewuauth.dll
2015-03-29 11:07:26 ----A---- C:\windows\system32\wushareduxresources.dll
2015-03-29 11:07:26 ----A---- C:\windows\system32\wups2.dll
2015-03-29 11:07:26 ----A---- C:\windows\system32\wups.dll
2015-03-29 11:07:25 ----A---- C:\windows\system32\WUSettingsProvider.dll
2015-03-29 11:07:25 ----A---- C:\windows\system32\wuauclt.exe
2015-03-29 11:07:25 ----A---- C:\windows\system32\wuaext.dll
2015-03-29 11:07:21 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-03-29 11:07:21 ----A---- C:\windows\system32\wucltux.dll
2015-03-29 11:07:21 ----A---- C:\windows\system32\wuaueng.dll
2015-03-29 11:07:21 ----A---- C:\windows\system32\wuapi.dll
2015-03-29 11:06:13 ----A---- C:\windows\system32\netcfg-214183546.txt
2015-03-29 11:06:10 ----A---- C:\windows\system32\netcfg-214180781.txt
2015-03-27 08:25:19 ----A---- C:\Recovery.txt
2015-03-27 07:28:34 ----A---- C:\windows\system32\netcfg-184250.txt
2015-03-27 07:25:44 ----ASH---- C:\swapfile.sys
2015-03-27 07:25:43 ----ASH---- C:\pagefile.sys
2015-03-27 07:25:42 ----SHD---- C:\System Volume Information
2015-03-27 07:25:41 ----ASH---- C:\hiberfil.sys
2015-03-27 00:17:28 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-03-27 00:17:28 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-03-27 00:17:28 ----A---- C:\windows\system32\wuwebv.dll
2015-03-27 00:17:28 ----A---- C:\windows\system32\wuapp.exe
2015-03-26 23:48:16 ----D---- C:\Users\Kateřina\AppData\Roaming\LSC
2015-03-26 23:40:25 ----D---- C:\Users\Kateřina\AppData\Roaming\Lenovo
2015-03-26 23:39:49 ----SHD---- C:\$RECYCLE.BIN
2015-03-26 23:38:48 ----D---- C:\Users\Kateřina\AppData\Roaming\Adobe
2015-03-26 23:37:27 ----A---- C:\windows\system32\netcfg-63500.txt
2015-03-26 23:36:10 ----A---- C:\windows\system32\netcfg-652359.txt
2015-03-26 23:35:55 ----SD---- C:\Users\Kateřina\AppData\Roaming\Microsoft
2015-03-26 23:35:55 ----D---- C:\Users\Kateřina\AppData\Roaming\Macromedia
2015-03-26 23:28:34 ----A---- C:\windows\system32\netcfg-195671.txt
2015-03-26 23:28:29 ----A---- C:\windows\system32\netcfg-191093.txt

======List of files/folders modified in the last 1 month======

2015-03-30 21:21:03 ----D---- C:\windows\Temp
2015-03-30 21:21:01 ----RD---- C:\Program Files
2015-03-30 21:14:52 ----D---- C:\windows\system32\catroot2
2015-03-30 21:14:50 ----D---- C:\windows\WinSxS
2015-03-30 21:00:05 ----D---- C:\windows\system32\sru
2015-03-29 22:10:34 ----D---- C:\windows\Prefetch
2015-03-29 21:50:26 ----D---- C:\windows\system32\config
2015-03-29 21:43:15 ----D---- C:\windows\system32\Drivers
2015-03-29 21:43:14 ----AD---- C:\windows\System32
2015-03-29 21:31:01 ----D---- C:\windows\Inf
2015-03-29 21:07:14 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-03-29 21:01:18 ----D---- C:\windows\SoftwareDistribution
2015-03-29 20:55:10 ----SHD---- C:\windows\Installer
2015-03-29 20:54:35 ----D---- C:\windows\SysWOW64
2015-03-29 20:52:21 ----RD---- C:\Program Files (x86)
2015-03-29 20:51:59 ----HD---- C:\ProgramData
2015-03-29 20:45:27 ----D---- C:\windows\system32\Tasks
2015-03-29 20:45:11 ----D---- C:\windows\system32\catroot
2015-03-29 20:45:10 ----D---- C:\windows\system32\DriverStore
2015-03-29 20:44:04 ----D---- C:\Program Files\Common Files
2015-03-29 20:43:26 ----D---- C:\Program Files (x86)\Common Files
2015-03-29 11:46:35 ----A---- C:\windows\SYSWOW64\log.txt
2015-03-29 11:43:39 ----D---- C:\windows\CbsTemp
2015-03-29 11:42:18 ----D---- C:\Program Files (x86)\McAfee
2015-03-29 11:42:04 ----D---- C:\ProgramData\McAfee
2015-03-29 11:42:04 ----D---- C:\Program Files\Common Files\mcafee
2015-03-29 11:41:08 ----D---- C:\windows\SYSWOW64\sk-SK
2015-03-29 11:41:08 ----D---- C:\windows\SYSWOW64\en-US
2015-03-29 11:41:08 ----D---- C:\windows\SYSWOW64\cs-CZ
2015-03-29 11:41:07 ----D---- C:\windows\system32\sk-SK
2015-03-29 11:41:07 ----D---- C:\windows\system32\en-US
2015-03-29 11:41:07 ----D---- C:\windows\system32\cs-CZ
2015-03-29 11:33:27 ----D---- C:\windows\Logs
2015-03-29 11:25:54 ----D---- C:\windows\Tasks
2015-03-29 11:09:53 ----SD---- C:\ProgramData\Microsoft
2015-03-29 11:08:13 ----D---- C:\windows\system32\wdi
2015-03-27 00:17:56 ----AD---- C:\Windows
2015-03-27 00:16:44 ----HD---- C:\windows\ELAMBKUP
2015-03-27 00:15:18 ----D---- C:\windows\system32\restore
2015-03-26 23:38:00 ----D---- C:\windows\WinStore
2015-03-26 23:37:54 ----RD---- C:\windows\ImmersiveControlPanel
2015-03-26 23:37:49 ----HD---- C:\Program Files\WindowsApps
2015-03-26 23:34:25 ----AD---- C:\Users
2015-03-26 23:29:04 ----D---- C:\windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2012-07-09 645952]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2012-10-17 39008]
R0 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2014-06-20 786296]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\windows\system32\drivers\mfewfpk.sys [2014-06-20 348552]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 ACPIVPC;@oem11.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2012-10-17 33560]
R3 AmUStor;@oem6.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\windows\system32\drivers\AmUStor.SYS [2012-06-13 100992]
R3 athr;@oem8.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athw8x.sys [2012-07-24 3618304]
R3 cfwids;McAfee Inc. cfwids; C:\windows\system32\drivers\cfwids.sys [2014-06-20 72128]
R3 ETD;@oem10.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2012-08-09 315216]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-08-23 9000256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2012-07-03 4074256]
R3 L1C;@oem7.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C63x64.sys [2012-06-21 110744]
R3 MEIx64;@oem3.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\windows\system32\drivers\mfeapfk.sys [2014-06-20 181704]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\windows\system32\drivers\mfeavfk.sys [2014-06-20 313544]
R3 mfefirek;McAfee Inc. mfefirek; C:\windows\system32\drivers\mfefirek.sys [2014-06-20 523792]
R3 mfencbdc;McAfee Inc. mfencbdc; C:\windows\system32\DRIVERS\mfencbdc.sys [2014-08-20 445512]
R3 SPUVCbv;@oem9.inf,%SPUVCb.ServiceName%;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2012-08-24 1059064]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\windows\system32\drivers\mfeelamk.sys [2014-06-20 70600]
S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2012-06-02 333824]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\windows\system32\drivers\HipShieldK.sys [2013-09-23 197704]
S3 mfencrk;McAfee Inc. mfencrk; C:\windows\system32\DRIVERS\mfencrk.sys [2014-08-20 96592]
S3 NETwNs64;@netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2012-06-02 8604672]
S3 USBAAPL64;@oem13.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2012-07-26 210304]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-19 77128]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-17 128896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-17 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 276864]
R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2014-04-25 178528]
R2 mfecore;McAfee Anti-Malware Core; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2014-08-20 1041192]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2014-06-20 219752]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\windows\system32\mfevtps.exe [2014-06-20 189912]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-02-13 643880]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-29 116648]
S2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
S2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
S2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
S2 McOobeSv;McAfee OOBE Service; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-05-11 200728]
S2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
S2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
S2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 364416]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2012-08-24 276288]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-29 116648]
S3 McAWFwk;McAfee Activation Service; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-01-26 332080]
S3 McODS;McAfee Scanner; C:\Program Files\mcafee\VirusScan\mcods.exe [2014-10-08 603424]

-----------------EOF-----------------

Re: Zatížení ntb, prosím o kontrolu logu

Napsal: 30 bře 2015 20:53
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Zatížení ntb, prosím o kontrolu logu

Napsal: 30 bře 2015 21:18
od KatieLe
Vkladam log:

# AdwCleaner v4.200 - Log vytvooen 30/03/2015 v 22:10:57
# Aktualizováno 29/03/2015 by Xplode
# Databáze : 2015-03-29.1 [Local]
# Operaení system : Windows 8 (x64)
# Uživatelské jméno : Kateřina - KATIELETHI
# Spuštino z : C:\Users\Kateřina\Desktop\adwcleaner_4.200.exe
# Nastavení : Eištiní

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\Program Files (x86)\Amazon\ABB

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíe Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\istartsurf.com
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Prohlížeee ] *****

-\\ Internet Explorer v10.0.9200.16384

Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v41.0.2272.101


*************************

AdwCleaner[R0].txt - [1194 bytu] - [30/03/2015 21:59:57]
AdwCleaner[R1].txt - [1252 bytu] - [30/03/2015 22:08:33]
AdwCleaner[S0].txt - [1062 bytu] - [30/03/2015 22:10:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1120 bytu] ##########

Re: Zatížení ntb, prosím o kontrolu logu

Napsal: 30 bře 2015 21:33
od Rudy
Dejte nový log RSIT.

Re: Zatížení ntb, prosím o kontrolu logu

Napsal: 30 bře 2015 21:36
od KatieLe
RSIT log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Kateřina at 2015-03-30 22:35:10
Microsoft Windows 8
System drive C: has 228 GB (89%) free of 256 GB
Total RAM: 1893 MB (13% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:35:31 PM, on 3/30/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16384)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo EasyCamera\Monitor.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Kateřina.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [Lenovo EasyCamera_Monitor] C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O23 - Service: McAfee Application Installer Cleanup (0258951427746938) (0258951427746938mcinstcleanup) - McAfee, Inc. - C:\windows\TEMP\025895~1.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee OOBE Service (McOobeSv) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9079 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"dwm.exe"
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\windows\system32\mfevtps.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\McAfee\MSC\McAPExe.exe"
"C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
"C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k LocalServicePeerNet
taskhostex.exe
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
dashost.exe {a9292c8a-8eb1-4849-83a2f2315b5b4d86}
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"C:\Program Files (x86)\Lenovo EasyCamera\Monitor.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /platui /runkey
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-63d73a77-bd9d-47b0-aefb-102909af113e -SystemEventPortName:HostProcess-2691e498-fa19-46f4-8287-a31161af6b22 -IoCancelEventPortName:HostProcess-43a8e227-a358-4316-904b-287cf3d3314c -NonStateChangingEventPortName:HostProcess-4c4d1b46-e64b-4427-afc0-b820c42aca32 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c23b672d-cbbe-4c01-a4d1-8d3f938fe3b2 -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\servicing\TrustedInstaller.exe
C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5624.0.1634703342\901012949" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,40 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2843 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_6/PasswordGeneration/Disabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5624 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="5624.2.211000512\595780903" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_6/PasswordGeneration/Disabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5624 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="5624.3.1056050203\1903548289" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_6/PasswordGeneration/Disabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5624 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="5624.4.1648367928\1511801623" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_6/PasswordGeneration/Disabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5624 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="5624.5.663153265\1402792678" /prefetch:673131151
C:\windows\system32\msiexec.exe /V
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_6/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5624 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="5624.9.351462900\955070888" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_6/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5624 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="5624.12.340116611\1598888219" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5624.13.1122515875\668123121" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_6/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/ControlForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5624 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="5624.15.1496435892\1471713587" /prefetch:673131151
"C:\Users\Kateřina\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2012-08-24 170304]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2012-08-24 398656]
"Persistence"=C:\windows\system32\igfxpers.exe [2012-08-24 441152]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-02 12921488]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-06-13 1212560]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2012-06-26 366720]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-08-09 2864016]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-10-17 17079376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-10-17 191568]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-02-13 169768]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-04-23 508256]
"Lenovo EasyCamera_Monitor"=C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe [2010-08-24 257224]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2012-07-27 167024]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2014-04-25 537992]
"mcpltui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2014-04-25 537992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2012-08-23 441856]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-30 22:17:25 ----A---- C:\windows\system32\netcfg-215171.txt
2015-03-30 22:17:25 ----A---- C:\windows\system32\netcfg-215046.txt
2015-03-30 22:15:04 ----A---- C:\windows\system32\netcfg-74234.txt
2015-03-30 22:13:25 ----A---- C:\windows\system32\netcfg-124333968.txt
2015-03-30 21:59:51 ----D---- C:\AdwCleaner
2015-03-30 21:21:01 ----D---- C:\Program Files\trend micro
2015-03-30 21:20:54 ----D---- C:\rsit
2015-03-29 21:32:07 ----A---- C:\windows\system32\netcfg-35462500.txt
2015-03-29 21:31:04 ----A---- C:\windows\system32\netcfg-35399265.txt
2015-03-29 21:27:07 ----A---- C:\windows\system32\netcfg-35162671.txt
2015-03-29 21:27:01 ----A---- C:\windows\system32\netcfg-35156218.txt
2015-03-29 21:26:56 ----A---- C:\windows\system32\netcfg-35151156.txt
2015-03-29 21:26:42 ----A---- C:\windows\system32\netcfg-35137765.txt
2015-03-29 21:22:51 ----A---- C:\windows\system32\netcfg-34906593.txt
2015-03-29 21:22:42 ----A---- C:\windows\system32\netcfg-34897531.txt
2015-03-29 20:54:57 ----D---- C:\Users\Kateřina\AppData\Roaming\Apple Computer
2015-03-29 20:54:13 ----A---- C:\windows\system32\drivers\GEARAspiWDM.sys
2015-03-29 20:54:12 ----DC---- C:\windows\system32\DRVSTORE
2015-03-29 20:52:21 ----D---- C:\Program Files (x86)\iTunes
2015-03-29 20:52:20 ----D---- C:\Program Files\iPod
2015-03-29 20:51:59 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-29 20:51:59 ----D---- C:\ProgramData\Apple Computer
2015-03-29 20:51:59 ----D---- C:\Program Files\iTunes
2015-03-29 20:45:21 ----D---- C:\Program Files (x86)\Apple Software Update
2015-03-29 20:44:40 ----D---- C:\Program Files\Bonjour
2015-03-29 20:44:40 ----D---- C:\Program Files (x86)\Bonjour
2015-03-29 20:44:04 ----D---- C:\Program Files\Common Files\Apple
2015-03-29 20:43:26 ----D---- C:\ProgramData\Apple
2015-03-29 12:20:39 ----A---- C:\windows\system32\netcfg-2381062.txt
2015-03-29 11:46:48 ----A---- C:\windows\system32\netcfg-356562.txt
2015-03-29 11:44:59 ----A---- C:\windows\system32\netcfg-247453.txt
2015-03-29 11:43:08 ----A---- C:\windows\system32\netcfg-136703.txt
2015-03-29 11:42:22 ----A---- C:\windows\system32\netcfg-90453.txt
2015-03-29 11:40:18 ----A---- C:\windows\system32\netcfg-216228750.txt
2015-03-29 11:38:36 ----A---- C:\windows\system32\netcfg-216127265.txt
2015-03-29 11:37:49 ----A---- C:\windows\system32\netcfg-216080234.txt
2015-03-29 11:36:46 ----A---- C:\windows\system32\netcfg-216017421.txt
2015-03-29 11:36:42 ----A---- C:\windows\system32\netcfg-216012890.txt
2015-03-29 11:36:29 ----A---- C:\windows\system32\netcfg-215999906.txt
2015-03-29 11:36:26 ----A---- C:\windows\system32\netcfg-215996734.txt
2015-03-29 11:25:00 ----D---- C:\Program Files (x86)\GUM63E0.tmp
2015-03-29 11:25:00 ----A---- C:\Program Files (x86)\GUT63E1.tmp
2015-03-29 11:17:03 ----D---- C:\Program Files (x86)\Google
2015-03-29 11:08:10 ----A---- C:\windows\system32\drivers\HipShieldK.sys
2015-03-29 11:07:30 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-03-29 11:07:29 ----A---- C:\windows\SYSWOW64\wups.dll
2015-03-29 11:07:29 ----A---- C:\windows\system32\wudriver.dll
2015-03-29 11:07:29 ----A---- C:\windows\system32\storewuauth.dll
2015-03-29 11:07:26 ----A---- C:\windows\system32\wushareduxresources.dll
2015-03-29 11:07:26 ----A---- C:\windows\system32\wups2.dll
2015-03-29 11:07:26 ----A---- C:\windows\system32\wups.dll
2015-03-29 11:07:25 ----A---- C:\windows\system32\WUSettingsProvider.dll
2015-03-29 11:07:25 ----A---- C:\windows\system32\wuauclt.exe
2015-03-29 11:07:25 ----A---- C:\windows\system32\wuaext.dll
2015-03-29 11:07:21 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-03-29 11:07:21 ----A---- C:\windows\system32\wucltux.dll
2015-03-29 11:07:21 ----A---- C:\windows\system32\wuaueng.dll
2015-03-29 11:07:21 ----A---- C:\windows\system32\wuapi.dll
2015-03-29 11:06:13 ----A---- C:\windows\system32\netcfg-214183546.txt
2015-03-29 11:06:10 ----A---- C:\windows\system32\netcfg-214180781.txt
2015-03-27 08:25:19 ----A---- C:\Recovery.txt
2015-03-27 07:28:34 ----A---- C:\windows\system32\netcfg-184250.txt
2015-03-27 07:25:44 ----ASH---- C:\swapfile.sys
2015-03-27 07:25:43 ----ASH---- C:\pagefile.sys
2015-03-27 07:25:42 ----SHD---- C:\System Volume Information
2015-03-27 07:25:41 ----ASH---- C:\hiberfil.sys
2015-03-27 00:17:28 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-03-27 00:17:28 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-03-27 00:17:28 ----A---- C:\windows\system32\wuwebv.dll
2015-03-27 00:17:28 ----A---- C:\windows\system32\wuapp.exe
2015-03-26 23:48:16 ----D---- C:\Users\Kateřina\AppData\Roaming\LSC
2015-03-26 23:40:25 ----D---- C:\Users\Kateřina\AppData\Roaming\Lenovo
2015-03-26 23:39:49 ----SHD---- C:\$RECYCLE.BIN
2015-03-26 23:38:48 ----D---- C:\Users\Kateřina\AppData\Roaming\Adobe
2015-03-26 23:37:27 ----A---- C:\windows\system32\netcfg-63500.txt
2015-03-26 23:36:10 ----A---- C:\windows\system32\netcfg-652359.txt
2015-03-26 23:35:55 ----SD---- C:\Users\Kateřina\AppData\Roaming\Microsoft
2015-03-26 23:35:55 ----D---- C:\Users\Kateřina\AppData\Roaming\Macromedia
2015-03-26 23:28:34 ----A---- C:\windows\system32\netcfg-195671.txt
2015-03-26 23:28:29 ----A---- C:\windows\system32\netcfg-191093.txt

======List of files/folders modified in the last 1 month======

2015-03-30 22:35:14 ----D---- C:\windows\Temp
2015-03-30 22:23:28 ----D---- C:\windows\Prefetch
2015-03-30 22:22:17 ----D---- C:\Program Files (x86)\McAfee
2015-03-30 22:18:01 ----A---- C:\windows\SYSWOW64\log.txt
2015-03-30 22:17:35 ----D---- C:\windows\system32\NDF
2015-03-30 22:17:25 ----AD---- C:\windows\System32
2015-03-30 22:11:00 ----D---- C:\Program Files (x86)\Amazon
2015-03-30 22:08:43 ----D---- C:\windows\system32\config
2015-03-30 22:06:43 ----D---- C:\windows\CbsTemp
2015-03-30 22:06:29 ----D---- C:\windows\system32\catroot2
2015-03-30 22:06:14 ----D---- C:\windows\WinSxS
2015-03-30 22:00:01 ----D---- C:\windows\system32\sru
2015-03-30 21:56:40 ----D---- C:\windows\SoftwareDistribution
2015-03-30 21:56:13 ----HD---- C:\Program Files\WindowsApps
2015-03-30 21:56:12 ----D---- C:\windows\AUInstallAgent
2015-03-30 21:21:01 ----RD---- C:\Program Files
2015-03-30 21:03:41 ----D---- C:\ProgramData\McAfee
2015-03-29 21:43:15 ----D---- C:\windows\system32\Drivers
2015-03-29 21:31:01 ----D---- C:\windows\Inf
2015-03-29 21:07:14 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-03-29 20:55:10 ----SHD---- C:\windows\Installer
2015-03-29 20:54:35 ----D---- C:\windows\SysWOW64
2015-03-29 20:52:21 ----RD---- C:\Program Files (x86)
2015-03-29 20:51:59 ----HD---- C:\ProgramData
2015-03-29 20:45:27 ----D---- C:\windows\system32\Tasks
2015-03-29 20:45:11 ----D---- C:\windows\system32\catroot
2015-03-29 20:45:10 ----D---- C:\windows\system32\DriverStore
2015-03-29 20:44:04 ----D---- C:\Program Files\Common Files
2015-03-29 20:43:26 ----D---- C:\Program Files (x86)\Common Files
2015-03-29 11:42:04 ----D---- C:\Program Files\Common Files\mcafee
2015-03-29 11:41:08 ----D---- C:\windows\SYSWOW64\sk-SK
2015-03-29 11:41:08 ----D---- C:\windows\SYSWOW64\en-US
2015-03-29 11:41:08 ----D---- C:\windows\SYSWOW64\cs-CZ
2015-03-29 11:41:07 ----D---- C:\windows\system32\sk-SK
2015-03-29 11:41:07 ----D---- C:\windows\system32\en-US
2015-03-29 11:41:07 ----D---- C:\windows\system32\cs-CZ
2015-03-29 11:33:27 ----D---- C:\windows\Logs
2015-03-29 11:25:54 ----D---- C:\windows\Tasks
2015-03-29 11:09:53 ----SD---- C:\ProgramData\Microsoft
2015-03-29 11:08:13 ----D---- C:\windows\system32\wdi
2015-03-27 00:17:56 ----AD---- C:\Windows
2015-03-27 00:16:44 ----HD---- C:\windows\ELAMBKUP
2015-03-27 00:15:18 ----D---- C:\windows\system32\restore
2015-03-26 23:38:00 ----D---- C:\windows\WinStore
2015-03-26 23:37:54 ----RD---- C:\windows\ImmersiveControlPanel
2015-03-26 23:34:25 ----AD---- C:\Users
2015-03-26 23:29:04 ----D---- C:\windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2012-07-09 645952]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2012-10-17 39008]
R0 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2014-06-20 786296]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\windows\system32\drivers\mfewfpk.sys [2014-06-20 348552]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 ACPIVPC;@oem11.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2012-10-17 33560]
R3 AmUStor;@oem6.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\windows\system32\drivers\AmUStor.SYS [2012-06-13 100992]
R3 athr;@oem8.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athw8x.sys [2012-07-24 3618304]
R3 cfwids;McAfee Inc. cfwids; C:\windows\system32\drivers\cfwids.sys [2014-06-20 72128]
R3 ETD;@oem10.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2012-08-09 315216]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-08-23 9000256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2012-07-03 4074256]
R3 L1C;@oem7.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C63x64.sys [2012-06-21 110744]
R3 MEIx64;@oem3.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\windows\system32\drivers\mfeapfk.sys [2014-06-20 181704]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\windows\system32\drivers\mfeavfk.sys [2014-06-20 313544]
R3 mfefirek;McAfee Inc. mfefirek; C:\windows\system32\drivers\mfefirek.sys [2014-06-20 523792]
R3 mfencbdc;McAfee Inc. mfencbdc; C:\windows\system32\DRIVERS\mfencbdc.sys [2014-08-20 445512]
R3 SPUVCbv;@oem9.inf,%SPUVCb.ServiceName%;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2012-08-24 1059064]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\windows\system32\drivers\mfeelamk.sys [2014-06-20 70600]
S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2012-06-02 333824]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\windows\system32\drivers\HipShieldK.sys [2013-09-23 197704]
S3 mfencrk;McAfee Inc. mfencrk; C:\windows\system32\DRIVERS\mfencrk.sys [2014-08-20 96592]
S3 NETwNs64;@netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2012-06-02 8604672]
S3 USBAAPL64;@oem13.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2012-07-26 210304]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-19 77128]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-17 128896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-17 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 276864]
R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2014-04-25 178528]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 mfecore;McAfee Anti-Malware Core; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2014-08-20 1041192]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2014-06-20 219752]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\windows\system32\mfevtps.exe [2014-06-20 189912]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 364416]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-02-13 643880]
S2 0258951427746938mcinstcleanup;McAfee Application Installer Cleanup (0258951427746938); C:\windows\TEMP\025895~1.EXE [2014-03-13 836168]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-29 116648]
S2 McOobeSv;McAfee OOBE Service; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-05-11 200728]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2012-08-24 276288]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-29 116648]
S3 McAWFwk;McAfee Activation Service; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-01-26 332080]
S3 McODS;McAfee Scanner; C:\Program Files\mcafee\VirusScan\mcods.exe [2014-10-08 603424]

-----------------EOF-----------------

Re: Zatížení ntb, prosím o kontrolu logu

Napsal: 31 bře 2015 20:06
od KatieLe
Mohu poprosit o dalsi postupy?dekuji

Re: Zatížení ntb, prosím o kontrolu logu

Napsal: 31 bře 2015 20:08
od Rudy
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files (x86)\GUM63E0.tmp
C:\Program Files (x86)\GUT63E1.tmp

:reg
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Re: Zatížení ntb, prosím o kontrolu logu

Napsal: 31 bře 2015 20:24
od KatieLe
Vkládám další log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Kateřina at 2015-03-31 21:18:39
Microsoft Windows 8
System drive C: has 227 GB (89%) free of 256 GB
Total RAM: 1893 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:18:54, on 31. 3. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16384)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo EasyCamera\Monitor.exe
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files\trend micro\Kateřina.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [Lenovo EasyCamera_Monitor] C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee OOBE Service (McOobeSv) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8318 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
"dwm.exe"
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
dashost.exe {4837a2ba-0bd4-4740-a8f7f7d3d8aca560}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\windows\system32\mfevtps.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\McAfee\MSC\McAPExe.exe"
"C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe"
taskhostex.exe
taskeng.exe {81F2175A-EEA7-4602-A106-BF750F254F6C}
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
C:\windows\Explorer.EXE
"C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-492d8fb7-bc55-4145-978d-057445d0f9ce -SystemEventPortName:HostProcess-174b4f7a-67bd-466c-9892-091933383387 -IoCancelEventPortName:HostProcess-ac79c272-7fef-4ef9-b3b9-c608b156186f -NonStateChangingEventPortName:HostProcess-449702e2-96be-4486-886d-67478a1ce49e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:099fb3aa-5344-40ee-bbdb-b8bcdc41cc9d -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 556 560 568 65536 564
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Program Files (x86)\Lenovo EasyCamera\Monitor.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /platui /runkey
C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\wbem\wmiprvse.exe
"C:\Users\Kateřina\Downloads\RSITx64.exe"
C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe -Embedding
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2012-08-24 170304]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2012-08-24 398656]
"Persistence"=C:\windows\system32\igfxpers.exe [2012-08-24 441152]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-02 12921488]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-06-13 1212560]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2012-06-26 366720]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-08-09 2864016]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-10-17 17079376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-10-17 191568]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-02-13 169768]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-04-23 508256]
"Lenovo EasyCamera_Monitor"=C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe [2010-08-24 257224]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2012-07-27 167024]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2014-04-25 537992]
"mcpltui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2014-04-25 537992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2012-08-23 441856]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-31 21:18:22 ----A---- C:\windows\system32\netcfg-117453.txt
2015-03-31 21:15:41 ----A---- C:\windows\system32\netcfg-13568218.txt
2015-03-31 21:12:36 ----D---- C:\_OTM
2015-03-31 19:40:29 ----D---- C:\Users\Kateřina\AppData\Roaming\vlc
2015-03-31 19:32:00 ----D---- C:\Program Files (x86)\VideoLAN
2015-03-31 18:50:34 ----D---- C:\Users\Kateřina\AppData\Roaming\uTorrent
2015-03-31 18:39:18 ----A---- C:\windows\system32\netcfg-4190796.txt
2015-03-31 18:39:13 ----A---- C:\windows\system32\netcfg-4185187.txt
2015-03-31 17:24:07 ----A---- C:\windows\system32\netcfg-69011500.txt
2015-03-31 17:24:04 ----A---- C:\windows\system32\netcfg-69008562.txt
2015-03-30 22:17:25 ----A---- C:\windows\system32\netcfg-215171.txt
2015-03-30 22:17:25 ----A---- C:\windows\system32\netcfg-215046.txt
2015-03-30 22:15:04 ----A---- C:\windows\system32\netcfg-74234.txt
2015-03-30 22:13:25 ----A---- C:\windows\system32\netcfg-124333968.txt
2015-03-30 21:59:51 ----D---- C:\AdwCleaner
2015-03-30 21:21:01 ----D---- C:\Program Files\trend micro
2015-03-30 21:20:54 ----D---- C:\rsit
2015-03-29 21:32:07 ----A---- C:\windows\system32\netcfg-35462500.txt
2015-03-29 21:31:04 ----A---- C:\windows\system32\netcfg-35399265.txt
2015-03-29 21:27:07 ----A---- C:\windows\system32\netcfg-35162671.txt
2015-03-29 21:27:01 ----A---- C:\windows\system32\netcfg-35156218.txt
2015-03-29 21:26:56 ----A---- C:\windows\system32\netcfg-35151156.txt
2015-03-29 21:26:42 ----A---- C:\windows\system32\netcfg-35137765.txt
2015-03-29 21:22:51 ----A---- C:\windows\system32\netcfg-34906593.txt
2015-03-29 21:22:42 ----A---- C:\windows\system32\netcfg-34897531.txt
2015-03-29 20:54:57 ----D---- C:\Users\Kateřina\AppData\Roaming\Apple Computer
2015-03-29 20:54:13 ----A---- C:\windows\system32\drivers\GEARAspiWDM.sys
2015-03-29 20:54:12 ----DC---- C:\windows\system32\DRVSTORE
2015-03-29 20:52:21 ----D---- C:\Program Files (x86)\iTunes
2015-03-29 20:52:20 ----D---- C:\Program Files\iPod
2015-03-29 20:51:59 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-29 20:51:59 ----D---- C:\ProgramData\Apple Computer
2015-03-29 20:51:59 ----D---- C:\Program Files\iTunes
2015-03-29 20:45:21 ----D---- C:\Program Files (x86)\Apple Software Update
2015-03-29 20:44:40 ----D---- C:\Program Files\Bonjour
2015-03-29 20:44:40 ----D---- C:\Program Files (x86)\Bonjour
2015-03-29 20:44:04 ----D---- C:\Program Files\Common Files\Apple
2015-03-29 20:43:26 ----D---- C:\ProgramData\Apple
2015-03-29 12:20:39 ----A---- C:\windows\system32\netcfg-2381062.txt
2015-03-29 11:46:48 ----A---- C:\windows\system32\netcfg-356562.txt
2015-03-29 11:44:59 ----A---- C:\windows\system32\netcfg-247453.txt
2015-03-29 11:43:08 ----A---- C:\windows\system32\netcfg-136703.txt
2015-03-29 11:42:22 ----A---- C:\windows\system32\netcfg-90453.txt
2015-03-29 11:40:18 ----A---- C:\windows\system32\netcfg-216228750.txt
2015-03-29 11:38:36 ----A---- C:\windows\system32\netcfg-216127265.txt
2015-03-29 11:37:49 ----A---- C:\windows\system32\netcfg-216080234.txt
2015-03-29 11:36:46 ----A---- C:\windows\system32\netcfg-216017421.txt
2015-03-29 11:36:42 ----A---- C:\windows\system32\netcfg-216012890.txt
2015-03-29 11:36:29 ----A---- C:\windows\system32\netcfg-215999906.txt
2015-03-29 11:36:26 ----A---- C:\windows\system32\netcfg-215996734.txt
2015-03-29 11:17:03 ----D---- C:\Program Files (x86)\Google
2015-03-29 11:08:10 ----A---- C:\windows\system32\drivers\HipShieldK.sys
2015-03-29 11:07:30 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-03-29 11:07:29 ----A---- C:\windows\SYSWOW64\wups.dll
2015-03-29 11:07:29 ----A---- C:\windows\system32\wudriver.dll
2015-03-29 11:07:29 ----A---- C:\windows\system32\storewuauth.dll
2015-03-29 11:07:26 ----A---- C:\windows\system32\wushareduxresources.dll
2015-03-29 11:07:26 ----A---- C:\windows\system32\wups2.dll
2015-03-29 11:07:26 ----A---- C:\windows\system32\wups.dll
2015-03-29 11:07:25 ----A---- C:\windows\system32\WUSettingsProvider.dll
2015-03-29 11:07:25 ----A---- C:\windows\system32\wuauclt.exe
2015-03-29 11:07:25 ----A---- C:\windows\system32\wuaext.dll
2015-03-29 11:07:21 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-03-29 11:07:21 ----A---- C:\windows\system32\wucltux.dll
2015-03-29 11:07:21 ----A---- C:\windows\system32\wuaueng.dll
2015-03-29 11:07:21 ----A---- C:\windows\system32\wuapi.dll
2015-03-29 11:06:13 ----A---- C:\windows\system32\netcfg-214183546.txt
2015-03-29 11:06:10 ----A---- C:\windows\system32\netcfg-214180781.txt
2015-03-27 08:25:19 ----A---- C:\Recovery.txt
2015-03-27 07:28:34 ----A---- C:\windows\system32\netcfg-184250.txt
2015-03-27 07:25:44 ----ASH---- C:\swapfile.sys
2015-03-27 07:25:43 ----ASH---- C:\pagefile.sys
2015-03-27 07:25:42 ----SHD---- C:\System Volume Information
2015-03-27 07:25:41 ----ASH---- C:\hiberfil.sys
2015-03-27 00:17:28 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-03-27 00:17:28 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-03-27 00:17:28 ----A---- C:\windows\system32\wuwebv.dll
2015-03-27 00:17:28 ----A---- C:\windows\system32\wuapp.exe
2015-03-26 23:48:16 ----D---- C:\Users\Kateřina\AppData\Roaming\LSC
2015-03-26 23:40:25 ----D---- C:\Users\Kateřina\AppData\Roaming\Lenovo
2015-03-26 23:39:49 ----SHD---- C:\$RECYCLE.BIN
2015-03-26 23:38:48 ----D---- C:\Users\Kateřina\AppData\Roaming\Adobe
2015-03-26 23:37:27 ----A---- C:\windows\system32\netcfg-63500.txt
2015-03-26 23:36:10 ----A---- C:\windows\system32\netcfg-652359.txt
2015-03-26 23:35:55 ----SD---- C:\Users\Kateřina\AppData\Roaming\Microsoft
2015-03-26 23:35:55 ----D---- C:\Users\Kateřina\AppData\Roaming\Macromedia
2015-03-26 23:28:34 ----A---- C:\windows\system32\netcfg-195671.txt
2015-03-26 23:28:29 ----A---- C:\windows\system32\netcfg-191093.txt

======List of files/folders modified in the last 1 month======

2015-03-31 21:18:51 ----D---- C:\windows\Temp
2015-03-31 21:18:22 ----AD---- C:\windows\System32
2015-03-31 21:15:19 ----A---- C:\windows\SYSWOW64\log.txt
2015-03-31 21:13:58 ----RD---- C:\Program Files (x86)
2015-03-31 21:13:56 ----D---- C:\windows\Tasks
2015-03-31 21:07:34 ----D---- C:\windows\system32\config
2015-03-31 21:00:22 ----D---- C:\windows\system32\sru
2015-03-31 20:57:42 ----D---- C:\windows\Prefetch
2015-03-31 19:39:06 ----HD---- C:\Program Files\WindowsApps
2015-03-31 19:35:16 ----D---- C:\windows\CbsTemp
2015-03-31 19:14:20 ----D---- C:\windows\Microsoft.NET
2015-03-31 17:43:15 ----D---- C:\windows\AUInstallAgent
2015-03-31 17:30:44 ----D---- C:\windows\WinSxS
2015-03-31 17:30:41 ----D---- C:\windows\SysWOW64
2015-03-31 17:30:12 ----D---- C:\Program Files (x86)\McAfee
2015-03-30 22:46:53 ----D---- C:\windows\system32\catroot2
2015-03-30 22:17:35 ----D---- C:\windows\system32\NDF
2015-03-30 22:11:00 ----D---- C:\Program Files (x86)\Amazon
2015-03-30 21:56:40 ----D---- C:\windows\SoftwareDistribution
2015-03-30 21:21:01 ----RD---- C:\Program Files
2015-03-30 21:03:41 ----D---- C:\ProgramData\McAfee
2015-03-29 21:43:15 ----D---- C:\windows\system32\Drivers
2015-03-29 21:31:01 ----D---- C:\windows\Inf
2015-03-29 21:07:14 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-03-29 20:55:10 ----SHD---- C:\windows\Installer
2015-03-29 20:51:59 ----HD---- C:\ProgramData
2015-03-29 20:45:27 ----D---- C:\windows\system32\Tasks
2015-03-29 20:45:11 ----D---- C:\windows\system32\catroot
2015-03-29 20:45:10 ----D---- C:\windows\system32\DriverStore
2015-03-29 20:44:04 ----D---- C:\Program Files\Common Files
2015-03-29 20:43:26 ----D---- C:\Program Files (x86)\Common Files
2015-03-29 11:42:04 ----D---- C:\Program Files\Common Files\mcafee
2015-03-29 11:41:08 ----D---- C:\windows\SYSWOW64\sk-SK
2015-03-29 11:41:08 ----D---- C:\windows\SYSWOW64\en-US
2015-03-29 11:41:08 ----D---- C:\windows\SYSWOW64\cs-CZ
2015-03-29 11:41:07 ----D---- C:\windows\system32\sk-SK
2015-03-29 11:41:07 ----D---- C:\windows\system32\en-US
2015-03-29 11:41:07 ----D---- C:\windows\system32\cs-CZ
2015-03-29 11:33:27 ----D---- C:\windows\Logs
2015-03-29 11:09:53 ----SD---- C:\ProgramData\Microsoft
2015-03-29 11:08:13 ----D---- C:\windows\system32\wdi
2015-03-27 00:17:56 ----AD---- C:\Windows
2015-03-27 00:16:44 ----HD---- C:\windows\ELAMBKUP
2015-03-27 00:15:18 ----D---- C:\windows\system32\restore
2015-03-26 23:38:00 ----D---- C:\windows\WinStore
2015-03-26 23:37:54 ----RD---- C:\windows\ImmersiveControlPanel
2015-03-26 23:34:25 ----AD---- C:\Users
2015-03-26 23:29:04 ----D---- C:\windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2012-07-09 645952]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2012-10-17 39008]
R0 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2014-06-20 786296]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\windows\system32\drivers\mfewfpk.sys [2014-06-20 348552]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 ACPIVPC;@oem11.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2012-10-17 33560]
R3 AmUStor;@oem6.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\windows\system32\drivers\AmUStor.SYS [2012-06-13 100992]
R3 athr;@oem8.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athw8x.sys [2012-07-24 3618304]
R3 cfwids;McAfee Inc. cfwids; C:\windows\system32\drivers\cfwids.sys [2014-06-20 72128]
R3 ETD;@oem10.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2012-08-09 315216]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-08-23 9000256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2012-07-03 4074256]
R3 L1C;@oem7.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C63x64.sys [2012-06-21 110744]
R3 MEIx64;@oem3.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\windows\system32\drivers\mfeapfk.sys [2014-06-20 181704]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\windows\system32\drivers\mfeavfk.sys [2014-06-20 313544]
R3 mfefirek;McAfee Inc. mfefirek; C:\windows\system32\drivers\mfefirek.sys [2014-06-20 523792]
R3 mfencbdc;McAfee Inc. mfencbdc; C:\windows\system32\DRIVERS\mfencbdc.sys [2014-08-20 445512]
R3 SPUVCbv;@oem9.inf,%SPUVCb.ServiceName%;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2012-08-24 1059064]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\windows\system32\drivers\mfeelamk.sys [2014-06-20 70600]
S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2012-06-02 333824]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\windows\system32\drivers\HipShieldK.sys [2013-09-23 197704]
S3 mfencrk;McAfee Inc. mfencrk; C:\windows\system32\DRIVERS\mfencrk.sys [2014-08-20 96592]
S3 NETwNs64;@netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2012-06-02 8604672]
S3 USBAAPL64;@oem13.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2012-07-26 210304]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-19 77128]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-17 165760]
R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2014-04-25 178528]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 mfecore;McAfee Anti-Malware Core; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2014-08-20 1041192]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2014-06-20 219752]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\windows\system32\mfevtps.exe [2014-06-20 189912]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-02-13 643880]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-29 116648]
S2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-17 128896]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 276864]
S2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
S2 McOobeSv;McAfee OOBE Service; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-05-11 200728]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 364416]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2012-08-24 276288]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-29 116648]
S3 McAWFwk;McAfee Activation Service; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-01-26 332080]
S3 McODS;McAfee Scanner; C:\Program Files\mcafee\VirusScan\mcods.exe [2014-10-08 603424]

-----------------EOF-----------------

Re: Zatížení ntb, prosím o kontrolu logu

Napsal: 31 bře 2015 20:29
od Rudy
Spusťt ještě jednou stejným skriptem a při tom vypněte antivir.

Re: Zatížení ntb, prosím o kontrolu logu

Napsal: 31 bře 2015 20:43
od KatieLe
Log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Kateřina at 2015-03-31 21:42:06
Microsoft Windows 8
System drive C: has 227 GB (89%) free of 256 GB
Total RAM: 1893 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:42:11, on 31. 3. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16384)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo EasyCamera\Monitor.exe
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files\trend micro\Kateřina.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [Lenovo EasyCamera_Monitor] C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee OOBE Service (McOobeSv) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8318 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
"dwm.exe"
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
dashost.exe {1267ab66-9907-406d-8d4f80720bf29255}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\windows\system32\mfevtps.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\McAfee\MSC\McAPExe.exe"
"C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe"
taskhostex.exe
taskeng.exe {B29E8E4C-FE28-406D-88ED-DD79E85C73A4}
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
C:\windows\Explorer.EXE
"C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-cf936da9-3c44-4948-865b-855d6d3ddf1e -SystemEventPortName:HostProcess-2618b478-7799-4544-b5b8-859a14f0897a -IoCancelEventPortName:HostProcess-938b09b0-7a35-4247-b48f-de6e7d5039d6 -NonStateChangingEventPortName:HostProcess-8f214f82-e651-478a-8a4d-6f3d104066f5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:73602cec-329f-49bd-b9d7-8da6faf12d5d -DeviceGroupId:WudfDefaultDevicePool
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 556 560 568 65536 564
C:\windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"C:\Program Files (x86)\Lenovo EasyCamera\Monitor.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /platui /runkey

"C:\Users\Kateřina\Downloads\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2012-08-24 170304]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2012-08-24 398656]
"Persistence"=C:\windows\system32\igfxpers.exe [2012-08-24 441152]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-02 12921488]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-06-13 1212560]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2012-06-26 366720]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-08-09 2864016]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-10-17 17079376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-10-17 191568]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-02-13 169768]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-04-23 508256]
"Lenovo EasyCamera_Monitor"=C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe [2010-08-24 257224]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2012-07-27 167024]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2014-04-25 537992]
"mcpltui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2014-04-25 537992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2012-08-23 441856]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-31 21:41:13 ----A---- C:\windows\system32\netcfg-40765.txt
2015-03-31 21:40:07 ----A---- C:\windows\system32\netcfg-1422640.txt
2015-03-31 21:18:22 ----A---- C:\windows\system32\netcfg-117453.txt
2015-03-31 21:15:41 ----A---- C:\windows\system32\netcfg-13568218.txt
2015-03-31 21:12:36 ----D---- C:\_OTM
2015-03-31 19:40:29 ----D---- C:\Users\Kateřina\AppData\Roaming\vlc
2015-03-31 19:32:00 ----D---- C:\Program Files (x86)\VideoLAN
2015-03-31 18:50:34 ----D---- C:\Users\Kateřina\AppData\Roaming\uTorrent
2015-03-31 18:39:18 ----A---- C:\windows\system32\netcfg-4190796.txt
2015-03-31 18:39:13 ----A---- C:\windows\system32\netcfg-4185187.txt
2015-03-31 17:24:07 ----A---- C:\windows\system32\netcfg-69011500.txt
2015-03-31 17:24:04 ----A---- C:\windows\system32\netcfg-69008562.txt
2015-03-30 22:17:25 ----A---- C:\windows\system32\netcfg-215171.txt
2015-03-30 22:17:25 ----A---- C:\windows\system32\netcfg-215046.txt
2015-03-30 22:15:04 ----A---- C:\windows\system32\netcfg-74234.txt
2015-03-30 22:13:25 ----A---- C:\windows\system32\netcfg-124333968.txt
2015-03-30 21:59:51 ----D---- C:\AdwCleaner
2015-03-30 21:21:01 ----D---- C:\Program Files\trend micro
2015-03-30 21:20:54 ----D---- C:\rsit
2015-03-29 21:32:07 ----A---- C:\windows\system32\netcfg-35462500.txt
2015-03-29 21:31:04 ----A---- C:\windows\system32\netcfg-35399265.txt
2015-03-29 21:27:07 ----A---- C:\windows\system32\netcfg-35162671.txt
2015-03-29 21:27:01 ----A---- C:\windows\system32\netcfg-35156218.txt
2015-03-29 21:26:56 ----A---- C:\windows\system32\netcfg-35151156.txt
2015-03-29 21:26:42 ----A---- C:\windows\system32\netcfg-35137765.txt
2015-03-29 21:22:51 ----A---- C:\windows\system32\netcfg-34906593.txt
2015-03-29 21:22:42 ----A---- C:\windows\system32\netcfg-34897531.txt
2015-03-29 20:54:57 ----D---- C:\Users\Kateřina\AppData\Roaming\Apple Computer
2015-03-29 20:54:13 ----A---- C:\windows\system32\drivers\GEARAspiWDM.sys
2015-03-29 20:54:12 ----DC---- C:\windows\system32\DRVSTORE
2015-03-29 20:52:21 ----D---- C:\Program Files (x86)\iTunes
2015-03-29 20:52:20 ----D---- C:\Program Files\iPod
2015-03-29 20:51:59 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-29 20:51:59 ----D---- C:\ProgramData\Apple Computer
2015-03-29 20:51:59 ----D---- C:\Program Files\iTunes
2015-03-29 20:45:21 ----D---- C:\Program Files (x86)\Apple Software Update
2015-03-29 20:44:40 ----D---- C:\Program Files\Bonjour
2015-03-29 20:44:40 ----D---- C:\Program Files (x86)\Bonjour
2015-03-29 20:44:04 ----D---- C:\Program Files\Common Files\Apple
2015-03-29 20:43:26 ----D---- C:\ProgramData\Apple
2015-03-29 12:20:39 ----A---- C:\windows\system32\netcfg-2381062.txt
2015-03-29 11:46:48 ----A---- C:\windows\system32\netcfg-356562.txt
2015-03-29 11:44:59 ----A---- C:\windows\system32\netcfg-247453.txt
2015-03-29 11:43:08 ----A---- C:\windows\system32\netcfg-136703.txt
2015-03-29 11:42:22 ----A---- C:\windows\system32\netcfg-90453.txt
2015-03-29 11:40:18 ----A---- C:\windows\system32\netcfg-216228750.txt
2015-03-29 11:38:36 ----A---- C:\windows\system32\netcfg-216127265.txt
2015-03-29 11:37:49 ----A---- C:\windows\system32\netcfg-216080234.txt
2015-03-29 11:36:46 ----A---- C:\windows\system32\netcfg-216017421.txt
2015-03-29 11:36:42 ----A---- C:\windows\system32\netcfg-216012890.txt
2015-03-29 11:36:29 ----A---- C:\windows\system32\netcfg-215999906.txt
2015-03-29 11:36:26 ----A---- C:\windows\system32\netcfg-215996734.txt
2015-03-29 11:17:03 ----D---- C:\Program Files (x86)\Google
2015-03-29 11:08:10 ----A---- C:\windows\system32\drivers\HipShieldK.sys
2015-03-29 11:07:30 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-03-29 11:07:29 ----A---- C:\windows\SYSWOW64\wups.dll
2015-03-29 11:07:29 ----A---- C:\windows\system32\wudriver.dll
2015-03-29 11:07:29 ----A---- C:\windows\system32\storewuauth.dll
2015-03-29 11:07:26 ----A---- C:\windows\system32\wushareduxresources.dll
2015-03-29 11:07:26 ----A---- C:\windows\system32\wups2.dll
2015-03-29 11:07:26 ----A---- C:\windows\system32\wups.dll
2015-03-29 11:07:25 ----A---- C:\windows\system32\WUSettingsProvider.dll
2015-03-29 11:07:25 ----A---- C:\windows\system32\wuauclt.exe
2015-03-29 11:07:25 ----A---- C:\windows\system32\wuaext.dll
2015-03-29 11:07:21 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-03-29 11:07:21 ----A---- C:\windows\system32\wucltux.dll
2015-03-29 11:07:21 ----A---- C:\windows\system32\wuaueng.dll
2015-03-29 11:07:21 ----A---- C:\windows\system32\wuapi.dll
2015-03-29 11:06:13 ----A---- C:\windows\system32\netcfg-214183546.txt
2015-03-29 11:06:10 ----A---- C:\windows\system32\netcfg-214180781.txt
2015-03-27 08:25:19 ----A---- C:\Recovery.txt
2015-03-27 07:28:34 ----A---- C:\windows\system32\netcfg-184250.txt
2015-03-27 07:25:44 ----ASH---- C:\swapfile.sys
2015-03-27 07:25:43 ----ASH---- C:\pagefile.sys
2015-03-27 07:25:42 ----SHD---- C:\System Volume Information
2015-03-27 07:25:41 ----ASH---- C:\hiberfil.sys
2015-03-27 00:17:28 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-03-27 00:17:28 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-03-27 00:17:28 ----A---- C:\windows\system32\wuwebv.dll
2015-03-27 00:17:28 ----A---- C:\windows\system32\wuapp.exe
2015-03-26 23:48:16 ----D---- C:\Users\Kateřina\AppData\Roaming\LSC
2015-03-26 23:40:25 ----D---- C:\Users\Kateřina\AppData\Roaming\Lenovo
2015-03-26 23:39:49 ----SHD---- C:\$RECYCLE.BIN
2015-03-26 23:38:48 ----D---- C:\Users\Kateřina\AppData\Roaming\Adobe
2015-03-26 23:37:27 ----A---- C:\windows\system32\netcfg-63500.txt
2015-03-26 23:36:10 ----A---- C:\windows\system32\netcfg-652359.txt
2015-03-26 23:35:55 ----SD---- C:\Users\Kateřina\AppData\Roaming\Microsoft
2015-03-26 23:35:55 ----D---- C:\Users\Kateřina\AppData\Roaming\Macromedia
2015-03-26 23:28:34 ----A---- C:\windows\system32\netcfg-195671.txt
2015-03-26 23:28:29 ----A---- C:\windows\system32\netcfg-191093.txt

======List of files/folders modified in the last 1 month======

2015-03-31 21:41:33 ----D---- C:\windows\Temp
2015-03-31 21:41:13 ----AD---- C:\windows\System32
2015-03-31 21:39:56 ----A---- C:\windows\SYSWOW64\log.txt
2015-03-31 21:23:26 ----D---- C:\windows\system32\config
2015-03-31 21:13:58 ----RD---- C:\Program Files (x86)
2015-03-31 21:13:56 ----D---- C:\windows\Tasks
2015-03-31 21:04:49 ----D---- C:\windows\CbsTemp
2015-03-31 21:00:22 ----D---- C:\windows\system32\sru
2015-03-31 20:57:42 ----D---- C:\windows\Prefetch
2015-03-31 19:39:06 ----HD---- C:\Program Files\WindowsApps
2015-03-31 19:37:01 ----D---- C:\windows\AUInstallAgent
2015-03-31 19:14:20 ----D---- C:\windows\Microsoft.NET
2015-03-31 17:30:44 ----D---- C:\windows\WinSxS
2015-03-31 17:30:41 ----D---- C:\windows\SysWOW64
2015-03-31 17:30:12 ----D---- C:\Program Files (x86)\McAfee
2015-03-30 22:46:53 ----D---- C:\windows\system32\catroot2
2015-03-30 22:17:35 ----D---- C:\windows\system32\NDF
2015-03-30 22:11:00 ----D---- C:\Program Files (x86)\Amazon
2015-03-30 21:56:40 ----D---- C:\windows\SoftwareDistribution
2015-03-30 21:21:01 ----RD---- C:\Program Files
2015-03-30 21:03:41 ----D---- C:\ProgramData\McAfee
2015-03-29 21:43:15 ----D---- C:\windows\system32\Drivers
2015-03-29 21:31:01 ----D---- C:\windows\Inf
2015-03-29 21:07:14 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-03-29 20:55:10 ----SHD---- C:\windows\Installer
2015-03-29 20:51:59 ----HD---- C:\ProgramData
2015-03-29 20:45:27 ----D---- C:\windows\system32\Tasks
2015-03-29 20:45:11 ----D---- C:\windows\system32\catroot
2015-03-29 20:45:10 ----D---- C:\windows\system32\DriverStore
2015-03-29 20:44:04 ----D---- C:\Program Files\Common Files
2015-03-29 20:43:26 ----D---- C:\Program Files (x86)\Common Files
2015-03-29 11:42:04 ----D---- C:\Program Files\Common Files\mcafee
2015-03-29 11:41:08 ----D---- C:\windows\SYSWOW64\sk-SK
2015-03-29 11:41:08 ----D---- C:\windows\SYSWOW64\en-US
2015-03-29 11:41:08 ----D---- C:\windows\SYSWOW64\cs-CZ
2015-03-29 11:41:07 ----D---- C:\windows\system32\sk-SK
2015-03-29 11:41:07 ----D---- C:\windows\system32\en-US
2015-03-29 11:41:07 ----D---- C:\windows\system32\cs-CZ
2015-03-29 11:33:27 ----D---- C:\windows\Logs
2015-03-29 11:09:53 ----SD---- C:\ProgramData\Microsoft
2015-03-29 11:08:13 ----D---- C:\windows\system32\wdi
2015-03-27 00:17:56 ----AD---- C:\Windows
2015-03-27 00:16:44 ----HD---- C:\windows\ELAMBKUP
2015-03-27 00:15:18 ----D---- C:\windows\system32\restore
2015-03-26 23:38:00 ----D---- C:\windows\WinStore
2015-03-26 23:37:54 ----RD---- C:\windows\ImmersiveControlPanel
2015-03-26 23:34:25 ----AD---- C:\Users
2015-03-26 23:29:04 ----D---- C:\windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2012-07-09 645952]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2012-10-17 39008]
R0 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2014-06-20 786296]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\windows\system32\drivers\mfewfpk.sys [2014-06-20 348552]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 ACPIVPC;@oem11.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2012-10-17 33560]
R3 AmUStor;@oem6.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\windows\system32\drivers\AmUStor.SYS [2012-06-13 100992]
R3 athr;@oem8.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athw8x.sys [2012-07-24 3618304]
R3 cfwids;McAfee Inc. cfwids; C:\windows\system32\drivers\cfwids.sys [2014-06-20 72128]
R3 ETD;@oem10.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2012-08-09 315216]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-08-23 9000256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2012-07-03 4074256]
R3 L1C;@oem7.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C63x64.sys [2012-06-21 110744]
R3 MEIx64;@oem3.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\windows\system32\drivers\mfeapfk.sys [2014-06-20 181704]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\windows\system32\drivers\mfeavfk.sys [2014-06-20 313544]
R3 mfefirek;McAfee Inc. mfefirek; C:\windows\system32\drivers\mfefirek.sys [2014-06-20 523792]
R3 mfencbdc;McAfee Inc. mfencbdc; C:\windows\system32\DRIVERS\mfencbdc.sys [2014-08-20 445512]
R3 SPUVCbv;@oem9.inf,%SPUVCb.ServiceName%;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2012-08-24 1059064]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\windows\system32\drivers\mfeelamk.sys [2014-06-20 70600]
S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2012-06-02 333824]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\windows\system32\drivers\HipShieldK.sys [2013-09-23 197704]
S3 mfencrk;McAfee Inc. mfencrk; C:\windows\system32\DRIVERS\mfencrk.sys [2014-08-20 96592]
S3 NETwNs64;@netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2012-06-02 8604672]
S3 USBAAPL64;@oem13.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2012-07-26 210304]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-19 77128]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-17 165760]
R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2014-04-25 178528]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 mfecore;McAfee Anti-Malware Core; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2014-08-20 1041192]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2014-06-20 219752]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\windows\system32\mfevtps.exe [2014-06-20 189912]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-02-13 643880]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-29 116648]
S2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-17 128896]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 276864]
S2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
S2 McOobeSv;McAfee OOBE Service; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-05-11 200728]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 364416]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2012-08-24 276288]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-29 116648]
S3 McAWFwk;McAfee Activation Service; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-01-26 332080]
S3 McODS;McAfee Scanner; C:\Program Files\mcafee\VirusScan\mcods.exe [2014-10-08 603424]

-----------------EOF-----------------

Re: Zatížení ntb, prosím o kontrolu logu

Napsal: 31 bře 2015 20:51
od Rudy
Log je již OK. Nastala nějaká změna?

Re: Zatížení ntb, prosím o kontrolu logu

Napsal: 31 bře 2015 21:37
od KatieLe
Omlouvám se za zpožděnou odpověď. Zapla jsem správce úloh a procesor, disk a paměť mají stále vysoké zatížení i po restartu ntb. děkuji za odpověď.

Re: Zatížení ntb, prosím o kontrolu logu

Napsal: 01 dub 2015 16:55
od Rudy
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Re: Zatížení ntb, prosím o kontrolu logu

Napsal: 02 dub 2015 00:05
od KatieLe
Log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Kateřina at 2015-04-02 01:03:55
Microsoft Windows 8
System drive C: has 222 GB (87%) free of 256 GB
Total RAM: 1893 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:04:21, on 2. 4. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16384)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Kateřina.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: McAfee Application Installer Cleanup (0207641427835676) (0207641427835676mcinstcleanup) - McAfee, Inc. - C:\Users\KATEIN~1\AppData\Local\Temp\020764~1.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - Unknown owner - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe (file missing)
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6850 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
dashost.exe {373b75d9-7069-45bd-8caabc100133e607}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\windows\system32\mfevtps.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
"C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e270a1d4-acc5-4e14-9d26-a09c9753c8f2 -SystemEventPortName:HostProcess-f4a8b90c-e2f8-4c71-9919-92662d7aacba -IoCancelEventPortName:HostProcess-79fb1499-e9bd-4db8-877b-d4b4fe982490 -NonStateChangingEventPortName:HostProcess-2ed5a58d-f0ed-4e14-abbb-6da1a0d5b7af -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8b6e158c-8c24-4a19-b127-996721f962df -DeviceGroupId:WudfDefaultDevicePool
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskeng.exe {B4A5A2D3-6045-45B9-B56E-D72393D490C2}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Windows Defender\MsMpEng.exe"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\System32\WinLogon.exe -SpecialSession
-hiberboot
taskhostex.exe
C:\windows\Explorer.EXE
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"
taskhost.exe
C:\windows\servicing\TrustedInstaller.exe
C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2320.0.1527125486\1925060416" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,40 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2843 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_6/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=2320 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="2320.1.754287195\116237932" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_6/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=2320 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="2320.2.1788388056\179233211" /prefetch:673131151
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe19_ Global\UsGthrCtrlFltPipeMssGthrPipe19 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 552 560 568 65536 564
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_6/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=2320 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="2320.3.1895685775\984234625" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_6/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=2320 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="2320.4.633958803\17444980" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_6/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=2320 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="2320.5.2130203798\955437926" /prefetch:673131151

"C:\Users\Kateřina\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2012-08-24 170304]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2012-08-24 398656]
"Persistence"=C:\windows\system32\igfxpers.exe [2012-08-24 441152]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-02 12921488]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-06-13 1212560]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2012-06-26 366720]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-08-09 2864016]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-10-17 17079376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-10-17 191568]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-02-13 169768]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2012-08-23 441856]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-04-02 00:03:45 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-02 00:03:11 ----A---- C:\windows\system32\drivers\mwac.sys
2015-04-02 00:03:11 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2015-04-02 00:03:10 ----D---- C:\ProgramData\Malwarebytes
2015-04-02 00:03:10 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-02 00:03:10 ----A---- C:\windows\system32\drivers\mbam.sys
2015-03-31 22:41:30 ----SHD---- C:\Config.Msi
2015-03-31 22:31:59 ----A---- C:\windows\system32\FNTCACHE.DAT
2015-03-31 22:30:20 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-03-31 22:18:43 ----D---- C:\windows\system32\MRT
2015-03-31 22:18:28 ----A---- C:\windows\system32\MRT.exe
2015-03-31 21:55:12 ----A---- C:\windows\SYSWOW64\TsWpfWrp.exe
2015-03-31 21:55:12 ----A---- C:\windows\system32\TsWpfWrp.exe
2015-03-31 21:41:13 ----A---- C:\windows\system32\netcfg-40765.txt
2015-03-31 21:40:07 ----A---- C:\windows\system32\netcfg-1422640.txt
2015-03-31 21:18:22 ----A---- C:\windows\system32\netcfg-117453.txt
2015-03-31 21:15:41 ----A---- C:\windows\system32\netcfg-13568218.txt
2015-03-31 21:12:36 ----D---- C:\_OTM
2015-03-31 19:40:29 ----D---- C:\Users\Kateřina\AppData\Roaming\vlc
2015-03-31 19:32:00 ----D---- C:\Program Files (x86)\VideoLAN
2015-03-31 18:50:34 ----D---- C:\Users\Kateřina\AppData\Roaming\uTorrent
2015-03-31 18:39:18 ----A---- C:\windows\system32\netcfg-4190796.txt
2015-03-31 18:39:13 ----A---- C:\windows\system32\netcfg-4185187.txt
2015-03-31 17:24:07 ----A---- C:\windows\system32\netcfg-69011500.txt
2015-03-31 17:24:04 ----A---- C:\windows\system32\netcfg-69008562.txt
2015-03-30 22:17:25 ----A---- C:\windows\system32\netcfg-215171.txt
2015-03-30 22:17:25 ----A---- C:\windows\system32\netcfg-215046.txt
2015-03-30 22:15:04 ----A---- C:\windows\system32\netcfg-74234.txt
2015-03-30 22:13:25 ----A---- C:\windows\system32\netcfg-124333968.txt
2015-03-30 22:00:33 ----A---- C:\windows\system32\Windows.UI.Xaml.dll
2015-03-30 22:00:27 ----A---- C:\windows\system32\tquery.dll
2015-03-30 22:00:26 ----A---- C:\windows\system32\wmp.dll
2015-03-30 22:00:25 ----A---- C:\windows\system32\win32k.sys
2015-03-30 22:00:24 ----A---- C:\windows\SYSWOW64\wmp.dll
2015-03-30 22:00:23 ----A---- C:\windows\SYSWOW64\Windows.UI.Xaml.dll
2015-03-30 22:00:23 ----A---- C:\windows\system32\mssrch.dll
2015-03-30 22:00:20 ----A---- C:\windows\SYSWOW64\tquery.dll
2015-03-30 22:00:13 ----A---- C:\windows\SYSWOW64\mssrch.dll
2015-03-30 22:00:13 ----A---- C:\windows\system32\ntdll.dll
2015-03-30 22:00:09 ----A---- C:\windows\system32\MSAudDecMFT.dll
2015-03-30 22:00:09 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2015-03-30 22:00:06 ----A---- C:\windows\SYSWOW64\MSAudDecMFT.dll
2015-03-30 22:00:02 ----A---- C:\windows\system32\schedsvc.dll
2015-03-30 22:00:02 ----A---- C:\windows\system32\kd_02_10ec.dll
2015-03-30 22:00:02 ----A---- C:\windows\system32\audiosrv.dll
2015-03-30 22:00:01 ----A---- C:\windows\SYSWOW64\mssph.dll
2015-03-30 22:00:01 ----A---- C:\windows\system32\SearchIndexer.exe
2015-03-30 22:00:01 ----A---- C:\windows\system32\rsaenh.dll
2015-03-30 22:00:01 ----A---- C:\windows\system32\drivers\srv2.sys
2015-03-30 21:59:59 ----A---- C:\windows\SYSWOW64\SearchProtocolHost.exe
2015-03-30 21:59:59 ----A---- C:\windows\system32\SearchProtocolHost.exe
2015-03-30 21:59:59 ----A---- C:\windows\system32\drivers\PEAuth.sys
2015-03-30 21:59:59 ----A---- C:\windows\system32\AudioSes.dll
2015-03-30 21:59:58 ----A---- C:\windows\SYSWOW64\ntdll.dll
2015-03-30 21:59:58 ----A---- C:\windows\system32\mssph.dll
2015-03-30 21:59:58 ----A---- C:\windows\system32\dwmredir.dll
2015-03-30 21:59:58 ----A---- C:\windows\system32\conhost.exe
2015-03-30 21:59:58 ----A---- C:\windows\system32\AudioEng.dll
2015-03-30 21:59:57 ----A---- C:\windows\SYSWOW64\rsaenh.dll
2015-03-30 21:59:57 ----A---- C:\windows\SYSWOW64\AudioSes.dll
2015-03-30 21:59:57 ----A---- C:\windows\SYSWOW64\AudioEng.dll
2015-03-30 21:59:57 ----A---- C:\windows\system32\winload.exe
2015-03-30 21:59:57 ----A---- C:\windows\system32\Windows.Networking.dll
2015-03-30 21:59:57 ----A---- C:\windows\system32\RecoveryDrive.exe
2015-03-30 21:59:57 ----A---- C:\windows\system32\drivers\srvnet.sys
2015-03-30 21:59:57 ----A---- C:\windows\system32\audiodg.exe
2015-03-30 21:59:56 ----A---- C:\windows\SYSWOW64\SearchIndexer.exe
2015-03-30 21:59:56 ----A---- C:\windows\system32\wpncore.dll
2015-03-30 21:59:56 ----A---- C:\windows\system32\winresume.exe
2015-03-30 21:59:55 ----A---- C:\windows\system32\XpsGdiConverter.dll
2015-03-30 21:59:55 ----A---- C:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2015-03-30 21:59:55 ----A---- C:\windows\system32\MFMediaEngine.dll
2015-03-30 21:59:54 ----A---- C:\windows\SYSWOW64\Windows.Networking.dll
2015-03-30 21:59:54 ----A---- C:\windows\SYSWOW64\rascfg.dll
2015-03-30 21:59:54 ----A---- C:\windows\system32\rascfg.dll
2015-03-30 21:59:54 ----A---- C:\windows\system32\dmvdsitf.dll
2015-03-30 21:59:54 ----A---- C:\windows\system32\ci.dll
2015-03-30 21:59:53 ----A---- C:\windows\SYSWOW64\mssvp.dll
2015-03-30 21:59:53 ----A---- C:\windows\system32\XpsRasterService.dll
2015-03-30 21:59:53 ----A---- C:\windows\system32\fhengine.dll
2015-03-30 21:59:52 ----A---- C:\windows\SYSWOW64\wscapi.dll
2015-03-30 21:59:52 ----A---- C:\windows\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2015-03-30 21:59:52 ----A---- C:\windows\SYSWOW64\SearchFilterHost.exe
2015-03-30 21:59:52 ----A---- C:\windows\SYSWOW64\MFMediaEngine.dll
2015-03-30 21:59:52 ----A---- C:\windows\system32\SearchFilterHost.exe
2015-03-30 21:59:52 ----A---- C:\windows\system32\Robocopy.exe
2015-03-30 21:59:52 ----A---- C:\windows\system32\mfreadwrite.dll
2015-03-30 21:59:52 ----A---- C:\windows\system32\kdvm.dll
2015-03-30 21:59:52 ----A---- C:\windows\system32\drivers\spaceport.sys
2015-03-30 21:59:52 ----A---- C:\windows\system32\drivers\pdc.sys
2015-03-30 21:59:52 ----A---- C:\windows\system32\drivers\hidclass.sys
2015-03-30 21:59:52 ----A---- C:\windows\system32\AudioEndpointBuilder.dll
2015-03-30 21:59:51 ----D---- C:\AdwCleaner
2015-03-30 21:59:51 ----A---- C:\windows\SYSWOW64\XpsRasterService.dll
2015-03-30 21:59:51 ----A---- C:\windows\SYSWOW64\Robocopy.exe
2015-03-30 21:59:51 ----A---- C:\windows\system32\AUDIOKSE.dll
2015-03-30 21:59:50 ----A---- C:\windows\SYSWOW64\XpsGdiConverter.dll
2015-03-30 21:59:50 ----A---- C:\windows\SYSWOW64\mfreadwrite.dll
2015-03-30 21:59:50 ----A---- C:\windows\SYSWOW64\dmvdsitf.dll
2015-03-30 21:59:50 ----A---- C:\windows\SYSWOW64\AUDIOKSE.dll
2015-03-30 21:59:50 ----A---- C:\windows\system32\wscsvc.dll
2015-03-30 21:59:50 ----A---- C:\windows\system32\kdnet.dll
2015-03-30 21:59:50 ----A---- C:\windows\system32\iuilp.dll
2015-03-30 21:59:50 ----A---- C:\windows\system32\drivers\wanarp.sys
2015-03-30 21:59:50 ----A---- C:\windows\system32\drivers\hidbth.sys
2015-03-30 21:59:50 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2015-03-30 21:59:49 ----A---- C:\windows\system32\mssvp.dll
2015-03-30 21:59:49 ----A---- C:\windows\system32\GenuineCenter.dll
2015-03-30 21:59:49 ----A---- C:\windows\system32\fhevents.dll
2015-03-30 21:59:49 ----A---- C:\windows\system32\drivers\ndproxy.sys
2015-03-30 21:59:49 ----A---- C:\windows\system32\drivers\hidusb.sys
2015-03-30 21:59:49 ----A---- C:\windows\system32\drivers\hidi2c.sys
2015-03-30 21:59:48 ----A---- C:\windows\SYSWOW64\mssphtb.dll
2015-03-30 21:59:48 ----A---- C:\windows\SYSWOW64\fmifs.dll
2015-03-30 21:59:48 ----A---- C:\windows\system32\fmifs.dll
2015-03-30 21:59:48 ----A---- C:\windows\system32\fhcfg.dll
2015-03-30 21:59:47 ----A---- C:\windows\SYSWOW64\rasdiag.dll
2015-03-30 21:59:47 ----A---- C:\windows\system32\rasdiag.dll
2015-03-30 21:59:47 ----A---- C:\windows\system32\mssprxy.dll
2015-03-30 21:59:47 ----A---- C:\windows\system32\mssphtb.dll
2015-03-30 21:59:47 ----A---- C:\windows\system32\msshooks.dll
2015-03-30 21:59:47 ----A---- C:\windows\system32\fhsvc.dll
2015-03-30 21:59:47 ----A---- C:\windows\system32\fhsrchapi.dll
2015-03-30 21:59:47 ----A---- C:\windows\system32\fhshl.dll
2015-03-30 21:59:47 ----A---- C:\windows\system32\fhcat.dll
2015-03-30 21:59:46 ----A---- C:\windows\SYSWOW64\rasser.dll
2015-03-30 21:59:46 ----A---- C:\windows\SYSWOW64\rasmxs.dll
2015-03-30 21:59:46 ----A---- C:\windows\SYSWOW64\mssprxy.dll
2015-03-30 21:59:46 ----A---- C:\windows\SYSWOW64\mssitlb.dll
2015-03-30 21:59:46 ----A---- C:\windows\SYSWOW64\msshooks.dll
2015-03-30 21:59:46 ----A---- C:\windows\SYSWOW64\msscntrs.dll
2015-03-30 21:59:46 ----A---- C:\windows\system32\rasser.dll
2015-03-30 21:59:46 ----A---- C:\windows\system32\rasmxs.dll
2015-03-30 21:59:46 ----A---- C:\windows\system32\mssitlb.dll
2015-03-30 21:59:46 ----A---- C:\windows\system32\msscntrs.dll
2015-03-30 21:59:46 ----A---- C:\windows\system32\fhtask.dll
2015-03-30 21:59:46 ----A---- C:\windows\system32\fhsrchph.dll
2015-03-30 21:59:46 ----A---- C:\windows\system32\fhmanagew.exe
2015-03-30 21:59:46 ----A---- C:\windows\system32\fhlisten.dll
2015-03-30 21:59:46 ----A---- C:\windows\system32\fhcleanup.dll
2015-03-30 21:59:46 ----A---- C:\windows\system32\fhautoplay.dll
2015-03-30 21:59:45 ----A---- C:\windows\system32\EncDump.dll
2015-03-30 21:59:44 ----A---- C:\windows\SYSWOW64\spwmp.dll
2015-03-30 21:59:44 ----A---- C:\windows\system32\spwmp.dll
2015-03-30 21:59:44 ----A---- C:\windows\system32\fhsvcctl.dll
2015-03-30 21:59:43 ----A---- C:\windows\SYSWOW64\tzres.dll
2015-03-30 21:59:43 ----A---- C:\windows\SYSWOW64\dxmasf.dll
2015-03-30 21:59:43 ----A---- C:\windows\system32\wmploc.DLL
2015-03-30 21:59:43 ----A---- C:\windows\system32\tzres.dll
2015-03-30 21:59:43 ----A---- C:\windows\system32\dxmasf.dll
2015-03-30 21:59:43 ----A---- C:\windows\system32\drivers\ndistapi.sys
2015-03-30 21:59:42 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2015-03-30 21:21:01 ----D---- C:\Program Files\trend micro
2015-03-30 21:20:54 ----D---- C:\rsit
2015-03-30 21:17:00 ----A---- C:\windows\system32\drivers\USBHUB3.SYS
2015-03-30 21:16:59 ----A---- C:\windows\system32\drivers\USBXHCI.SYS
2015-03-30 21:16:59 ----A---- C:\windows\system32\drivers\UCX01000.SYS
2015-03-30 21:16:56 ----A---- C:\windows\system32\d2d1.dll
2015-03-30 21:16:55 ----A---- C:\windows\system32\d3d10warp.dll
2015-03-30 21:16:54 ----A---- C:\windows\SYSWOW64\d2d1.dll
2015-03-30 21:16:53 ----A---- C:\windows\SYSWOW64\d3d10warp.dll
2015-03-30 21:16:46 ----A---- C:\windows\SYSWOW64\dpnsvr.exe
2015-03-30 21:16:46 ----A---- C:\windows\SYSWOW64\dpnlobby.dll
2015-03-30 21:16:46 ----A---- C:\windows\SYSWOW64\dpnhupnp.dll
2015-03-30 21:16:46 ----A---- C:\windows\SYSWOW64\dpnhpast.dll
2015-03-30 21:16:46 ----A---- C:\windows\SYSWOW64\dpnet.dll
2015-03-30 21:16:46 ----A---- C:\windows\SYSWOW64\dpnathlp.dll
2015-03-30 21:16:46 ----A---- C:\windows\SYSWOW64\dpnaddr.dll
2015-03-30 21:16:46 ----A---- C:\windows\system32\dpnsvr.exe
2015-03-30 21:16:46 ----A---- C:\windows\system32\dpnlobby.dll
2015-03-30 21:16:46 ----A---- C:\windows\system32\dpnhupnp.dll
2015-03-30 21:16:46 ----A---- C:\windows\system32\dpnhpast.dll
2015-03-30 21:16:46 ----A---- C:\windows\system32\dpnet.dll
2015-03-30 21:16:46 ----A---- C:\windows\system32\dpnathlp.dll
2015-03-30 21:16:46 ----A---- C:\windows\system32\dpnaddr.dll
2015-03-30 21:16:41 ----A---- C:\windows\SYSWOW64\wintrust.dll
2015-03-30 21:16:41 ----A---- C:\windows\SYSWOW64\apprepsync.dll
2015-03-30 21:16:41 ----A---- C:\windows\SYSWOW64\apprepapi.dll
2015-03-30 21:16:41 ----A---- C:\windows\system32\wintrust.dll
2015-03-30 21:16:41 ----A---- C:\windows\system32\cryptsvc.dll
2015-03-30 21:16:41 ----A---- C:\windows\system32\apprepsync.dll
2015-03-30 21:16:41 ----A---- C:\windows\system32\apprepapi.dll
2015-03-30 21:16:29 ----A---- C:\windows\system32\rdpcorets.dll
2015-03-30 21:16:28 ----A---- C:\windows\system32\rfxvmt.dll
2015-03-30 21:16:28 ----A---- C:\windows\system32\rdpudd.dll
2015-03-30 21:16:28 ----A---- C:\windows\system32\drivers\rdpvideominiport.sys
2015-03-30 21:16:24 ----A---- C:\windows\system32\drivers\http.sys
2015-03-30 21:16:22 ----A---- C:\windows\SYSWOW64\cryptdlg.dll
2015-03-30 21:16:22 ----A---- C:\windows\system32\cryptdlg.dll
2015-03-30 21:16:05 ----A---- C:\windows\SYSWOW64\SHCore.dll
2015-03-30 21:16:05 ----A---- C:\windows\system32\SHCore.dll
2015-03-30 21:16:05 ----A---- C:\windows\system32\profsvc.dll
2015-03-30 21:15:51 ----A---- C:\windows\SYSWOW64\d3d11.dll
2015-03-30 21:15:51 ----A---- C:\windows\system32\d3d11.dll
2015-03-30 21:15:49 ----A---- C:\windows\SYSWOW64\msieftp.dll
2015-03-30 21:15:49 ----A---- C:\windows\system32\msieftp.dll
2015-03-30 21:15:44 ----A---- C:\windows\SYSWOW64\crypt32.dll
2015-03-30 21:15:44 ----A---- C:\windows\system32\crypt32.dll
2015-03-30 21:15:16 ----A---- C:\windows\SYSWOW64\esent.dll
2015-03-30 21:15:15 ----A---- C:\windows\system32\esent.dll
2015-03-30 21:14:48 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2015-03-30 21:14:48 ----A---- C:\windows\SYSWOW64\msxml3.dll
2015-03-30 21:14:48 ----A---- C:\windows\system32\msxml3r.dll
2015-03-30 21:14:48 ----A---- C:\windows\system32\msxml3.dll
2015-03-30 21:14:02 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-03-30 21:14:02 ----A---- C:\windows\system32\schannel.dll
2015-03-30 21:14:01 ----A---- C:\windows\SYSWOW64\ncryptsslp.dll
2015-03-30 21:14:01 ----A---- C:\windows\system32\ncryptsslp.dll
2015-03-30 21:13:32 ----A---- C:\windows\system32\ntoskrnl.exe
2015-03-30 21:13:16 ----A---- C:\windows\system32\lsasrv.dll
2015-03-30 21:13:15 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-03-30 21:13:15 ----A---- C:\windows\system32\winlogon.exe
2015-03-30 21:13:15 ----A---- C:\windows\system32\lsm.dll
2015-03-30 21:13:15 ----A---- C:\windows\system32\kerberos.dll
2015-03-30 21:13:14 ----A---- C:\windows\system32\msv1_0.dll
2015-03-30 21:13:14 ----A---- C:\windows\system32\drivers\cng.sys
2015-03-30 21:13:13 ----A---- C:\windows\SYSWOW64\wdigest.dll
2015-03-30 21:13:13 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2015-03-30 21:13:13 ----A---- C:\windows\SYSWOW64\adtschema.dll
2015-03-30 21:13:13 ----A---- C:\windows\system32\wdigest.dll
2015-03-30 21:13:13 ----A---- C:\windows\system32\adtschema.dll
2015-03-30 21:13:12 ----A---- C:\windows\SYSWOW64\usercpl.dll
2015-03-30 21:13:12 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2015-03-30 21:13:12 ----A---- C:\windows\SYSWOW64\credssp.dll
2015-03-30 21:13:12 ----A---- C:\windows\system32\usercpl.dll
2015-03-30 21:13:12 ----A---- C:\windows\system32\TSpkg.dll
2015-03-30 21:13:12 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-03-30 21:13:12 ----A---- C:\windows\system32\credssp.dll
2015-03-30 21:13:11 ----A---- C:\windows\SYSWOW64\msaudite.dll
2015-03-30 21:13:11 ----A---- C:\windows\system32\workerdd.dll
2015-03-30 21:13:11 ----A---- C:\windows\system32\msaudite.dll
2015-03-30 21:12:42 ----A---- C:\windows\system32\drivers\WdFilter.sys
2015-03-30 21:12:41 ----A---- C:\windows\system32\drivers\WdBoot.sys
2015-03-30 21:09:27 ----A---- C:\windows\SYSWOW64\packager.dll
2015-03-30 21:09:27 ----A---- C:\windows\system32\packager.dll
2015-03-30 21:08:49 ----A---- C:\windows\system32\rpcrt4.dll
2015-03-30 21:08:48 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2015-03-30 21:07:37 ----A---- C:\windows\SYSWOW64\pku2u.dll
2015-03-30 21:07:37 ----A---- C:\windows\system32\pku2u.dll
2015-03-30 21:04:33 ----A---- C:\windows\system32\twinui.dll
2015-03-30 21:04:31 ----A---- C:\windows\SYSWOW64\twinui.dll
2015-03-30 21:04:27 ----A---- C:\windows\SYSWOW64\msi.dll
2015-03-30 21:04:27 ----A---- C:\windows\SYSWOW64\authui.dll
2015-03-30 21:04:27 ----A---- C:\windows\system32\msi.dll
2015-03-30 21:04:27 ----A---- C:\windows\system32\authui.dll
2015-03-30 21:04:26 ----A---- C:\windows\SYSWOW64\msihnd.dll
2015-03-30 21:04:26 ----A---- C:\windows\SYSWOW64\actxprxy.dll
2015-03-30 21:04:26 ----A---- C:\windows\system32\msihnd.dll
2015-03-30 21:04:26 ----A---- C:\windows\system32\consent.exe
2015-03-30 21:04:26 ----A---- C:\windows\system32\appinfo.dll
2015-03-30 21:04:26 ----A---- C:\windows\system32\actxprxy.dll
2015-03-30 21:04:15 ----A---- C:\windows\system32\drivers\afd.sys
2015-03-30 21:04:04 ----A---- C:\windows\system32\tssdisai.dll
2015-03-30 21:04:00 ----A---- C:\windows\system32\VmHostAI.dll
2015-03-30 21:04:00 ----A---- C:\windows\system32\RDWebAI.dll
2015-03-30 21:04:00 ----A---- C:\windows\system32\appserverai.dll
2015-03-30 21:03:59 ----A---- C:\windows\SYSWOW64\poqexec.exe
2015-03-30 21:03:59 ----A---- C:\windows\system32\poqexec.exe
2015-03-30 21:03:57 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2015-03-30 21:03:57 ----A---- C:\windows\system32\WMPhoto.dll
2015-03-30 21:03:20 ----A---- C:\windows\SYSWOW64\msxml6.dll
2015-03-30 21:03:20 ----A---- C:\windows\system32\msxml6.dll
2015-03-30 21:03:19 ----A---- C:\windows\SYSWOW64\msxml6r.dll
2015-03-30 21:03:19 ----A---- C:\windows\system32\msxml6r.dll
2015-03-30 20:55:45 ----A---- C:\windows\system32\drivers\tcpip.sys
2015-03-30 20:55:44 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2015-03-30 20:51:44 ----A---- C:\windows\system32\qedit.dll
2015-03-30 20:51:43 ----A---- C:\windows\SYSWOW64\qedit.dll
2015-03-30 20:48:55 ----A---- C:\windows\system32\WMALFXGFXDSP.dll
2015-03-30 20:48:55 ----A---- C:\windows\system32\SysFxUI.dll
2015-03-30 20:48:55 ----A---- C:\windows\system32\drivers\portcls.sys
2015-03-30 20:48:55 ----A---- C:\windows\system32\drivers\drmkaud.sys
2015-03-30 20:48:55 ----A---- C:\windows\system32\drivers\drmk.sys
2015-03-29 22:21:06 ----A---- C:\windows\system32\shell32.dll
2015-03-29 22:21:04 ----A---- C:\windows\SYSWOW64\shell32.dll
2015-03-29 22:11:49 ----A---- C:\windows\system32\drivers\mrxdav.sys
2015-03-29 21:32:07 ----A---- C:\windows\system32\netcfg-35462500.txt
2015-03-29 21:31:04 ----A---- C:\windows\system32\netcfg-35399265.txt
2015-03-29 21:27:07 ----A---- C:\windows\system32\netcfg-35162671.txt
2015-03-29 21:27:01 ----A---- C:\windows\system32\netcfg-35156218.txt
2015-03-29 21:26:56 ----A---- C:\windows\system32\netcfg-35151156.txt
2015-03-29 21:26:42 ----A---- C:\windows\system32\netcfg-35137765.txt
2015-03-29 21:22:51 ----A---- C:\windows\system32\netcfg-34906593.txt
2015-03-29 21:22:42 ----A---- C:\windows\system32\netcfg-34897531.txt
2015-03-29 20:54:57 ----D---- C:\Users\Kateřina\AppData\Roaming\Apple Computer
2015-03-29 20:54:13 ----A---- C:\windows\system32\drivers\GEARAspiWDM.sys
2015-03-29 20:54:12 ----DC---- C:\windows\system32\DRVSTORE
2015-03-29 20:52:21 ----D---- C:\Program Files (x86)\iTunes
2015-03-29 20:52:20 ----D---- C:\Program Files\iPod
2015-03-29 20:51:59 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-29 20:51:59 ----D---- C:\ProgramData\Apple Computer
2015-03-29 20:51:59 ----D---- C:\Program Files\iTunes
2015-03-29 20:45:21 ----D---- C:\Program Files (x86)\Apple Software Update
2015-03-29 20:44:04 ----D---- C:\Program Files\Common Files\Apple
2015-03-29 20:43:26 ----D---- C:\ProgramData\Apple
2015-03-29 12:20:39 ----A---- C:\windows\system32\netcfg-2381062.txt
2015-03-29 11:46:48 ----A---- C:\windows\system32\netcfg-356562.txt
2015-03-29 11:44:59 ----A---- C:\windows\system32\netcfg-247453.txt
2015-03-29 11:43:08 ----A---- C:\windows\system32\netcfg-136703.txt
2015-03-29 11:42:22 ----A---- C:\windows\system32\netcfg-90453.txt
2015-03-29 11:40:18 ----A---- C:\windows\system32\netcfg-216228750.txt
2015-03-29 11:38:36 ----A---- C:\windows\system32\netcfg-216127265.txt
2015-03-29 11:37:49 ----A---- C:\windows\system32\netcfg-216080234.txt
2015-03-29 11:36:46 ----A---- C:\windows\system32\netcfg-216017421.txt
2015-03-29 11:36:42 ----A---- C:\windows\system32\netcfg-216012890.txt
2015-03-29 11:36:29 ----A---- C:\windows\system32\netcfg-215999906.txt
2015-03-29 11:36:26 ----A---- C:\windows\system32\netcfg-215996734.txt
2015-03-29 11:17:03 ----D---- C:\Program Files (x86)\Google
2015-03-29 11:07:30 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-03-29 11:07:29 ----A---- C:\windows\SYSWOW64\wups.dll
2015-03-29 11:07:29 ----A---- C:\windows\system32\wudriver.dll
2015-03-29 11:07:29 ----A---- C:\windows\system32\storewuauth.dll
2015-03-29 11:07:26 ----A---- C:\windows\system32\wushareduxresources.dll
2015-03-29 11:07:26 ----A---- C:\windows\system32\wups2.dll
2015-03-29 11:07:26 ----A---- C:\windows\system32\wups.dll
2015-03-29 11:07:25 ----A---- C:\windows\system32\WUSettingsProvider.dll
2015-03-29 11:07:25 ----A---- C:\windows\system32\wuauclt.exe
2015-03-29 11:07:25 ----A---- C:\windows\system32\wuaext.dll
2015-03-29 11:07:21 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-03-29 11:07:21 ----A---- C:\windows\system32\wucltux.dll
2015-03-29 11:07:21 ----A---- C:\windows\system32\wuaueng.dll
2015-03-29 11:07:21 ----A---- C:\windows\system32\wuapi.dll
2015-03-29 11:06:13 ----A---- C:\windows\system32\netcfg-214183546.txt
2015-03-29 11:06:10 ----A---- C:\windows\system32\netcfg-214180781.txt
2015-03-27 08:25:19 ----A---- C:\Recovery.txt
2015-03-27 07:28:34 ----A---- C:\windows\system32\netcfg-184250.txt
2015-03-27 07:25:44 ----ASH---- C:\swapfile.sys
2015-03-27 07:25:43 ----ASH---- C:\pagefile.sys
2015-03-27 07:25:42 ----SHD---- C:\System Volume Information
2015-03-27 07:25:41 ----ASH---- C:\hiberfil.sys
2015-03-27 00:17:28 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-03-27 00:17:28 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-03-27 00:17:28 ----A---- C:\windows\system32\wuwebv.dll
2015-03-27 00:17:28 ----A---- C:\windows\system32\wuapp.exe
2015-03-26 23:48:16 ----D---- C:\Users\Kateřina\AppData\Roaming\LSC
2015-03-26 23:40:25 ----D---- C:\Users\Kateřina\AppData\Roaming\Lenovo
2015-03-26 23:39:49 ----SHD---- C:\$RECYCLE.BIN
2015-03-26 23:38:48 ----D---- C:\Users\Kateřina\AppData\Roaming\Adobe
2015-03-26 23:37:27 ----A---- C:\windows\system32\netcfg-63500.txt
2015-03-26 23:36:10 ----A---- C:\windows\system32\netcfg-652359.txt
2015-03-26 23:35:55 ----SD---- C:\Users\Kateřina\AppData\Roaming\Microsoft
2015-03-26 23:35:55 ----D---- C:\Users\Kateřina\AppData\Roaming\Macromedia
2015-03-26 23:28:34 ----A---- C:\windows\system32\netcfg-195671.txt
2015-03-26 23:28:29 ----A---- C:\windows\system32\netcfg-191093.txt

======List of files/folders modified in the last 1 month======

2015-04-02 01:00:03 ----D---- C:\windows\system32\sru
2015-04-02 00:58:54 ----D---- C:\windows\system32\catroot2
2015-04-02 00:58:18 ----D---- C:\windows\WinSxS
2015-04-02 00:54:42 ----D---- C:\windows\system32\config
2015-04-02 00:50:14 ----D---- C:\windows\CbsTemp
2015-04-02 00:03:48 ----D---- C:\windows\Prefetch
2015-04-02 00:03:46 ----D---- C:\windows\Temp
2015-04-02 00:03:45 ----D---- C:\windows\system32\Drivers
2015-04-02 00:03:10 ----RD---- C:\Program Files (x86)
2015-04-02 00:03:10 ----HD---- C:\ProgramData
2015-04-01 23:58:27 ----D---- C:\windows\Inf
2015-03-31 23:05:50 ----AD---- C:\windows\System32
2015-03-31 23:05:47 ----HD---- C:\windows\ELAMBKUP
2015-03-31 22:59:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-03-31 22:59:23 ----D---- C:\Program Files (x86)\Lenovo
2015-03-31 22:59:19 ----SHD---- C:\windows\Installer
2015-03-31 22:52:40 ----RD---- C:\windows\assembly
2015-03-31 22:52:18 ----D---- C:\Program Files\Lenovo
2015-03-31 22:43:38 ----D---- C:\windows\AUInstallAgent
2015-03-31 22:43:19 ----D---- C:\windows\SysWOW64
2015-03-31 22:43:19 ----AD---- C:\Windows
2015-03-31 22:43:16 ----D---- C:\windows\system32\DriverStore
2015-03-31 22:41:33 ----RD---- C:\Program Files
2015-03-31 22:38:20 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-03-31 22:35:23 ----A---- C:\windows\SYSWOW64\log.txt
2015-03-31 22:30:43 ----D---- C:\windows\servicing
2015-03-31 22:30:26 ----D---- C:\windows\Microsoft.NET
2015-03-31 22:25:22 ----RD---- C:\windows\ToastData
2015-03-31 22:25:20 ----D---- C:\windows\SYSWOW64\sk-SK
2015-03-31 22:25:20 ----D---- C:\windows\SYSWOW64\en-US
2015-03-31 22:25:20 ----D---- C:\windows\SYSWOW64\cs-CZ
2015-03-31 22:25:19 ----D---- C:\windows\system32\sk-SK
2015-03-31 22:25:19 ----D---- C:\windows\system32\en-US
2015-03-31 22:25:19 ----D---- C:\windows\system32\cs-CZ
2015-03-31 22:24:57 ----D---- C:\Program Files\Windows Media Player
2015-03-31 22:24:57 ----D---- C:\Program Files (x86)\Windows Media Player
2015-03-31 22:24:56 ----D---- C:\windows\WinStore
2015-03-31 22:24:56 ----D---- C:\windows\SYSWOW64\migration
2015-03-31 22:24:45 ----D---- C:\windows\system32\migration
2015-03-31 22:24:45 ----D---- C:\windows\system32\Boot
2015-03-31 22:24:01 ----D---- C:\Program Files\Windows Defender
2015-03-31 22:23:55 ----D---- C:\Program Files (x86)\Windows Defender
2015-03-31 22:23:16 ----AD---- C:\windows\system32\oobe
2015-03-31 22:12:52 ----SD---- C:\ProgramData\Microsoft
2015-03-31 21:13:56 ----D---- C:\windows\Tasks
2015-03-31 19:39:06 ----HD---- C:\Program Files\WindowsApps
2015-03-31 17:30:12 ----D---- C:\Program Files (x86)\McAfee
2015-03-30 22:17:35 ----D---- C:\windows\system32\NDF
2015-03-30 21:56:40 ----D---- C:\windows\SoftwareDistribution
2015-03-30 21:03:41 ----D---- C:\ProgramData\McAfee
2015-03-29 20:45:27 ----D---- C:\windows\system32\Tasks
2015-03-29 20:45:11 ----D---- C:\windows\system32\catroot
2015-03-29 20:44:04 ----D---- C:\Program Files\Common Files
2015-03-29 20:43:26 ----D---- C:\Program Files (x86)\Common Files
2015-03-29 11:42:04 ----D---- C:\Program Files\Common Files\mcafee
2015-03-29 11:33:27 ----D---- C:\windows\Logs
2015-03-29 11:08:13 ----D---- C:\windows\system32\wdi
2015-03-27 00:15:18 ----D---- C:\windows\system32\restore
2015-03-26 23:37:54 ----RD---- C:\windows\ImmersiveControlPanel
2015-03-26 23:34:25 ----AD---- C:\Users
2015-03-26 23:29:04 ----D---- C:\windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2012-07-09 645952]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2012-10-17 39008]
R0 mfeavfk;McAfee Inc. mfeavfk; C:\windows\system32\drivers\mfeavfk.sys []
R0 mfefirek;McAfee Inc. mfefirek; C:\windows\system32\drivers\mfefirek.sys []
R0 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys []
R0 mfewfpk;McAfee Inc. mfewfpk; C:\windows\system32\drivers\mfewfpk.sys []
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 ACPIVPC;@oem11.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2012-10-17 33560]
R3 AmUStor;@oem6.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\windows\system32\drivers\AmUStor.SYS [2012-06-13 100992]
R3 athr;@oem8.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athw8x.sys [2012-07-24 3618304]
R3 ETD;@oem10.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2012-08-09 315216]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-08-23 9000256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2012-07-03 4074256]
R3 L1C;@oem7.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C63x64.sys [2012-06-21 110744]
R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2015-03-17 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [2015-04-02 136408]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\windows\system32\drivers\mwac.sys [2015-03-17 64216]
R3 MEIx64;@oem3.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2012-07-26 210304]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S0 cfwids;McAfee Inc. cfwids; C:\windows\system32\drivers\cfwids.sys []
S0 mfeapfk;McAfee Inc. mfeapfk; C:\windows\system32\drivers\mfeapfk.sys []
S0 mfeelamk;McAfee Inc. mfeelamk; C:\windows\system32\drivers\mfeelamk.sys []
S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2012-06-02 333824]
S3 NETwNs64;@netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2012-06-02 8604672]
S3 SPUVCbv;@oem9.inf,%SPUVCb.ServiceName%;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys []
S3 USBAAPL64;@oem13.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
S3 WSDPrintDevice;@WSDPrint.Inf,%WSDPrintDevice.SVCDESC%;WSD Print Support; C:\windows\System32\drivers\WSDPrint.sys [2012-07-26 21504]
S3 WSDScan;@sti.inf,%WSDScan.SvcDesc%;Podpora skenování WSD; C:\windows\system32\DRIVERS\WSDScan.sys [2012-07-26 23552]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-19 77128]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-17 128896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-17 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 276864]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-03-17 1080120]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-03-17 1871160]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe []
R2 mfevtp;McAfee Validation Trust Protection Service; C:\windows\system32\mfevtps.exe []
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 364416]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-02-13 643880]
S2 0207641427835676mcinstcleanup;McAfee Application Installer Cleanup (0207641427835676); C:\Users\KATEIN~1\AppData\Local\Temp\020764~1.EXE [2014-03-13 836168]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-29 116648]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2012-08-24 276288]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-29 116648]
S4 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]

-----------------EOF-----------------

Re: Zatížení ntb, prosím o kontrolu logu

Napsal: 02 dub 2015 16:30
od Rudy
Potřebuji vidět log z MBAM. Toto je RSIT.
Všechny časy jsou v UTC+01:00
Stránka 1 z 4

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz