Trojan:JS/FrameRef

jaruska · Příspěvekod **jaruska** » 16 led 2013 09:56

Ahoj, prosím o radu. Microsoft Security Essentials našel "Trojan:JS/FrameRef" a "Trojan:JS/Frame.AP". Uložil je do karantény a nabídl řešení odstranit z PC.
Stačí toto řešení? Po odtranění jsem spustila MSE a už nic nenašel. Mám ještě PC skenovat jiným programem? Jarka

Reklama

Štučka · Příspěvekod **Štučka** » 16 led 2013 10:09

Malwarebytes anti-malware

Příspěvekod **memphisto** » 16 led 2013 13:50

Dej sem log z HijackThis (návod v podpise) a:

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

jaruska · Příspěvekod **jaruska** » 18 led 2013 08:24

Ahoj, chřipka je prevít, dostala jsem se k počítači až teď.

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2013.01.16.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Uzivatel :: ADMIN [administrátor]

18.1.2013 8:06:16
MBAM-log-2013-01-18 (08-22-09).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 263529
Uplynulý čas: 4 minut, 29 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage (PUP.FunMoods) -> Nebyla provedena žádná instrukce.

(konec)

Příspěvekod **memphisto** » 18 led 2013 09:09

Na chřipku nástroje nemáme :-)

Dej sem ještě log z HijackThis + dej znovu sken v Mbam a nech vše smazat

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

jaruska · Příspěvekod **jaruska** » 18 led 2013 09:50

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2013.01.16.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Uzivatel :: ADMIN [administrátor]

18.1.2013 9:43:52
mbam-log-2013-01-18 (09-43-52).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 259289
Uplynulý čas: 2 minut, 29 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage (PUP.FunMoods) -> Přesun do karantény a smazání se zdařilo.

(konec)

jaruska · Příspěvekod **jaruska** » 18 led 2013 09:55

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:54:52, on 18.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Windows\SysWOW64\RunDll32.exe
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Password Manager Browser Helper Object - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O2 - BHO: IEPlugin - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKUS\S-1-5-21-1491416831-2494565887-1369721341-1005\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray (User 'Hanka')
O4 - HKUS\S-1-5-21-1491416831-2494565887-1369721341-1005\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'Hanka')
O4 - HKUS\S-1-5-21-1491416831-2494565887-1369721341-1005\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray (User 'Hanka')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{614F1BC4-5026-4228-BAA2-028217FD085E}: NameServer = 77.48.254.254,77.48.100.254
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: DraftSight API Service - Dassault Systemes - C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HyperW7 Service (HyperW7Svc) - Lenovo Group Limited - C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Screen Reading Optimizer Service Program (SROSVC) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIPAppService - Symantec Corporation - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15278 bytes

jaruska · Příspěvekod **jaruska** » 18 led 2013 10:06

09:56:58.0543 3316 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
09:56:58.0824 3316 ============================================================
09:56:58.0824 3316 Current date / time: 2013/01/18 09:56:58.0824
09:56:58.0824 3316 SystemInfo:
09:56:58.0824 3316
09:56:58.0824 3316 OS Version: 6.1.7601 ServicePack: 1.0
09:56:58.0824 3316 Product type: Workstation
09:56:58.0824 3316 ComputerName: ADMIN
09:56:58.0824 3316 UserName: Uzivatel
09:56:58.0824 3316 Windows directory: C:\Windows
09:56:58.0824 3316 System windows directory: C:\Windows
09:56:58.0824 3316 Running under WOW64
09:56:58.0824 3316 Processor architecture: Intel x64
09:56:58.0824 3316 Number of processors: 4
09:56:58.0824 3316 Page size: 0x1000
09:56:58.0824 3316 Boot type: Normal boot
09:56:58.0824 3316 ============================================================
09:56:59.0619 3316 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:56:59.0635 3316 ============================================================
09:56:59.0635 3316 \Device\Harddisk0\DR0:
09:56:59.0635 3316 MBR partitions:
09:56:59.0635 3316 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000
09:56:59.0635 3316 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38157000
09:56:59.0635 3316 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38445800, BlocksNum 0x1F40000
09:56:59.0635 3316 ============================================================
09:56:59.0666 3316 C: <-> \Device\Harddisk0\DR0\Partition2
09:56:59.0666 3316 ============================================================
09:56:59.0666 3316 Initialize success
09:56:59.0666 3316 ============================================================
09:57:06.0093 1780 ============================================================
09:57:06.0093 1780 Scan started
09:57:06.0093 1780 Mode: Manual;
09:57:06.0093 1780 ============================================================
09:57:06.0296 1780 ================ Scan system memory ========================
09:57:06.0296 1780 System memory - ok
09:57:06.0296 1780 ================ Scan services =============================
09:57:06.0499 1780 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:57:06.0499 1780 1394ohci - ok
09:57:06.0530 1780 [ F4AF97702BAD85BFEF64B9A557F11B6F ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
09:57:06.0546 1780 5U877 - ok
09:57:06.0624 1780 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
09:57:06.0624 1780 ACDaemon - ok
09:57:06.0655 1780 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:57:06.0670 1780 ACPI - ok
09:57:06.0702 1780 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:57:06.0702 1780 AcpiPmi - ok
09:57:06.0780 1780 [ 1933DB4808793F3BD7AB34A39A809425 ] AcPrfMgrSvc C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
09:57:06.0780 1780 AcPrfMgrSvc - ok
09:57:06.0811 1780 [ E7AF543334B21D84124709061A9AE4D7 ] AcSvc C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
09:57:06.0811 1780 AcSvc - ok
09:57:06.0920 1780 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:57:06.0920 1780 AdobeFlashPlayerUpdateSvc - ok
09:57:06.0967 1780 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:57:06.0982 1780 adp94xx - ok
09:57:07.0014 1780 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:57:07.0014 1780 adpahci - ok
09:57:07.0029 1780 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:57:07.0029 1780 adpu320 - ok
09:57:07.0060 1780 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:57:07.0060 1780 AeLookupSvc - ok
09:57:07.0092 1780 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:57:07.0107 1780 AFD - ok
09:57:07.0123 1780 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:57:07.0123 1780 agp440 - ok
09:57:07.0138 1780 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:57:07.0138 1780 ALG - ok
09:57:07.0170 1780 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:57:07.0170 1780 aliide - ok
09:57:07.0185 1780 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:57:07.0185 1780 amdide - ok
09:57:07.0201 1780 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:57:07.0201 1780 AmdK8 - ok
09:57:07.0201 1780 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:57:07.0201 1780 AmdPPM - ok
09:57:07.0232 1780 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:57:07.0232 1780 amdsata - ok
09:57:07.0263 1780 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:57:07.0263 1780 amdsbs - ok
09:57:07.0279 1780 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:57:07.0279 1780 amdxata - ok
09:57:07.0310 1780 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:57:07.0310 1780 AppID - ok
09:57:07.0326 1780 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:57:07.0326 1780 AppIDSvc - ok
09:57:07.0341 1780 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:57:07.0341 1780 Appinfo - ok
09:57:07.0357 1780 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
09:57:07.0372 1780 AppMgmt - ok
09:57:07.0388 1780 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
09:57:07.0388 1780 arc - ok
09:57:07.0404 1780 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:57:07.0404 1780 arcsas - ok
09:57:07.0497 1780 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:57:07.0497 1780 aspnet_state - ok
09:57:07.0513 1780 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:57:07.0513 1780 AsyncMac - ok
09:57:07.0544 1780 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:57:07.0544 1780 atapi - ok
09:57:07.0591 1780 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:57:07.0606 1780 AudioEndpointBuilder - ok
09:57:07.0622 1780 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:57:07.0622 1780 AudioSrv - ok
09:57:07.0653 1780 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:57:07.0653 1780 AxInstSV - ok
09:57:07.0684 1780 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
09:57:07.0700 1780 b06bdrv - ok
09:57:07.0716 1780 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:57:07.0731 1780 b57nd60a - ok
09:57:07.0747 1780 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:57:07.0747 1780 BDESVC - ok
09:57:07.0762 1780 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:57:07.0762 1780 Beep - ok
09:57:07.0794 1780 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:57:07.0809 1780 BFE - ok
09:57:07.0840 1780 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:57:07.0856 1780 BITS - ok
09:57:07.0872 1780 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:57:07.0887 1780 blbdrive - ok
09:57:07.0903 1780 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:57:07.0903 1780 bowser - ok
09:57:07.0918 1780 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:57:07.0918 1780 BrFiltLo - ok
09:57:07.0934 1780 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:57:07.0934 1780 BrFiltUp - ok
09:57:07.0950 1780 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
09:57:07.0950 1780 BridgeMP - ok
09:57:07.0996 1780 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:57:07.0996 1780 Browser - ok
09:57:08.0012 1780 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:57:08.0012 1780 Brserid - ok
09:57:08.0028 1780 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:57:08.0028 1780 BrSerWdm - ok
09:57:08.0028 1780 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:57:08.0028 1780 BrUsbMdm - ok
09:57:08.0043 1780 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:57:08.0043 1780 BrUsbSer - ok
09:57:08.0074 1780 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
09:57:08.0074 1780 BthEnum - ok
09:57:08.0090 1780 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:57:08.0090 1780 BTHMODEM - ok
09:57:08.0106 1780 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
09:57:08.0106 1780 BthPan - ok
09:57:08.0137 1780 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
09:57:08.0152 1780 BTHPORT - ok
09:57:08.0184 1780 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:57:08.0184 1780 bthserv - ok
09:57:08.0215 1780 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
09:57:08.0215 1780 BTHUSB - ok
09:57:08.0262 1780 [ F8CFAFBD5BF8B3DDB0D3C2943A5AF8CE ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
09:57:08.0277 1780 BTWAMPFL - ok
09:57:08.0308 1780 [ 24BFF9D75310F3059EE44F38BF0DE0B2 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
09:57:08.0308 1780 btwaudio - ok
09:57:08.0324 1780 [ 858B305ADE425732CFF9DED182F94FB8 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
09:57:08.0340 1780 btwavdt - ok
09:57:08.0418 1780 [ 6EF8CC2F2FDA2098089A33F43F4E019D ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
09:57:08.0433 1780 btwdins - ok
09:57:08.0449 1780 [ B9354F9F111C64F2495B60F1E24CB453 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
09:57:08.0464 1780 btwl2cap - ok
09:57:08.0464 1780 [ 3BD876387D6C538690300F9EC198856B ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
09:57:08.0464 1780 btwrchid - ok
09:57:08.0496 1780 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:57:08.0496 1780 cdfs - ok
09:57:08.0527 1780 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:57:08.0542 1780 cdrom - ok
09:57:08.0558 1780 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:57:08.0558 1780 CertPropSvc - ok
09:57:08.0574 1780 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
09:57:08.0574 1780 circlass - ok
09:57:08.0605 1780 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:57:08.0605 1780 CLFS - ok
09:57:08.0667 1780 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:57:08.0667 1780 clr_optimization_v2.0.50727_32 - ok
09:57:08.0698 1780 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:57:08.0714 1780 clr_optimization_v2.0.50727_64 - ok
09:57:08.0745 1780 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:57:08.0745 1780 clr_optimization_v4.0.30319_32 - ok
09:57:08.0776 1780 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:57:08.0776 1780 clr_optimization_v4.0.30319_64 - ok
09:57:08.0823 1780 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:57:08.0823 1780 CmBatt - ok
09:57:08.0839 1780 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:57:08.0839 1780 cmdide - ok
09:57:08.0886 1780 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:57:08.0901 1780 CNG - ok
09:57:08.0964 1780 [ 290CD2777CAF8A5E5499C7FC9E74CB87 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
09:57:08.0995 1780 CnxtHdAudService - ok
09:57:09.0010 1780 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:57:09.0010 1780 Compbatt - ok
09:57:09.0026 1780 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
09:57:09.0026 1780 CompositeBus - ok
09:57:09.0042 1780 COMSysApp - ok
09:57:09.0057 1780 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:57:09.0057 1780 crcdisk - ok
09:57:09.0104 1780 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:57:09.0104 1780 CryptSvc - ok
09:57:09.0120 1780 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
09:57:09.0120 1780 CSC - ok
09:57:09.0166 1780 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
09:57:09.0166 1780 CscService - ok
09:57:09.0198 1780 [ 9D0D050170D47E778B624A28C90F23DE ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe
09:57:09.0198 1780 CxAudMsg - ok
09:57:09.0229 1780 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:57:09.0244 1780 DcomLaunch - ok
09:57:09.0260 1780 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:57:09.0260 1780 defragsvc - ok
09:57:09.0291 1780 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:57:09.0291 1780 DfsC - ok
09:57:09.0307 1780 dgderdrv - ok
09:57:09.0338 1780 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
09:57:09.0385 1780 dg_ssudbus - ok
09:57:09.0432 1780 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:57:09.0432 1780 Dhcp - ok
09:57:09.0463 1780 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:57:09.0463 1780 discache - ok
09:57:09.0510 1780 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
09:57:09.0510 1780 Disk - ok
09:57:09.0541 1780 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
09:57:09.0541 1780 dmvsc - ok
09:57:09.0556 1780 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:57:09.0572 1780 Dnscache - ok
09:57:09.0603 1780 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:57:09.0603 1780 dot3svc - ok
09:57:09.0619 1780 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:57:09.0619 1780 DPS - ok
09:57:09.0775 1780 [ 888D373E338BA8B2D2E109F63813EE0B ] DraftSight API Service C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
09:57:09.0775 1780 DraftSight API Service - ok
09:57:09.0806 1780 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:57:09.0806 1780 drmkaud - ok
09:57:09.0853 1780 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:57:09.0868 1780 DXGKrnl - ok
09:57:09.0900 1780 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:57:09.0900 1780 EapHost - ok
09:57:09.0978 1780 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
09:57:10.0009 1780 ebdrv - ok
09:57:10.0071 1780 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:57:10.0087 1780 EFS - ok
09:57:10.0149 1780 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:57:10.0149 1780 ehRecvr - ok
09:57:10.0165 1780 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:57:10.0165 1780 ehSched - ok
09:57:10.0227 1780 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
09:57:10.0227 1780 ElbyCDIO - ok
09:57:10.0274 1780 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:57:10.0290 1780 elxstor - ok
09:57:10.0305 1780 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:57:10.0305 1780 ErrDev - ok
09:57:10.0336 1780 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:57:10.0336 1780 EventSystem - ok
09:57:10.0430 1780 [ 532B8FF8E07F3772B086620377654F95 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
09:57:10.0446 1780 EvtEng - ok
09:57:10.0477 1780 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:57:10.0477 1780 exfat - ok
09:57:10.0492 1780 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:57:10.0492 1780 fastfat - ok
09:57:10.0539 1780 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:57:10.0555 1780 Fax - ok
09:57:10.0555 1780 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
09:57:10.0555 1780 fdc - ok
09:57:10.0586 1780 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:57:10.0586 1780 fdPHost - ok
09:57:10.0586 1780 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:57:10.0586 1780 FDResPub - ok
09:57:10.0602 1780 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:57:10.0602 1780 FileInfo - ok
09:57:10.0617 1780 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:57:10.0617 1780 Filetrace - ok
09:57:10.0695 1780 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:57:10.0695 1780 FLEXnet Licensing Service - ok
09:57:10.0711 1780 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
09:57:10.0726 1780 flpydisk - ok
09:57:10.0742 1780 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:57:10.0742 1780 FltMgr - ok
09:57:10.0789 1780 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:57:10.0804 1780 FontCache - ok
09:57:10.0836 1780 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:57:10.0836 1780 FontCache3.0.0.0 - ok
09:57:10.0851 1780 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:57:10.0851 1780 FsDepends - ok
09:57:10.0882 1780 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:57:10.0882 1780 Fs_Rec - ok
09:57:10.0898 1780 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:57:10.0914 1780 fvevol - ok
09:57:10.0929 1780 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:57:10.0929 1780 gagp30kx - ok
09:57:10.0960 1780 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:57:10.0976 1780 gpsvc - ok
09:57:11.0023 1780 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:57:11.0038 1780 gusvc - ok
09:57:11.0054 1780 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:57:11.0070 1780 hcw85cir - ok
09:57:11.0101 1780 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:57:11.0101 1780 HdAudAddService - ok
09:57:11.0132 1780 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:57:11.0132 1780 HDAudBus - ok
09:57:11.0148 1780 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:57:11.0148 1780 HidBatt - ok
09:57:11.0163 1780 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:57:11.0163 1780 HidBth - ok
09:57:11.0163 1780 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
09:57:11.0163 1780 HidIr - ok
09:57:11.0194 1780 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
09:57:11.0194 1780 hidserv - ok
09:57:11.0226 1780 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:57:11.0241 1780 HidUsb - ok
09:57:11.0257 1780 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:57:11.0257 1780 hkmsvc - ok
09:57:11.0272 1780 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:57:11.0272 1780 HomeGroupListener - ok
09:57:11.0304 1780 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:57:11.0304 1780 HomeGroupProvider - ok
09:57:11.0366 1780 [ F90DD89E8A482AC976DD4E1029802E49 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
09:57:11.0366 1780 HP LaserJet Service - ok
09:57:11.0397 1780 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:57:11.0397 1780 HpSAMD - ok
09:57:11.0428 1780 [ 4E9CAE3200A46135DE01CE22BAF832BE ] HPSIService C:\Windows\system32\HPSIsvc.exe
09:57:11.0428 1780 HPSIService - ok
09:57:11.0475 1780 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:57:11.0491 1780 HTTP - ok
09:57:11.0538 1780 [ 012015A7DA5D7DD5DDDF3BE4C34CBE3B ] HWiNFO32 C:\Windows\system32\drivers\HWiNFO64A.SYS
09:57:11.0569 1780 HWiNFO32 - ok
09:57:11.0584 1780 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:57:11.0584 1780 hwpolicy - ok
09:57:11.0647 1780 [ AEFF0DE7BA1F175657EFC427F4F13857 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
09:57:11.0647 1780 HyperW7Svc - ok
09:57:11.0678 1780 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:57:11.0678 1780 i8042prt - ok
09:57:11.0709 1780 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:57:11.0709 1780 iaStor - ok
09:57:11.0740 1780 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:57:11.0756 1780 iaStorV - ok
09:57:11.0756 1780 [ 2151176DB657AEFF9B873D23380C3F5B ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
09:57:11.0772 1780 IBMPMDRV - ok
09:57:11.0772 1780 [ C76A67AED080538D420550C903696788 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
09:57:11.0772 1780 IBMPMSVC - ok
09:57:11.0834 1780 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
09:57:11.0834 1780 IDriverT - ok
09:57:11.0881 1780 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:57:11.0896 1780 idsvc - ok
09:57:12.0130 1780 [ 0D1B8C64BDF0E5CDC523A1409FFB5EF0 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:57:12.0364 1780 igfx - ok
09:57:12.0396 1780 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:57:12.0396 1780 iirsp - ok
09:57:12.0427 1780 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:57:12.0427 1780 IKEEXT - ok
09:57:12.0458 1780 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
09:57:12.0458 1780 intaud_WaveExtensible - ok
09:57:12.0489 1780 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
09:57:12.0489 1780 IntcDAud - ok
09:57:12.0505 1780 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:57:12.0505 1780 intelide - ok
09:57:12.0520 1780 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:57:12.0520 1780 intelppm - ok
09:57:12.0552 1780 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:57:12.0552 1780 IPBusEnum - ok
09:57:12.0567 1780 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:57:12.0567 1780 IpFilterDriver - ok
09:57:12.0598 1780 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:57:12.0598 1780 iphlpsvc - ok
09:57:12.0614 1780 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:57:12.0614 1780 IPMIDRV - ok
09:57:12.0630 1780 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:57:12.0630 1780 IPNAT - ok
09:57:12.0645 1780 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:57:12.0645 1780 IRENUM - ok
09:57:12.0661 1780 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:57:12.0676 1780 isapnp - ok
09:57:12.0676 1780 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:57:12.0692 1780 iScsiPrt - ok
09:57:12.0708 1780 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
09:57:12.0708 1780 iwdbus - ok
09:57:12.0770 1780 [ 6C85719A21B3F62C2C76280F4BD36C7B ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
09:57:12.0770 1780 jhi_service - ok
09:57:12.0801 1780 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:57:12.0801 1780 kbdclass - ok
09:57:12.0817 1780 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
09:57:12.0817 1780 kbdhid - ok
09:57:12.0832 1780 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:57:12.0832 1780 KeyIso - ok
09:57:12.0864 1780 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:57:12.0879 1780 KSecDD - ok
09:57:12.0895 1780 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:57:12.0895 1780 KSecPkg - ok
09:57:12.0895 1780 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:57:12.0895 1780 ksthunk - ok
09:57:12.0926 1780 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:57:12.0926 1780 KtmRm - ok
09:57:12.0942 1780 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
09:57:12.0957 1780 LanmanServer - ok
09:57:12.0973 1780 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:57:12.0973 1780 LanmanWorkstation - ok
09:57:13.0004 1780 [ 56B74943929BC575914631EDC0E72220 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
09:57:13.0004 1780 LENOVO.CAMMUTE - ok
09:57:13.0051 1780 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
09:57:13.0051 1780 LENOVO.MICMUTE - ok
09:57:13.0066 1780 [ 2B9D8555DC004E240082D18E7725CE20 ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys
09:57:13.0082 1780 lenovo.smi - ok
09:57:13.0082 1780 [ F9B51B2A5DA1222A910021C71E9EA559 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
09:57:13.0082 1780 LENOVO.TPKNRSVC - ok
09:57:13.0098 1780 [ F7DE50781DC4D162C1005EB30D98F931 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
09:57:13.0113 1780 Lenovo.VIRTSCRLSVC - ok
09:57:13.0144 1780 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:57:13.0144 1780 lltdio - ok
09:57:13.0160 1780 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:57:13.0160 1780 lltdsvc - ok
09:57:13.0191 1780 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:57:13.0191 1780 lmhosts - ok
09:57:13.0222 1780 [ E7859BA062DB5E23C6DD34AD66B09F50 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:57:13.0238 1780 LMS - ok
09:57:13.0254 1780 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:57:13.0254 1780 LSI_FC - ok
09:57:13.0269 1780 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:57:13.0269 1780 LSI_SAS - ok
09:57:13.0285 1780 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:57:13.0285 1780 LSI_SAS2 - ok
09:57:13.0300 1780 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:57:13.0300 1780 LSI_SCSI - ok
09:57:13.0316 1780 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:57:13.0316 1780 luafv - ok
09:57:13.0347 1780 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:57:13.0347 1780 MBAMProtector - ok
09:57:13.0410 1780 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:57:13.0425 1780 MBAMScheduler - ok
09:57:13.0488 1780 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:57:13.0488 1780 MBAMService - ok
09:57:13.0519 1780 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:57:13.0519 1780 Mcx2Svc - ok
09:57:13.0566 1780 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
09:57:13.0581 1780 MDM - ok
09:57:13.0597 1780 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
09:57:13.0597 1780 megasas - ok
09:57:13.0628 1780 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:57:13.0628 1780 MegaSR - ok
09:57:13.0659 1780 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:57:13.0659 1780 MEIx64 - ok
09:57:13.0690 1780 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:57:13.0690 1780 MMCSS - ok
09:57:13.0706 1780 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:57:13.0706 1780 Modem - ok
09:57:13.0737 1780 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:57:13.0737 1780 monitor - ok
09:57:13.0768 1780 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:57:13.0768 1780 mouclass - ok
09:57:13.0784 1780 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:57:13.0784 1780 mouhid - ok
09:57:13.0815 1780 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:57:13.0815 1780 mountmgr - ok
09:57:13.0862 1780 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
09:57:13.0878 1780 MpFilter - ok
09:57:13.0909 1780 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:57:13.0909 1780 mpio - ok
09:57:13.0924 1780 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:57:13.0924 1780 mpsdrv - ok
09:57:13.0971 1780 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:57:13.0987 1780 MpsSvc - ok
09:57:14.0002 1780 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:57:14.0002 1780 MRxDAV - ok
09:57:14.0034 1780 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:57:14.0034 1780 mrxsmb - ok
09:57:14.0049 1780 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:57:14.0049 1780 mrxsmb10 - ok
09:57:14.0065 1780 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:57:14.0065 1780 mrxsmb20 - ok
09:57:14.0096 1780 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:57:14.0096 1780 msahci - ok
09:57:14.0112 1780 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:57:14.0112 1780 msdsm - ok
09:57:14.0127 1780 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:57:14.0127 1780 MSDTC - ok
09:57:14.0158 1780 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:57:14.0158 1780 Msfs - ok
09:57:14.0174 1780 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:57:14.0174 1780 mshidkmdf - ok
09:57:14.0190 1780 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:57:14.0190 1780 msisadrv - ok
09:57:14.0205 1780 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:57:14.0205 1780 MSiSCSI - ok
09:57:14.0205 1780 msiserver - ok
09:57:14.0221 1780 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:57:14.0236 1780 MSKSSRV - ok
09:57:14.0283 1780 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
09:57:14.0283 1780 MsMpSvc - ok
09:57:14.0299 1780 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:57:14.0314 1780 MSPCLOCK - ok
09:57:14.0314 1780 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:57:14.0314 1780 MSPQM - ok
09:57:14.0346 1780 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:57:14.0346 1780 MsRPC - ok
09:57:14.0377 1780 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:57:14.0377 1780 mssmbios - ok
09:57:14.0455 1780 MSSQLSERVER - ok
09:57:14.0502 1780 [ 04EF36EAF5C4DBCE424D81B76F1E9231 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
09:57:14.0502 1780 MSSQLServerADHelper100 - ok
09:57:14.0517 1780 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:57:14.0517 1780 MSTEE - ok
09:57:14.0533 1780 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:57:14.0548 1780 MTConfig - ok
09:57:14.0548 1780 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:57:14.0564 1780 Mup - ok
09:57:14.0595 1780 [ 09818558C2579B45D78AB18A759B0CA8 ] mvusbews C:\Windows\system32\Drivers\mvusbews.sys
09:57:14.0595 1780 mvusbews - ok
09:57:14.0626 1780 [ 265937BC59819DF1DAB65E27C60F94C0 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
09:57:14.0642 1780 MyWiFiDHCPDNS - ok
09:57:14.0673 1780 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:57:14.0673 1780 napagent - ok
09:57:14.0704 1780 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:57:14.0720 1780 NativeWifiP - ok
09:57:14.0767 1780 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:57:14.0782 1780 NDIS - ok
09:57:14.0798 1780 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:57:14.0814 1780 NdisCap - ok
09:57:14.0829 1780 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:57:14.0845 1780 NdisTapi - ok
09:57:14.0860 1780 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:57:14.0860 1780 Ndisuio - ok
09:57:14.0876 1780 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:57:14.0876 1780 NdisWan - ok
09:57:14.0907 1780 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:57:14.0907 1780 NDProxy - ok
09:57:14.0923 1780 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:57:14.0923 1780 NetBIOS - ok
09:57:14.0938 1780 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:57:14.0954 1780 NetBT - ok
09:57:14.0954 1780 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:57:14.0954 1780 Netlogon - ok
09:57:14.0985 1780 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:57:14.0985 1780 Netman - ok

jaruska · Příspěvekod **jaruska** » 18 led 2013 10:07

09:57:15.0001 1780 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:57:15.0001 1780 NetMsmqActivator - ok
09:57:15.0016 1780 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:57:15.0016 1780 NetPipeActivator - ok
09:57:15.0032 1780 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:57:15.0048 1780 netprofm - ok
09:57:15.0048 1780 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:57:15.0048 1780 NetTcpActivator - ok
09:57:15.0048 1780 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:57:15.0063 1780 NetTcpPortSharing - ok
09:57:15.0235 1780 [ 774C9ECCEF83AB8A3D1466F19809C95F ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
09:57:15.0422 1780 NETwNs64 - ok
09:57:15.0438 1780 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:57:15.0438 1780 nfrd960 - ok
09:57:15.0469 1780 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:57:15.0469 1780 NisDrv - ok
09:57:15.0484 1780 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
09:57:15.0484 1780 NisSrv - ok
09:57:15.0531 1780 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:57:15.0531 1780 NlaSvc - ok
09:57:15.0562 1780 [ 4903177FC90E77ABEB19021451E9475E ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
09:57:15.0562 1780 nmwcd - ok
09:57:15.0594 1780 [ E6844A4C97E5409BBE24BB4ED000320D ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
09:57:15.0609 1780 nmwcdc - ok
09:57:15.0640 1780 [ F59F8CF59F7905622686637177E2A828 ] nmwcdnsucx64 C:\Windows\system32\drivers\nmwcdnsucx64.sys
09:57:15.0640 1780 nmwcdnsucx64 - ok
09:57:15.0672 1780 [ A0E7F80157AF77B1CEAA8ADD3A3E7D85 ] nmwcdnsux64 C:\Windows\system32\drivers\nmwcdnsux64.sys
09:57:15.0672 1780 nmwcdnsux64 - ok
09:57:15.0687 1780 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:57:15.0687 1780 Npfs - ok
09:57:15.0703 1780 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:57:15.0703 1780 nsi - ok
09:57:15.0718 1780 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:57:15.0718 1780 nsiproxy - ok
09:57:15.0765 1780 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:57:15.0781 1780 Ntfs - ok
09:57:15.0796 1780 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:57:15.0796 1780 Null - ok
09:57:15.0828 1780 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:57:15.0828 1780 nvraid - ok
09:57:15.0859 1780 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:57:15.0859 1780 nvstor - ok
09:57:15.0874 1780 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:57:15.0874 1780 nv_agp - ok
09:57:15.0937 1780 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:57:15.0937 1780 odserv - ok
09:57:15.0952 1780 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:57:15.0952 1780 ohci1394 - ok
09:57:15.0984 1780 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:57:15.0984 1780 ose - ok
09:57:16.0046 1780 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:57:16.0062 1780 p2pimsvc - ok
09:57:16.0077 1780 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:57:16.0093 1780 p2psvc - ok
09:57:16.0124 1780 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
09:57:16.0124 1780 Parport - ok
09:57:16.0140 1780 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:57:16.0140 1780 partmgr - ok
09:57:16.0171 1780 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:57:16.0186 1780 PcaSvc - ok
09:57:16.0218 1780 [ 3FDE033DFB0D07F8B7D5C9A3044AA121 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
09:57:16.0218 1780 pccsmcfd - ok
09:57:16.0233 1780 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:57:16.0249 1780 pci - ok
09:57:16.0264 1780 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:57:16.0264 1780 pciide - ok
09:57:16.0280 1780 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:57:16.0280 1780 pcmcia - ok
09:57:16.0296 1780 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:57:16.0296 1780 pcw - ok
09:57:16.0327 1780 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:57:16.0342 1780 PEAUTH - ok
09:57:16.0389 1780 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
09:57:16.0405 1780 PeerDistSvc - ok
09:57:16.0483 1780 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:57:16.0483 1780 PerfHost - ok
09:57:16.0561 1780 [ 52C9F4359AF4A25969B882AECC6F3BDA ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
09:57:16.0561 1780 PHCORE - ok
09:57:16.0623 1780 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:57:16.0639 1780 pla - ok
09:57:16.0670 1780 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:57:16.0686 1780 PlugPlay - ok
09:57:16.0686 1780 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:57:16.0686 1780 PNRPAutoReg - ok
09:57:16.0701 1780 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:57:16.0701 1780 PNRPsvc - ok
09:57:16.0732 1780 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:57:16.0732 1780 PolicyAgent - ok
09:57:16.0764 1780 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:57:16.0764 1780 Power - ok
09:57:16.0826 1780 [ 6F51482ADCED13CEBFE0F1054F2116F2 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
09:57:16.0826 1780 Power Manager DBC Service - ok
09:57:16.0857 1780 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:57:16.0857 1780 PptpMiniport - ok
09:57:16.0873 1780 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
09:57:16.0873 1780 Processor - ok
09:57:16.0920 1780 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:57:16.0920 1780 ProfSvc - ok
09:57:16.0935 1780 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:57:16.0935 1780 ProtectedStorage - ok
09:57:16.0966 1780 [ 05A4779E4994B21473EDBE85AABE8030 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
09:57:16.0966 1780 psadd - ok
09:57:16.0982 1780 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:57:16.0982 1780 Psched - ok
09:57:16.0998 1780 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
09:57:17.0013 1780 PSI_SVC_2 - ok
09:57:17.0044 1780 [ AF8B60D65F8B39C4FAC6BE8641923F37 ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
09:57:17.0044 1780 PwmEWSvc - ok
09:57:17.0091 1780 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:57:17.0122 1780 ql2300 - ok
09:57:17.0122 1780 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:57:17.0122 1780 ql40xx - ok
09:57:17.0154 1780 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:57:17.0154 1780 QWAVE - ok
09:57:17.0185 1780 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:57:17.0185 1780 QWAVEdrv - ok
09:57:17.0200 1780 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:57:17.0200 1780 RasAcd - ok
09:57:17.0216 1780 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:57:17.0216 1780 RasAgileVpn - ok
09:57:17.0247 1780 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:57:17.0247 1780 RasAuto - ok
09:57:17.0263 1780 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:57:17.0263 1780 Rasl2tp - ok
09:57:17.0278 1780 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:57:17.0294 1780 RasMan - ok
09:57:17.0294 1780 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:57:17.0310 1780 RasPppoe - ok
09:57:17.0325 1780 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:57:17.0325 1780 RasSstp - ok
09:57:17.0341 1780 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:57:17.0341 1780 rdbss - ok
09:57:17.0372 1780 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:57:17.0372 1780 rdpbus - ok
09:57:17.0388 1780 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:57:17.0388 1780 RDPCDD - ok
09:57:17.0403 1780 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:57:17.0403 1780 RDPDR - ok
09:57:17.0434 1780 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:57:17.0434 1780 RDPENCDD - ok
09:57:17.0450 1780 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:57:17.0450 1780 RDPREFMP - ok
09:57:17.0481 1780 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:57:17.0481 1780 RDPWD - ok
09:57:17.0512 1780 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:57:17.0512 1780 rdyboost - ok
09:57:17.0575 1780 [ 7196BE857E29007470FF9B689C7F29A7 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
09:57:17.0590 1780 RegSrvc - ok
09:57:17.0622 1780 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:57:17.0622 1780 RemoteAccess - ok
09:57:17.0653 1780 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:57:17.0653 1780 RemoteRegistry - ok
09:57:17.0700 1780 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
09:57:17.0700 1780 RFCOMM - ok
09:57:17.0731 1780 [ 5A227511ED22DDFEDF7EF7323C8F7D2F ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys
09:57:17.0731 1780 risdxc - ok
09:57:17.0746 1780 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:57:17.0746 1780 RpcEptMapper - ok
09:57:17.0778 1780 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:57:17.0778 1780 RpcLocator - ok
09:57:17.0809 1780 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:57:17.0824 1780 RpcSs - ok
09:57:17.0856 1780 [ EB1C539E621A35A49F7692B0EB565AB9 ] RsFx0150 C:\Windows\system32\DRIVERS\RsFx0150.sys
09:57:17.0871 1780 RsFx0150 - ok
09:57:17.0918 1780 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:57:17.0918 1780 rspndr - ok
09:57:17.0949 1780 [ AFC12DFA4C7B089673AD67402CA19EDB ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
09:57:17.0965 1780 RTL8167 - ok
09:57:17.0980 1780 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
09:57:17.0980 1780 s3cap - ok
09:57:18.0027 1780 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:57:18.0027 1780 SamSs - ok
09:57:18.0027 1780 SAService - ok
09:57:18.0043 1780 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:57:18.0043 1780 sbp2port - ok
09:57:18.0074 1780 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:57:18.0074 1780 SCardSvr - ok
09:57:18.0090 1780 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:57:18.0090 1780 scfilter - ok
09:57:18.0121 1780 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:57:18.0136 1780 Schedule - ok
09:57:18.0152 1780 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:57:18.0152 1780 SCPolicySvc - ok
09:57:18.0168 1780 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:57:18.0183 1780 SDRSVC - ok
09:57:18.0199 1780 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:57:18.0199 1780 secdrv - ok
09:57:18.0214 1780 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:57:18.0214 1780 seclogon - ok
09:57:18.0230 1780 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
09:57:18.0230 1780 SENS - ok
09:57:18.0261 1780 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:57:18.0261 1780 SensrSvc - ok
09:57:18.0277 1780 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
09:57:18.0277 1780 Serenum - ok
09:57:18.0292 1780 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
09:57:18.0292 1780 Serial - ok
09:57:18.0324 1780 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:57:18.0324 1780 sermouse - ok
09:57:18.0386 1780 [ 9BDE8F1F5D060E912FCF9FB58B71CBC1 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
09:57:18.0402 1780 ServiceLayer - ok
09:57:18.0433 1780 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:57:18.0433 1780 SessionEnv - ok
09:57:18.0464 1780 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:57:18.0464 1780 sffdisk - ok
09:57:18.0464 1780 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:57:18.0464 1780 sffp_mmc - ok
09:57:18.0480 1780 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:57:18.0480 1780 sffp_sd - ok
09:57:18.0495 1780 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:57:18.0495 1780 sfloppy - ok
09:57:18.0542 1780 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:57:18.0558 1780 SharedAccess - ok
09:57:18.0589 1780 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:57:18.0589 1780 ShellHWDetection - ok
09:57:18.0604 1780 [ C3F190562FE82EFDA7CCEF305EBAD3E3 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
09:57:18.0620 1780 Shockprf - ok
09:57:18.0636 1780 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:57:18.0636 1780 SiSRaid2 - ok
09:57:18.0651 1780 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:57:18.0651 1780 SiSRaid4 - ok
09:57:18.0729 1780 [ B7FBC508933553828E0948B537FD7984 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:57:18.0729 1780 SkypeUpdate - ok
09:57:18.0760 1780 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:57:18.0760 1780 Smb - ok
09:57:18.0807 1780 [ 3BC2844AF786CA422CC31D505ACFA9F2 ] smihlp2 C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
09:57:18.0807 1780 smihlp2 - ok
09:57:18.0854 1780 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:57:18.0854 1780 SNMPTRAP - ok
09:57:18.0885 1780 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:57:18.0885 1780 spldr - ok
09:57:18.0932 1780 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:57:18.0948 1780 Spooler - ok
09:57:19.0026 1780 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:57:19.0072 1780 sppsvc - ok
09:57:19.0088 1780 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:57:19.0088 1780 sppuinotify - ok
09:57:19.0166 1780 [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
09:57:19.0166 1780 SQLBrowser - ok
09:57:19.0228 1780 [ BEA7FEA5BB31EB58D78971F821AE6844 ] SQLSERVERAGENT C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
09:57:19.0228 1780 SQLSERVERAGENT - ok
09:57:19.0291 1780 [ F98DDFBFE0EE66D4C4B00693512B9527 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
09:57:19.0291 1780 SQLWriter - ok
09:57:19.0369 1780 [ D2AEEB5C15B4B256DC4EC2CE8219B090 ] SROSVC C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
09:57:19.0369 1780 SROSVC - ok
09:57:19.0400 1780 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:57:19.0400 1780 srv - ok
09:57:19.0416 1780 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:57:19.0431 1780 srv2 - ok
09:57:19.0447 1780 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:57:19.0447 1780 srvnet - ok
09:57:19.0478 1780 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:57:19.0478 1780 SSDPSRV - ok
09:57:19.0494 1780 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:57:19.0494 1780 SstpSvc - ok
09:57:19.0556 1780 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
09:57:19.0556 1780 ssudmdm - ok
09:57:19.0587 1780 [ F161567B90721F4C42BD5F95A4C9B2D0 ] ssudobex C:\Windows\system32\DRIVERS\ssudobex.sys
09:57:19.0587 1780 ssudobex - ok
09:57:19.0618 1780 StarOpen - ok
09:57:19.0650 1780 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:57:19.0650 1780 stexstor - ok
09:57:19.0681 1780 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:57:19.0696 1780 stisvc - ok
09:57:19.0712 1780 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
09:57:19.0712 1780 storflt - ok
09:57:19.0743 1780 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
09:57:19.0743 1780 StorSvc - ok
09:57:19.0759 1780 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
09:57:19.0774 1780 storvsc - ok
09:57:19.0821 1780 [ 59B5A060A31BD4BAB030C4FCD1048292 ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
09:57:19.0821 1780 SUService - ok
09:57:19.0837 1780 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:57:19.0837 1780 swenum - ok
09:57:19.0868 1780 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:57:19.0884 1780 swprv - ok
09:57:19.0915 1780 [ C0B7405C899C485AA0B6F9866A4061CD ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
09:57:19.0915 1780 SynTP - ok
09:57:19.0962 1780 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:57:19.0993 1780 SysMain - ok
09:57:20.0024 1780 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:57:20.0024 1780 TabletInputService - ok
09:57:20.0040 1780 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:57:20.0040 1780 TapiSrv - ok
09:57:20.0055 1780 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:57:20.0055 1780 TBS - ok
09:57:20.0133 1780 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:57:20.0164 1780 Tcpip - ok
09:57:20.0211 1780 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:57:20.0227 1780 TCPIP6 - ok
09:57:20.0242 1780 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:57:20.0242 1780 tcpipreg - ok
09:57:20.0274 1780 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:57:20.0274 1780 TDPIPE - ok
09:57:20.0289 1780 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:57:20.0289 1780 TDTCP - ok
09:57:20.0305 1780 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:57:20.0305 1780 tdx - ok
09:57:20.0305 1780 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:57:20.0320 1780 TermDD - ok
09:57:20.0352 1780 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:57:20.0352 1780 TermService - ok
09:57:20.0367 1780 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:57:20.0367 1780 Themes - ok
09:57:20.0383 1780 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:57:20.0383 1780 THREADORDER - ok
09:57:20.0445 1780 [ 0407143F2BBC1A5DD5B518AC0704FCBF ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
09:57:20.0445 1780 TomTomHOMEService - ok
09:57:20.0461 1780 [ 1BB77ECCBFA3675B1EE8D6D6D37A1E1E ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
09:57:20.0461 1780 TPDIGIMN - ok
09:57:20.0492 1780 [ 88F81D810FF16AC65B02643DAF308D4F ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
09:57:20.0492 1780 TPHDEXLGSVC - ok
09:57:20.0523 1780 [ 83415782D47F8064FCAFEA308ABB2246 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
09:57:20.0523 1780 TPHKLOAD - ok
09:57:20.0539 1780 [ C04BB65441913AB621C58A8BD3169B23 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
09:57:20.0539 1780 TPHKSVC - ok
09:57:20.0586 1780 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
09:57:20.0586 1780 TPM - ok
09:57:20.0617 1780 [ 7165B5A9B4867F64A6D6935F57D4196B ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
09:57:20.0617 1780 TPPWRIF - ok
09:57:20.0648 1780 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:57:20.0648 1780 TrkWks - ok
09:57:20.0726 1780 [ 370A6907DDF79532A39319492B1FA38A ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
09:57:20.0726 1780 truecrypt - ok
09:57:20.0773 1780 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:57:20.0773 1780 TrustedInstaller - ok
09:57:20.0788 1780 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:57:20.0788 1780 tssecsrv - ok
09:57:20.0820 1780 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:57:20.0820 1780 TsUsbFlt - ok
09:57:20.0835 1780 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:57:20.0835 1780 TsUsbGD - ok
09:57:20.0866 1780 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:57:20.0866 1780 tunnel - ok
09:57:20.0882 1780 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:57:20.0882 1780 uagp35 - ok
09:57:20.0898 1780 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:57:20.0898 1780 udfs - ok
09:57:20.0929 1780 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:57:20.0929 1780 UI0Detect - ok
09:57:20.0960 1780 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:57:20.0960 1780 uliagpkx - ok
09:57:20.0976 1780 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:57:20.0976 1780 umbus - ok
09:57:20.0991 1780 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
09:57:20.0991 1780 UmPass - ok
09:57:21.0007 1780 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
09:57:21.0007 1780 UmRdpService - ok
09:57:21.0116 1780 [ E91F8AFBD7FB96C94B266579D6BFA77A ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:57:21.0132 1780 UNS - ok
09:57:21.0163 1780 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:57:21.0163 1780 upnphost - ok
09:57:21.0194 1780 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:57:21.0194 1780 usbccgp - ok
09:57:21.0210 1780 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:57:21.0210 1780 usbcir - ok
09:57:21.0225 1780 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:57:21.0225 1780 usbehci - ok
09:57:21.0256 1780 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:57:21.0256 1780 usbhub - ok
09:57:21.0272 1780 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:57:21.0272 1780 usbohci - ok
09:57:21.0303 1780 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:57:21.0303 1780 usbprint - ok
09:57:21.0319 1780 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:57:21.0319 1780 usbscan - ok
09:57:21.0350 1780 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:57:21.0350 1780 USBSTOR - ok
09:57:21.0366 1780 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:57:21.0366 1780 usbuhci - ok
09:57:21.0381 1780 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
09:57:21.0397 1780 usbvideo - ok
09:57:21.0428 1780 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
09:57:21.0428 1780 usb_rndisx - ok
09:57:21.0459 1780 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:57:21.0459 1780 UxSms - ok
09:57:21.0459 1780 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:57:21.0459 1780 VaultSvc - ok
09:57:21.0506 1780 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
09:57:21.0506 1780 VClone - ok
09:57:21.0522 1780 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:57:21.0522 1780 vdrvroot - ok
09:57:21.0553 1780 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:57:21.0568 1780 vds - ok
09:57:21.0568 1780 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:57:21.0568 1780 vga - ok
09:57:21.0584 1780 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:57:21.0584 1780 VgaSave - ok
09:57:21.0615 1780 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:57:21.0615 1780 vhdmp - ok
09:57:21.0615 1780 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:57:21.0615 1780 viaide - ok
09:57:21.0662 1780 [ 49C122513203B98B0B2C10211F23450B ] VIPAppService C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
09:57:21.0678 1780 VIPAppService - ok
09:57:21.0693 1780 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
09:57:21.0709 1780 vmbus - ok
09:57:21.0709 1780 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
09:57:21.0724 1780 VMBusHID - ok
09:57:21.0740 1780 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:57:21.0740 1780 volmgr - ok
09:57:21.0756 1780 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:57:21.0756 1780 volmgrx - ok
09:57:21.0771 1780 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:57:21.0787 1780 volsnap - ok
09:57:21.0802 1780 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:57:21.0802 1780 vsmraid - ok
09:57:21.0865 1780 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:57:21.0880 1780 VSS - ok
09:57:21.0896 1780 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:57:21.0896 1780 vwifibus - ok
09:57:21.0912 1780 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:57:21.0912 1780 vwififlt - ok
09:57:21.0927 1780 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:57:21.0927 1780 vwifimp - ok
09:57:21.0958 1780 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:57:21.0958 1780 W32Time - ok
09:57:21.0974 1780 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:57:21.0974 1780 WacomPen - ok
09:57:22.0036 1780 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:57:22.0036 1780 WANARP - ok
09:57:22.0036 1780 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:57:22.0052 1780 Wanarpv6 - ok
09:57:22.0099 1780 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:57:22.0114 1780 WatAdminSvc - ok
09:57:22.0177 1780 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:57:22.0192 1780 wbengine - ok
09:57:22.0208 1780 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:57:22.0208 1780 WbioSrvc - ok
09:57:22.0224 1780 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:57:22.0239 1780 wcncsvc - ok
09:57:22.0255 1780 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:57:22.0255 1780 WcsPlugInService - ok
09:57:22.0270 1780 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
09:57:22.0270 1780 Wd - ok
09:57:22.0302 1780 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:57:22.0317 1780 Wdf01000 - ok
09:57:22.0333 1780 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:57:22.0333 1780 WdiServiceHost - ok
09:57:22.0333 1780 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:57:22.0333 1780 WdiSystemHost - ok
09:57:22.0348 1780 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:57:22.0364 1780 WebClient - ok
09:57:22.0364 1780 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:57:22.0380 1780 Wecsvc - ok
09:57:22.0380 1780 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:57:22.0380 1780 wercplsupport - ok
09:57:22.0411 1780 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:57:22.0411 1780 WerSvc - ok
09:57:22.0442 1780 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:57:22.0442 1780 WfpLwf - ok
09:57:22.0458 1780 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:57:22.0458 1780 WIMMount - ok
09:57:22.0473 1780 WinDefend - ok
09:57:22.0473 1780 WinHttpAutoProxySvc - ok
09:57:22.0536 1780 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:57:22.0536 1780 Winmgmt - ok
09:57:22.0614 1780 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:57:22.0645 1780 WinRM - ok
09:57:22.0692 1780 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
09:57:22.0692 1780 WinUsb - ok
09:57:22.0723 1780 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:57:22.0738 1780 Wlansvc - ok
09:57:22.0770 1780 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:57:22.0770 1780 wlcrasvc - ok
09:57:22.0863 1780 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:57:22.0894 1780 wlidsvc - ok
09:57:22.0910 1780 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:57:22.0910 1780 WmiAcpi - ok
09:57:22.0941 1780 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:57:22.0941 1780 wmiApSrv - ok
09:57:22.0957 1780 WMPNetworkSvc - ok
09:57:22.0988 1780 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:57:22.0988 1780 WPCSvc - ok
09:57:23.0004 1780 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:57:23.0004 1780 WPDBusEnum - ok
09:57:23.0019 1780 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:57:23.0019 1780 ws2ifsl - ok
09:57:23.0035 1780 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
09:57:23.0035 1780 wscsvc - ok
09:57:23.0050 1780 WSearch - ok
09:57:23.0128 1780 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:57:23.0175 1780 wuauserv - ok
09:57:23.0206 1780 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:57:23.0206 1780 WudfPf - ok
09:57:23.0238 1780 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:57:23.0238 1780 WUDFRd - ok
09:57:23.0284 1780 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:57:23.0284 1780 wudfsvc - ok
09:57:23.0316 1780 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:57:23.0316 1780 WwanSvc - ok
09:57:23.0347 1780 ================ Scan global ===============================
09:57:23.0362 1780 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:57:23.0394 1780 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
09:57:23.0409 1780 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
09:57:23.0425 1780 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:57:23.0456 1780 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:57:23.0456 1780 [Global] - ok
09:57:23.0456 1780 ================ Scan MBR ==================================
09:57:23.0472 1780 [ 455E795A6B89AD9C066C3213D21CED95 ] \Device\Harddisk0\DR0
09:57:23.0706 1780 \Device\Harddisk0\DR0 - ok
09:57:23.0706 1780 ================ Scan VBR ==================================
09:57:23.0706 1780 [ BFC67B4BF5AF513BC9DA2F68D3621886 ] \Device\Harddisk0\DR0\Partition1
09:57:23.0721 1780 \Device\Harddisk0\DR0\Partition1 - ok
09:57:23.0721 1780 [ FB7CD7E66E70EF17E3E937AF49EB2B43 ] \Device\Harddisk0\DR0\Partition2
09:57:23.0737 1780 \Device\Harddisk0\DR0\Partition2 - ok
09:57:23.0752 1780 [ 2311CD3B64F35E8AC5576D8A0B3600E2 ] \Device\Harddisk0\DR0\Partition3
09:57:23.0752 1780 \Device\Harddisk0\DR0\Partition3 - ok
09:57:23.0752 1780 ============================================================
09:57:23.0752 1780 Scan finished
09:57:23.0752 1780 ============================================================
09:57:23.0768 1332 Detected object count: 0
09:57:23.0768 1332 Actual detected object count: 0
09:57:35.0624 5960 Deinitialize success

jaruska · Příspěvekod **jaruska** » 18 led 2013 11:42

ComboFix 13-01-17.04 - Uzivatel 18.01.2013 10:12:00.4.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4007.2345 [GMT 1:00]
Spuštěný z: c:\users\Uzivatel\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0405.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-18 do 2013-01-18 )))))))))))))))))))))))))))))))
.
.
2013-01-18 09:27 . 2013-01-18 09:27 -------- d-----w- c:\users\Hanka\AppData\Local\temp
2013-01-18 09:27 . 2013-01-18 09:27 -------- d-----w- c:\users\Hanka.ADMIN\AppData\Local\temp
2013-01-18 09:27 . 2013-01-18 09:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-18 09:01 . 2013-01-18 09:01 -------- d-----w- c:\users\Uzivatel\AppData\Local\Broadcom
2013-01-18 09:00 . 2013-01-18 09:00 -------- d-----w- c:\users\Uzivatel\AppData\Local\ArcSoft
2013-01-18 08:53 . 2013-01-18 08:53 388096 ----a-r- c:\users\Uzivatel\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-18 08:53 . 2013-01-18 08:53 -------- d-----w- c:\program files (x86)\Trend Micro
2013-01-18 07:09 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{96122AA2-2654-43BD-9A8A-D15C88D6EB47}\mpengine.dll
2013-01-16 18:51 . 2013-01-16 18:53 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-16 18:51 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-16 18:10 . 2013-01-16 18:10 -------- d-----w- c:\program files (x86)\VS Revo Group
2013-01-16 16:09 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-01-15 11:25 . 2013-01-15 11:25 -------- d-----w- c:\users\Uzivatel\AppData\Local\Wooky_s.r.o
2013-01-15 10:48 . 2013-01-15 23:55 -------- d-----w- c:\users\Uzivatel\AppData\Local\Mobilbonus
2013-01-14 14:42 . 2013-01-14 14:44 -------- d-----w- c:\program files (x86)\MeeSoft
2013-01-12 11:47 . 2013-01-12 11:48 -------- d-----w- c:\users\Hanka.ADMIN\AppData\Roaming\Nokia
2013-01-11 12:50 . 2013-01-11 12:50 -------- d-----w- c:\program files (x86)\TomTom DesktopSuite
2013-01-10 19:53 . 2013-01-10 19:53 -------- d-----w- c:\users\Uzivatel\AppData\Local\Symantec
2013-01-10 00:22 . 2013-01-16 19:45 -------- d-----w- C:\antitwined
2013-01-09 19:26 . 2013-01-09 19:26 -------- d-----w- c:\users\Uzivatel\AppData\Local\DigitalVolcano
2013-01-09 05:10 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-06 15:09 . 2013-01-06 15:09 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\DraftSight
2013-01-06 15:09 . 2013-01-06 15:09 -------- d-----w- c:\programdata\Dassault Systemes
2013-01-06 15:09 . 2013-01-06 15:09 -------- d-----w- c:\program files\Dassault Systemes
2013-01-06 13:14 . 2013-01-06 13:27 -------- d-----w- c:\program files\Paint.NET
2013-01-06 13:14 . 2013-01-16 19:36 -------- d-----w- c:\users\Uzivatel\AppData\Local\Paint.NET
2013-01-06 00:59 . 2013-01-06 00:59 -------- d-----w- c:\users\Uzivatel\AppData\Local\Microsoft_Corporation
2013-01-04 18:13 . 2013-01-04 18:13 -------- d-----w- c:\programdata\YTD Video Downloader
2013-01-04 18:13 . 2013-01-04 18:13 -------- d-----w- c:\program files (x86)\GreenTree Applications
2013-01-01 18:06 . 2013-01-01 18:06 29672 ----a-w- c:\windows\system32\drivers\HWiNFO64A.SYS
2013-01-01 18:06 . 2013-01-01 18:06 -------- d-----w- c:\program files\HWiNFO64
2012-12-27 08:20 . 2013-01-16 18:17 -------- d-----w- c:\program files (x86)\Clean Disk Security
2012-12-27 08:11 . 2012-12-27 08:13 -------- d-----w- c:\program files (x86)\Ss-Tools
2012-12-25 21:20 . 2013-01-16 17:01 -------- d-----w- c:\users\Hanka.ADMIN\AppData\Roaming\Skype
2012-12-25 20:29 . 2012-12-25 20:29 -------- d-----w- c:\users\Hanka.ADMIN\AppData\Roaming\Nikon
2012-12-25 20:29 . 2012-12-25 20:29 -------- d-----w- c:\users\Hanka.ADMIN\AppData\Local\Nikon
2012-12-25 19:41 . 2012-12-25 19:41 -------- d-----w- c:\users\Hanka.ADMIN\AppData\Local\Opera
2012-12-25 19:01 . 2012-12-25 19:01 -------- d-----w- c:\users\Hanka.ADMIN\AppData\Local\Windows Live Writer
2012-12-25 19:01 . 2012-12-25 19:01 -------- d-----w- c:\users\Hanka.ADMIN\AppData\Roaming\Windows Live Writer
2012-12-25 18:51 . 2012-12-25 18:51 -------- d-----w- c:\users\Hanka.ADMIN\AppData\Local\Zoner
2012-12-21 02:00 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 02:00 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 02:00 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 02:00 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-10 00:56 . 2012-04-06 21:43 67599240 ----a-w- c:\windows\system32\MRT.exe
2013-01-09 10:58 . 2012-04-06 21:38 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 10:58 . 2012-04-06 21:38 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-12 21:37 . 2012-12-12 21:37 4472832 ----a-w- c:\windows\SysWow64\GPhotos.scr
2012-12-05 16:39 . 2012-12-05 16:40 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AB49CC2B-D0E5-46EA-804E-FA68505BCC69}\gapaengine.dll
2012-11-30 04:45 . 2013-01-09 05:10 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-22 16:19 . 2012-06-19 11:36 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-11-14 07:06 . 2012-12-14 02:01 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-14 02:01 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-14 02:01 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-14 02:01 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-14 02:01 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-14 02:01 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-14 02:01 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-14 02:01 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-14 02:01 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-14 02:01 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-14 02:01 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-14 02:01 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-14 02:01 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-14 02:01 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-14 02:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-14 02:01 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-14 02:01 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-14 02:01 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-14 02:01 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-14 02:01 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-14 02:01 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-14 02:01 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-13 07:26 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-13 07:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\SysWow64\msxml4.dll
2012-11-02 10:21 . 2012-11-02 10:21 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-11-02 10:21 . 2012-11-02 10:21 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-11-02 10:21 . 2012-11-02 10:21 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-11-02 10:21 . 2012-11-02 10:21 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-11-02 10:21 . 2012-11-02 10:21 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-11-02 10:21 . 2012-11-02 10:21 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-11-02 10:21 . 2012-11-02 10:21 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-11-02 10:21 . 2012-11-02 10:21 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-11-02 10:21 . 2012-11-02 10:21 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-11-02 10:21 . 2012-11-02 10:21 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-11-02 10:21 . 2012-11-02 10:21 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-11-02 10:21 . 2012-11-02 10:21 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-11-02 10:21 . 2012-11-02 10:21 222208 ----a-w- c:\windows\system32\msls31.dll
2012-11-02 10:21 . 2012-11-02 10:21 197120 ----a-w- c:\windows\system32\msrating.dll
2012-11-02 10:21 . 2012-11-02 10:21 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-11-02 10:21 . 2012-11-02 10:21 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-11-02 10:21 . 2012-11-02 10:21 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-11-02 10:21 . 2012-11-02 10:21 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-11-02 10:21 . 2012-11-02 10:21 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-11-02 10:21 . 2012-11-02 10:21 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-11-02 10:21 . 2012-11-02 10:21 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-11-02 10:21 . 2012-11-02 10:21 82432 ----a-w- c:\windows\system32\icardie.dll
2012-11-02 10:21 . 2012-11-02 10:21 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-11-02 10:21 . 2012-11-02 10:21 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-11-02 10:21 . 2012-11-02 10:21 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-11-02 10:21 . 2012-11-02 10:21 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-11-02 10:21 . 2012-11-02 10:21 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-11-02 10:21 . 2012-11-02 10:21 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-11-02 10:21 . 2012-11-02 10:21 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-11-02 10:21 . 2012-11-02 10:21 448512 ----a-w- c:\windows\system32\html.iec
2012-11-02 10:21 . 2012-11-02 10:21 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-11-02 10:21 . 2012-11-02 10:21 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-11-02 10:21 . 2012-11-02 10:21 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-11-02 10:21 . 2012-11-02 10:21 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-02 10:21 . 2012-11-02 10:21 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-11-02 10:21 . 2012-11-02 10:21 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-11-02 10:21 . 2012-11-02 10:21 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-11-02 10:21 . 2012-11-02 10:21 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-11-02 10:21 . 2012-11-02 10:21 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-11-02 10:21 . 2012-11-02 10:21 160256 ----a-w- c:\windows\system32\wextract.exe
2012-11-02 10:21 . 2012-11-02 10:21 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-11-02 10:21 . 2012-11-02 10:21 149504 ----a-w- c:\windows\system32\occache.dll
2012-11-02 10:21 . 2012-11-02 10:21 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-11-02 10:21 . 2012-11-02 10:21 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-11-02 10:21 . 2012-11-02 10:21 12288 ----a-w- c:\windows\system32\mshta.exe
2012-11-02 10:21 . 2012-11-02 10:21 114176 ----a-w- c:\windows\system32\admparse.dll
2012-11-02 10:21 . 2012-11-02 10:21 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-11-02 10:21 . 2012-11-02 10:21 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-11-02 10:21 . 2012-11-02 10:21 103936 ----a-w- c:\windows\system32\inseng.dll
2012-11-02 05:59 . 2012-12-13 07:26 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-13 07:26 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
"RotateImage"="c:\program files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe" [2008-10-30 55808]
"PWMTRV"="c:\progra~2\ThinkPad\UTILIT~1\PWMTR64V.DLL" [2012-01-23 1631808]
"Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2011-07-14 4351712]
"HPUsageTrackingLEDM"="c:\program files (x86)\HP\HP UT LEDM\bin\hppusg.exe" [2009-10-15 30264]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2012-12-18 113664]
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2011-10-17 1213216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HyperW7Svc;HyperW7 Service;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe [2011-11-18 144448]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-06-21 34200]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-11-01 340240]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [2012-06-11 12800]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2012-06-11 171008]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2012-01-23 89152]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [2012-01-23 175168]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
R3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudobex.sys [2012-09-20 203104]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-06 1255736]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744]
R4 RsFx0150;RsFx0150 Driver;c:\windows\system32\DRIVERS\RsFx0150.sys [2010-04-03 313696]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys [2011-03-30 23664]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS [2013-01-01 29672]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys [2010-09-07 15472]
S1 PHCORE;PHCORE;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS [2011-07-08 32104]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe [2010-12-16 198784]
S2 DraftSight API Service;DraftSight API Service;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2012-10-03 117760]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [2010-04-30 127800]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [2011-05-31 41320]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2011-07-12 101736]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [2011-05-31 59240]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [2011-07-12 133992]
S2 risdxc;risdxc;c:\windows\system32\DRIVERS\risdxc64.sys [2011-05-26 101888]
S2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe [x]
S2 smihlp2;SMI Helper Driver (smihlp2);c:\program files\ThinkVantage Fingerprint Software\smihlp.sys [2011-05-30 13128]
S2 SROSVC;Screen Reading Optimizer Service Program;c:\program files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [2011-09-01 446800]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-08-28 92632]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [2011-07-12 145256]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2011-07-12 142696]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]
S2 VIPAppService;VIPAppService;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2012-04-18 84080]
S3 5U877;USB Video Device;c:\windows\system32\DRIVERS\5U877.sys [2011-03-05 166016]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-10-17 437288]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-10-17 39976]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-08-19 317440]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-06-21 25496]
S3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys [2010-04-28 20480]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-28 412776]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 10:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-11-01 1935120]
"cssauth"="c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2011-06-10 5990200]
"TpShocks"="TpShocks.exe" [2011-03-29 380776]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2011-04-26 310912]
"PSQLLauncher"="c:\program files\ThinkVantage Fingerprint Software\launcher.exe" [2011-07-14 85832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-19 416024]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2011-05-31 40808]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-19 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-19 392472]
"ForteConfig"="c:\program files\Conexant\ForteConfig\fmapp.exe" [2010-10-26 49056]
"ALCKRESI.EXE"="c:\program files\Lenovo\AutoLock\ALCKRESI.EXE" [2011-05-25 281960]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
IE: Převést cíl vazby do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: Interfaces\{614F1BC4-5026-4228-BAA2-028217FD085E}: NameServer = 77.48.254.254,77.48.100.254
FF - ProfilePath - c:\users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\f02gkc6c.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Photoshop 7.0 CE - c:\windows\ISUN0405.EXE
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.032"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ani"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bay"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bw"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.cs1"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.cur"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dcx"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.dib"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.djv"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.djvu"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.emf"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.eps"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.erf"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.fff"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.fpx"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.hdr"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.icl"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.icn"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.ico"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.iff"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ilbm"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.int"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.inta"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.iw4"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.j2c"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.j2k"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jfif"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jif"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.jp2"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.jpc"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS140.Document.jpg"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpk"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpx"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.lbm"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.mef"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.mos"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.pbm"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.pcd"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pct"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.pcx"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.pgm"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pic"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pict"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pix"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.ppm"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.psd"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.psp"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.pspimage"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ras"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rgb"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rgba"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.rle"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rsb"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.sgi"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.tga"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.thm"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ttc"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ttf"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.wbm"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.wbmp"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.wmf"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xbm"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xif"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xpm"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2013-01-18 11:23:59
ComboFix-quarantined-files.txt 2013-01-18 10:23
.
Před spuštěním: Volných bajtů: 357 890 842 624
Po spuštění: Volných bajtů: 357 531 115 520
.
- - End Of File - - 0165F9705E3183024E93BD291529A5EB

Příspěvekod **jaro3** » 19 led 2013 09:41

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
Folder::
c:\users\Uzivatel\AppData\Local\Symantec
c:\program files (x86)\Skype\Updater

Driver::
SkypeUpdate

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

C:\antitwined--znáš tuto složku?

jaruska · Příspěvekod **jaruska** » 19 led 2013 14:14

ComboFix 13-01-17.04 - Uzivatel 19.01.2013 13:13:10.5.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4007.2159 [GMT 1:00]
Spuštěný z: c:\users\Uzivatel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Uzivatel\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\users\Uzivatel\AppData\Local\{C5C9A840-DFF4-42AC-BFA2-E7312137719E}
c:\users\Uzivatel\AppData\Local\Symantec
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-19 do 2013-01-19 )))))))))))))))))))))))))))))))
.
.
2013-01-18 09:01 . 2013-01-18 09:01 -------- d-----w- c:\users\Uzivatel\AppData\Local\Broadcom
2013-01-18 09:00 . 2013-01-18 09:00 -------- d-----w- c:\users\Uzivatel\AppData\Local\ArcSoft
2013-01-18 08:53 . 2013-01-18 08:53 388096 ----a-r- c:\users\Uzivatel\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-18 08:53 . 2013-01-18 08:53 -------- d-----w- c:\program files (x86)\Trend Micro
2013-01-16 18:51 . 2013-01-16 18:53 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-16 18:51 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-16 18:10 . 2013-01-16 18:10 -------- d-----w- c:\program files (x86)\VS Revo Group
2013-01-15 11:25 . 2013-01-15 11:25 -------- d-----w- c:\users\Uzivatel\AppData\Local\Wooky_s.r.o
2013-01-15 10:48 . 2013-01-15 23:55 -------- d-----w- c:\users\Uzivatel\AppData\Local\Mobilbonus
2013-01-14 14:42 . 2013-01-14 14:44 -------- d-----w- c:\program files (x86)\MeeSoft
2013-01-12 11:47 . 2013-01-12 11:48 -------- d-----w- c:\users\Hanka.ADMIN\AppData\Roaming\Nokia
2013-01-11 12:50 . 2013-01-11 12:50 -------- d-----w- c:\program files (x86)\TomTom DesktopSuite
2013-01-10 00:22 . 2013-01-16 19:45 -------- d-----w- C:\antitwined
2013-01-09 19:26 . 2013-01-09 19:26 -------- d-----w- c:\users\Uzivatel\AppData\Local\DigitalVolcano
2013-01-09 05:10 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-06 15:09 . 2013-01-06 15:09 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\DraftSight
2013-01-06 15:09 . 2013-01-06 15:09 -------- d-----w- c:\programdata\Dassault Systemes
2013-01-06 15:09 . 2013-01-06 15:09 -------- d-----w- c:\program files\Dassault Systemes
2013-01-06 13:14 . 2013-01-06 13:27 -------- d-----w- c:\program files\Paint.NET
2013-01-06 13:14 . 2013-01-16 19:36 -------- d-----w- c:\users\Uzivatel\AppData\Local\Paint.NET
2013-01-06 00:59 . 2013-01-06 00:59 -------- d-----w- c:\users\Uzivatel\AppData\Local\Microsoft_Corporation
2013-01-04 18:13 . 2013-01-04 18:13 -------- d-----w- c:\programdata\YTD Video Downloader
2013-01-04 18:13 . 2013-01-04 18:13 -------- d-----w- c:\program files (x86)\GreenTree Applications
2013-01-01 18:06 . 2013-01-01 18:06 29672 ----a-w- c:\windows\system32\drivers\HWiNFO64A.SYS
2013-01-01 18:06 . 2013-01-01 18:06 -------- d-----w- c:\program files\HWiNFO64
2012-12-27 08:20 . 2013-01-16 18:17 -------- d-----w- c:\program files (x86)\Clean Disk Security
2012-12-27 08:11 . 2012-12-27 08:13 -------- d-----w- c:\program files (x86)\Ss-Tools
2012-12-25 21:20 . 2013-01-18 20:57 -------- d-----w- c:\users\Hanka.ADMIN\AppData\Roaming\Skype
2012-12-25 20:29 . 2012-12-25 20:29 -------- d-----w- c:\users\Hanka.ADMIN\AppData\Roaming\Nikon
2012-12-25 20:29 . 2012-12-25 20:29 -------- d-----w- c:\users\Hanka.ADMIN\AppData\Local\Nikon
2012-12-25 19:41 . 2012-12-25 19:41 -------- d-----w- c:\users\Hanka.ADMIN\AppData\Local\Opera
2012-12-25 19:01 . 2012-12-25 19:01 -------- d-----w- c:\users\Hanka.ADMIN\AppData\Local\Windows Live Writer
2012-12-25 19:01 . 2012-12-25 19:01 -------- d-----w- c:\users\Hanka.ADMIN\AppData\Roaming\Windows Live Writer
2012-12-25 18:51 . 2012-12-25 18:51 -------- d-----w- c:\users\Hanka.ADMIN\AppData\Local\Zoner
2012-12-21 02:00 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 02:00 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 02:00 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 02:00 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-10 00:56 . 2012-04-06 21:43 67599240 ----a-w- c:\windows\system32\MRT.exe
2013-01-09 10:58 . 2012-04-06 21:38 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 10:58 . 2012-04-06 21:38 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-12 21:37 . 2012-12-12 21:37 4472832 ----a-w- c:\windows\SysWow64\GPhotos.scr
2012-12-05 16:39 . 2012-12-05 16:40 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AB49CC2B-D0E5-46EA-804E-FA68505BCC69}\gapaengine.dll
2012-11-30 04:45 . 2013-01-09 05:10 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-22 16:19 . 2012-06-19 11:36 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-11-14 07:06 . 2012-12-14 02:01 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-14 02:01 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-14 02:01 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-14 02:01 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-14 02:01 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-14 02:01 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-14 02:01 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-14 02:01 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-14 02:01 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-14 02:01 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-14 02:01 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-14 02:01 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-14 02:01 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-14 02:01 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-14 02:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-14 02:01 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-14 02:01 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-14 02:01 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-14 02:01 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-14 02:01 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-14 02:01 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-14 02:01 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-13 07:26 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-13 07:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\SysWow64\msxml4.dll
2012-11-02 10:21 . 2012-11-02 10:21 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-11-02 10:21 . 2012-11-02 10:21 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-11-02 10:21 . 2012-11-02 10:21 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-11-02 10:21 . 2012-11-02 10:21 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-11-02 10:21 . 2012-11-02 10:21 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-11-02 10:21 . 2012-11-02 10:21 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-11-02 10:21 . 2012-11-02 10:21 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-11-02 10:21 . 2012-11-02 10:21 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-11-02 10:21 . 2012-11-02 10:21 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-11-02 10:21 . 2012-11-02 10:21 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-11-02 10:21 . 2012-11-02 10:21 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-11-02 10:21 . 2012-11-02 10:21 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-11-02 10:21 . 2012-11-02 10:21 222208 ----a-w- c:\windows\system32\msls31.dll
2012-11-02 10:21 . 2012-11-02 10:21 197120 ----a-w- c:\windows\system32\msrating.dll
2012-11-02 10:21 . 2012-11-02 10:21 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-11-02 10:21 . 2012-11-02 10:21 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-11-02 10:21 . 2012-11-02 10:21 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-11-02 10:21 . 2012-11-02 10:21 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-11-02 10:21 . 2012-11-02 10:21 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-11-02 10:21 . 2012-11-02 10:21 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-11-02 10:21 . 2012-11-02 10:21 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-11-02 10:21 . 2012-11-02 10:21 82432 ----a-w- c:\windows\system32\icardie.dll
2012-11-02 10:21 . 2012-11-02 10:21 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-11-02 10:21 . 2012-11-02 10:21 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-11-02 10:21 . 2012-11-02 10:21 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-11-02 10:21 . 2012-11-02 10:21 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-11-02 10:21 . 2012-11-02 10:21 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-11-02 10:21 . 2012-11-02 10:21 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-11-02 10:21 . 2012-11-02 10:21 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-11-02 10:21 . 2012-11-02 10:21 448512 ----a-w- c:\windows\system32\html.iec
2012-11-02 10:21 . 2012-11-02 10:21 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-11-02 10:21 . 2012-11-02 10:21 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-11-02 10:21 . 2012-11-02 10:21 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-11-02 10:21 . 2012-11-02 10:21 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-02 10:21 . 2012-11-02 10:21 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-11-02 10:21 . 2012-11-02 10:21 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-11-02 10:21 . 2012-11-02 10:21 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-11-02 10:21 . 2012-11-02 10:21 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-11-02 10:21 . 2012-11-02 10:21 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-11-02 10:21 . 2012-11-02 10:21 160256 ----a-w- c:\windows\system32\wextract.exe
2012-11-02 10:21 . 2012-11-02 10:21 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-11-02 10:21 . 2012-11-02 10:21 149504 ----a-w- c:\windows\system32\occache.dll
2012-11-02 10:21 . 2012-11-02 10:21 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-11-02 10:21 . 2012-11-02 10:21 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-11-02 10:21 . 2012-11-02 10:21 12288 ----a-w- c:\windows\system32\mshta.exe
2012-11-02 10:21 . 2012-11-02 10:21 114176 ----a-w- c:\windows\system32\admparse.dll
2012-11-02 10:21 . 2012-11-02 10:21 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-11-02 10:21 . 2012-11-02 10:21 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-11-02 10:21 . 2012-11-02 10:21 103936 ----a-w- c:\windows\system32\inseng.dll
2012-11-02 05:59 . 2012-12-13 07:26 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-13 07:26 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
"RotateImage"="c:\program files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe" [2008-10-30 55808]
"PWMTRV"="c:\progra~2\ThinkPad\UTILIT~1\PWMTR64V.DLL" [2012-01-23 1631808]
"Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2011-07-14 4351712]
"HPUsageTrackingLEDM"="c:\program files (x86)\HP\HP UT LEDM\bin\hppusg.exe" [2009-10-15 30264]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2012-12-18 113664]
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2011-10-17 1213216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HyperW7Svc;HyperW7 Service;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe [2011-11-18 144448]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-06-21 34200]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys [2010-04-28 20480]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-11-01 340240]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [2012-06-11 12800]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2012-06-11 171008]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2012-01-23 89152]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [2012-01-23 175168]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
R3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudobex.sys [2012-09-20 203104]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-06 1255736]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744]
R4 RsFx0150;RsFx0150 Driver;c:\windows\system32\DRIVERS\RsFx0150.sys [2010-04-03 313696]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys [2011-03-30 23664]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS [2013-01-01 29672]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys [2010-09-07 15472]
S1 PHCORE;PHCORE;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS [2011-07-08 32104]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe [2010-12-16 198784]
S2 DraftSight API Service;DraftSight API Service;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2012-10-03 117760]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [2010-04-30 127800]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [2011-05-31 41320]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2011-07-12 101736]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [2011-05-31 59240]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [2011-07-12 133992]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 risdxc;risdxc;c:\windows\system32\DRIVERS\risdxc64.sys [2011-05-26 101888]
S2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe [x]
S2 smihlp2;SMI Helper Driver (smihlp2);c:\program files\ThinkVantage Fingerprint Software\smihlp.sys [2011-05-30 13128]
S2 SROSVC;Screen Reading Optimizer Service Program;c:\program files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [2011-09-01 446800]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-08-28 92632]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [2011-07-12 145256]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2011-07-12 142696]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]
S2 VIPAppService;VIPAppService;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2012-04-18 84080]
S3 5U877;USB Video Device;c:\windows\system32\DRIVERS\5U877.sys [2011-03-05 166016]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-10-17 437288]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-10-17 39976]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-08-19 317440]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-06-21 25496]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-28 412776]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 10:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-11-01 1935120]
"cssauth"="c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2011-06-10 5990200]
"TpShocks"="TpShocks.exe" [2011-03-29 380776]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2011-04-26 310912]
"PSQLLauncher"="c:\program files\ThinkVantage Fingerprint Software\launcher.exe" [2011-07-14 85832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-19 416024]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2011-05-31 40808]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-19 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-19 392472]
"ForteConfig"="c:\program files\Conexant\ForteConfig\fmapp.exe" [2010-10-26 49056]
"ALCKRESI.EXE"="c:\program files\Lenovo\AutoLock\ALCKRESI.EXE" [2011-05-25 281960]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
IE: Převést cíl vazby do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: Interfaces\{614F1BC4-5026-4228-BAA2-028217FD085E}: NameServer = 77.48.254.254,77.48.100.254
FF - ProfilePath - c:\users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\f02gkc6c.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-Adobe Photoshop 7.0 CE - c:\windows\ISUN0405.EXE
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.032"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ani"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bay"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bw"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.cs1"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.cur"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dcx"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.dib"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.djv"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.djvu"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.emf"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.eps"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.erf"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.fff"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.fpx"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.hdr"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.icl"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.icn"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.ico"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.iff"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ilbm"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.int"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.inta"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.iw4"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.j2c"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.j2k"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jfif"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jif"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.jp2"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.jpc"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS140.Document.jpg"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpk"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpx"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.lbm"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.mef"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.mos"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.pbm"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.pcd"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pct"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.pcx"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.pgm"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pic"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pict"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pix"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.ppm"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.psd"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.psp"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.pspimage"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ras"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rgb"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rgba"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.rle"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rsb"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.sgi"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.tga"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.thm"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
@Denied: (2) (LocalSystem)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ttc"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ttf"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.wbm"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.wbmp"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1491416831-2494565887-1369721341-1000)
"Progid"="ACDSee 10.0.wmf"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xbm"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xif"
.
[HKEY_USERS\S-1-5-21-1491416831-2494565887-1369721341-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xpm"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\SysWOW64\SAsrv.exe
c:\program files (x86)\Lenovo\Access Connections\AcSvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
c:\progra~2\ThinkPad\UTILIT~1\SCHTASK.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Lenovo\System Update\SUService.exe
c:\program files (x86)\Lenovo\message center plus\mcplaunch.exe
c:\program files\lenovo\lenovo solution center\lsc.exe
.
**************************************************************************
.
Celkový čas: 2013-01-19 14:08:47 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-19 13:08
ComboFix2.txt 2013-01-18 10:24
.
Před spuštěním: Volných bajtů: 356 222 889 984
Po spuštění: Volných bajtů: 356 025 581 568
.
- - End Of File - - AF316F63A72E87B3B2797A4AF61F0AC6

Trojan:JS/FrameRef Vyřešeno

Trojan:JS/FrameRef

Re: Trojan:JS/FrameRef

Re: Trojan:JS/FrameRef

Re: Trojan:JS/FrameRef

Re: Trojan:JS/FrameRef

Re: Trojan:JS/FrameRef

Re: Trojan:JS/FrameRef

Re: Trojan:JS/FrameRef

Re: Trojan:JS/FrameRef

Re: Trojan:JS/FrameRef

Re: Trojan:JS/FrameRef

Re: Trojan:JS/FrameRef

Kdo je online