Prosím o kontrolu logu Vyřešeno

[nukecz]

Při spuštění Os nebo hry vyběhne chybová hláška Vstupní procedůry IsThreadDesktopComposited se nepodařilo v dynamicky propojované knihovně USER32.DLL nalézt


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:56:34, on 19.7.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\AVAST Software\Avast\AvastSvc.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\RTHDCPL.EXE
D:\Program Files\Winamp\winampa.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\Program Files\Canon\MyPrinter\BJMyPrt.exe
D:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
D:\Program Files\AVAST Software\Avast\avastUI.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Documents and Settings\nuukee\Data aplikací\uTorrent\uTorrent.exe
D:\Program Files\Microsoft ActiveSync\Wcescomm.exe
D:\PROGRA~1\MICROS~4\rapimgr.exe
D:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
D:\Program Files\Java\jre7\bin\jqs.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
D:\Program Files\WebCake\WebCakeDesktop.Updater.exe
D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
D:\Documents and Settings\nuukee\Dokumenty\Stažené soubory\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebCake Layers - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - D:\Program Files\WebCake\WebCakeIEClient.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] D:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] D:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "D:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "D:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [avast] "D:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "D:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [MSConfig] D:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "D:\Documents and Settings\nuukee\Data aplikací\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [RGSC] D:\hry\gta\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [WebCake Desktop] "D:\Documents and Settings\nuukee\Data aplikací\WebCake\WebCakeDesktop.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "D:\Documents and Settings\nuukee\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "D:\Documents and Settings\nuukee\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://D:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - D:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - D:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - D:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: WebCake Desktop Updater - WebCake LLC - D:\Program Files\WebCake\WebCakeDesktop.Updater.exe

--
End of file - 9402 bytes

[Reklama]

[nukecz]

a ješte Zpráva z RogueKiller

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : nuukee [Práva správce]
Mód : Oprava HOSTS -- Datum : 07/19/2013 18:21:18
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : WebCake Desktop ("D:\Documents and Settings\nuukee\Data aplikací\WebCake\WebCakeDesktop.exe" [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("D:\Documents and Settings\nuukee\Data aplikací\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("D:\Documents and Settings\nuukee\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-73586283-179605362-1801674531-1003\[...]\Run : WebCake Desktop ("D:\Documents and Settings\nuukee\Data aplikací\WebCake\WebCakeDesktop.exe" [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-73586283-179605362-1801674531-1003\[...]\Run : cz.seznam.software.autoupdate ("D:\Documents and Settings\nuukee\Data aplikací\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-73586283-179605362-1801674531-1003\[...]\Run : cz.seznam.software.szndesktop ("D:\Documents and Settings\nuukee\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost


Dokončeno : << RKreport[0]_H_07192013_182118.txt >>
RKreport[0]_S_07192013_181112.txt

[memphisto]

o žádný Rogue jsem nežádal!

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[nukecz]

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.07.19.10

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
nuukee :: NUKE [administrátor]

19.7.2013 23:08:46
MBAM-log-2013-07-19 (23-15-35).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 215993
Uplynulý čas: 6 minut, 32 sekund

Nalezené procesy v paměti: 1
D:\Program Files\WebCake\WebCakeDesktop.Updater.exe (PUP.WebCake) -> 2148 -> Nebyla provedena žádná instrukce.

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 20
HKCR\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} (PUP.WebCake) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8} (PUP.WebCake) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4} (PUP.WebCake) -> Nebyla provedena žádná instrukce.
HKCR\WebCakeIEClient.Layers.1 (PUP.WebCake) -> Nebyla provedena žádná instrukce.
HKCR\WebCakeIEClient.Layers (PUP.WebCake) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} (PUP.WebCake) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd.1 (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38} (PUP.WebCake) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.WebCake) -> Nebyla provedena žádná instrukce.
HKCR\WebCakeIEClient.Api (PUP.WebCake) -> Nebyla provedena žádná instrukce.
HKCR\WebCakeIEClient.Api.1 (PUP.WebCake) -> Nebyla provedena žádná instrukce.
HKCR\AppID\WebCakeIEClient.DLL (PUP.WebCake) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh (PUP.WebCake) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (PUP.Adware.RelevantKnowledge) -> Nebyla provedena žádná instrukce.
HKLM\SYSTEM\CurrentControlSet\Services\WebCake Desktop Updater (PUP.WebCake) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|WebCake Desktop (PUP.WebCake) -> Data: "D:\Documents and Settings\nuukee\Data aplikací\WebCake\WebCakeDesktop.exe" -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 5
D:\Documents and Settings\nuukee\Data aplikací\SwvUpdater (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
D:\Documents and Settings\All Users\Data aplikací\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38} (PUP.WebCake) -> Nebyla provedena žádná instrukce.
D:\Documents and Settings\All Users\Data aplikací\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Cache (PUP.WebCake) -> Nebyla provedena žádná instrukce.
D:\Program Files\RelevantKnowledge (PUP.Spyware.MarketScore) -> Nebyla provedena žádná instrukce.
D:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge (PUP.Spyware.MarketScore) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 24
D:\Program Files\WebCake\WebCakeIEClient.dll (PUP.WebCake) -> Nebyla provedena žádná instrukce.
D:\Documents and Settings\nuukee\Data aplikací\SwvUpdater\Updater.exe (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
D:\Documents and Settings\nuukee\Data aplikací\SwvUpdater\Updater.xml (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
D:\Documents and Settings\nuukee\Data aplikací\SwvUpdater\status.cfg (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
D:\WINDOWS\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
D:\Documents and Settings\All Users\Data aplikací\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.ico (PUP.WebCake) -> Nebyla provedena žádná instrukce.
D:\Documents and Settings\All Users\Data aplikací\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.dat (PUP.WebCake) -> Nebyla provedena žádná instrukce.
D:\Documents and Settings\All Users\Data aplikací\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.exe (PUP.WebCake) -> Nebyla provedena žádná instrukce.
D:\Documents and Settings\All Users\Data aplikací\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setup.dll (PUP.WebCake) -> Nebyla provedena žádná instrukce.
D:\Documents and Settings\All Users\Data aplikací\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setupx.dll (PUP.WebCake) -> Nebyla provedena žádná instrukce.
D:\Documents and Settings\nuukee\Data aplikací\WebCake\WebCakeDesktop.exe (PUP.WebCake) -> Nebyla provedena žádná instrukce.
D:\Program Files\WebCake\WebCakeDesktop.Updater.exe (PUP.WebCake) -> Nebyla provedena žádná instrukce.
D:\Program Files\RelevantKnowledge\ncncf.dat (PUP.Spyware.MarketScore) -> Nebyla provedena žádná instrukce.
D:\Program Files\RelevantKnowledge\nscf.dat (PUP.Spyware.MarketScore) -> Nebyla provedena žádná instrukce.
D:\Program Files\RelevantKnowledge\rlls.dll (PUP.Spyware.MarketScore) -> Nebyla provedena žádná instrukce.
D:\Program Files\RelevantKnowledge\rlls64.dll (PUP.Spyware.MarketScore) -> Nebyla provedena žádná instrukce.
D:\Program Files\RelevantKnowledge\rloci.bin (PUP.Spyware.MarketScore) -> Nebyla provedena žádná instrukce.
D:\Program Files\RelevantKnowledge\rlservice.exe (PUP.Spyware.MarketScore) -> Nebyla provedena žádná instrukce.
D:\Program Files\RelevantKnowledge\rlvknlg64.exe (PUP.Spyware.MarketScore) -> Nebyla provedena žádná instrukce.
D:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\About RelevantKnowledge.lnk (PUP.Spyware.MarketScore) -> Nebyla provedena žádná instrukce.
D:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\Member of GRID - Goodware Repository Information Database.lnk (PUP.Spyware.MarketScore) -> Nebyla provedena žádná instrukce.
D:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\Privacy Policy and User License Agreement.lnk (PUP.Spyware.MarketScore) -> Nebyla provedena žádná instrukce.
D:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\Support.lnk (PUP.Spyware.MarketScore) -> Nebyla provedena žádná instrukce.
D:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\Uninstall Instructions.lnk (PUP.Spyware.MarketScore) -> Nebyla provedena žádná instrukce.

(konec)

[nukecz]

# AdwCleaner v2.306 - Log vytvooen 19/07/2013 v 23:17:48
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : nuukee - NUKE
# Spuštin systém : Normální
# Spuštino z : D:\Documents and Settings\nuukee\Dokumenty\Stažené soubory\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****

Nalezeno : WebCake Desktop Updater

***** [Soubory / Složky] *****

Složka Nalezeno : D:\DOCUME~1\nuukee\LOCALS~1\Temp\AskSearch
Složka Nalezeno : D:\DOCUME~1\nuukee\LOCALS~1\Temp\OCS
Složka Nalezeno : D:\Documents and Settings\All Users\Data aplikací\Tarma Installer
Složka Nalezeno : D:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge
Složka Nalezeno : D:\Documents and Settings\nuukee\Data aplikací\Mozilla\Firefox\Profiles\53a8zol0.default\extensions\plugin@getwebcake.com
Složka Nalezeno : D:\Documents and Settings\nuukee\Data aplikací\OpenCandy
Složka Nalezeno : D:\Documents and Settings\nuukee\Data aplikací\SwvUpdater
Složka Nalezeno : D:\Documents and Settings\nuukee\Data aplikací\WebCake
Složka Nalezeno : D:\Documents and Settings\nuukee\Data aplikací\Wondershare
Složka Nalezeno : D:\Documents and Settings\nuukee\Local Settings\Data aplikací\PackageAware
Složka Nalezeno : D:\Documents and Settings\nuukee\Local Settings\Data aplikací\Wondershare
Složka Nalezeno : D:\Program Files\Common Files\Wondershare
Složka Nalezeno : D:\Program Files\RelevantKnowledge
Složka Nalezeno : D:\Program Files\WebCake
Soubor Nalezeno : D:\DOCUME~1\nuukee\LOCALS~1\Temp\Uninstall.exe
Soubor Nalezeno : D:\WINDOWS\Tasks\AmiUpdXp.job

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WebCake Desktop]
Hodnota Nalezeno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [D:\Program Files\RelevantKnowledge\rlvknlg.exe]
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\OCS
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
Klíe Nalezeno : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
Klíe Nalezeno : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
Klíe Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D08D9F98-1C78-4704-87E6-368B0023D831}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D08D9F98-1C78-4704-87E6-368B0023D831}
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\Software\Tarma Installer

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v7.0.5730.13

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v22.0 (cs)

Soubor : D:\Documents and Settings\nuukee\Data aplikací\Mozilla\Firefox\Profiles\53a8zol0.default\prefs.js

[OK] Soubor je eistý.

-\\ Opera v12.14.1738.0

Soubor : D:\Documents and Settings\nuukee\Data aplikací\Opera\Opera\operaprefs.ini

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [5030 octets] - [19/07/2013 23:17:48]

########## EOF - D:\AdwCleaner[R1].txt - [5090 octets] ##########

[jaro3]

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání skončeno "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si Junkware Removal Tool

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

[nukecz]

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.07.19.10

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
nuukee :: NUKE [administrátor]

20.7.2013 0:10:47
mbam-log-2013-07-20 (00-10-47).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 216100
Uplynulý čas: 5 minut, 37 sekund

Nalezené procesy v paměti: 1
D:\Program Files\WebCake\WebCakeDesktop.Updater.exe (PUP.WebCake) -> 2148 -> Bude smazán při restartu.

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 20
HKCR\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} (PUP.WebCake) -> Přesun do karantény a smazání se zdařilo.
HKCR\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8} (PUP.WebCake) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4} (PUP.WebCake) -> Přesun do karantény a smazání se zdařilo.
HKCR\WebCakeIEClient.Layers.1 (PUP.WebCake) -> Přesun do karantény a smazání se zdařilo.
HKCR\WebCakeIEClient.Layers (PUP.WebCake) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} (PUP.WebCake) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Software.Updater) -> Přesun do karantény a smazání se zdařilo.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Software.Updater) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Software.Updater) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> Přesun do karantény a smazání se zdařilo.
HKCR\Updater.AmiUpd.1 (PUP.Software.Updater) -> Přesun do karantény a smazání se zdařilo.
HKCR\Updater.AmiUpd (PUP.Software.Updater) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38} (PUP.WebCake) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.WebCake) -> Přesun do karantény a smazání se zdařilo.
HKCR\WebCakeIEClient.Api (PUP.WebCake) -> Přesun do karantény a smazání se zdařilo.
HKCR\WebCakeIEClient.Api.1 (PUP.WebCake) -> Přesun do karantény a smazání se zdařilo.
HKCR\AppID\WebCakeIEClient.DLL (PUP.WebCake) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh (PUP.WebCake) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (PUP.Adware.RelevantKnowledge) -> Přesun do karantény a smazání se zdařilo.
HKLM\SYSTEM\CurrentControlSet\Services\WebCake Desktop Updater (PUP.WebCake) -> Přesun do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|WebCake Desktop (PUP.WebCake) -> Data: "D:\Documents and Settings\nuukee\Data aplikací\WebCake\WebCakeDesktop.exe" -> Přesun do karantény a smazání se zdařilo.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 5
D:\Documents and Settings\nuukee\Data aplikací\SwvUpdater (PUP.Software.Updater) -> Přesun do karantény a smazání se zdařilo.
D:\Documents and Settings\All Users\Data aplikací\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38} (PUP.WebCake) -> Přesun do karantény a smazání se zdařilo.
D:\Documents and Settings\All Users\Data aplikací\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Cache (PUP.WebCake) -> Přesun do karantény a smazání se zdařilo.
D:\Program Files\RelevantKnowledge (PUP.Spyware.MarketScore) -> Přesun do karantény a smazání se zdařilo.
D:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge (PUP.Spyware.MarketScore) -> Přesun do karantény a smazání se zdařilo.

Nalezené soubory: 24
D:\Program Files\WebCake\WebCakeIEClient.dll (PUP.WebCake) -> Přesun do karantény a smazání se zdařilo.
D:\Documents and Settings\nuukee\Data aplikací\SwvUpdater\Updater.exe (PUP.Software.Updater) -> Přesun do karantény a smazání se zdařilo.
D:\Documents and Settings\nuukee\Data aplikací\SwvUpdater\Updater.xml (PUP.Software.Updater) -> Přesun do karantény a smazání se zdařilo.
D:\Documents and Settings\nuukee\Data aplikací\SwvUpdater\status.cfg (PUP.Software.Updater) -> Přesun do karantény a smazání se zdařilo.
D:\WINDOWS\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Přesun do karantény a smazání se zdařilo.
D:\Documents and Settings\All Users\Data aplikací\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.ico (PUP.WebCake) -> Přesun do karantény a smazání se zdařilo.
D:\Documents and Settings\All Users\Data aplikací\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.dat (PUP.WebCake) -> Přesun do karantény a smazání se zdařilo.
D:\Documents and Settings\All Users\Data aplikací\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.exe (PUP.WebCake) -> Přesun do karantény a smazání se zdařilo.
D:\Documents and Settings\All Users\Data aplikací\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setup.dll (PUP.WebCake) -> Přesun do karantény a smazání se zdařilo.
D:\Documents and Settings\All Users\Data aplikací\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setupx.dll (PUP.WebCake) -> Přesun do karantény a smazání se zdařilo.
D:\Documents and Settings\nuukee\Data aplikací\WebCake\WebCakeDesktop.exe (PUP.WebCake) -> Přesun do karantény a smazání se zdařilo.
D:\Program Files\WebCake\WebCakeDesktop.Updater.exe (PUP.WebCake) -> Bude smazán při restartu.
D:\Program Files\RelevantKnowledge\ncncf.dat (PUP.Spyware.MarketScore) -> Přesun do karantény a smazání se zdařilo.
D:\Program Files\RelevantKnowledge\nscf.dat (PUP.Spyware.MarketScore) -> Přesun do karantény a smazání se zdařilo.
D:\Program Files\RelevantKnowledge\rlls.dll (PUP.Spyware.MarketScore) -> Přesun do karantény a smazání se zdařilo.
D:\Program Files\RelevantKnowledge\rlls64.dll (PUP.Spyware.MarketScore) -> Přesun do karantény a smazání se zdařilo.
D:\Program Files\RelevantKnowledge\rloci.bin (PUP.Spyware.MarketScore) -> Přesun do karantény a smazání se zdařilo.
D:\Program Files\RelevantKnowledge\rlservice.exe (PUP.Spyware.MarketScore) -> Přesun do karantény a smazání se zdařilo.
D:\Program Files\RelevantKnowledge\rlvknlg64.exe (PUP.Spyware.MarketScore) -> Přesun do karantény a smazání se zdařilo.
D:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\About RelevantKnowledge.lnk (PUP.Spyware.MarketScore) -> Přesun do karantény a smazání se zdařilo.
D:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\Member of GRID - Goodware Repository Information Database.lnk (PUP.Spyware.MarketScore) -> Přesun do karantény a smazání se zdařilo.
D:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\Privacy Policy and User License Agreement.lnk (PUP.Spyware.MarketScore) -> Přesun do karantény a smazání se zdařilo.
D:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\Support.lnk (PUP.Spyware.MarketScore) -> Přesun do karantény a smazání se zdařilo.
D:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\Uninstall Instructions.lnk (PUP.Spyware.MarketScore) -> Přesun do karantény a smazání se zdařilo.

(konec)

[nukecz]

# AdwCleaner v2.306 - Log vytvooen 20/07/2013 v 00:24:23
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : nuukee - NUKE
# Spuštin systém : Normální
# Spuštino z : D:\Documents and Settings\nuukee\Dokumenty\Stažené soubory\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : D:\DOCUME~1\nuukee\LOCALS~1\Temp\AskSearch
Složka Vymazáno : D:\DOCUME~1\nuukee\LOCALS~1\Temp\OCS
Složka Vymazáno : D:\Documents and Settings\All Users\Data aplikací\Tarma Installer
Složka Vymazáno : D:\Documents and Settings\nuukee\Data aplikací\Mozilla\Firefox\Profiles\53a8zol0.default\extensions\plugin@getwebcake.com
Složka Vymazáno : D:\Documents and Settings\nuukee\Data aplikací\OpenCandy
Složka Vymazáno : D:\Documents and Settings\nuukee\Data aplikací\WebCake
Složka Vymazáno : D:\Documents and Settings\nuukee\Data aplikací\Wondershare
Složka Vymazáno : D:\Documents and Settings\nuukee\Local Settings\Data aplikací\PackageAware
Složka Vymazáno : D:\Documents and Settings\nuukee\Local Settings\Data aplikací\Wondershare
Složka Vymazáno : D:\Program Files\Common Files\Wondershare
Složka Vymazáno : D:\Program Files\WebCake
Soubor Vymazáno : D:\DOCUME~1\nuukee\LOCALS~1\Temp\Uninstall.exe

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Hodnota Vymazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [D:\Program Files\RelevantKnowledge\rlvknlg.exe]
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKCU\Software\OCS
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D08D9F98-1C78-4704-87E6-368B0023D831}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\Software\Tarma Installer

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v7.0.5730.13

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v22.0 (cs)

Soubor : D:\Documents and Settings\nuukee\Data aplikací\Mozilla\Firefox\Profiles\53a8zol0.default\prefs.js

D:\Documents and Settings\nuukee\Data aplikací\Mozilla\Firefox\Profiles\53a8zol0.default\user.js ... Vymazáno !

[OK] Soubor je eistý.

-\\ Opera v12.14.1738.0

Soubor : D:\Documents and Settings\nuukee\Data aplikací\Opera\Opera\operaprefs.ini

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [5159 octets] - [19/07/2013 23:17:48]
AdwCleaner[R2].txt - [3406 octets] - [20/07/2013 00:23:53]
AdwCleaner[S1].txt - [3450 octets] - [20/07/2013 00:24:23]

########## EOF - D:\AdwCleaner[S1].txt - [3510 octets] ##########

[nukecz]

RogueKiller V8.6.3 [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : nuukee [Práva správce]
Mód : Odebrat -- Datum : 07/20/2013 00:33:49
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] szninstall.exe -- D:\Documents and Settings\nuukee\Data aplikací\Seznam.cz\szninstall.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("D:\Documents and Settings\nuukee\Data aplikací\Seznam.cz\szninstall.exe" -c [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("D:\Documents and Settings\nuukee\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-73586283-179605362-1801674531-1003\[...]\Run : cz.seznam.software.autoupdate ("D:\Documents and Settings\nuukee\Data aplikací\Seznam.cz\szninstall.exe" -c [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-73586283-179605362-1801674531-1003\[...]\Run : cz.seznam.software.szndesktop ("D:\Documents and Settings\nuukee\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD5000AACS-00G8B1 +++++
--- User ---
[MBR] b1b591112327244e84432412a14e014d
[BSP] 39cc9272c62dd1730c10f5d6df2997eb : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_07202013_003349.txt >>
RKreport[0]_S_07192013_182259.txt;RKreport[0]_S_07202013_003342.txt

[nukecz]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.1.6 (07.17.2013:4)
OS: Microsoft Windows XP x86
Ran by nuukee on so 20.07.2013 at 0:41:31,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{a0b10ebe-4e51-4cae-949b-e6b9e7d68cea}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{bb975e58-e769-4e5a-ba12-b765bc559ff3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{fb684d26-01f4-4d9d-87cb-f486beba56dc}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "D:\WINDOWS\system32\ai_recyclebin"





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 20.07.2013 at 0:44:22,84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[nukecz]

00:54:35.0671 2056 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
00:54:36.0921 2056 ============================================================
00:54:36.0921 2056 Current date / time: 2013/07/20 00:54:36.0921
00:54:36.0921 2056 SystemInfo:
00:54:36.0921 2056
00:54:36.0921 2056 OS Version: 5.1.2600 ServicePack: 3.0
00:54:36.0921 2056 Product type: Workstation
00:54:36.0921 2056 ComputerName: NUKE
00:54:36.0921 2056 UserName: nuukee
00:54:36.0921 2056 Windows directory: D:\WINDOWS
00:54:36.0921 2056 System windows directory: D:\WINDOWS
00:54:36.0921 2056 Processor architecture: Intel x86
00:54:36.0921 2056 Number of processors: 2
00:54:36.0921 2056 Page size: 0x1000
00:54:36.0921 2056 Boot type: Normal boot
00:54:36.0921 2056 ============================================================
00:54:38.0062 2056 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x38080, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000054
00:54:38.0062 2056 ============================================================
00:54:38.0062 2056 \Device\Harddisk0\DR0:
00:54:38.0062 2056 MBR partitions:
00:54:38.0062 2056 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
00:54:38.0062 2056 ============================================================
00:54:38.0093 2056 D: <-> \Device\Harddisk0\DR0\Partition1
00:54:38.0093 2056 ============================================================
00:54:38.0093 2056 Initialize success
00:54:38.0093 2056 ============================================================
00:54:41.0843 1368 ============================================================
00:54:41.0843 1368 Scan started
00:54:41.0843 1368 Mode: Manual;
00:54:41.0843 1368 ============================================================
00:54:42.0609 1368 ================ Scan system memory ========================
00:54:42.0609 1368 System memory - ok
00:54:42.0609 1368 ================ Scan services =============================
00:54:42.0718 1368 Abiosdsk - ok
00:54:42.0718 1368 abp480n5 - ok
00:54:42.0765 1368 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI D:\WINDOWS\system32\DRIVERS\ACPI.sys
00:54:42.0765 1368 ACPI - ok
00:54:42.0796 1368 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC D:\WINDOWS\system32\drivers\ACPIEC.sys
00:54:42.0796 1368 ACPIEC - ok
00:54:42.0906 1368 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:54:42.0937 1368 AdobeFlashPlayerUpdateSvc - ok
00:54:42.0937 1368 adpu160m - ok
00:54:42.0968 1368 [ 8BED39E3C35D6A489438B8141717A557 ] aec D:\WINDOWS\system32\drivers\aec.sys
00:54:43.0031 1368 aec - ok
00:54:43.0062 1368 [ 322D0E36693D6E24A2398BEE62A268CD ] AFD D:\WINDOWS\System32\drivers\afd.sys
00:54:43.0062 1368 AFD - ok
00:54:43.0078 1368 Aha154x - ok
00:54:43.0078 1368 aic78u2 - ok
00:54:43.0078 1368 aic78xx - ok
00:54:43.0156 1368 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter D:\WINDOWS\system32\alrsvc.dll
00:54:43.0171 1368 Alerter - ok
00:54:43.0203 1368 [ 88842DE939A827577BF24243699AC80A ] ALG D:\WINDOWS\System32\alg.exe
00:54:43.0203 1368 ALG - ok
00:54:43.0203 1368 AliIde - ok
00:54:43.0265 1368 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt D:\WINDOWS\system32\drivers\Ambfilt.sys
00:54:43.0312 1368 Ambfilt - ok
00:54:43.0312 1368 amsint - ok
00:54:43.0343 1368 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt D:\WINDOWS\System32\appmgmts.dll
00:54:43.0343 1368 AppMgmt - ok
00:54:43.0343 1368 asc - ok
00:54:43.0343 1368 asc3350p - ok
00:54:43.0359 1368 asc3550 - ok
00:54:43.0453 1368 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
00:54:43.0468 1368 aspnet_state - ok
00:54:43.0468 1368 [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk D:\WINDOWS\system32\drivers\aswFsBlk.sys
00:54:43.0468 1368 aswFsBlk - ok
00:54:43.0484 1368 [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt D:\WINDOWS\system32\drivers\aswMonFlt.sys
00:54:43.0484 1368 aswMonFlt - ok
00:54:43.0500 1368 [ C1A411B7CCD604554D96EFDAC2F83617 ] AswRdr D:\WINDOWS\system32\drivers\AswRdr.sys
00:54:43.0500 1368 AswRdr - ok
00:54:43.0500 1368 [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt D:\WINDOWS\system32\drivers\aswRvrt.sys
00:54:43.0500 1368 aswRvrt - ok
00:54:43.0531 1368 [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx D:\WINDOWS\system32\drivers\aswSnx.sys
00:54:43.0531 1368 aswSnx - ok
00:54:43.0546 1368 [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP D:\WINDOWS\system32\drivers\aswSP.sys
00:54:43.0546 1368 aswSP - ok
00:54:43.0562 1368 [ 33E21FFB063CA6C7E00D568467DC72E4 ] aswTdi D:\WINDOWS\system32\drivers\aswTdi.sys
00:54:43.0562 1368 aswTdi - ok
00:54:43.0593 1368 [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm D:\WINDOWS\system32\drivers\aswVmm.sys
00:54:43.0593 1368 aswVmm - ok
00:54:43.0609 1368 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac D:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:54:43.0609 1368 AsyncMac - ok
00:54:43.0640 1368 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi D:\WINDOWS\system32\DRIVERS\atapi.sys
00:54:43.0640 1368 atapi - ok
00:54:43.0640 1368 Atdisk - ok
00:54:43.0687 1368 [ 43E17DA549BC8219EEE90AA9C6480AAA ] Ati HotKey Poller D:\WINDOWS\system32\Ati2evxx.exe
00:54:43.0687 1368 Ati HotKey Poller - ok
00:54:43.0843 1368 [ 50D7EE1C07BC1E549FAE797668A90E1E ] ati2mtag D:\WINDOWS\system32\DRIVERS\ati2mtag.sys
00:54:43.0890 1368 ati2mtag - ok
00:54:43.0906 1368 AtiHDAudioService - ok
00:54:43.0921 1368 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc D:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:54:43.0921 1368 Atmarpc - ok
00:54:43.0937 1368 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv D:\WINDOWS\System32\audiosrv.dll
00:54:43.0937 1368 AudioSrv - ok
00:54:43.0968 1368 [ D9F724AA26C010A217C97606B160ED68 ] audstub D:\WINDOWS\system32\DRIVERS\audstub.sys
00:54:43.0968 1368 audstub - ok
00:54:44.0062 1368 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus D:\Program Files\AVAST Software\Avast\AvastSvc.exe
00:54:44.0062 1368 avast! Antivirus - ok
00:54:44.0093 1368 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep D:\WINDOWS\system32\drivers\Beep.sys
00:54:44.0093 1368 Beep - ok
00:54:44.0125 1368 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS D:\WINDOWS\system32\qmgr.dll
00:54:44.0140 1368 BITS - ok
00:54:44.0171 1368 [ 249276D3EF1E74B992299CB96099E4D7 ] Browser D:\WINDOWS\System32\browser.dll
00:54:44.0171 1368 Browser - ok
00:54:44.0187 1368 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k D:\WINDOWS\system32\drivers\cbidf2k.sys
00:54:44.0187 1368 cbidf2k - ok
00:54:44.0187 1368 cd20xrnt - ok
00:54:44.0203 1368 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio D:\WINDOWS\system32\drivers\Cdaudio.sys
00:54:44.0218 1368 Cdaudio - ok
00:54:44.0218 1368 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs D:\WINDOWS\system32\drivers\Cdfs.sys
00:54:44.0218 1368 Cdfs - ok
00:54:44.0234 1368 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom D:\WINDOWS\system32\DRIVERS\cdrom.sys
00:54:44.0234 1368 Cdrom - ok
00:54:44.0234 1368 Changer - ok
00:54:44.0250 1368 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc D:\WINDOWS\system32\cisvc.exe
00:54:44.0250 1368 CiSvc - ok
00:54:44.0265 1368 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv D:\WINDOWS\system32\clipsrv.exe
00:54:44.0265 1368 ClipSrv - ok
00:54:44.0312 1368 [ 3C4D595E7F9B747325AEF28B4ADCAAE5 ] clr_optimization_v2.0.50727_32 D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:54:44.0328 1368 clr_optimization_v2.0.50727_32 - ok
00:54:44.0343 1368 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:54:44.0375 1368 clr_optimization_v4.0.30319_32 - ok
00:54:44.0375 1368 CmdIde - ok
00:54:44.0375 1368 COMSysApp - ok
00:54:44.0390 1368 Cpqarray - ok
00:54:44.0406 1368 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc D:\WINDOWS\System32\cryptsvc.dll
00:54:44.0406 1368 CryptSvc - ok
00:54:44.0421 1368 dac2w2k - ok
00:54:44.0421 1368 dac960nt - ok
00:54:44.0453 1368 [ C868F3AE15CF71A93F2AA3A32856D839 ] DcomLaunch D:\WINDOWS\system32\rpcss.dll
00:54:44.0484 1368 DcomLaunch - ok
00:54:44.0484 1368 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp D:\WINDOWS\System32\dhcpcsvc.dll
00:54:44.0500 1368 Dhcp - ok
00:54:44.0500 1368 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk D:\WINDOWS\system32\DRIVERS\disk.sys
00:54:44.0500 1368 Disk - ok
00:54:44.0500 1368 dmadmin - ok
00:54:44.0531 1368 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot D:\WINDOWS\system32\drivers\dmboot.sys
00:54:44.0546 1368 dmboot - ok
00:54:44.0562 1368 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio D:\WINDOWS\system32\drivers\dmio.sys
00:54:44.0562 1368 dmio - ok
00:54:44.0578 1368 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload D:\WINDOWS\system32\drivers\dmload.sys
00:54:44.0578 1368 dmload - ok
00:54:44.0593 1368 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver D:\WINDOWS\System32\dmserver.dll
00:54:44.0593 1368 dmserver - ok
00:54:44.0625 1368 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic D:\WINDOWS\system32\drivers\DMusic.sys
00:54:44.0625 1368 DMusic - ok
00:54:44.0625 1368 [ 0634B791684B84F4A331F3D3536FEEF8 ] Dnscache D:\WINDOWS\System32\dnsrslvr.dll
00:54:44.0625 1368 Dnscache - ok
00:54:44.0656 1368 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc D:\WINDOWS\System32\dot3svc.dll
00:54:44.0656 1368 Dot3svc - ok
00:54:44.0656 1368 dpti2o - ok
00:54:44.0671 1368 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud D:\WINDOWS\system32\drivers\drmkaud.sys
00:54:44.0671 1368 drmkaud - ok
00:54:44.0703 1368 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 D:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
00:54:44.0703 1368 dtsoftbus01 - ok
00:54:44.0718 1368 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost D:\WINDOWS\System32\eapsvc.dll
00:54:44.0718 1368 EapHost - ok
00:54:44.0734 1368 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc D:\WINDOWS\System32\ersvc.dll
00:54:44.0734 1368 ERSvc - ok
00:54:44.0750 1368 [ F0D2AE69035092BF22DAD6B50FAB85C2 ] Eventlog D:\WINDOWS\system32\services.exe
00:54:44.0765 1368 Eventlog - ok
00:54:44.0765 1368 [ 260C69FD67687B0DC062FC3D31655857 ] EventSystem D:\WINDOWS\system32\es.dll
00:54:44.0765 1368 EventSystem - ok
00:54:44.0781 1368 [ 38D332A6D56AF32635675F132548343E ] Fastfat D:\WINDOWS\system32\drivers\Fastfat.sys
00:54:44.0796 1368 Fastfat - ok
00:54:44.0812 1368 [ B927443008910B412BEC72FC41C1BAD0 ] FastUserSwitchingCompatibility D:\WINDOWS\System32\shsvcs.dll
00:54:44.0812 1368 FastUserSwitchingCompatibility - ok
00:54:44.0843 1368 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc D:\WINDOWS\system32\DRIVERS\fdc.sys
00:54:44.0843 1368 Fdc - ok
00:54:44.0859 1368 [ AC366695A0796560AA37215AD5762AAF ] Fips D:\WINDOWS\system32\drivers\Fips.sys
00:54:44.0859 1368 Fips - ok
00:54:44.0859 1368 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk D:\WINDOWS\system32\DRIVERS\flpydisk.sys
00:54:44.0859 1368 Flpydisk - ok
00:54:44.0890 1368 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr D:\WINDOWS\system32\DRIVERS\fltMgr.sys
00:54:44.0890 1368 FltMgr - ok
00:54:44.0968 1368 [ FACECF3F75BAF3775A879D1168402270 ] FontCache3.0.0.0 d:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:54:44.0968 1368 FontCache3.0.0.0 - ok
00:54:44.0968 1368 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec D:\WINDOWS\system32\drivers\Fs_Rec.sys
00:54:44.0968 1368 Fs_Rec - ok
00:54:45.0000 1368 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk D:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:54:45.0000 1368 Ftdisk - ok
00:54:45.0000 1368 GMSIPCI - ok
00:54:45.0046 1368 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc D:\WINDOWS\system32\DRIVERS\msgpc.sys
00:54:45.0046 1368 Gpc - ok
00:54:45.0062 1368 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus D:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:54:45.0062 1368 HDAudBus - ok
00:54:45.0093 1368 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc D:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:54:45.0093 1368 helpsvc - ok
00:54:45.0109 1368 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ D:\WINDOWS\System32\hidserv.dll
00:54:45.0109 1368 HidServ - ok
00:54:45.0125 1368 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb D:\WINDOWS\system32\DRIVERS\hidusb.sys
00:54:45.0125 1368 hidusb - ok
00:54:45.0171 1368 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc D:\WINDOWS\System32\kmsvc.dll
00:54:45.0171 1368 hkmsvc - ok
00:54:45.0171 1368 hpn - ok
00:54:45.0203 1368 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP D:\WINDOWS\system32\Drivers\HTTP.sys
00:54:45.0203 1368 HTTP - ok
00:54:45.0218 1368 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter D:\WINDOWS\System32\w3ssl.dll
00:54:45.0234 1368 HTTPFilter - ok
00:54:45.0234 1368 i2omgmt - ok
00:54:45.0234 1368 i2omp - ok
00:54:45.0250 1368 [ C528E27945367191E7BAE364930B6932 ] i8042prt D:\WINDOWS\system32\drivers\i8042prt.sys
00:54:45.0250 1368 i8042prt - ok
00:54:45.0296 1368 [ EA7267505149B3A10DF32506A4E4E412 ] idsvc D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:54:45.0312 1368 idsvc - ok
00:54:45.0375 1368 [ 2F95BEF56AEEEB45DE55EC44668E2695 ] IJPLMSVC D:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
00:54:45.0375 1368 IJPLMSVC - ok
00:54:45.0390 1368 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi D:\WINDOWS\system32\DRIVERS\imapi.sys
00:54:45.0390 1368 Imapi - ok
00:54:45.0406 1368 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService D:\WINDOWS\system32\imapi.exe
00:54:45.0406 1368 ImapiService - ok
00:54:45.0421 1368 ini910u - ok
00:54:45.0562 1368 [ 063DD51CBDC37B8668E09148E0A118BC ] IntcAzAudAddService D:\WINDOWS\system32\drivers\RtkHDAud.sys
00:54:45.0593 1368 IntcAzAudAddService - ok
00:54:45.0593 1368 IntelIde - ok
00:54:45.0609 1368 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm D:\WINDOWS\system32\DRIVERS\intelppm.sys
00:54:45.0609 1368 intelppm - ok
00:54:45.0640 1368 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw D:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
00:54:45.0640 1368 Ip6Fw - ok
00:54:45.0656 1368 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver D:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:54:45.0656 1368 IpFilterDriver - ok
00:54:45.0671 1368 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp D:\WINDOWS\system32\DRIVERS\ipinip.sys
00:54:45.0671 1368 IpInIp - ok
00:54:45.0671 1368 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat D:\WINDOWS\system32\DRIVERS\ipnat.sys
00:54:45.0671 1368 IpNat - ok
00:54:45.0687 1368 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec D:\WINDOWS\system32\DRIVERS\ipsec.sys
00:54:45.0687 1368 IPSec - ok
00:54:45.0703 1368 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM D:\WINDOWS\system32\DRIVERS\irenum.sys
00:54:45.0703 1368 IRENUM - ok
00:54:45.0718 1368 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp D:\WINDOWS\system32\DRIVERS\isapnp.sys
00:54:45.0718 1368 isapnp - ok
00:54:45.0796 1368 [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService D:\Program Files\Java\jre7\bin\jqs.exe
00:54:45.0812 1368 JavaQuickStarterService - ok
00:54:45.0828 1368 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass D:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:54:45.0828 1368 Kbdclass - ok
00:54:45.0828 1368 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid D:\WINDOWS\system32\DRIVERS\kbdhid.sys
00:54:45.0828 1368 kbdhid - ok
00:54:45.0890 1368 [ 692BCF44383D056AED41B045A323D378 ] kmixer D:\WINDOWS\system32\drivers\kmixer.sys
00:54:45.0890 1368 kmixer - ok
00:54:45.0906 1368 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD D:\WINDOWS\system32\drivers\KSecDD.sys
00:54:45.0906 1368 KSecDD - ok
00:54:45.0937 1368 [ 21920AC69594AB021237054FA728FE46 ] LanmanServer D:\WINDOWS\System32\srvsvc.dll
00:54:45.0937 1368 LanmanServer - ok
00:54:45.0953 1368 [ 5190783F51A2D7A8495202C664D7C963 ] lanmanworkstation D:\WINDOWS\System32\wkssvc.dll
00:54:45.0953 1368 lanmanworkstation - ok
00:54:45.0953 1368 lbrtfdc - ok
00:54:45.0984 1368 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts D:\WINDOWS\System32\lmhsvc.dll
00:54:45.0984 1368 LmHosts - ok
00:54:45.0984 1368 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger D:\WINDOWS\System32\msgsvc.dll
00:54:46.0000 1368 Messenger - ok
00:54:46.0015 1368 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd D:\WINDOWS\system32\drivers\mnmdd.sys
00:54:46.0015 1368 mnmdd - ok
00:54:46.0031 1368 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc D:\WINDOWS\system32\mnmsrvc.exe
00:54:46.0046 1368 mnmsrvc - ok
00:54:46.0062 1368 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem D:\WINDOWS\system32\drivers\Modem.sys
00:54:46.0062 1368 Modem - ok
00:54:46.0093 1368 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt D:\WINDOWS\system32\drivers\Monfilt.sys
00:54:46.0125 1368 Monfilt - ok
00:54:46.0140 1368 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass D:\WINDOWS\system32\DRIVERS\mouclass.sys
00:54:46.0140 1368 Mouclass - ok
00:54:46.0156 1368 [ BB269EBA740737AB749B214D568B6812 ] mouhid D:\WINDOWS\system32\DRIVERS\mouhid.sys
00:54:46.0156 1368 mouhid - ok
00:54:46.0156 1368 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr D:\WINDOWS\system32\drivers\MountMgr.sys
00:54:46.0156 1368 MountMgr - ok
00:54:46.0187 1368 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:54:46.0187 1368 MozillaMaintenance - ok
00:54:46.0187 1368 mraid35x - ok
00:54:46.0187 1368 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV D:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:54:46.0187 1368 MRxDAV - ok
00:54:46.0218 1368 [ 68755F0FF16070178B54674FE5B847B0 ] MRxSmb D:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:54:46.0218 1368 MRxSmb - ok
00:54:46.0250 1368 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC D:\WINDOWS\system32\msdtc.exe
00:54:46.0250 1368 MSDTC - ok
00:54:46.0265 1368 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs D:\WINDOWS\system32\drivers\Msfs.sys
00:54:46.0265 1368 Msfs - ok
00:54:46.0265 1368 MSIServer - ok
00:54:46.0281 1368 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV D:\WINDOWS\system32\drivers\MSKSSRV.sys
00:54:46.0281 1368 MSKSSRV - ok
00:54:46.0296 1368 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK D:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:54:46.0296 1368 MSPCLOCK - ok
00:54:46.0296 1368 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM D:\WINDOWS\system32\drivers\MSPQM.sys
00:54:46.0296 1368 MSPQM - ok
00:54:46.0296 1368 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios D:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:54:46.0312 1368 mssmbios - ok
00:54:46.0312 1368 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup D:\WINDOWS\system32\drivers\Mup.sys
00:54:46.0312 1368 Mup - ok
00:54:46.0328 1368 [ 72580605F36048262C674EE925031C3C ] mv61xx D:\WINDOWS\system32\DRIVERS\mv61xx.sys
00:54:46.0328 1368 mv61xx - ok
00:54:46.0343 1368 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent D:\WINDOWS\System32\qagentrt.dll
00:54:46.0359 1368 napagent - ok
00:54:46.0375 1368 [ 1DF7F42665C94B825322FAE71721130D ] NDIS D:\WINDOWS\system32\drivers\NDIS.sys
00:54:46.0375 1368 NDIS - ok
00:54:46.0390 1368 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi D:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:54:46.0390 1368 NdisTapi - ok
00:54:46.0406 1368 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio D:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:54:46.0406 1368 Ndisuio - ok
00:54:46.0406 1368 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan D:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:54:46.0406 1368 NdisWan - ok
00:54:46.0421 1368 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy D:\WINDOWS\system32\drivers\NDProxy.sys
00:54:46.0421 1368 NDProxy - ok
00:54:46.0421 1368 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS D:\WINDOWS\system32\DRIVERS\netbios.sys
00:54:46.0421 1368 NetBIOS - ok
00:54:46.0437 1368 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT D:\WINDOWS\system32\DRIVERS\netbt.sys
00:54:46.0437 1368 NetBT - ok
00:54:46.0453 1368 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE D:\WINDOWS\system32\netdde.exe
00:54:46.0453 1368 NetDDE - ok
00:54:46.0468 1368 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm D:\WINDOWS\system32\netdde.exe
00:54:46.0468 1368 NetDDEdsdm - ok
00:54:46.0484 1368 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon D:\WINDOWS\system32\lsass.exe
00:54:46.0484 1368 Netlogon - ok
00:54:46.0500 1368 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman D:\WINDOWS\System32\netman.dll
00:54:46.0515 1368 Netman - ok
00:54:46.0546 1368 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:54:46.0578 1368 NetTcpPortSharing - ok
00:54:46.0593 1368 [ AAC97DAB5F8A0573CF10E0EAC42A7724 ] Nla D:\WINDOWS\System32\mswsock.dll
00:54:46.0609 1368 Nla - ok
00:54:46.0609 1368 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs D:\WINDOWS\system32\drivers\Npfs.sys
00:54:46.0609 1368 Npfs - ok
00:54:46.0625 1368 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs D:\WINDOWS\system32\drivers\Ntfs.sys
00:54:46.0625 1368 Ntfs - ok
00:54:46.0640 1368 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp D:\WINDOWS\system32\lsass.exe
00:54:46.0640 1368 NtLmSsp - ok
00:54:46.0671 1368 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc D:\WINDOWS\system32\ntmssvc.dll
00:54:46.0687 1368 NtmsSvc - ok
00:54:46.0703 1368 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null D:\WINDOWS\system32\drivers\Null.sys
00:54:46.0718 1368 Null - ok
00:54:46.0734 1368 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt D:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:54:46.0734 1368 NwlnkFlt - ok
00:54:46.0734 1368 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd D:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:54:46.0734 1368 NwlnkFwd - ok
00:54:46.0781 1368 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:54:46.0781 1368 ose - ok
00:54:46.0812 1368 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport D:\WINDOWS\system32\DRIVERS\parport.sys
00:54:46.0812 1368 Parport - ok
00:54:46.0812 1368 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr D:\WINDOWS\system32\drivers\PartMgr.sys
00:54:46.0812 1368 PartMgr - ok
00:54:46.0875 1368 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm D:\WINDOWS\system32\drivers\ParVdm.sys
00:54:46.0875 1368 ParVdm - ok
00:54:46.0890 1368 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI D:\WINDOWS\system32\DRIVERS\pci.sys
00:54:46.0890 1368 PCI - ok
00:54:46.0906 1368 PCIDump - ok
00:54:46.0906 1368 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde D:\WINDOWS\system32\DRIVERS\pciide.sys
00:54:46.0906 1368 PCIIde - ok
00:54:46.0921 1368 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia D:\WINDOWS\system32\drivers\Pcmcia.sys
00:54:46.0921 1368 Pcmcia - ok
00:54:46.0921 1368 PDCOMP - ok
00:54:46.0937 1368 PDFRAME - ok
00:54:46.0937 1368 PDRELI - ok
00:54:46.0937 1368 PDRFRAME - ok
00:54:46.0953 1368 perc2 - ok
00:54:46.0953 1368 perc2hib - ok
00:54:46.0984 1368 [ F0D2AE69035092BF22DAD6B50FAB85C2 ] PlugPlay D:\WINDOWS\system32\services.exe
00:54:46.0984 1368 PlugPlay - ok
00:54:47.0015 1368 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA D:\WINDOWS\system32\PnkBstrA.exe
00:54:47.0015 1368 PnkBstrA - ok
00:54:47.0031 1368 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent D:\WINDOWS\system32\lsass.exe
00:54:47.0031 1368 PolicyAgent - ok
00:54:47.0046 1368 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport D:\WINDOWS\system32\DRIVERS\raspptp.sys
00:54:47.0046 1368 PptpMiniport - ok
00:54:47.0046 1368 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage D:\WINDOWS\system32\lsass.exe
00:54:47.0046 1368 ProtectedStorage - ok
00:54:47.0062 1368 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched D:\WINDOWS\system32\DRIVERS\psched.sys
00:54:47.0062 1368 PSched - ok
00:54:47.0078 1368 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink D:\WINDOWS\system32\DRIVERS\ptilink.sys
00:54:47.0078 1368 Ptilink - ok
00:54:47.0078 1368 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 D:\WINDOWS\system32\Drivers\PxHelp20.sys
00:54:47.0078 1368 PxHelp20 - ok
00:54:47.0078 1368 ql1080 - ok
00:54:47.0093 1368 Ql10wnt - ok
00:54:47.0093 1368 ql12160 - ok
00:54:47.0093 1368 ql1240 - ok
00:54:47.0109 1368 ql1280 - ok
00:54:47.0109 1368 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd D:\WINDOWS\system32\DRIVERS\rasacd.sys
00:54:47.0109 1368 RasAcd - ok
00:54:47.0125 1368 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto D:\WINDOWS\System32\rasauto.dll
00:54:47.0125 1368 RasAuto - ok
00:54:47.0140 1368 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp D:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:54:47.0140 1368 Rasl2tp - ok
00:54:47.0156 1368 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan D:\WINDOWS\System32\rasmans.dll
00:54:47.0156 1368 RasMan - ok
00:54:47.0171 1368 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe D:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:54:47.0171 1368 RasPppoe - ok
00:54:47.0171 1368 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti D:\WINDOWS\system32\DRIVERS\raspti.sys
00:54:47.0171 1368 Raspti - ok
00:54:47.0187 1368 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss D:\WINDOWS\system32\DRIVERS\rdbss.sys
00:54:47.0187 1368 Rdbss - ok
00:54:47.0187 1368 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD D:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:54:47.0187 1368 RDPCDD - ok
00:54:47.0203 1368 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr D:\WINDOWS\system32\DRIVERS\rdpdr.sys
00:54:47.0203 1368 rdpdr - ok
00:54:47.0234 1368 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD D:\WINDOWS\system32\drivers\RDPWD.sys
00:54:47.0234 1368 RDPWD - ok
00:54:47.0250 1368 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr D:\WINDOWS\system32\sessmgr.exe
00:54:47.0250 1368 RDSessMgr - ok
00:54:47.0265 1368 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook D:\WINDOWS\system32\DRIVERS\redbook.sys
00:54:47.0265 1368 redbook - ok
00:54:47.0281 1368 [ 127C26B5371651043450E52542099ABA ] RemoteAccess D:\WINDOWS\System32\mprdim.dll
00:54:47.0296 1368 RemoteAccess - ok
00:54:47.0312 1368 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry D:\WINDOWS\system32\regsvc.dll
00:54:47.0312 1368 RemoteRegistry - ok
00:54:47.0328 1368 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator D:\WINDOWS\system32\locator.exe
00:54:47.0343 1368 RpcLocator - ok
00:54:47.0359 1368 [ C868F3AE15CF71A93F2AA3A32856D839 ] RpcSs D:\WINDOWS\system32\rpcss.dll
00:54:47.0359 1368 RpcSs - ok
00:54:47.0390 1368 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP D:\WINDOWS\system32\rsvp.exe
00:54:47.0390 1368 RSVP - ok
00:54:47.0421 1368 [ 89619EF503F949FAE09252A8B883EE11 ] RTLE8023xp D:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
00:54:47.0421 1368 RTLE8023xp - ok
00:54:47.0421 1368 [ ED0A176354487CEED65B80A7148AB739 ] SamSs D:\WINDOWS\system32\lsass.exe
00:54:47.0421 1368 SamSs - ok
00:54:47.0437 1368 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr D:\WINDOWS\System32\SCardSvr.exe
00:54:47.0453 1368 SCardSvr - ok
00:54:47.0484 1368 [ 3FF232A7731621B8902D81D42418C93C ] Schedule D:\WINDOWS\system32\schedsvc.dll
00:54:47.0484 1368 Schedule - ok
00:54:47.0500 1368 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv D:\WINDOWS\system32\DRIVERS\secdrv.sys
00:54:47.0500 1368 Secdrv - ok
00:54:47.0500 1368 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon D:\WINDOWS\System32\seclogon.dll
00:54:47.0515 1368 seclogon - ok
00:54:47.0515 1368 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS D:\WINDOWS\system32\sens.dll
00:54:47.0515 1368 SENS - ok
00:54:47.0546 1368 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum D:\WINDOWS\system32\DRIVERS\serenum.sys
00:54:47.0546 1368 serenum - ok
00:54:47.0546 1368 [ B842729337C9B921615C40D3C1A1AF96 ] Serial D:\WINDOWS\system32\DRIVERS\serial.sys
00:54:47.0546 1368 Serial - ok
00:54:47.0593 1368 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy D:\WINDOWS\system32\drivers\Sfloppy.sys
00:54:47.0593 1368 Sfloppy - ok
00:54:47.0625 1368 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess D:\WINDOWS\System32\ipnathlp.dll
00:54:47.0640 1368 SharedAccess - ok
00:54:47.0640 1368 [ B927443008910B412BEC72FC41C1BAD0 ] ShellHWDetection D:\WINDOWS\System32\shsvcs.dll
00:54:47.0656 1368 ShellHWDetection - ok
00:54:47.0656 1368 Simbad - ok
00:54:47.0671 1368 Sparrow - ok
00:54:47.0671 1368 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter D:\WINDOWS\system32\drivers\splitter.sys
00:54:47.0687 1368 splitter - ok
00:54:47.0687 1368 [ CB1090BCA0E7B40D0B5B4E4D66531809 ] Spooler D:\WINDOWS\system32\spoolsv.exe
00:54:47.0703 1368 Spooler - ok
00:54:47.0718 1368 [ 94610C8653635E4459316A0050D55CE7 ] Sr D:\WINDOWS\system32\DRIVERS\sr.sys
00:54:47.0718 1368 Sr - ok
00:54:47.0734 1368 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice D:\WINDOWS\system32\srsvc.dll
00:54:47.0750 1368 srservice - ok
00:54:47.0750 1368 [ 5252605079810904E31C332E241CD59B ] Srv D:\WINDOWS\system32\DRIVERS\srv.sys
00:54:47.0750 1368 Srv - ok
00:54:47.0781 1368 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV D:\WINDOWS\System32\ssdpsrv.dll
00:54:47.0781 1368 SSDPSRV - ok
00:54:47.0812 1368 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen D:\WINDOWS\system32\drivers\StarOpen.sys
00:54:47.0812 1368 StarOpen - ok
00:54:47.0843 1368 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc D:\WINDOWS\system32\wiaservc.dll
00:54:47.0859 1368 stisvc - ok
00:54:47.0890 1368 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum D:\WINDOWS\system32\DRIVERS\swenum.sys
00:54:47.0890 1368 swenum - ok
00:54:47.0906 1368 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi D:\WINDOWS\system32\drivers\swmidi.sys
00:54:47.0906 1368 swmidi - ok
00:54:47.0906 1368 SwPrv - ok
00:54:47.0906 1368 symc810 - ok
00:54:47.0921 1368 symc8xx - ok
00:54:47.0921 1368 sym_hi - ok
00:54:47.0921 1368 sym_u3 - ok
00:54:47.0937 1368 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio D:\WINDOWS\system32\drivers\sysaudio.sys
00:54:47.0937 1368 sysaudio - ok
00:54:47.0937 1368 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog D:\WINDOWS\system32\smlogsvc.exe
00:54:47.0953 1368 SysmonLog - ok
00:54:47.0968 1368 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv D:\WINDOWS\System32\tapisrv.dll
00:54:47.0968 1368 TapiSrv - ok
00:54:48.0000 1368 [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip D:\WINDOWS\system32\DRIVERS\tcpip.sys
00:54:48.0000 1368 Tcpip - ok
00:54:48.0015 1368 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE D:\WINDOWS\system32\drivers\TDPIPE.sys
00:54:48.0015 1368 TDPIPE - ok
00:54:48.0031 1368 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP D:\WINDOWS\system32\drivers\TDTCP.sys
00:54:48.0031 1368 TDTCP - ok
00:54:48.0125 1368 [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8 D:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
00:54:48.0140 1368 TeamViewer8 - ok
00:54:48.0156 1368 [ 88155247177638048422893737429D9E ] TermDD D:\WINDOWS\system32\DRIVERS\termdd.sys
00:54:48.0156 1368 TermDD - ok
00:54:48.0171 1368 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService D:\WINDOWS\System32\termsrv.dll
00:54:48.0187 1368 TermService - ok
00:54:48.0187 1368 [ B927443008910B412BEC72FC41C1BAD0 ] Themes D:\WINDOWS\System32\shsvcs.dll
00:54:48.0203 1368 Themes - ok
00:54:48.0203 1368 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr D:\WINDOWS\system32\tlntsvr.exe
00:54:48.0218 1368 TlntSvr - ok
00:54:48.0218 1368 TosIde - ok
00:54:48.0234 1368 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks D:\WINDOWS\system32\trkwks.dll
00:54:48.0250 1368 TrkWks - ok
00:54:48.0265 1368 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs D:\WINDOWS\system32\drivers\Udfs.sys
00:54:48.0265 1368 Udfs - ok
00:54:48.0281 1368 ultra - ok
00:54:48.0296 1368 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update D:\WINDOWS\system32\DRIVERS\update.sys
00:54:48.0312 1368 Update - ok
00:54:48.0328 1368 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost D:\WINDOWS\System32\upnphost.dll
00:54:48.0328 1368 upnphost - ok
00:54:48.0343 1368 [ 20A0F6A11959E92908717D09E87D670D ] UPS D:\WINDOWS\System32\ups.exe
00:54:48.0359 1368 UPS - ok
00:54:48.0375 1368 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp D:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:54:48.0375 1368 usbccgp - ok
00:54:48.0390 1368 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci D:\WINDOWS\system32\DRIVERS\usbehci.sys
00:54:48.0390 1368 usbehci - ok
00:54:48.0406 1368 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub D:\WINDOWS\system32\DRIVERS\usbhub.sys
00:54:48.0406 1368 usbhub - ok
00:54:48.0421 1368 [ A717C8721046828520C9EDF31288FC00 ] usbprint D:\WINDOWS\system32\DRIVERS\usbprint.sys
00:54:48.0421 1368 usbprint - ok
00:54:48.0468 1368 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan D:\WINDOWS\system32\DRIVERS\usbscan.sys
00:54:48.0468 1368 usbscan - ok
00:54:48.0500 1368 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:54:48.0500 1368 USBSTOR - ok
00:54:48.0515 1368 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci D:\WINDOWS\system32\DRIVERS\usbuhci.sys
00:54:48.0515 1368 usbuhci - ok
00:54:48.0531 1368 [ B6CC50279D6CD28E090A5D33244ADC9A ] usb_rndisx D:\WINDOWS\system32\DRIVERS\usb8023x.sys
00:54:48.0531 1368 usb_rndisx - ok
00:54:48.0546 1368 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave D:\WINDOWS\System32\drivers\vga.sys
00:54:48.0546 1368 VgaSave - ok
00:54:48.0546 1368 ViaIde - ok
00:54:48.0562 1368 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap D:\WINDOWS\system32\drivers\VolSnap.sys
00:54:48.0562 1368 VolSnap - ok
00:54:48.0593 1368 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS D:\WINDOWS\System32\vssvc.exe
00:54:48.0609 1368 VSS - ok
00:54:48.0640 1368 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time D:\WINDOWS\system32\w32time.dll
00:54:48.0671 1368 W32Time - ok
00:54:48.0687 1368 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp D:\WINDOWS\system32\DRIVERS\wanarp.sys
00:54:48.0687 1368 Wanarp - ok
00:54:48.0687 1368 WDICA - ok
00:54:48.0703 1368 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud D:\WINDOWS\system32\drivers\wdmaud.sys
00:54:48.0703 1368 wdmaud - ok
00:54:48.0718 1368 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient D:\WINDOWS\System32\webclnt.dll
00:54:48.0718 1368 WebClient - ok
00:54:48.0765 1368 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt D:\WINDOWS\system32\wbem\WMIsvc.dll
00:54:48.0781 1368 winmgmt - ok
00:54:48.0828 1368 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:54:48.0859 1368 wlidsvc - ok
00:54:48.0968 1368 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN D:\WINDOWS\system32\MsPMSNSv.dll
00:54:48.0984 1368 WmdmPmSN - ok
00:54:49.0062 1368 [ 6538D6BDE04B56737FE743C24D4CE83D ] Wmi D:\WINDOWS\System32\advapi32.dll
00:54:49.0125 1368 Wmi - ok
00:54:49.0156 1368 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv D:\WINDOWS\system32\wbem\wmiapsrv.exe
00:54:49.0156 1368 WmiApSrv - ok
00:54:49.0218 1368 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc D:\Program Files\Windows Media Player\WMPNetwk.exe
00:54:49.0250 1368 WMPNetworkSvc - ok
00:54:49.0312 1368 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:54:49.0328 1368 WPFFontCache_v0400 - ok
00:54:49.0359 1368 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc D:\WINDOWS\system32\wscsvc.dll
00:54:49.0359 1368 wscsvc - ok
00:54:49.0375 1368 [ C1364564800EE9784192145324A23308 ] wuauserv D:\WINDOWS\system32\wuauserv.dll
00:54:49.0375 1368 wuauserv - ok
00:54:49.0390 1368 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf D:\WINDOWS\system32\DRIVERS\WudfPf.sys
00:54:49.0390 1368 WudfPf - ok
00:54:49.0406 1368 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd D:\WINDOWS\system32\DRIVERS\wudfrd.sys
00:54:49.0406 1368 WudfRd - ok
00:54:49.0406 1368 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc D:\WINDOWS\System32\WUDFSvc.dll
00:54:49.0421 1368 WudfSvc - ok
00:54:49.0437 1368 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC D:\WINDOWS\System32\wzcsvc.dll
00:54:49.0453 1368 WZCSVC - ok
00:54:49.0468 1368 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov D:\WINDOWS\System32\xmlprov.dll
00:54:49.0484 1368 xmlprov - ok
00:54:49.0484 1368 ================ Scan global ===============================
00:54:49.0515 1368 [ F36278E42C8C5DF03CE17DAC8231C91C ] D:\WINDOWS\system32\basesrv.dll
00:54:49.0531 1368 [ 77A41C497ADB0C96D1E8DF6F71D843C0 ] D:\WINDOWS\system32\winsrv.dll
00:54:49.0562 1368 [ 77A41C497ADB0C96D1E8DF6F71D843C0 ] D:\WINDOWS\system32\winsrv.dll
00:54:49.0578 1368 [ F0D2AE69035092BF22DAD6B50FAB85C2 ] D:\WINDOWS\system32\services.exe
00:54:49.0593 1368 [Global] - ok
00:54:49.0593 1368 ================ Scan MBR ==================================
00:54:49.0609 1368 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
00:54:49.0765 1368 \Device\Harddisk0\DR0 - ok
00:54:49.0765 1368 ================ Scan VBR ==================================
00:54:49.0765 1368 [ 71BC1839E620636463D7337FD8DAA7A2 ] \Device\Harddisk0\DR0\Partition1
00:54:49.0765 1368 \Device\Harddisk0\DR0\Partition1 - ok
00:54:49.0781 1368 ============================================================
00:54:49.0781 1368 Scan finished
00:54:49.0781 1368 ============================================================
00:54:49.0781 0424 Detected object count: 0
00:54:49.0781 0424 Actual detected object count: 0
00:54:54.0109 1576 Deinitialize success

[memphisto]

Jak je na tom PC? Dodej ještě nový HJT