Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

mwav, 14 kritických souborů, blue screen

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
katerina007
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 28 srp 2008 15:42

mwav, 14 kritických souborů, blue screen

#1 Příspěvek od katerina007 »

Dobrý den, dvakrát jsem měla blue screen, těsně po tom co jsem zmáčkla ikonu shut down (po vypnutí počítače).
Mwav, nalezl 14 kritických souborů. Myslíte, že to s tím může souviste?
Moc prosím o radu. Děkuji

Log mi nejde vložit, neb je moc velký

12 10 2010 18:37:56 - ***** Test dokončen, kontrolu proveďte na www.viry.cz. *****

12 10 2010 18:37:56 - Testovaných objektů: 43746
12 10 2010 18:37:56 - Kritických objektů: 14
12 10 2010 18:37:56 - Celkem vyléčených objektů: 0
12 10 2010 18:37:56 - Celkem přejmenováno: 0
12 10 2010 18:37:56 - Smazaných objektů: 0
12 10 2010 18:37:56 - Celkem chyb: 1450
12 10 2010 18:37:56 - Uplynulý čas: 00:09:01
12 10 2010 18:37:56 - ERROR!!! Unable to get Database Info.. return 8004025d
Nahoru
katerina007
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 28 srp 2008 15:42

Re: mwav, 14 kritických souborů, blue screen

#2 Příspěvek od katerina007 »

zde vkládám log z rsit

Logfile of random's system information tool 1.08 (written by random/random)
Run by uzivatel at 2010-10-12 18:53:17
Microsoft Windows 7 Enterprise
System drive C: has 17 GB (17%) free of 102 GB
Total RAM: 4094 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:53:34, on 12.10.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files Free\RK_Launcher_04_Beta\RKLauncher.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files Free\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\RSSOwl\RSSOwl.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\uzivatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~2\ArcSoft\MEDIAC~1\INTERN~1\ARCURL~1.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [nvch] rundll32.exe rchnewver.dll,go
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [UltraMon] "C:\Program Files\UltraMon\UltraMon.exe" /auto
O4 - HKCU\..\Run: [Google Update] "C:\Users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: RKLauncher.exe - Shortcut.lnk = C:\Program Files Free\RK_Launcher_04_Beta\RKLauncher.exe
O4 - Startup: thunderbird.exe - Shortcut.lnk = C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
O4 - Startup: UltraMon.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Philips GoGear VIBE Device Manager.lnk = ?
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TabletServicePen - Unknown owner - C:\Windows\system32\Pen_Tablet.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WTouch Service (WTouchService) - Wacom Technology, Corp. - C:\Program Files\WTouch\WTouchService.exe

--
End of file - 13039 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\WTouch\WTouchService.exe"
/QuitInfo:0000000000000430;000000000000048C; /AddRef;
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
"C:\Program Files\Alwil Software\Avast4\ashServ.exe"
C:\Windows\System32\spoolsv.exe
/QuitInfo:00000000000004C0;00000000000004D8; /AddRef;
/QuitInfo:00000000000004C4;00000000000004DC;
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\WTouch\WTouchUser.exe"
/loadhooks /Parent:0000000000000678
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Pen_Tablet.exe
WTablet\Pen_TabletUser.exe
Pen_Tablet.exe au
"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
"C:\Program Files\UltraMon\UltraMon.exe" /auto
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe"
"C:\Program Files Free\RK_Launcher_04_Beta\RKLauncher.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
"C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe" -Embedding
"C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=3664.03432300.29972183 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=3664.03432000.1137162242 /prefetch:3 --ignored=" --type=renderer "
"C:\Program Files Free\totalcmd\TOTALCMD.EXE"
"C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe"
"C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe"
ArcCon.ac 66468 0
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart C4200 series#1286347643" -Startup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_3/ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=3664.0B014780.244361657 /prefetch:3
"C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path=C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\6.0.472.63\gcswf32.dll --lang=cs --plugin-data-dir="C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default" --channel=3664.0348A84C.2033003652 /prefetch:4
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_3/ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=3664.057C0180.1395912861 /prefetch:3
"C:\Windows\system32\mmc.exe" "C:\Windows\system32\compmgmt.msc" /s
"C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE"
C:\Windows\splwow64.exe 1
"C:\Program Files (x86)\RSSOwl\RSSOwl.exe"
"C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_3/ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=3664.09E8EA80.944438811 /prefetch:3
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\uzivatel\Desktop\MWAV.LOG
"C:\Users\uzivatel\Downloads\RSITx64.exe"
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey D6E3061D-3FEA-7641-B8E8-449ADBB533EE -Reinvoke
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2400562163-1173250730-4007721440-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2400562163-1173250730-4007721440-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11222041-111B-46E3-BD29-EFB2449479B1}]
IEPlugin Class - C:\PROGRA~2\ArcSoft\MEDIAC~1\INTERN~1\ARCURL~1.DLL [2008-12-24 145920]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2010-07-21 2327952]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"UltraMon"=C:\Program Files\UltraMon\UltraMon.exe [2006-10-12 425984]
"Google Update"=C:\Users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-07 135664]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]
""= []
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]
"avast!"=C:\Program Files\Alwil Software\Avast4\ashDisp.exe [2009-11-25 81000]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2009-11-12 141600]
"nvch"=rchnewver.dll,go []
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-03-18 207360]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Philips GoGear VIBE Device Manager.lnk - C:\Philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe

C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe
RKLauncher.exe - Shortcut.lnk - C:\Program Files Free\RK_Launcher_04_Beta\RKLauncher.exe
thunderbird.exe - Shortcut.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
UltraMon.lnk - C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{E67FF1A2-23C1-4102-84E9-42115F77AD32}\IcoUltraMon.ico

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2009-10-02 134656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=0
"ForceActiveDesktopOn"=0
"NoActiveDesktopChanges"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-10-12 18:53:17 ----D---- C:\rsit
2010-10-12 18:53:17 ----D---- C:\Program Files\trend micro
2010-10-12 18:32:41 ----AD---- C:\Windows\zts2.exe
2010-10-12 18:32:41 ----AD---- C:\Windows\SYSWOW64\vcmgcd32.dll
2010-10-12 18:32:41 ----AD---- C:\Windows\SYSWOW64\systems.txt
2010-10-12 18:32:41 ----AD---- C:\Windows\SYSWOW64\iifgfgf.dll
2010-10-12 18:32:41 ----AD---- C:\Windows\rundll16.exe
2010-10-12 18:32:41 ----AD---- C:\Windows\rundl132.dll
2010-10-12 18:32:41 ----AD---- C:\Windows\logo1_.exe
2010-10-09 18:03:23 ----D---- C:\Users\uzivatel\AppData\Roaming\HP
2010-10-08 12:19:50 ----D---- C:\Program Files (x86)\HD Tune
2010-10-07 23:54:55 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2010-10-06 15:32:24 ----D---- C:\Program Files (x86)\MSXML 4.0
2010-10-06 08:47:15 ----D---- C:\ProgramData\Hewlett-Packard
2010-10-05 16:55:36 ----D---- C:\ProgramData\HP Product Assistant
2010-10-05 16:52:28 ----D---- C:\Program Files (x86)\HP
2010-10-05 16:52:27 ----HD---- C:\Config.Msi
2010-10-05 16:50:27 ----A---- C:\Windows\system32\hpzids40.dll
2010-10-05 16:50:27 ----A---- C:\Windows\system32\hppldcoi.dll
2010-10-05 16:50:27 ----A---- C:\Windows\system32\hpowiax4.dll
2010-10-05 16:50:27 ----A---- C:\Windows\system32\hpovst11.dll
2010-10-05 16:50:26 ----A---- C:\Windows\system32\hpotiop4.dll
2010-10-05 16:35:10 ----D---- C:\ProgramData\HP
2010-10-04 14:26:11 ----D---- C:\Program Files\Microsoft IntelliPoint
2010-10-02 23:46:18 ----D---- C:\Program Files (x86)\InstantEyedropper
2010-09-29 20:05:27 ----A---- C:\Windows\system32\drivers\ks.sys
2010-09-29 10:00:53 ----A---- C:\Windows\SYSWOW64\tzres.dll
2010-09-29 10:00:53 ----A---- C:\Windows\system32\tzres.dll
2010-09-28 23:36:01 ----D---- C:\Program Files\7-Zip
2010-09-20 23:13:53 ----D---- C:\Users\uzivatel\AppData\Roaming\vlc
2010-09-20 23:12:50 ----D---- C:\Program Files (x86)\VideoLAN
2010-09-19 20:03:19 ----D---- C:\Users\uzivatel\AppData\Roaming\Dropbox
2010-09-18 12:45:37 ----A---- C:\ProgramData\FilePathToRead.txt
2010-09-18 12:45:04 ----D---- C:\Program Files\mfilemon
2010-09-18 12:45:04 ----A---- C:\Windows\system32\mfilemonUI.dll
2010-09-18 12:45:04 ----A---- C:\Windows\system32\mfilemon.dll
2010-09-18 08:43:30 ----D---- C:\Program Files\DIFX
2010-09-18 08:43:18 ----D---- C:\Program Files\WDCSAM
2010-09-17 23:08:28 ----D---- C:\Users\uzivatel\AppData\Roaming\WinRAR
2010-09-17 22:45:02 ----D---- C:\Program Files (x86)\JDownloader
2010-09-16 00:47:37 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-09-16 00:47:37 ----A---- C:\Windows\system32\iertutil.dll
2010-09-16 00:45:52 ----D---- C:\ProgramData\MainType
2010-09-15 23:03:02 ----D---- C:\Users\uzivatel\AppData\Roaming\MainType
2010-09-15 23:03:02 ----D---- C:\Program Files (x86)\High-Logic
2010-09-15 21:58:32 ----A---- C:\Windows\system32\spoolsv.exe

======List of files/folders modified in the last 1 months======

2010-10-14 23:54:05 ----D---- C:\ProgramData\ArcSoft
2010-10-14 23:54:04 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-10-12 18:53:32 ----D---- C:\Windows\Temp
2010-10-12 18:53:29 ----D---- C:\Windows\Prefetch
2010-10-12 18:53:17 ----RD---- C:\Program Files
2010-10-12 18:32:41 ----D---- C:\Windows\SysWOW64
2010-10-12 18:32:41 ----D---- C:\Windows
2010-10-12 18:22:24 ----D---- C:\Users\uzivatel\AppData\Roaming\WTablet
2010-10-12 18:22:08 ----D---- C:\Windows\Minidump
2010-10-12 16:32:16 ----D---- C:\Users\uzivatel\AppData\Roaming\Skype
2010-10-12 14:23:21 ----D---- C:\Windows\system32\config
2010-10-12 14:20:20 ----SHD---- C:\System Volume Information
2010-10-10 22:41:17 ----D---- C:\Windows\System32
2010-10-10 22:41:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-10-10 22:41:16 ----D---- C:\Windows\inf
2010-10-09 23:47:05 ----D---- C:\ProgramData\FLEXnet
2010-10-08 12:19:50 ----RD---- C:\Program Files (x86)
2010-10-07 12:29:35 ----SHD---- C:\Windows\Installer
2010-10-07 12:29:29 ----D---- C:\Windows\winsxs
2010-10-07 12:21:08 ----D---- C:\Windows\Tasks
2010-10-07 11:46:34 ----D---- C:\Windows\system32\Tasks
2010-10-06 17:49:34 ----D---- C:\Windows\system32\drivers
2010-10-06 17:14:05 ----D---- C:\Windows\system32\NDF
2010-10-06 08:47:23 ----A---- C:\Windows\win.ini
2010-10-06 08:47:15 ----HD---- C:\ProgramData
2010-10-06 08:46:51 ----D---- C:\Windows\twain_32
2010-10-05 21:48:47 ----D---- C:\Program Files Free
2010-10-05 20:53:55 ----D---- C:\Windows\system32\catroot2
2010-10-05 16:55:45 ----RSD---- C:\Windows\Fonts
2010-10-05 16:53:37 ----D---- C:\Program Files (x86)\Common Files
2010-10-05 16:52:40 ----D---- C:\Windows\system32\DriverStore
2010-10-05 16:52:40 ----D---- C:\Windows\system32\catroot
2010-10-05 00:14:05 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-10-04 14:26:32 ----SD---- C:\Users\uzivatel\AppData\Roaming\Microsoft
2010-10-04 14:26:03 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-10-02 18:03:49 ----D---- C:\ProgramData\Zoom Player
2010-10-01 14:27:18 ----D---- C:\Users\uzivatel\AppData\Roaming\ICQ
2010-09-30 20:07:05 ----D---- C:\Windows\rescache
2010-09-30 03:17:28 ----D---- C:\Windows\SYSWOW64\en-US
2010-09-30 03:17:28 ----D---- C:\Windows\system32\en-US
2010-09-30 03:17:28 ----D---- C:\Program Files\Internet Explorer
2010-09-30 03:17:28 ----D---- C:\Program Files (x86)\Internet Explorer
2010-09-27 15:26:38 ----D---- C:\KBcertifikat
2010-09-20 16:00:30 ----D---- C:\Users\uzivatel\AppData\Roaming\Adobe
2010-09-18 09:05:43 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2010-09-16 00:50:14 ----D---- C:\ProgramData\Microsoft Help
2010-09-16 00:48:19 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2008-02-06 54480]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 27216]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 89680]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 53840]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2010-01-29 115600]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2010-01-24 86584]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 22096]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 65616]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64.sys [2010-07-21 45456]
R3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver; C:\Windows\system32\DRIVERS\Rtnic64.sys [2009-06-10 51712]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2007-02-16 12848]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys [2009-05-20 15656]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 wacmoumonitor;Wacom Mode Helper; C:\Windows\system32\DRIVERS\wacmoumonitor.sys [2009-08-28 18216]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2009-07-24 189728]
R2 TabletServicePen;TabletServicePen; C:\Windows\system32\Pen_Tablet.exe [2009-11-24 5556520]
R2 WTouchService;WTouch Service; C:\Program Files\WTouch\WTouchService.exe [2009-11-24 127784]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 660256]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-11-28 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-11-28 655624]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-29 1255736]

-----------------EOF-----------------
Nahoru
katerina007
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 28 srp 2008 15:42

Re: mwav, 14 kritických souborů, blue screen

#3 Příspěvek od katerina007 »

zde vkládám log z rsit

Logfile of random's system information tool 1.08 (written by random/random)
Run by uzivatel at 2010-10-12 18:53:17
Microsoft Windows 7 Enterprise
System drive C: has 17 GB (17%) free of 102 GB
Total RAM: 4094 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:53:34, on 12.10.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files Free\RK_Launcher_04_Beta\RKLauncher.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files Free\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\RSSOwl\RSSOwl.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\uzivatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~2\ArcSoft\MEDIAC~1\INTERN~1\ARCURL~1.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [nvch] rundll32.exe rchnewver.dll,go
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [UltraMon] "C:\Program Files\UltraMon\UltraMon.exe" /auto
O4 - HKCU\..\Run: [Google Update] "C:\Users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: RKLauncher.exe - Shortcut.lnk = C:\Program Files Free\RK_Launcher_04_Beta\RKLauncher.exe
O4 - Startup: thunderbird.exe - Shortcut.lnk = C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
O4 - Startup: UltraMon.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Philips GoGear VIBE Device Manager.lnk = ?
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TabletServicePen - Unknown owner - C:\Windows\system32\Pen_Tablet.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WTouch Service (WTouchService) - Wacom Technology, Corp. - C:\Program Files\WTouch\WTouchService.exe

--
End of file - 13039 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\WTouch\WTouchService.exe"
/QuitInfo:0000000000000430;000000000000048C; /AddRef;
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
"C:\Program Files\Alwil Software\Avast4\ashServ.exe"
C:\Windows\System32\spoolsv.exe
/QuitInfo:00000000000004C0;00000000000004D8; /AddRef;
/QuitInfo:00000000000004C4;00000000000004DC;
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\WTouch\WTouchUser.exe"
/loadhooks /Parent:0000000000000678
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Pen_Tablet.exe
WTablet\Pen_TabletUser.exe
Pen_Tablet.exe au
"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
"C:\Program Files\UltraMon\UltraMon.exe" /auto
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe"
"C:\Program Files Free\RK_Launcher_04_Beta\RKLauncher.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
"C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe" -Embedding
"C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=3664.03432300.29972183 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=3664.03432000.1137162242 /prefetch:3 --ignored=" --type=renderer "
"C:\Program Files Free\totalcmd\TOTALCMD.EXE"
"C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe"
"C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe"
ArcCon.ac 66468 0
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart C4200 series#1286347643" -Startup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_3/ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=3664.0B014780.244361657 /prefetch:3
"C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path=C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\6.0.472.63\gcswf32.dll --lang=cs --plugin-data-dir="C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default" --channel=3664.0348A84C.2033003652 /prefetch:4
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_3/ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=3664.057C0180.1395912861 /prefetch:3
"C:\Windows\system32\mmc.exe" "C:\Windows\system32\compmgmt.msc" /s
"C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE"
C:\Windows\splwow64.exe 1
"C:\Program Files (x86)\RSSOwl\RSSOwl.exe"
"C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_3/ConnCountImpact/_conn_count_6/DnsImpact/_default_enabled_prefetch/GlobalSdch/_global_enable_sdch/IPv6_Probe/_IPv6_probe_skipped/IdleSktToImpact/_idle_timeout_10/SpdyImpact/_npn_with_spdy/ --channel=3664.09E8EA80.944438811 /prefetch:3
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\uzivatel\Desktop\MWAV.LOG
"C:\Users\uzivatel\Downloads\RSITx64.exe"
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey D6E3061D-3FEA-7641-B8E8-449ADBB533EE -Reinvoke
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2400562163-1173250730-4007721440-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2400562163-1173250730-4007721440-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11222041-111B-46E3-BD29-EFB2449479B1}]
IEPlugin Class - C:\PROGRA~2\ArcSoft\MEDIAC~1\INTERN~1\ARCURL~1.DLL [2008-12-24 145920]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2010-07-21 2327952]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"UltraMon"=C:\Program Files\UltraMon\UltraMon.exe [2006-10-12 425984]
"Google Update"=C:\Users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-07 135664]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]
""= []
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]
"avast!"=C:\Program Files\Alwil Software\Avast4\ashDisp.exe [2009-11-25 81000]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2009-11-12 141600]
"nvch"=rchnewver.dll,go []
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-03-18 207360]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Philips GoGear VIBE Device Manager.lnk - C:\Philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe

C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe
RKLauncher.exe - Shortcut.lnk - C:\Program Files Free\RK_Launcher_04_Beta\RKLauncher.exe
thunderbird.exe - Shortcut.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
UltraMon.lnk - C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{E67FF1A2-23C1-4102-84E9-42115F77AD32}\IcoUltraMon.ico

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2009-10-02 134656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=0
"ForceActiveDesktopOn"=0
"NoActiveDesktopChanges"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-10-12 18:53:17 ----D---- C:\rsit
2010-10-12 18:53:17 ----D---- C:\Program Files\trend micro
2010-10-12 18:32:41 ----AD---- C:\Windows\zts2.exe
2010-10-12 18:32:41 ----AD---- C:\Windows\SYSWOW64\vcmgcd32.dll
2010-10-12 18:32:41 ----AD---- C:\Windows\SYSWOW64\systems.txt
2010-10-12 18:32:41 ----AD---- C:\Windows\SYSWOW64\iifgfgf.dll
2010-10-12 18:32:41 ----AD---- C:\Windows\rundll16.exe
2010-10-12 18:32:41 ----AD---- C:\Windows\rundl132.dll
2010-10-12 18:32:41 ----AD---- C:\Windows\logo1_.exe
2010-10-09 18:03:23 ----D---- C:\Users\uzivatel\AppData\Roaming\HP
2010-10-08 12:19:50 ----D---- C:\Program Files (x86)\HD Tune
2010-10-07 23:54:55 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2010-10-06 15:32:24 ----D---- C:\Program Files (x86)\MSXML 4.0
2010-10-06 08:47:15 ----D---- C:\ProgramData\Hewlett-Packard
2010-10-05 16:55:36 ----D---- C:\ProgramData\HP Product Assistant
2010-10-05 16:52:28 ----D---- C:\Program Files (x86)\HP
2010-10-05 16:52:27 ----HD---- C:\Config.Msi
2010-10-05 16:50:27 ----A---- C:\Windows\system32\hpzids40.dll
2010-10-05 16:50:27 ----A---- C:\Windows\system32\hppldcoi.dll
2010-10-05 16:50:27 ----A---- C:\Windows\system32\hpowiax4.dll
2010-10-05 16:50:27 ----A---- C:\Windows\system32\hpovst11.dll
2010-10-05 16:50:26 ----A---- C:\Windows\system32\hpotiop4.dll
2010-10-05 16:35:10 ----D---- C:\ProgramData\HP
2010-10-04 14:26:11 ----D---- C:\Program Files\Microsoft IntelliPoint
2010-10-02 23:46:18 ----D---- C:\Program Files (x86)\InstantEyedropper
2010-09-29 20:05:27 ----A---- C:\Windows\system32\drivers\ks.sys
2010-09-29 10:00:53 ----A---- C:\Windows\SYSWOW64\tzres.dll
2010-09-29 10:00:53 ----A---- C:\Windows\system32\tzres.dll
2010-09-28 23:36:01 ----D---- C:\Program Files\7-Zip
2010-09-20 23:13:53 ----D---- C:\Users\uzivatel\AppData\Roaming\vlc
2010-09-20 23:12:50 ----D---- C:\Program Files (x86)\VideoLAN
2010-09-19 20:03:19 ----D---- C:\Users\uzivatel\AppData\Roaming\Dropbox
2010-09-18 12:45:37 ----A---- C:\ProgramData\FilePathToRead.txt
2010-09-18 12:45:04 ----D---- C:\Program Files\mfilemon
2010-09-18 12:45:04 ----A---- C:\Windows\system32\mfilemonUI.dll
2010-09-18 12:45:04 ----A---- C:\Windows\system32\mfilemon.dll
2010-09-18 08:43:30 ----D---- C:\Program Files\DIFX
2010-09-18 08:43:18 ----D---- C:\Program Files\WDCSAM
2010-09-17 23:08:28 ----D---- C:\Users\uzivatel\AppData\Roaming\WinRAR
2010-09-17 22:45:02 ----D---- C:\Program Files (x86)\JDownloader
2010-09-16 00:47:37 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-09-16 00:47:37 ----A---- C:\Windows\system32\iertutil.dll
2010-09-16 00:45:52 ----D---- C:\ProgramData\MainType
2010-09-15 23:03:02 ----D---- C:\Users\uzivatel\AppData\Roaming\MainType
2010-09-15 23:03:02 ----D---- C:\Program Files (x86)\High-Logic
2010-09-15 21:58:32 ----A---- C:\Windows\system32\spoolsv.exe

======List of files/folders modified in the last 1 months======

2010-10-14 23:54:05 ----D---- C:\ProgramData\ArcSoft
2010-10-14 23:54:04 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-10-12 18:53:32 ----D---- C:\Windows\Temp
2010-10-12 18:53:29 ----D---- C:\Windows\Prefetch
2010-10-12 18:53:17 ----RD---- C:\Program Files
2010-10-12 18:32:41 ----D---- C:\Windows\SysWOW64
2010-10-12 18:32:41 ----D---- C:\Windows
2010-10-12 18:22:24 ----D---- C:\Users\uzivatel\AppData\Roaming\WTablet
2010-10-12 18:22:08 ----D---- C:\Windows\Minidump
2010-10-12 16:32:16 ----D---- C:\Users\uzivatel\AppData\Roaming\Skype
2010-10-12 14:23:21 ----D---- C:\Windows\system32\config
2010-10-12 14:20:20 ----SHD---- C:\System Volume Information
2010-10-10 22:41:17 ----D---- C:\Windows\System32
2010-10-10 22:41:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-10-10 22:41:16 ----D---- C:\Windows\inf
2010-10-09 23:47:05 ----D---- C:\ProgramData\FLEXnet
2010-10-08 12:19:50 ----RD---- C:\Program Files (x86)
2010-10-07 12:29:35 ----SHD---- C:\Windows\Installer
2010-10-07 12:29:29 ----D---- C:\Windows\winsxs
2010-10-07 12:21:08 ----D---- C:\Windows\Tasks
2010-10-07 11:46:34 ----D---- C:\Windows\system32\Tasks
2010-10-06 17:49:34 ----D---- C:\Windows\system32\drivers
2010-10-06 17:14:05 ----D---- C:\Windows\system32\NDF
2010-10-06 08:47:23 ----A---- C:\Windows\win.ini
2010-10-06 08:47:15 ----HD---- C:\ProgramData
2010-10-06 08:46:51 ----D---- C:\Windows\twain_32
2010-10-05 21:48:47 ----D---- C:\Program Files Free
2010-10-05 20:53:55 ----D---- C:\Windows\system32\catroot2
2010-10-05 16:55:45 ----RSD---- C:\Windows\Fonts
2010-10-05 16:53:37 ----D---- C:\Program Files (x86)\Common Files
2010-10-05 16:52:40 ----D---- C:\Windows\system32\DriverStore
2010-10-05 16:52:40 ----D---- C:\Windows\system32\catroot
2010-10-05 00:14:05 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-10-04 14:26:32 ----SD---- C:\Users\uzivatel\AppData\Roaming\Microsoft
2010-10-04 14:26:03 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-10-02 18:03:49 ----D---- C:\ProgramData\Zoom Player
2010-10-01 14:27:18 ----D---- C:\Users\uzivatel\AppData\Roaming\ICQ
2010-09-30 20:07:05 ----D---- C:\Windows\rescache
2010-09-30 03:17:28 ----D---- C:\Windows\SYSWOW64\en-US
2010-09-30 03:17:28 ----D---- C:\Windows\system32\en-US
2010-09-30 03:17:28 ----D---- C:\Program Files\Internet Explorer
2010-09-30 03:17:28 ----D---- C:\Program Files (x86)\Internet Explorer
2010-09-27 15:26:38 ----D---- C:\KBcertifikat
2010-09-20 16:00:30 ----D---- C:\Users\uzivatel\AppData\Roaming\Adobe
2010-09-18 09:05:43 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2010-09-16 00:50:14 ----D---- C:\ProgramData\Microsoft Help
2010-09-16 00:48:19 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2008-02-06 54480]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 27216]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 89680]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 53840]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2010-01-29 115600]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2010-01-24 86584]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 22096]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 65616]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64.sys [2010-07-21 45456]
R3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver; C:\Windows\system32\DRIVERS\Rtnic64.sys [2009-06-10 51712]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2007-02-16 12848]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys [2009-05-20 15656]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 wacmoumonitor;Wacom Mode Helper; C:\Windows\system32\DRIVERS\wacmoumonitor.sys [2009-08-28 18216]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2009-07-24 189728]
R2 TabletServicePen;TabletServicePen; C:\Windows\system32\Pen_Tablet.exe [2009-11-24 5556520]
R2 WTouchService;WTouch Service; C:\Program Files\WTouch\WTouchService.exe [2009-11-24 127784]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 660256]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-11-28 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-11-28 655624]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-29 1255736]

-----------------EOF-----------------
Nahoru
katerina007
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 28 srp 2008 15:42

Re: mwav, 14 kritických souborů, blue screen

#4 Příspěvek od katerina007 »

Zpráva z mwav:

Objekt "gain.gator Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "gain.gator Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "whenu.weathercast Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "smitfraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "smitfraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "searchforit/adshooter Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "midaddle Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "searchforit/adshooter Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "midaddle Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "smitfraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "toolbar888 Browser Hijacker" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "mirar Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "backdoor (ircbot) trojans Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "Possible Fujacks-type Worm" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" odkazuje na neplatný objekt "". Provedené akce: Nic nebylo provedeno.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\vsavb7rt.dll". Provedené akce: Nic nebylo provedeno.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.enterpriseservices.dll". Provedené akce: Nic nebylo provedeno.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorrc.dll". Provedené akce: Nic nebylo provedeno.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscordbi.dll". Provedené akce: Nic nebylo provedeno.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorsec.dll". Provedené akce: Nic nebylo provedeno.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.configuration.install.dll". Provedené akce: Nic nebylo provedeno.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.vsa.vb.codedomprocessor.dll". Provedené akce: Nic nebylo provedeno.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\wminet_utils.dll". Provedené akce: Nic nebylo provedeno.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.jscript.dll". Provedené akce: Nic nebylo provedeno.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\diasymreader.dll". Provedené akce: Nic nebylo provedeno.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\iehost.dll". Provedené akce: Nic nebylo provedeno.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.data.dll". Provedené akce: Nic nebylo provedeno.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Users\uzivatel\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".$$$". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".+jpg". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".+psd". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".11". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".13". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".15". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".3". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".4". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".5". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".512". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".7". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".89:2121/ftp/transportypress/". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".9". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".afm". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".asd". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".bc!". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".blend". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".BridgeLabelsAndRatings". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".BUP". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".C7483456-A289-439d-8115-601632D005A0". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".cue". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".CZ-UniQue". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".cz/". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".cz/JetBull-bannery/". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".cz/RED-BULL/FlightClub/Flight-Club-Flash-data/". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".cz/RED-BULL/Night-Race/". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".cz/RED-BULL/RB-X-Fighters-Jam/". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".cz/RED-BULL/Red-Bull-Many-Mania/". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".cz/SoundClash_KV/". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".DS_Store". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".flac". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".jpg+". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".KEY". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".lic". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".MOI". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".opml". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".otf&case=mixed". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".part". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".PFB". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".png+". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".prefs". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".prl". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".r11". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".sfv". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".sub". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".tmp". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".Trashes". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".uga". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".v30po". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".v30pp". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".v30ppf". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".vfb". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".WUL". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".xmp". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".xpi". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt "._RockwCEExtBol". Provedené akce: Nic nebylo provedeno.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt "._Slavny". Provedené akce: Nic nebylo provedeno.
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: mwav, 14 kritických souborů, blue screen

#5 Příspěvek od earl »

Zdravim,

tema presunuto do spravne sekce :)

:arrow: Pouzijte MBAM

instalace,uplny sken,vlozit sem log-NIC NEMAZAT!

:arrow: Stahnete GMER , rozbalte a spustte jako Administrator

probehne sken, po jehoz ukonceni na vas vyskoci vysledky

pote kliknete na Save a ulozite tak log, jehoz obsah sem vlozte

pote dle tohoto navodu

absolvujte druhy sken a opet obsah logu sem.

:arrow: Modrou obrazovku smrti vetsinou zpusobi spatne napsany ovladac apod.Zkuste priste opsat cislo chyby z obrazovky napr.:0x0000004e
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
katerina007
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 28 srp 2008 15:42

Re: mwav, 14 kritických souborů, blue screen

#6 Příspěvek od katerina007 »

Děkuju, MBAM jsem už včera projela a bohužel smazala vše co bylo podezřelé.
Dnes to hlásí 0 chyb.

GMER mi nejde spustit.
Spouštím jako správce, ale objeví se hláška c:\windows\system32\config\system: The system cannot find the file specified.
Možná je to tím, že mám Win7 64 bit?

Nic jiného mě nenapadá.
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: mwav, 14 kritických souborů, blue screen

#7 Příspěvek od earl »

Ano,je to tim.

:arrow: Stahnete OTL

spustte, oznacte "Pro vsechny uzivatele,30 dnů zmente na 7,kliknete na Prohledat,

po skonceni skenu sem vlozte obsah logu z OTL.txt.

:arrow: Stahnete catchme.exe a spustte.

Vysledny log vlozte sem.
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
katerina007
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 28 srp 2008 15:42

Re: mwav, 14 kritických souborů, blue screen

#8 Příspěvek od katerina007 »

Děkuju!

OTL logfile created on: 14.10.2010 10:41:32 - Run 2
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\uzivatel\Desktop
64bit- Enterprise Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free
7,00 Gb Paging File | 4,00 Gb Available in Paging File | 64,00% Paging File free
Paging file location(s): d:\pagefile.sys 3000 3000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 99,90 Gb Total Space | 18,24 Gb Free Space | 18,26% Space Free | Partition Type: NTFS
Drive D: | 99,04 Gb Total Space | 16,58 Gb Free Space | 16,74% Space Free | Partition Type: NTFS
Drive E: | 101,82 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 465,75 Gb Total Space | 68,68 Gb Free Space | 14,75% Space Free | Partition Type: NTFS
Drive I: | 465,73 Gb Total Space | 253,23 Gb Free Space | 54,37% Space Free | Partition Type: NTFS

Computer Name: KATE | User Name: uzivatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2010.10.14 10:23:18 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\uzivatel\Desktop\OTL.exe
PRC - [2010.10.12 19:31:51 | 003,037,696 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2010.09.21 07:40:50 | 000,977,976 | ---- | M] (Google Inc.) -- C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2010.08.25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010.03.18 11:19:26 | 000,207,360 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010.02.26 07:10:20 | 021,979,992 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009.11.25 21:28:20 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\RSSOwl\RSSOwl.exe
PRC - [2009.11.25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.07.24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009.06.01 23:20:12 | 000,222,968 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2008.06.11 23:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2006.09.24 18:20:46 | 000,086,016 | ---- | M] (Realtime Soft) -- C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
PRC - [2005.09.14 19:23:18 | 000,368,640 | ---- | M] (RaduKing) -- C:\Program Files Free\RK_Launcher_04_Beta\RKLauncher.exe


========== Modules (SafeList) ==========

MOD - [2010.10.14 10:23:18 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\uzivatel\Desktop\OTL.exe
MOD - [2009.07.14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.10.12 19:31:51 | 001,033,255 | ---- | M] (Xacti LLC) [Auto | Running] -- C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.11.28 01:50:48 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.07.24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.01 23:20:12 | 000,222,968 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)


========== Driver Services (SafeList) ==========

DRV - [2010.10.13 12:23:06 | 000,085,969 | ---- | M] (GMER) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\gmer.sys -- (gmer)
DRV - [2010.01.29 11:40:16 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2010.01.24 18:32:58 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2400562163-1173250730-4007721440-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F7 C7 7A D7 A6 6F CA 01 [binary data]
IE - HKU\S-1-5-21-2400562163-1173250730-4007721440-1001\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dll (Crawler.com)
IE - HKU\S-1-5-21-2400562163-1173250730-4007721440-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Crawler Search"
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8
FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3
FF - prefs.js..keyword.URL: "http://www.crawler.com/search/dispatche ... 60342&qkw="

FF - HKLM\software\mozilla\Firefox\Extensions\\{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:\Program Files (x86)\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFox [2010.05.30 11:54:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.10.05 16:56:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files (x86)\Crawler\Toolbar\firefox\ [2010.10.12 19:32:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.10.05 00:14:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.10.05 00:14:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.09.18 09:05:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2009.11.28 01:20:03 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Mozilla\Extensions
[2009.11.28 00:00:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\uzivatel\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.10.14 00:33:26 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\tn2mviyp.default\extensions
[2009.11.28 01:20:58 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\tn2mviyp.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}
[2010.05.10 18:43:02 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\tn2mviyp.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2010.10.02 18:11:12 | 000,000,961 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\tn2mviyp.default\searchplugins\icqplugin-1.xml
[2010.08.15 19:50:37 | 000,000,961 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\tn2mviyp.default\searchplugins\icqplugin-2.xml
[2010.10.05 00:14:16 | 000,000,961 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\tn2mviyp.default\searchplugins\icqplugin-3.xml
[2010.10.14 00:33:10 | 000,000,961 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\tn2mviyp.default\searchplugins\icqplugin-4.xml
[2010.01.06 23:39:32 | 000,000,961 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\tn2mviyp.default\searchplugins\icqplugin.xml
[2010.08.23 08:26:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2009.11.29 12:59:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.05.19 20:42:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.23 08:26:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2009.09.21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010.10.05 00:14:01 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.10.05 00:14:01 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.10.05 00:14:01 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.10.05 00:14:01 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.10.05 00:14:01 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.06.17 07:54:01 | 000,408,517 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 14124 more lines...
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (IEPlugin Class) - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\Program Files (x86)\ArcSoft\Media Converter for Philips\Internet Video Downloader\ArcURLRecord.dll (ArcSoft, Inc.)
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-2400562163-1173250730-4007721440-1001\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2400562163-1173250730-4007721440-1001..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-2400562163-1173250730-4007721440-1001..\Run: [SpywareTerminatorUpdate] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKU\S-1-5-21-2400562163-1173250730-4007721440-1001..\Run: [UltraMon] C:\Program Files\UltraMon\UltraMon.exe (Realtime Soft)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe ()
O4 - Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RKLauncher.exe - Shortcut.lnk = C:\Program Files Free\RK_Launcher_04_Beta\RKLauncher.exe (RaduKing)
O4 - Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\thunderbird.exe - Shortcut.lnk = C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging)
O4 - Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk = C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{E67FF1A2-23C1-4102-84E9-42115F77AD32}\IcoUltraMon.ico ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2400562163-1173250730-4007721440-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dll (Crawler.com)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{434afa6f-db93-11de-a34b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{434afa6f-db93-11de-a34b-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 7 Days ==========

[2010.10.14 10:40:13 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\Desktop\!!!!!
[2010.10.14 10:23:14 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\uzivatel\Desktop\OTL.exe
[2010.10.14 00:22:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\FontLab
[2010.10.14 00:22:43 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\Documents\FontLab
[2010.10.14 00:22:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FontLab
[2010.10.14 00:20:09 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\Desktop\FontLAB_Studio_5_Serial_Manual_DMZ
[2010.10.13 23:42:18 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\Desktop\Fontographer 5.0
[2010.10.13 13:03:43 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\Desktop\LOGOs
[2010.10.13 12:20:24 | 000,085,969 | ---- | C] (GMER) -- C:\Windows\SysWow64\drivers\gmer.sys
[2010.10.13 01:04:44 | 000,000,000 | ---D | C] -- C:\ProgramData\OEM Links
[2010.10.13 01:04:39 | 000,000,000 | ---D | C] -- C:\ProgramData\MicroWorld
[2010.10.13 01:04:27 | 000,141,832 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\killproc.exe
[2010.10.13 01:03:39 | 002,159,112 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\contf64.dll
[2010.10.13 01:03:39 | 001,792,520 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\contfilt.dll
[2010.10.13 01:03:39 | 000,219,656 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\mwnsp64.dll
[2010.10.13 01:03:39 | 000,186,888 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\mwnsp.dll
[2010.10.13 01:03:37 | 000,137,224 | ---- | C] (MWTI) -- C:\Windows\SysWow64\ZIPDLL.DLL
[2010.10.13 01:03:37 | 000,132,104 | ---- | C] (MWTI) -- C:\Windows\SysWow64\UNZDLL.DLL
[2010.10.13 01:03:37 | 000,013,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sporder.dll
[2010.10.13 01:03:37 | 000,013,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\sporder.dll
[2010.10.13 01:03:37 | 000,013,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\sporder.exe
[2010.10.13 01:03:36 | 000,682,504 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\mwtsp64.dll
[2010.10.13 01:03:36 | 000,571,912 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\mwtsp.dll
[2010.10.13 01:03:36 | 000,247,304 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\inst_tspx.exe
[2010.10.13 01:03:36 | 000,170,504 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\inst_tsp.exe
[2010.10.13 01:03:33 | 000,731,656 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\test2.exe
[2010.10.13 01:03:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MicroWorld
[2010.10.13 01:03:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eScan
[2010.10.12 19:31:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Crawler
[2010.10.12 19:31:50 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\AppData\Roaming\Spyware Terminator
[2010.10.12 19:31:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2010.10.12 19:31:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Terminator
[2010.10.12 18:53:17 | 000,000,000 | ---D | C] -- C:\rsit
[2010.10.12 18:32:41 | 000,000,000 | ---D | C] -- C:\Windows\zts2.exe
[2010.10.12 18:32:41 | 000,000,000 | ---D | C] -- C:\Windows\rundll16.exe
[2010.10.12 18:32:41 | 000,000,000 | ---D | C] -- C:\Windows\rundl132.dll
[2010.10.12 18:32:41 | 000,000,000 | ---D | C] -- C:\Windows\logo1_.exe
[2010.10.10 17:57:22 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\Desktop\projit
[2010.10.10 17:17:56 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\Desktop\david
[2010.10.10 08:54:53 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\Desktop\xdfasd
[2010.10.10 08:54:43 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\Desktop\New folder (3)
[2010.10.09 18:03:23 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\AppData\Roaming\HP
[2010.10.08 12:34:37 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\Desktop\New folder (2)
[2010.10.08 12:19:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune
[2010.10.07 12:27:44 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\Desktop\New folder

========== Files - Modified Within 7 Days ==========

[2010.10.14 10:24:01 | 000,000,974 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2400562163-1173250730-4007721440-1001UA.job
[2010.10.14 10:23:18 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\uzivatel\Desktop\OTL.exe
[2010.10.14 09:26:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.14 09:26:02 | 3220,013,056 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.14 01:09:02 | 000,000,000 | ---- | M] () -- C:\Users\uzivatel\Desktop\Adobe Illustrator CS5 Classroom in a Book.pdf
[2010.10.14 00:50:33 | 001,129,165 | ---- | M] () -- C:\Users\uzivatel\Desktop\Untitled-2.ai
[2010.10.14 00:49:28 | 001,084,021 | ---- | M] () -- C:\Users\uzivatel\Desktop\Untitled-1+.ai
[2010.10.14 00:48:58 | 000,220,813 | ---- | M] () -- C:\Users\uzivatel\Desktop\Untitled-3+.ai
[2010.10.14 00:48:25 | 000,402,584 | ---- | M] () -- C:\Users\uzivatel\Desktop\a4.+ai.ai
[2010.10.13 22:02:06 | 000,887,742 | ---- | M] () -- C:\Users\uzivatel\Desktop\wall_s.jpg
[2010.10.13 21:04:34 | 000,218,451 | ---- | M] () -- C:\Users\uzivatel\Desktop\a4.pdf
[2010.10.13 20:59:29 | 000,303,751 | ---- | M] () -- C:\Users\uzivatel\Desktop\a4.ai
[2010.10.13 20:32:54 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2400562163-1173250730-4007721440-1001Core.job
[2010.10.13 19:28:08 | 000,000,250 | ---- | M] () -- C:\Windows\gmer.ini
[2010.10.13 18:48:28 | 000,044,937 | ---- | M] () -- C:\Users\uzivatel\Desktop\1264010442.jpg
[2010.10.13 18:48:19 | 000,043,316 | ---- | M] () -- C:\Users\uzivatel\Desktop\1264010442_1.jpg
[2010.10.13 15:37:46 | 004,094,824 | ---- | M] () -- C:\Users\uzivatel\Desktop\Untitled-1.ai
[2010.10.13 15:11:57 | 000,000,065 | ---- | M] () -- C:\Users\uzivatel\Desktop\Arts,Photography Free eBooks directory list page64Free Ebooks Download.url
[2010.10.13 14:45:22 | 001,438,484 | ---- | M] () -- C:\Users\uzivatel\Desktop\Untitled-3.ai
[2010.10.13 13:42:05 | 001,595,550 | ---- | M] () -- C:\Users\uzivatel\Desktop\jeste loga.zip
[2010.10.13 12:23:06 | 000,884,736 | ---- | M] () -- C:\Windows\gmer.dll
[2010.10.13 12:23:06 | 000,085,969 | ---- | M] (GMER) -- C:\Windows\SysWow64\drivers\gmer.sys
[2010.10.13 12:20:24 | 000,000,080 | ---- | M] () -- C:\Windows\gmer_uninstall.cmd
[2010.10.13 12:15:36 | 000,089,343 | ---- | M] () -- C:\Users\uzivatel\Desktop\cannot.jpg
[2010.10.13 01:53:53 | 000,001,866 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2010.10.13 01:53:53 | 000,001,864 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010.10.13 01:06:14 | 000,139,668 | ---- | M] () -- C:\Windows\winsbak2.reg
[2010.10.13 01:06:13 | 000,003,956 | ---- | M] () -- C:\Windows\winsbak.reg
[2010.10.13 01:01:29 | 000,091,465 | ---- | M] () -- C:\Users\uzivatel\Desktop\photo.jpg
[2010.10.13 00:47:52 | 000,295,631 | ---- | M] () -- C:\Users\uzivatel\Desktop\amnestyinternationalbars1.jpg
[2010.10.13 00:18:18 | 000,612,268 | ---- | M] () -- C:\Users\uzivatel\Desktop\držkov.jpg
[2010.10.12 19:55:02 | 000,000,026 | ---- | M] () -- C:\Windows\Lic.xxx
[2010.10.12 19:54:53 | 000,044,517 | ---- | M] () -- C:\Users\uzivatel\Documents\pinfect.zip
[2010.10.12 19:41:43 | 000,000,069 | ---- | M] () -- C:\Users\uzivatel\Desktop\VIRY.CZ • Zobrazit fórum - Diskuze, řešení problémů.url
[2010.10.12 19:33:37 | 000,001,150 | ---- | M] () -- C:\Users\uzivatel\Application Data\Microsoft\Internet Explorer\Quick Launch\Spyware Terminator.lnk
[2010.10.12 19:33:37 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2010.10.12 19:29:23 | 000,000,100 | ---- | M] () -- C:\Users\uzivatel\Desktop\CECI N’EST PAS UNE RÉTROSPECTIVE - Artyčok.tv.url
[2010.10.11 23:52:50 | 000,000,052 | ---- | M] () -- C:\Users\uzivatel\Desktop\The Square Grid - A simple CSS framework for designers and developers.url
[2010.10.11 17:39:18 | 000,023,224 | ---- | M] () -- C:\Users\uzivatel\Desktop\The operating system started at system time.docx
[2010.10.11 17:24:20 | 000,036,993 | ---- | M] () -- C:\Users\uzivatel\Desktop\Doc4.docx
[2010.10.11 16:33:43 | 001,132,737 | ---- | M] () -- C:\Users\uzivatel\Desktop\Jak něco přebarvit.docx
[2010.10.11 16:23:04 | 002,655,982 | ---- | M] () -- C:\Users\uzivatel\Desktop\Classic Typefaces.docx
[2010.10.11 15:06:05 | 000,092,241 | ---- | M] () -- C:\Users\uzivatel\Desktop\Illustrator provides the following tools for slicing and cutting objects.docx
[2010.10.11 12:44:19 | 000,101,557 | ---- | M] () -- C:\Users\uzivatel\Desktop\photo.php
[2010.10.11 00:03:16 | 000,000,122 | ---- | M] () -- C:\Users\uzivatel\Desktop\80 Beautiful Typefaces For Professional Design - Smashing Magazine.url
[2010.10.10 23:45:15 | 000,059,872 | ---- | M] () -- C:\Users\uzivatel\Desktop\71545_1475094949974_1011692361_31073210_6128512_n.jpg
[2010.10.10 23:42:06 | 000,061,584 | ---- | M] () -- C:\Users\uzivatel\Desktop\jeleni_11a18.jpg
[2010.10.10 23:37:45 | 000,073,637 | ---- | M] () -- C:\Users\uzivatel\Desktop\Svatozar_(o_aure_a_jeji_apropriaci).pdf
[2010.10.10 21:17:52 | 000,190,289 | ---- | M] () -- C:\Users\uzivatel\Desktop\kostel_s.jpg
[2010.10.10 20:29:19 | 000,019,986 | ---- | M] () -- C:\Users\uzivatel\Desktop\glass_slippers.jpg
[2010.10.10 19:18:54 | 001,532,037 | ---- | M] () -- C:\Users\uzivatel\Desktop\IMG_5901.JPG
[2010.10.10 17:16:37 | 122,774,321 | ---- | M] () -- C:\Users\uzivatel\Desktop\david.zip
[2010.10.10 13:36:47 | 000,198,009 | ---- | M] () -- C:\Users\uzivatel\Desktop\Musí se to tam pak vložit ta selekce.docx
[2010.10.10 00:43:11 | 000,068,749 | ---- | M] () -- C:\Users\uzivatel\Desktop\Illustrator.docx
[2010.10.10 00:43:03 | 000,061,475 | ---- | M] () -- C:\Users\uzivatel\Desktop\Photoshop.docx
[2010.10.10 00:03:28 | 000,000,091 | ---- | M] () -- C:\Users\uzivatel\Desktop\DOX - 12hodin budoucnosti.url
[2010.10.09 21:45:18 | 000,073,728 | ---- | M] () -- C:\Users\uzivatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.09 13:58:47 | 844,677,434 | ---- | M] () -- C:\Users\uzivatel\Desktop\299_experti.wmv
[2010.10.08 23:49:38 | 000,079,362 | ---- | M] () -- C:\Users\uzivatel\Desktop\tumblr_l9zl55lRN41qa4pypo1_500.jpg
[2010.10.07 23:54:55 | 000,728,576 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.10.07 21:56:35 | 001,846,240 | ---- | M] () -- C:\Users\uzivatel\Desktop\1255777392.psd
[2010.10.07 17:20:46 | 000,068,239 | ---- | M] () -- C:\Users\uzivatel\Desktop\1255777392.jpg

========== Files Created - No Company Name ==========

[2010.10.14 09:34:20 | 015,872,475 | ---- | C] () -- C:\Users\uzivatel\Desktop\FLS5WinManual.pdf
[2010.10.14 01:09:02 | 000,000,000 | ---- | C] () -- C:\Users\uzivatel\Desktop\Adobe Illustrator CS5 Classroom in a Book.pdf
[2010.10.14 00:49:24 | 001,084,021 | ---- | C] () -- C:\Users\uzivatel\Desktop\Untitled-1+.ai
[2010.10.14 00:48:53 | 000,220,813 | ---- | C] () -- C:\Users\uzivatel\Desktop\Untitled-3+.ai
[2010.10.14 00:20:03 | 036,843,795 | ---- | C] () -- C:\Users\uzivatel\Desktop\019284234X After Modern Art.pdf
[2010.10.13 22:15:47 | 000,402,584 | ---- | C] () -- C:\Users\uzivatel\Desktop\a4.+ai.ai
[2010.10.13 22:01:32 | 000,887,742 | ---- | C] () -- C:\Users\uzivatel\Desktop\wall_s.jpg
[2010.10.13 21:03:48 | 000,218,451 | ---- | C] () -- C:\Users\uzivatel\Desktop\a4.pdf
[2010.10.13 19:46:39 | 000,303,751 | ---- | C] () -- C:\Users\uzivatel\Desktop\a4.ai
[2010.10.13 18:48:28 | 000,044,937 | ---- | C] () -- C:\Users\uzivatel\Desktop\1264010442.jpg
[2010.10.13 18:48:19 | 000,043,316 | ---- | C] () -- C:\Users\uzivatel\Desktop\1264010442_1.jpg
[2010.10.13 15:11:57 | 000,000,065 | ---- | C] () -- C:\Users\uzivatel\Desktop\Arts,Photography Free eBooks directory list page64Free Ebooks Download.url
[2010.10.13 14:45:18 | 001,438,484 | ---- | C] () -- C:\Users\uzivatel\Desktop\Untitled-3.ai
[2010.10.13 13:40:50 | 001,595,550 | ---- | C] () -- C:\Users\uzivatel\Desktop\jeste loga.zip
[2010.10.13 12:22:57 | 000,811,008 | ---- | C] () -- C:\Users\uzivatel\Desktop\gmer.exe
[2010.10.13 12:20:30 | 000,000,250 | ---- | C] () -- C:\Windows\gmer.ini
[2010.10.13 12:20:24 | 000,884,736 | ---- | C] () -- C:\Windows\gmer.dll
[2010.10.13 12:20:24 | 000,811,008 | ---- | C] () -- C:\Windows\gmer.exe
[2010.10.13 12:20:24 | 000,000,080 | ---- | C] () -- C:\Windows\gmer_uninstall.cmd
[2010.10.13 12:15:36 | 000,089,343 | ---- | C] () -- C:\Users\uzivatel\Desktop\cannot.jpg
[2010.10.13 12:01:23 | 001,129,165 | ---- | C] () -- C:\Users\uzivatel\Desktop\Untitled-2.ai
[2010.10.13 01:52:40 | 000,001,866 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2010.10.13 01:52:40 | 000,001,864 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010.10.13 01:06:13 | 000,139,668 | ---- | C] () -- C:\Windows\winsbak2.reg
[2010.10.13 01:06:13 | 000,003,956 | ---- | C] () -- C:\Windows\winsbak.reg
[2010.10.13 01:03:33 | 000,338,176 | ---- | C] () -- C:\Windows\SysWow64\wget.exe
[2010.10.13 01:03:33 | 000,293,896 | ---- | C] () -- C:\Windows\SysWow64\curl.exe
[2010.10.13 01:03:33 | 000,172,040 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.10.13 01:01:29 | 000,091,465 | ---- | C] () -- C:\Users\uzivatel\Desktop\photo.jpg
[2010.10.13 00:47:51 | 000,295,631 | ---- | C] () -- C:\Users\uzivatel\Desktop\amnestyinternationalbars1.jpg
[2010.10.13 00:18:03 | 000,612,268 | ---- | C] () -- C:\Users\uzivatel\Desktop\držkov.jpg
[2010.10.12 19:41:43 | 000,000,069 | ---- | C] () -- C:\Users\uzivatel\Desktop\VIRY.CZ • Zobrazit fórum - Diskuze, řešení problémů.url
[2010.10.12 19:33:37 | 000,001,150 | ---- | C] () -- C:\Users\uzivatel\Application Data\Microsoft\Internet Explorer\Quick Launch\Spyware Terminator.lnk
[2010.10.12 19:33:37 | 000,001,126 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2010.10.12 19:29:23 | 000,000,100 | ---- | C] () -- C:\Users\uzivatel\Desktop\CECI N’EST PAS UNE RÉTROSPECTIVE - Artyčok.tv.url
[2010.10.12 18:27:18 | 000,000,026 | ---- | C] () -- C:\Windows\Lic.xxx
[2010.10.12 18:27:04 | 000,044,517 | ---- | C] () -- C:\Users\uzivatel\Documents\pinfect.zip
[2010.10.12 16:32:19 | 004,094,824 | ---- | C] () -- C:\Users\uzivatel\Desktop\Untitled-1.ai
[2010.10.11 23:52:50 | 000,000,052 | ---- | C] () -- C:\Users\uzivatel\Desktop\The Square Grid - A simple CSS framework for designers and developers.url
[2010.10.11 17:39:17 | 000,023,224 | ---- | C] () -- C:\Users\uzivatel\Desktop\The operating system started at system time.docx
[2010.10.11 17:24:19 | 000,036,993 | ---- | C] () -- C:\Users\uzivatel\Desktop\Doc4.docx
[2010.10.11 16:28:07 | 001,132,737 | ---- | C] () -- C:\Users\uzivatel\Desktop\Jak něco přebarvit.docx
[2010.10.11 16:22:59 | 002,655,982 | ---- | C] () -- C:\Users\uzivatel\Desktop\Classic Typefaces.docx
[2010.10.11 15:05:54 | 000,092,241 | ---- | C] () -- C:\Users\uzivatel\Desktop\Illustrator provides the following tools for slicing and cutting objects.docx
[2010.10.11 12:44:19 | 000,101,557 | ---- | C] () -- C:\Users\uzivatel\Desktop\photo.php
[2010.10.11 00:03:16 | 000,000,122 | ---- | C] () -- C:\Users\uzivatel\Desktop\80 Beautiful Typefaces For Professional Design - Smashing Magazine.url
[2010.10.10 23:45:15 | 000,059,872 | ---- | C] () -- C:\Users\uzivatel\Desktop\71545_1475094949974_1011692361_31073210_6128512_n.jpg
[2010.10.10 23:40:55 | 000,061,584 | ---- | C] () -- C:\Users\uzivatel\Desktop\jeleni_11a18.jpg
[2010.10.10 23:37:45 | 000,073,637 | ---- | C] () -- C:\Users\uzivatel\Desktop\Svatozar_(o_aure_a_jeji_apropriaci).pdf
[2010.10.10 21:17:37 | 000,190,289 | ---- | C] () -- C:\Users\uzivatel\Desktop\kostel_s.jpg
[2010.10.10 20:29:19 | 000,019,986 | ---- | C] () -- C:\Users\uzivatel\Desktop\glass_slippers.jpg
[2010.10.10 19:18:53 | 001,532,037 | ---- | C] () -- C:\Users\uzivatel\Desktop\IMG_5901.JPG
[2010.10.10 17:16:16 | 122,774,321 | ---- | C] () -- C:\Users\uzivatel\Desktop\david.zip
[2010.10.10 13:51:37 | 002,342,488 | ---- | C] () -- C:\Users\uzivatel\Desktop\IMG_2622.JPG
[2010.10.10 13:36:45 | 000,198,009 | ---- | C] () -- C:\Users\uzivatel\Desktop\Musí se to tam pak vložit ta selekce.docx
[2010.10.10 00:43:09 | 000,068,749 | ---- | C] () -- C:\Users\uzivatel\Desktop\Illustrator.docx
[2010.10.10 00:43:01 | 000,061,475 | ---- | C] () -- C:\Users\uzivatel\Desktop\Photoshop.docx
[2010.10.10 00:03:28 | 000,000,091 | ---- | C] () -- C:\Users\uzivatel\Desktop\DOX - 12hodin budoucnosti.url
[2010.10.09 13:51:25 | 844,677,434 | ---- | C] () -- C:\Users\uzivatel\Desktop\299_experti.wmv
[2010.10.08 23:49:38 | 000,079,362 | ---- | C] () -- C:\Users\uzivatel\Desktop\tumblr_l9zl55lRN41qa4pypo1_500.jpg
[2010.10.07 23:54:55 | 000,728,576 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.10.07 21:56:34 | 001,846,240 | ---- | C] () -- C:\Users\uzivatel\Desktop\1255777392.psd
[2010.10.07 17:20:46 | 000,068,239 | ---- | C] () -- C:\Users\uzivatel\Desktop\1255777392.jpg
[2010.10.06 17:05:26 | 000,000,017 | ---- | C] () -- C:\Users\uzivatel\AppData\Local\resmon.resmoncfg
[2010.10.05 16:37:11 | 000,000,613 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010.09.18 12:45:37 | 000,000,027 | ---- | C] () -- C:\ProgramData\FilePathToRead.txt
[2010.03.22 23:23:52 | 000,000,166 | ---- | C] () -- C:\Users\uzivatel\AppData\Local\tmp.tiff
[2010.03.22 23:21:11 | 407,413,022 | ---- | C] () -- C:\Users\uzivatel\AppData\Local\giftmp2.tif
[2010.01.21 21:53:25 | 000,000,239 | ---- | C] () -- C:\Windows\WINCMD.INI
[2009.12.07 14:42:22 | 000,073,728 | ---- | C] () -- C:\Users\uzivatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.04 15:29:56 | 000,351,337 | ---- | C] () -- C:\Windows\SysWow64\rchnewver.dll
[2009.11.29 12:46:13 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.11.29 12:05:32 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== Files - Unicode (All) ==========
[2010.09.07 00:13:54 | 000,000,085 | ---- | M] ()(C:\Users\uzivatel\Desktop\works (2009-2007) - Toony Navok ???? ???? ????.url) -- C:\Users\uzivatel\Desktop\works (2009-2007) - Toony Navok הילה טוני נבוק.url
[2010.09.07 00:13:54 | 000,000,085 | ---- | C] ()(C:\Users\uzivatel\Desktop\works (2009-2007) - Toony Navok ???? ???? ????.url) -- C:\Users\uzivatel\Desktop\works (2009-2007) - Toony Navok הילה טוני נבוק.url

< End of report >
Nahoru
katerina007
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 28 srp 2008 15:42

Re: mwav, 14 kritických souborů, blue screen

#9 Příspěvek od katerina007 »

a ještě catch me:

detected NTDLL code modification:
ZwEnumerateKey 0 != 47, ZwQueryKey 0 != 19, ZwOpenKey 0 != 15, ZwClose 0 != 12, ZwEnumerateValueKey 0 != 16, ZwQueryValueKey 0 != 20, ZwOpenFile 0 != 48, ZwQueryDirectoryFile 0 != 50, ZwQuerySystemInformation 0 != 51Initialization error
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: mwav, 14 kritických souborů, blue screen

#10 Příspěvek od earl »

:arrow:Otestujte na VIRUSTOTALu a JOTTISCANu

C:\Windows\SysWow64\rchnewver.dll

(navod prosty: po nacteni stranky kliknete na tlacitko Prochazet , najdete cestu k vyse zminenemu souboru a kliknete na tlacitko Odeslat soubor; dejte skenerum nejakych deset minut; vysledky sem vlozte)

Pokud skener napíše, že soubor již byl testován, dejte otestovat znovu.
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
katerina007
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 28 srp 2008 15:42

Re: mwav, 14 kritických souborů, blue screen

#11 Příspěvek od katerina007 »

Zdá se být v pořádku. Tak možná je počítač zdráv?

Virus Total:
0 VT Community user(s) w ith a total of 0 reputation credit(s) say(s) this sample is goodw are. 0 VT Community
user(s) w ith a total of 0 reputation credit(s) say(s) this sample is malw are.
rchnewver.dll
2010-10-14 10:07:05 (UTC)
finished
0/ 41 (0.0%)

Jetti:
rchnewver.dll
Stav:
Test dokončen. 0 z 19 programů nalezlo škodlivý kód.
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: mwav, 14 kritických souborů, blue screen

#12 Příspěvek od earl »

:arrow: Znovu spustte OTL a zkopirujte do policka pod nazvem "Vlastni skenovani/opravy" zeleny text:

Kód: Vybrat vše

:otl
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-21-2400562163-1173250730-4007721440-1001..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{434afa6f-db93-11de-a34b-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
:Commands
[EMPTYTEMP]
[REBOOT]
[RESETHOSTS]
[CREATERESTOREPOINT]

Kliknete na Opravit, mozna probehne restart,pak se vytvori log, jeho obsah sem zkopirujte. Pokud se log neotevre, najdete ho v miste spusteni OTL.

A popiste stav pc.
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
katerina007
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 28 srp 2008 15:42

Re: mwav, 14 kritických souborů, blue screen

#13 Příspěvek od katerina007 »

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2400562163-1173250730-4007721440-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{434afa6f-db93-11de-a34b-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{434afa6f-db93-11de-a34b-806e6f6e6963}\ not found.
File E:\setup.exe not found.
========== PROCESSES ==========
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
Unable to delete ADS .
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41044 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: uzivatel
->Temp folder emptied: 127549911 bytes
->Temporary Internet Files folder emptied: 919562689 bytes
->Java cache emptied: 52310540 bytes
->FireFox cache emptied: 42332889 bytes
->Google Chrome cache emptied: 272409709 bytes
->Flash cache emptied: 2098417 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 37849029 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67563 bytes
RecycleBin emptied: 1266399 bytes

Total Files Cleaned = 1 388,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.15.2 log created on 10142010_123639

Files\Folders moved on Reboot...
C:\Users\uzivatel\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: mwav, 14 kritických souborů, blue screen

#14 Příspěvek od earl »

Jak se chova pc nyni?
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
katerina007
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 28 srp 2008 15:42

Re: mwav, 14 kritických souborů, blue screen

#15 Příspěvek od katerina007 »

Zdá se, že bez problémů.
Bluescreen nebyl od té doby ani jednou.
A internet už mi taky připadá rychlejší.
Moc Vám děkuji.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“