wmiprvse.exe

Zpráva

passy30 · #1 Příspěvek od **passy30** » 17 kvě 2013 16:23

Zdravím,
mám problém s wmiprvse.exe , stále mi "ukrajuje" 20-40% CPU a nejde vypnout. To asi není normální, že?

info.txt logfile of random's system information tool 1.09 2013-05-17 17:17:29

======Uninstall list======

-->C:\DOCUME~1\ALLUSE~1\DATAAP~1\INSTAL~2\{6B9A9~1\Setup.exe /remove /q0
-->C:\DOCUME~1\ALLUSE~1\DATAAP~1\INSTAL~2\{7F0D0~1\Setup.exe /remove /q0
-->C:\DOCUME~1\ALLUSE~1\DATAAP~1\INSTAL~2\{8E528~1\Setup.exe /remove /q0
-->C:\DOCUME~1\ALLUSE~1\DATAAP~1\INSTAL~2\{918A1~1\Setup.exe /remove /q0
-->C:\DOCUME~1\ALLUSE~1\DATAAP~1\INSTAL~2\{9265C~1\Setup.exe /remove /q0
-->C:\DOCUME~1\ALLUSE~1\DATAAP~1\INSTAL~2\{AF33A~1\Setup.exe /remove /q0
-->C:\DOCUME~1\ALLUSE~1\DATAAP~1\INSTAL~2\{BAA88~1\Setup.exe /remove /q0
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_6_602_180_Plugin.exe -maintain plugin
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2797052)-->"C:\WINDOWS\ie8updates\KB2797052-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Alcohol 120%-->MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
Ashampoo Burning Studio 6 FREE v.6.83-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 6 FREE\unins000.exe"
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_D44140A13977AE94259B78D5DF8889C684CA993F\nokia_bluetooth.inf
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_B42570ED05EF0F77246242E26BBCA741434F76FB\nokbtmdm.inf
Command & Conquer Red Alert 2-->C:\Westwood\RA2\Uninstll.EXE
DVBViewer Pro DEMO-->"C:\Program Files\DVBViewer Demo\unins000.exe"
Grand Theft Auto Vice City-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}\Setup.exe" -l0x9
ChrisTV PVR Professional 5.75-->"C:\Program Files\ChrisTV PVR\unins000.exe"
InfoMapa 18-->MsiExec.exe /X{FD2159B1-587B-4D2D-BBA7-E4DED642836B}
Java 7 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217017FF}
jetAudio Basic-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}\setup.exe" -l0x5 -removeonly
Kubik SMS DreamCom 5.95-->"C:\Program Files\DreamCom\unins000.exe"
LifeView DTV-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{D1BA1F1C-D88B-405D-953F-D7074B65453D} /l1033
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9-->"C:\WINDOWS\$NtUninstallWdf01009$\spuninst\spuninst.exe"
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{A57025CC-5F2E-4D01-B387-06DB10500D43}
Nokia PC Suite-->C:\Documents and Settings\All Users\Data aplikací\Installations\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}\Nokia_PC_Suite_ALL.exe
Nokia PC Suite-->MsiExec.exe /I{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
O2-->"C:\Program Files\O2\O2CZ\Uninstall.exe"
Opera 12.14-->"C:\Program Files\Opera\Opera.exe" /uninstall
RelevantKnowledge-->C:\Program Files\RelevantKnowledge\rlvknlg.exe -bootremove -uninst:RelevantKnowledge
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
ZAV 4.48 (32bit)-->"C:\Program Files\ZAV1\unins000.exe"

======System event log======

Computer Name: PASSY-43E998E55
Event Code: 20159
Message: Připojení k T-Mobile vytvořené uživatelem já pomocí zařízení COM7 bylo odpojeno.

Record Number: 5392
Source Name: RemoteAccess
Time Written: 20130517170310.000000+120
Event Type: Informace
User:

Computer Name: PASSY-43E998E55
Event Code: 20158
Message: Uživatel já úspěšně vytvořil připojení k T-Mobile pomocí zařízení COM7.

Record Number: 5391
Source Name: RemoteAccess
Time Written: 20130517165845.000000+120
Event Type: Informace
User:

Computer Name: PASSY-43E998E55
Event Code: 7036
Message: Stav služby Služba modelu COM pro zápis na disk CD (IMAPI) byl změněn na: Zastaveno

Record Number: 5390
Source Name: Service Control Manager
Time Written: 20130517155858.000000+120
Event Type: Informace
User:

Computer Name: PASSY-43E998E55
Event Code: 7036
Message: Stav služby Služba modelu COM pro zápis na disk CD (IMAPI) byl změněn na: Spuštěno

Record Number: 5389
Source Name: Service Control Manager
Time Written: 20130517155850.000000+120
Event Type: Informace
User:

Computer Name: PASSY-43E998E55
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Služba modelu COM pro zápis na disk CD (IMAPI) úspěšně odeslán.

Record Number: 5388
Source Name: Service Control Manager
Time Written: 20130517155850.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: PASSY-43E998E55
Event Code: 1000
Message: Chybující aplikace dreamcom.exe, verze 0.0.0.0, chybující modul dreamcom.exe, verze 0.0.0.0, adresa chyby 0x00002534.

Record Number: 79
Source Name: Application Error
Time Written: 20130318122435.000000+060
Event Type: Chyba
User:

Computer Name: PASSY-43E998E55
Event Code: 1800
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.

Record Number: 78
Source Name: SecurityCenter
Time Written: 20130318062351.000000+060
Event Type: Informace
User:

Computer Name: PASSY-43E998E55
Event Code: 1800
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.

Record Number: 77
Source Name: SecurityCenter
Time Written: 20130317165626.000000+060
Event Type: Informace
User:

Computer Name: PASSY-43E998E55
Event Code: 4097
Message: Aplikace D:\Program Files\Rockstar Games\GTA San Andreas\gta_sa.exe vygenerovala aplikační chybu.
K chybě došlo dne 17. 03. 2013 v 16:53:36,843
Vygenerovaná výjimka: c0000005 na adrese 004DD5A3 (gta_sa)

Record Number: 76
Source Name: DrWatson
Time Written: 20130317165336.000000+060
Event Type: Informace
User:

Computer Name: PASSY-43E998E55
Event Code: 1000
Message: Chybující aplikace gta_sa.exe, verze 0.0.0.0, chybující modul gta_sa.exe, verze 0.0.0.0, adresa chyby 0x000dd5a3.

Record Number: 75
Source Name: Application Error
Time Written: 20130317165334.000000+060
Event Type: Chyba
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=0207
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 17 kvě 2013 16:39

Zdravim

Poprosim o log.txt, je ulozen v c:\rsit

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Prohledat
Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

passy30 · #3 Příspěvek od **passy30** » 17 kvě 2013 17:03

Logfile of random's system information tool 1.09 (written by random/random)
Run by passy at 2013-05-17 17:17:07
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 7 GB (18%) free of 38 GB
Total RAM: 768 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:17:21, on 17.5.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\RelevantKnowledge\rlvknlg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\O2\O2CZ\EMMSN.exe
C:\Program Files\O2\Nori\Nori.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\passy\Dokumenty\RSIT.exe
C:\Program Files\trend micro\passy.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DTVRemote] "C:\Program Files\LifeView DTV\RemoteControl.exe"
O4 - HKLM\..\Run: [ChrisTV Agent] "C:\Program Files\ChrisTV PVR\ChrisTV_Agent.exe" /SILENT
O4 - HKLM\..\Run: [RelevantKnowledge] C:\Program Files\RelevantKnowledge\rlvknlg.exe -boot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 5252512703
O17 - HKLM\System\CCS\Services\Tcpip\..\{94FE58CA-C797-4512-A4CA-B48B2ED32DE9}: NameServer = 93.153.117.1 93.153.117.33
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

--
End of file - 4173 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-21 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-21 170912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"DTVRemote"=C:\Program Files\LifeView DTV\RemoteControl.exe [2005-12-26 53248]
"ChrisTV Agent"=C:\Program Files\ChrisTV PVR\ChrisTV_Agent.exe [2008-11-11 275456]
"RelevantKnowledge"=C:\Program Files\RelevantKnowledge\rlvknlg.exe [2013-04-04 3396888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\Java\jre7\bin\java.exe"="C:\Program Files\Java\jre7\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Look@LAN\LookAtLan.exe"="C:\Program Files\Look@LAN\LookAtLan.exe:*:Enabled:Look@LAN"
"C:\Program Files\Look@LAN\LookAtHost.exe"="C:\Program Files\Look@LAN\LookAtHost.exe:*:Enabled:Look@HOST"
"c:\program files\relevantknowledge\rlvknlg.exe"="c:\program files\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm

======List of files/folders created in the last 1 month======

2013-05-17 17:17:07 ----D---- C:\rsit
2013-05-17 17:17:07 ----D---- C:\Program Files\trend micro
2013-05-08 12:11:02 ----D---- C:\Program Files\RelevantKnowledge
2013-05-08 12:02:41 ----D---- C:\Program Files\ChrisTV PVR
2013-05-08 12:02:41 ----A---- C:\WINDOWS\system32\wstcode16a.dll
2013-05-08 09:48:21 ----D---- C:\WINDOWS\Minidump
2013-05-05 12:12:39 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #3.txt
2013-04-30 12:06:52 ----D---- C:\Program Files\DVBViewer Demo
2013-04-28 16:39:33 ----A---- C:\WINDOWS\system32\ProgDvbEngine.dll
2013-04-28 16:39:11 ----A---- C:\WINDOWS\ProgDvbEngine.dll
2013-04-28 16:11:45 ----ASH---- C:\pagefile.sys
2013-04-27 10:21:54 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2013-04-27 09:19:34 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2013-04-27 09:19:25 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2013-04-24 20:59:51 ----A---- C:\WINDOWS\system32\hidserv.dll

======List of files/folders modified in the last 1 month======

2013-05-17 17:17:07 ----RD---- C:\Program Files
2013-05-17 17:17:04 ----D---- C:\WINDOWS\Prefetch
2013-05-17 15:58:52 ----D---- C:\WINDOWS\Temp
2013-05-17 05:57:18 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-05-08 12:02:42 ----RSD---- C:\WINDOWS\Fonts
2013-05-08 12:02:41 ----D---- C:\WINDOWS\system32
2013-05-08 09:48:21 ----D---- C:\WINDOWS
2013-05-05 12:11:30 ----D---- C:\WINDOWS\system32\CatRoot2
2013-05-04 23:12:48 ----D---- C:\Program Files\LifeView DTV
2013-04-30 12:25:03 ----D---- C:\dvbdream
2013-04-30 12:24:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\ProgDVB
2013-04-30 12:24:38 ----D---- C:\Program Files\ProgDVB
2013-04-30 12:06:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\CMUV
2013-04-28 13:26:44 ----SHD---- C:\RECYCLER
2013-04-27 10:19:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\InstallMate
2013-04-27 09:19:46 ----D---- C:\WINDOWS\system32\drivers
2013-04-27 09:19:43 ----HD---- C:\WINDOWS\inf
2013-04-27 08:49:15 ----D---- C:\Program Files\DreamCom
2013-04-24 20:59:58 ----RSHDC---- C:\WINDOWS\system32\dllcache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]
R0 xmasbus;xmasbus; C:\WINDOWS\system32\DRIVERS\xmasbus.sys [2003-12-21 140800]
R0 xmasscsi;xmasscsi; C:\WINDOWS\System32\Drivers\xmasscsi.sys [2003-12-20 5504]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 tidnet;TID NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\tidnet.sys [2009-09-15 19200]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-10-24 117760]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [2009-12-15 24448]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102528]
R3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [2009-12-15 100736]
R3 LVHybrid;LVHybrid service; C:\WINDOWS\system32\DRIVERS\LVHybrid.sys [2005-10-21 660736]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-04-14 1897408]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 MA-620;Mobile Action MA-660 USB Infrared Adapter; C:\WINDOWS\system32\DRIVERS\MA-620.sys [2003-03-25 27136]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2008-04-14 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-03-21 170912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

-----------------EOF-----------------

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Microsoft Windows XP x86
Ran by passy on p 17.05.2013 at 17:43:23,51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector

~~~ Files

Successfully deleted: [File] "C:\WINDOWS\system32\roboot.exe"

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\passy\Data aplikacˇ\systweak"
Successfully deleted: [Folder] "C:\Program Files\relevantknowledge"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 17.05.2013 at 17:50:52,23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v2.301 - Log vytvooen 17/05/2013 v 17:53:05
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : passy - PASSY-43E998E55
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\passy\Dokumenty\adwcleaner.exe
# Volba [Prohledat]

***** [Služby] *****

***** [Soubory / Složky] *****

Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\BBroowsee2save
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\Browse2seavei
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\InstallMate
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\SearrcaH-iNewTyabb
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\SoftSafe
Složka Nalezeno : C:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge
Složka Nalezeno : C:\Documents and Settings\passy\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cngleppmpmjbniaoecpeppkkbgiimmjp
Složka Nalezeno : C:\Documents and Settings\passy\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\kajeabipefgplhlbdmbaikheiknoedno
Složka Nalezeno : C:\Documents and Settings\passy\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\omphejhhpepcmeikecgjlcmpdfjncjel

***** [Registry] *****

Hodnota Nalezeno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\RelevantKnowledge\rlvknlg.exe]
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A708B3A0-4356-CEE9-7D7D-77E9DCCFA5F3}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A708B3A0-4356-CEE9-7D7D-77E9DCCFA5F3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D08D9F98-1C78-4704-87E6-368B0023D831}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D08D9F98-1C78-4704-87E6-368B0023D831}
Klíe Nalezeno : HKLM\Software\SProtector

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry jsou eisté.

-\\ Google Chrome v [Nemohu získat verzi]

Soubor : C:\Documents and Settings\passy\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

-\\ Opera v12.14.1738.0

Soubor : C:\Documents and Settings\passy\Data aplikací\Opera\Opera\operaprefs.ini

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [2906 octets] - [17/05/2013 17:53:05]

########## EOF - C:\AdwCleaner[R1].txt - [2966 octets] ##########

#4 Příspěvek od **vyosek** » 17 kvě 2013 19:27

Spustte znovu AdwCleaner

Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Smazat
PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

VIRY.CZ

wmiprvse.exe

wmiprvse.exe

Re: wmiprvse.exe

Re: wmiprvse.exe

Re: wmiprvse.exe