Prosím o kontrolu logu MWAV

[akiller]

Hezký den, prosím o kontrolu logu z MWAV. Pokud jsem zkopíroval víc, než jsem měl, hluboce se omlouvám

20 XII 2010 13:51:53 - **********************************************************

20 XII 2010 13:51:53 - eScan AntiVirus & Spyware Toolkit Utility.

20 XII 2010 13:51:53 - Copyright © MicroWorld Technologies

20 XII 2010 13:51:53 - **********************************************************

20 XII 2010 13:51:53 - Source: C:\DOCUME~1\PETRMA~1\Plocha\KONTRO~1\mwav\mwav.exe

20 XII 2010 13:51:53 - Version 12.0.73 (C:\DOCUMENTS AND SETTINGS\PETR MACH\LOCAL SETTINGS\TEMP\MEXE.COM)

20 XII 2010 13:51:53 - Log File: C:\Documents and Settings\Petr Mach\Local Settings\temp\MWAV.LOG

20 XII 2010 13:51:53 - Last Scan Date and Time: 18.12.2010 18:44:35

20 XII 2010 13:51:53 - MWAV Registered: TRUE

20 XII 2010 13:51:53 - User Account: Petr Mach (Administrator Mode)

20 XII 2010 13:51:53 - OS Type: Windows Workstation

20 XII 2010 13:51:53 - OS: Windows XP [OS Install Date: 09 Oct 2009 12:34:05]

20 XII 2010 13:51:53 - Ver: Service Pack 3 (Build 2600)

20 XII 2010 13:51:53 - System Up Time: 1 Hour, 53 Minutes, 28 Seconds



20 XII 2010 13:51:53 - Parent Process Name : C:\Documents and Settings\Petr Mach\Plocha\kontrola PC\mwav\mwav.exe

20 XII 2010 13:51:53 - Windows Root Folder: C:\WINDOWS

20 XII 2010 13:51:53 - Windows Sys32 Folder: C:\WINDOWS\system32

20 XII 2010 13:51:53 - DHCP NameServer: 213.46.172.36 213.46.172.37

20 XII 2010 13:51:53 - Interface0 NameServer: 156.154.70.25,156.154.71.25

20 XII 2010 13:51:53 - Interface0 DHCPNameServer: 213.46.172.36 213.46.172.37

20 XII 2010 13:51:53 - ProxyServer: http=;ftp=;https=;

20 XII 2010 13:51:53 - ProxyOverride:

20 XII 2010 13:51:53 - Proxy Connection: DISABLED

20 XII 2010 13:51:53 - Local Fixed Drives: c:\,d:\

20 XII 2010 13:51:53 - MWAV Mode: Scan and Clean files (for viruses, adware and spyware)

20 XII 2010 13:51:53 - [CREATED ZIP FILE: C:\Documents and Settings\Petr Mach\Local Settings\temp\pinfect.zip]



20 XII 2010 13:51:53 - ****** Files/Folders created/modified during last fortnight in Windows and ROOT Folder ******

20 XII 2010 13:51:53 - C:\WINDOWS\clspack.exe (44544), 19-Dec-2010, Microsoft Corporation, Microsoft® Windows® Operating System

20 XII 2010 13:51:53 - C:\WINDOWS\extrac32.exe (103424), 19-Dec-2010, Microsoft Corporation, Microsoft (R) CAB File Extract Utility

20 XII 2010 13:51:53 - C:\WINDOWS\jview.exe (154112), 19-Dec-2010, Microsoft Corporation, Operační systém Microsoft® Windows®

20 XII 2010 13:51:53 - C:\WINDOWS\setdebug.exe (42496), 19-Dec-2010, Microsoft Corporation, Microsoft® Windows® Operating System

20 XII 2010 13:51:53 - C:\WINDOWS\wjview.exe (147456), 19-Dec-2010, Microsoft Corporation, Operační systém Microsoft® Windows®

20 XII 2010 13:51:53 - C:\WINDOWS\system32\ANIBTN32.OCX (144384), 07-Dec-2010, Desaware, Animated Button

20 XII 2010 13:51:53 - C:\WINDOWS\system32\CRPE32.DLL (1114656), 07-Dec-2010, Crystal Computer Services, Inc., Crystal Reports for Visual Basic

20 XII 2010 13:51:53 - C:\WINDOWS\system32\CRXLAT32.DLL (36384), 07-Dec-2010, Crystal Computer Services, Inc., Crystal Reports for Visual Basic

20 XII 2010 13:51:53 - C:\WINDOWS\system32\CRYSTL32.OCX (94720), 07-Dec-2010, Crystal Computer Services, Inc., Visual Basic

20 XII 2010 13:51:54 - C:\WINDOWS\system32\dx3j.dll (313856), 19-Dec-2010, Microsoft Corporation, Microsoft® DirectX for Java

20 XII 2010 13:51:54 - C:\WINDOWS\system32\GAUGE32.OCX (63488), 07-Dec-2010, MicroHelp, Inc., GAUGE

20 XII 2010 13:51:54 - C:\WINDOWS\system32\GRAPH32.OCX (326656), 07-Dec-2010, Bits Per Second Ltd, GRAPH

20 XII 2010 13:51:54 - C:\WINDOWS\system32\GRID32.OCX (89600), 07-Dec-2010, Microsoft Corporation, GRID

20 XII 2010 13:51:54 - C:\WINDOWS\system32\GSWDLL32.DLL (69632), 07-Dec-2010, Bits Per Second Ltd, Graphics Server

20 XII 2010 13:51:54 - C:\WINDOWS\system32\javacypt.dll (209168), 19-Dec-2010, Microsoft Corporation, Operační systém Microsoft® Windows®

20 XII 2010 13:51:54 - C:\WINDOWS\system32\javaee.dll (135168), 19-Dec-2010, Microsoft Corporation, Microsoft® Windows® Operating System

20 XII 2010 13:51:54 - C:\WINDOWS\system32\javaprxy.dll (32528), 19-Dec-2010, Microsoft Corporation, Microsoft® Windows® Operating System

20 XII 2010 13:51:54 - C:\WINDOWS\system32\javart.dll (361744), 19-Dec-2010, Microsoft Corporation, Microsoft® Windows® Operating System

20 XII 2010 13:51:54 - C:\WINDOWS\system32\jdbgmgr.exe (14848), 19-Dec-2010, Microsoft Corporation, Microsoft® Windows® Operating System

20 XII 2010 13:51:54 - C:\WINDOWS\system32\jit.dll (140048), 19-Dec-2010, Microsoft Corporation, Microsoft® Windows® Operating System

20 XII 2010 13:51:54 - C:\WINDOWS\system32\KEYSTA32.OCX (118272), 07-Dec-2010, Microhelp, Inc., KEYSTAT

20 XII 2010 13:51:54 - C:\WINDOWS\system32\MCI32.OCX (198848), 07-Dec-2010, Microsoft Corporation, MCI

20 XII 2010 13:51:54 - C:\WINDOWS\system32\MRT.exe (37366216), 15-Dec-2010, Microsoft Corporation, Nástroj pro odstranění škodlivého softwaru systému Microsoft Windows

20 XII 2010 13:51:54 - C:\WINDOWS\system32\msawt.dll (155920), 19-Dec-2010, Microsoft Corporation, Microsoft® Windows® Operating System

20 XII 2010 13:51:54 - C:\WINDOWS\system32\MSCOMM32.OCX (103744), 07-Dec-2010, Microsoft Corporation, MSComm

20 XII 2010 13:51:54 - C:\WINDOWS\system32\msjava.dll (843024), 19-Dec-2010, Microsoft Corporation, Microsoft® Windows® Operating System

20 XII 2010 13:51:54 - C:\WINDOWS\system32\msjdbc10.dll (73728), 19-Dec-2010, Microsoft Corporation, Microsoft JDBC Bridge

20 XII 2010 13:51:54 - C:\WINDOWS\system32\MSMASK32.OCX (166600), 07-Dec-2010, Microsoft Corporation, MSMask

20 XII 2010 13:51:54 - C:\WINDOWS\system32\P2BBND.DLL (19968), 07-Dec-2010, Crystal Computer Services, Inc., Crystal Reports For Visual Basic

20 XII 2010 13:51:54 - C:\WINDOWS\system32\P2BDAO.DLL (81920), 07-Dec-2010, Crystal Computer Services, Inc., Crystal Reports For Visual Basic

20 XII 2010 13:51:54 - C:\WINDOWS\system32\P2CTDAO.DLL (46592), 07-Dec-2010, Crystal Computer Services, Inc., Crystal Reports For Visual Basic

20 XII 2010 13:51:54 - C:\WINDOWS\system32\P2IRDAO.DLL (48128), 07-Dec-2010, Crystal Computer Services, Inc., Crystal Reports For Visual Basic

20 XII 2010 13:51:54 - C:\WINDOWS\system32\P2SODBC.DLL (86048), 07-Dec-2010, Crystal Computer Services, Inc., Crystal Reports For Visual Basic

20 XII 2010 13:51:54 - C:\WINDOWS\system32\PICCLP32.OCX (83144), 07-Dec-2010, Microsoft Corporation, PicClip

20 XII 2010 13:51:54 - C:\WINDOWS\system32\SPIN32.OCX (52736), 07-Dec-2010, Outrider Systems, Inc., SPIN32

20 XII 2010 13:51:54 - C:\WINDOWS\system32\STKIT432.DLL (24576), 07-Dec-2010, Microsoft Corporation, Microsoft® Visual Basic for Windows

20 XII 2010 13:51:54 - C:\WINDOWS\system32\Threed32.ocx (205848), 07-Dec-2010, Sheridan Software Systems, Inc., Microsoft Visual Basic

20 XII 2010 13:51:54 - C:\WINDOWS\system32\U2DDISK.DLL (45056), 07-Dec-2010, Crystal Computer Services, Inc., Crystal Reports For Visual Basic

20 XII 2010 13:51:54 - C:\WINDOWS\system32\U2FDIF.DLL (49152), 07-Dec-2010, Crystal Computer Services, Inc., Crystal Reports For Visual Basic

20 XII 2010 13:51:54 - C:\WINDOWS\system32\U2FREC.DLL (49152), 07-Dec-2010, Crystal Computer Services, Inc., Crystal Reports For Visual Basic

20 XII 2010 13:51:54 - C:\WINDOWS\system32\U2FSEPV.DLL (49152), 07-Dec-2010, Crystal Computer Services, Inc., Crystal Reports For Visual Basic

20 XII 2010 13:51:54 - C:\WINDOWS\system32\U2FTEXT.DLL (53248), 07-Dec-2010, Crystal Computer Services, Inc., Crystal Reports For Visual Basic

20 XII 2010 13:51:54 - C:\WINDOWS\system32\VB40032.DLL (722192), 07-Dec-2010, Microsoft Corporation, Visual Basic 4.0

20 XII 2010 13:51:54 - C:\WINDOWS\system32\VDGT.ocx (129024), 07-Dec-2010, Visual Design Softscape AB, Visual Design Good Things

20 XII 2010 13:51:54 - C:\WINDOWS\system32\vmhelper.dll (207872), 19-Dec-2010, Microsoft Corporation, Operační systém Microsoft® Windows®

20 XII 2010 13:51:54 - C:\WINDOWS\system32\dllcache\ndproxy.sys (40960), 15-Dec-2010, Microsoft Corporation, Microsoft® Windows® Operating System

20 XII 2010 13:51:54 - C:\WINDOWS\system32\dllcache\wab.exe (45568), 15-Dec-2010, Microsoft Corporation, Microsoft® Windows® Operating System

20 XII 2010 13:51:54 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\BACKUP.93346456.mexe.com (2525768), 18-Dec-2010, MicroWorld Technologies Inc., MicroWorld AntiVirus Toolkit Utility (MWAV)

20 XII 2010 13:51:54 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\bdc.exe (91904), 18-Dec-2010, MicroWorld Tech, eScan

20 XII 2010 13:51:54 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\bdfltlib2k.dll (231944), 18-Dec-2010, MicroWorld Technologies Inc., eScan for Windows

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\clean.bat (11), 18-Dec-2010 [Added C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\clean.bat to ZIP FILE]

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\DEVCON.EXE (61184), 18-Dec-2010, Microsoft Corporation, Microsoft® Windows® Operating System

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\encdec.dll (163848), 18-Dec-2010, MicroWorld Technologies Inc., eScan/MailScan/eConceal

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\erootdrv.sys (13832), 18-Dec-2010, MicroWorld Technologies Inc., eScan/MWAV

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\iet53F7.tmp.exe (2486272), 11-Dec-2010, Conduit

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\iet5426.tmp.exe (2486272), 11-Dec-2010, Conduit

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\mexe.com (2525768), 18-Dec-2010, MicroWorld Technologies Inc., MicroWorld AntiVirus Toolkit Utility (MWAV)

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\msvclnt.dll (240136), 18-Dec-2010, MicroWorld Technologies Inc., MailScan

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\mwavdwnl.exe (788488), 18-Dec-2010, MicroWorld Technologies Inc., eScan

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\MWAVSCAN.COM (2525768), 18-Dec-2010, MicroWorld Technologies Inc., MicroWorld AntiVirus Toolkit Utility (MWAV)

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\plugins.htm (4075), 18-Dec-2010 [Added C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\plugins.htm to ZIP FILE]

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\red32.dll (10248), 18-Dec-2010, Microsoft Corporation, Microsoft® Windows® Operating System

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\reload.exe (159240), 18-Dec-2010, MicroWorld Technologies Inc., eScan for Windows

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\setpriv.exe (65544), 18-Dec-2010, MicroWorld Technologies Inc., eScan AntiVirus Toolkit Utility

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\unregx.exe (76808), 18-Dec-2010, MicroWorld Technologies Inc., MicroWorld AntiVirus Toolkit Utility

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\UPDLL10.DLL (884232), 18-Dec-2010, MicroWorld Technologies Inc., eScan/MailScan/MWAV

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\utt5393.tmp.bat (72), 11-Dec-2010 [Added C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\utt5393.tmp.bat to ZIP FILE]

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\ViewTCP.exe (1680904), 18-Dec-2010, MicroWorld Technologies Inc., ViewTCP

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\vs60wiz.exe (556544), 19-Dec-2010, Microsoft Corporation, Microsoft (R) Visual Studio



20 XII 2010 13:51:55 - C:\WINDOWS\$hf_mig$, 09-Oct-2009 [H] [Folder]

20 XII 2010 13:51:55 - C:\WINDOWS\$NtUninstallMSCompPackV1$, 31-Oct-2009 [H] [Folder]

20 XII 2010 13:51:55 - C:\WINDOWS\$NtUninstallWdf01005$, 31-Oct-2009 [H] [Folder]

20 XII 2010 13:51:55 - C:\WINDOWS\$NtUninstallWIC$, 09-Oct-2009 [H] [Folder]

20 XII 2010 13:51:55 - C:\WINDOWS\$NtUninstallWMFDist11$, 31-Oct-2009 [H] [Folder]

20 XII 2010 13:51:55 - C:\WINDOWS\$NtUninstallwmp11$, 31-Oct-2009 [H] [Folder]

20 XII 2010 13:51:55 - C:\WINDOWS\$NtUninstallXPSEPSCLP$, 13-Jan-2010 [H] [Folder]

20 XII 2010 13:51:55 - C:\WINDOWS\Fonts, 09-Oct-2009 [SR] [Folder]

20 XII 2010 13:51:55 - C:\WINDOWS\ie8, 12-Oct-2009 [H] [Folder]

20 XII 2010 13:51:55 - C:\WINDOWS\inf, 09-Oct-2009 [H] [Folder]

20 XII 2010 13:51:55 - C:\WINDOWS\PIF, 23-Oct-2009 [H] [Folder]

20 XII 2010 13:51:55 - C:\WINDOWS\system32\dllcache, 09-Oct-2009 [HSR] [Folder]

20 XII 2010 13:51:55 - C:\WINDOWS\system32\Microsoft, 09-Oct-2009 [S] [Folder]

20 XII 2010 13:51:55 - C:\cmdcons, 01-Nov-2010 [HSR] [Folder]

20 XII 2010 13:51:55 - C:\TERASOFT, 07-Dec-2010 [Folder]

20 XII 2010 13:51:55 - C:\VritualRoot, 02-Nov-2010 [H] [Folder]

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\hsperfdata_Petr Mach, 20-Dec-2010 [Folder]

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\msohtmlclip1, 18-Dec-2010 [Folder]

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\nsh1C5.tmp, 19-Dec-2010 [Folder]

20 XII 2010 13:51:55 - C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\Rar$DR22.969, 20-Dec-2010 [Folder]

20 XII 2010 13:51:55 - C:\Documents and Settings\Petr Mach\Data aplikací\Microsoft, 09-Oct-2009 [S] [Folder]

20 XII 2010 13:51:55 - C:\Documents and Settings\Petr Mach\Data aplikací\SecuROM, 30-Mar-2010 [HR] [Folder]

20 XII 2010 13:51:55 - C:\Documents and Settings\Petr Mach\Data aplikací\..\Data aplikací, 09-Oct-2009 [H] [Folder]

20 XII 2010 13:51:55 - C:\Documents and Settings\Petr Mach\Data aplikací\..\IECompatCache, 14-Oct-2009 [HS] [Folder]

20 XII 2010 13:51:55 - C:\Documents and Settings\Petr Mach\Data aplikací\..\IETldCache, 12-Oct-2009 [HS] [Folder]

20 XII 2010 13:51:55 - C:\Documents and Settings\Petr Mach\Data aplikací\..\Local Settings, 09-Oct-2009 [H] [Folder]

20 XII 2010 13:51:55 - C:\Documents and Settings\Petr Mach\Data aplikací\..\Okolní síť, 09-Oct-2009 [H] [Folder]

20 XII 2010 13:51:55 - C:\Documents and Settings\Petr Mach\Data aplikací\..\Okolní tiskárny, 09-Oct-2009 [H] [Folder]

20 XII 2010 13:51:55 - C:\Documents and Settings\Petr Mach\Data aplikací\..\PrivacIE, 14-Oct-2009 [HS] [Folder]

20 XII 2010 13:51:55 - C:\Documents and Settings\Petr Mach\Data aplikací\..\Recent, 20-Dec-2010 [HR] [Folder]

20 XII 2010 13:51:55 - C:\Documents and Settings\Petr Mach\Data aplikací\..\SendTo, 09-Oct-2009 [HR] [Folder]

20 XII 2010 13:51:55 - C:\Documents and Settings\Petr Mach\Data aplikací\..\TapinRadio, 13-Dec-2010 [Folder]

20 XII 2010 13:51:55 - C:\Documents and Settings\Petr Mach\Data aplikací\..\Šablony, 09-Oct-2009 [H] [Folder]

20 XII 2010 13:51:55 - C:\Documents and Settings\All Users\Data aplikací\Microsoft, 09-Oct-2009 [S] [Folder]

20 XII 2010 13:51:55 - C:\Documents and Settings\All Users\Data aplikací\..\Data aplikací, 09-Oct-2009 [HR] [Folder]

20 XII 2010 13:51:55 - C:\Documents and Settings\All Users\Data aplikací\..\DRM, 09-Oct-2009 [HS] [Folder]

20 XII 2010 13:51:55 - C:\Documents and Settings\All Users\Data aplikací\..\Šablony, 09-Oct-2009 [H] [Folder]

20 XII 2010 13:51:55 - C:\Program Files\ChromePlus, 06-Dec-2010 [Folder]

20 XII 2010 13:51:55 - C:\Program Files\DAEMON Tools Lite, 19-Dec-2010 [Folder]

20 XII 2010 13:51:55 - C:\Program Files\Debugging Tools for Windows (x86), 13-Dec-2010 [Folder]

20 XII 2010 13:51:55 - C:\Program Files\FreeTime, 20-Dec-2010 [Folder]

20 XII 2010 13:51:55 - C:\Program Files\GlobFX, 16-Dec-2010 [Folder]

20 XII 2010 13:51:55 - C:\Program Files\KONAMI, 15-Dec-2010 [Folder]

20 XII 2010 13:51:55 - C:\Program Files\TapinRadio, 13-Dec-2010 [Folder]

20 XII 2010 13:51:55 - C:\Program Files\TS Dejepis, 07-Dec-2010 [Folder]

20 XII 2010 13:51:55 - C:\Program Files\uTorrentBar, 11-Dec-2010 [Folder]

20 XII 2010 13:51:55 - C:\Program Files\Web Publish, 19-Dec-2010 [Folder]

20 XII 2010 13:51:55 - C:\Program Files\WindowsUpdate, 09-Oct-2009 [H] [Folder]



20 XII 2010 13:51:55 - *********************************************************************************************



20 XII 2010 13:51:55 - Latest Date of files inside MWAV: Wed Oct 20 07:52:50 2010.

20 XII 2010 13:51:55 - Plugins FileCount: 786 Sign Version: 7.34343

20 XII 2010 13:51:55 - Loading/Creating FileScan Database C:\Documents and Settings\All Users\Data aplikací\MicroWorld\MWAV\ESCANDBX.MDB [Log: C:\Documents and Settings\Petr Mach\Local Settings\temp\ESCANDB.LOG]

20 XII 2010 13:51:56 - Loaded/Created FileScan Database...

20 XII 2010 13:51:56 - Loading AV Library [DB]...

20 XII 2010 13:52:14 - AV Library Loaded [DB-DIRECT].

20 XII 2010 13:52:14 - MWAV doing self scanning...

20 XII 2010 13:52:14 - MWAV files are clean.
20 XII 2010 13:52:19 - Virus Database Date: 20 Oct 2010
20 XII 2010 13:52:19 - Virus Database Count: 6359864
20 XII 2010 13:52:23 - Downloading AntiVirus and Anti-Spyware Databases...
20 XII 2010 13:53:16 - Update Successful...
20 XII 2010 13:53:21 - Indexed Spyware Databases Successfully Created...
20 XII 2010 13:53:21 - Old Sign Version: 7.34343 New Sign Version: 7.35234
20 XII 2010 13:53:35 - Reload of AntiVirus Signatures successfully done.
20 XII 2010 13:53:35 - Virus Database Date: 20 Dec 2010
20 XII 2010 13:53:35 - Virus Database Count: 6461934

20 XII 2010 13:54:09 - **********************************************************
20 XII 2010 13:54:09 - eScan AntiVirus & Spyware Toolkit Utility.
20 XII 2010 13:54:09 - Copyright © MicroWorld Technologies
20 XII 2010 13:54:09 -
20 XII 2010 13:54:09 - Support: support@escanav.com
20 XII 2010 13:54:09 - Web: http://www.escanav.com
20 XII 2010 13:54:09 - **********************************************************
20 XII 2010 13:54:09 - Version 12.0.73[DB] (C:\DOCUMENTS AND SETTINGS\PETR MACH\LOCAL SETTINGS\TEMP\MEXE.COM)
20 XII 2010 13:54:09 - Log File: C:\Documents and Settings\Petr Mach\Local Settings\temp\MWAV.LOG
20 XII 2010 13:54:09 - User Account: Petr Mach (Administrator Mode)
20 XII 2010 13:54:09 - Parent Process Name : C:\Documents and Settings\Petr Mach\Plocha\kontrola PC\mwav\mwav.exe
20 XII 2010 13:54:09 - Windows Root Folder: C:\WINDOWS
20 XII 2010 13:54:09 - Windows Sys32 Folder: C:\WINDOWS\system32
20 XII 2010 13:54:09 - OS: Windows XP [OS Install Date: 09 Oct 2009 12:34:05]
20 XII 2010 13:54:09 - Ver: Service Pack 3 (Build 2600)
20 XII 2010 13:54:09 - Latest Date of files inside MWAV: Wed Oct 20 07:52:50 2010.
20 XII 2010 13:54:09 - Plugins FileCount: 786 Sign Version: 7.35234

20 XII 2010 13:54:11 - Options Selected by User:
20 XII 2010 13:54:11 - Memory Check: Enabled
20 XII 2010 13:54:11 - Registry Check: Enabled
20 XII 2010 13:54:11 - StartUp Folder Check: Enabled
20 XII 2010 13:54:11 - System Folder Check: Enabled
20 XII 2010 13:54:11 - Services Check: Enabled
20 XII 2010 13:54:11 - Scan Spyware: Enabled
20 XII 2010 13:54:11 - Drive Check: Disabled
20 XII 2010 13:54:11 - All Drive Check :Enabled
20 XII 2010 13:54:11 - Folder Check: Disabled
20 XII 2010 13:54:11 - SCAN: All_Files
20 XII 2010 13:54:11 - MWAV Mode: Scan and Clean files (for viruses, adware and spyware)


20 XII 2010 13:54:12 - ***** Scanning Memory Files *****

20 XII 2010 13:54:38 - ***** Scanning Registry Files *****
20 XII 2010 13:54:54 - ERROR(l)!!! Invalid Entry AppInit_DLLs = (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows). Action Taken: No Action Taken.
20 XII 2010 13:54:54 - ERROR(3)!!! Invalid Entry Debugger = "C:\Program Files\Microsoft Visual Studio\Common\MSDev98\Bin\msdev.exe" -p %ld -e %ld (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AEDEBUG). Action Taken: Removing it.

20 XII 2010 13:54:58 - ***** Scanning StartUp Folders *****

20 XII 2010 13:55:06 - ***** Scanning Service Files *****
20 XII 2010 13:55:13 - C:\WINDOWS\system32\Drivers\sptd.sys not Scanned. Possibly password protected...

20 XII 2010 13:55:16 - ***** Scanning Registry and File system for Adware/Spyware *****
20 XII 2010 13:55:16 - Loading Spyware Signatures from new External Database [Name: C:\DOCUME~1\PETRMA~1\LOCALS~1\temp\spydb.avs, Size: 960611]...
20 XII 2010 13:55:16 - Indexed Spyware Databases Successfully Created...

20 XII 2010 13:55:29 - Offending file found: C:\Documents and Settings\Petr Mach\Local Settings\temp\nsh1C5.tmp\Lang\TRK.dll
20 XII 2010 13:55:29 - System found infected with TopMoxie Spyware/Adware (TRK.dll)! Action taken: File Deleted.
20 XII 2010 13:55:29 - Object "TopMoxie Spyware/Adware" found in File System! Action Taken: File Deleted.


20 XII 2010 13:55:38 - ***** Scanning Registry Files *****
20 XII 2010 13:55:48 - ERROR(l)!!! Invalid Entry AppInit_DLLs = (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows). Action Taken: No Action Taken.
20 XII 2010 13:55:48 - Scanning File C:\WINDOWS\RaidTool\xInsIDE.exe (????)
20 XII 2010 13:55:49 - Clearing Temporary sub-folders as Spyware/Adware found in system...
20 XII 2010 13:55:49 - Few files will be deleted *ONLY* on reboot...
20 XII 2010 13:55:50 - Few files will be deleted *ONLY* on reboot...
20 XII 2010 13:55:50 - ** Value in HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
20 XII 2010 13:55:50 - ** Value in HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = http://www.seznam.cz/
20 XII 2010 13:55:50 - ** Value in HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\main/Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome

20 XII 2010 13:55:50 - ***** Scanning System32 Folders *****



20 XII 2010 13:57:54 - ***** Scanning All Drives *****
20 XII 2010 13:57:54 - Scanning C:\ Drive
20 XII 2010 13:58:59 - C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft\Windows\UsrClass.dat.LOG not Scanned. Possibly password protected...
20 XII 2010 13:58:59 - C:\Documents and Settings\LocalService\ntuser.dat.LOG not Scanned. Possibly password protected...
20 XII 2010 13:59:00 - C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft\Windows\UsrClass.dat.LOG not Scanned. Possibly password protected...
20 XII 2010 13:59:00 - C:\Documents and Settings\NetworkService\ntuser.dat.LOG not Scanned. Possibly password protected...
20 XII 2010 14:00:32 - C:\Documents and Settings\Petr Mach\Local Settings\Data aplikací\Adobe\Acrobat\8.0\Updater\updater.log not Scanned. Possibly password protected...
20 XII 2010 14:01:47 - C:\Documents and Settings\Petr Mach\Local Settings\Data aplikací\Microsoft\Windows\UsrClass.dat.LOG not Scanned. Possibly password protected...
20 XII 2010 14:02:07 - C:\Documents and Settings\Petr Mach\ntuser.dat.LOG not Scanned. Possibly password protected...
20 XII 2010 14:08:47 - ScanFile took 7.22 Secs [C:\MAGIX\mm2005_deLuxe\Synth\Robota.syn]...

20 XII 2010 14:29:47 - C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\DATA\master.mdf not Scanned. Possibly password protected...
20 XII 2010 14:29:47 - C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\DATA\mastlog.ldf not Scanned. Possibly password protected...
20 XII 2010 14:29:47 - C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\DATA\model.mdf not Scanned. Possibly password protected...
20 XII 2010 14:29:47 - C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\DATA\modellog.ldf not Scanned. Possibly password protected...
20 XII 2010 14:29:47 - C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\DATA\MSDBData.mdf not Scanned. Possibly password protected...
20 XII 2010 14:29:47 - C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\DATA\MSDBLog.ldf not Scanned. Possibly password protected...
20 XII 2010 14:29:47 - C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\DATA\tempdb.mdf not Scanned. Possibly password protected...
20 XII 2010 14:29:47 - C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\DATA\templog.ldf not Scanned. Possibly password protected...
20 XII 2010 14:37:02 - C:\Program Files\Zoner\Photo Studio 12\Crack ZPS12.exe.mwt File already Scanned once... not able to clean.
20 XII 2010 14:50:43 - C:\WINDOWS\system32\CatRoot2\edb.log not Scanned. Possibly password protected...
20 XII 2010 14:50:43 - C:\WINDOWS\system32\CatRoot2\tmp.edb not Scanned. Possibly password protected...
20 XII 2010 14:50:43 - C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb not Scanned. Possibly password protected...
20 XII 2010 14:50:43 - C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb not Scanned. Possibly password protected...
20 XII 2010 14:50:45 - C:\WINDOWS\system32\config\default not Scanned. Possibly password protected...
20 XII 2010 14:50:45 - C:\WINDOWS\system32\config\default.LOG not Scanned. Possibly password protected...
20 XII 2010 14:50:45 - C:\WINDOWS\system32\config\SAM not Scanned. Possibly password protected...
20 XII 2010 14:50:45 - C:\WINDOWS\system32\config\SAM.LOG not Scanned. Possibly password protected...
20 XII 2010 14:50:45 - C:\WINDOWS\system32\config\SECURITY not Scanned. Possibly password protected...
20 XII 2010 14:50:45 - C:\WINDOWS\system32\config\SECURITY.LOG not Scanned. Possibly password protected...
20 XII 2010 14:50:45 - C:\WINDOWS\system32\config\software not Scanned. Possibly password protected...
20 XII 2010 14:50:45 - C:\WINDOWS\system32\config\software.LOG not Scanned. Possibly password protected...
20 XII 2010 14:50:45 - C:\WINDOWS\system32\config\system not Scanned. Possibly password protected...
20 XII 2010 14:50:45 - C:\WINDOWS\system32\config\system.LOG not Scanned. Possibly password protected...
20 XII 2010 14:50:46 - C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Microsoft\Windows\UsrClass.dat.LOG not Scanned. Possibly password protected...
20 XII 2010 14:52:07 - C:\WINDOWS\system32\drivers\sptd.sys not Scanned. Possibly password protected...
20 XII 2010 14:54:17 - Scanning D:\ Drive
20 XII 2010 15:16:16 - D:\Dokumenty\FŠCHM\instalačky\Hide IP Easy 4.2.4.2\Patch\patch.exe.mwt File already Scanned once... not able to clean.
20 XII 2010 15:20:27 - INVALID ATTRIBUTES FOR FOLDER [D:\Dokumenty\Hudba\Vladimir Vysockij\??????? ?????]. IGNORING.
20 XII 2010 15:20:27 - INVALID ATTRIBUTES FOR FOLDER [D:\Dokumenty\Hudba\Vladimir Vysockij\????????? ????????? ??????]. IGNORING.
20 XII 2010 15:20:27 - INVALID ATTRIBUTES FOR FOLDER [D:\Dokumenty\Hudba\Vladimir Vysockij\????? ?? ???????????]. IGNORING.
20 XII 2010 15:20:27 - INVALID ATTRIBUTES FOR FOLDER [D:\Dokumenty\Hudba\Vladimir Vysockij\????? ? ?????]. IGNORING.
20 XII 2010 15:20:27 - INVALID ATTRIBUTES FOR FOLDER [D:\Dokumenty\Hudba\Vladimir Vysockij\????? ? ??????]. IGNORING.
20 XII 2010 15:20:27 - INVALID ATTRIBUTES FOR FOLDER [D:\Dokumenty\Hudba\Vladimir Vysockij\????? ? ?????]. IGNORING.
20 XII 2010 15:20:27 - INVALID ATTRIBUTES FOR FOLDER [D:\Dokumenty\Hudba\Vladimir Vysockij\????? ? ???? ? ????]. IGNORING.
20 XII 2010 15:20:27 - INVALID ATTRIBUTES FOR FOLDER [D:\Dokumenty\Hudba\Vladimir Vysockij\????? ??? ???????]. IGNORING.
20 XII 2010 15:20:27 - INVALID ATTRIBUTES FOR FOLDER [D:\Dokumenty\Hudba\Vladimir Vysockij\?????? ?????]. IGNORING.
20 XII 2010 15:20:27 - INVALID ATTRIBUTES FOR FOLDER [D:\Dokumenty\Hudba\Vladimir Vysockij\???????? ?????]. IGNORING.
20 XII 2010 15:24:36 - D:\Dokumenty\Knihy\Naučná\PC knihy\Microsoft Office\Microsoft Office 2000\Excel vzorce a funkce\Pcwed\03-excel.pdf not Scanned. Possibly password protected...
20 XII 2010 15:26:27 - D:\Dokumenty\Knihy\Naučná\PC knihy\Visual Basic\Visual Basic\Visual Basic (CHIP)\chip 99_10\Data\Utility\ictrial.exe not Scanned. Possibly password protected...

20 XII 2010 15:32:15 - ***** Checking for specific ITW Viruses *****

20 XII 2010 15:32:15 - ***** Scanning complete. *****

20 XII 2010 15:32:15 - Total Objects Scanned: 285484
20 XII 2010 15:32:15 - Total Critical Objects: 1
20 XII 2010 15:32:15 - Total Disinfected Objects: 0
20 XII 2010 15:32:15 - Total Objects Renamed: 0
20 XII 2010 15:32:15 - Total Deleted Objects: 1
20 XII 2010 15:32:15 - Total Errors: 3
20 XII 2010 15:32:15 - Time Elapsed: 01:38:05
20 XII 2010 15:32:15 - Virus Database Date: 20 Dec 2010
20 XII 2010 15:32:15 - Virus Database Count: 6461934

20 XII 2010 15:32:15 - Scan Completed.

[Rudy]

Stáhněte a spusťte Avenger: http://www.viry.cz/forum/viewtopic.php?f=15&t=19832 tímto skriptem:

Files to delete:
C:\DOCUME~1\PETRMA~1\LOCALS~1\Temp\utt5393.tmp.bat