Nereaguje žádná aplikace

[MarekVys]

Zapnul jsem PC, nespustili se programy které startují normálně po zapnutí Win. Nedá se otevřít Mozilla, Ovládací panely, žádný jiný software.

Při zapnutí PC se na chvíli objeví hlášení o zablokovaném ovladači Tages Protenction, jestli to může mít souvislost. Ale nemůžu nic dělat, pouze kliknout Start - restart/vypnout a otevřít správce aplikací, vše ostatní nereaguje.

pozn.: Win7 x64


(pokusím se nějak získat log, podaří li se to v jiném režimu)

[Rudy]

Zkuste nouz. režim.

[MarekVys]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Tomáš Vyskočil at 2011-09-26 19:25:51
Microsoft Windows 7 Home Premium Service Pack 2
System drive C: has 552 GB (58%) free of 954 GB
Total RAM: 4091 MB (62% free)


======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files\OO Software\Defrag\oodag.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-093c2787-f8e8-470a-a4da-8db31ffc8da1 -SystemEventPortName:HostProcess-4b4dea0e-38d9-4b71-9224-16acfa7a6c8e -IoCancelEventPortName:HostProcess-056fe893-3c30-4ae9-9234-da19bf29ef64 -NonStateChangingEventPortName:HostProcess-2c59ec7b-d361-4dba-a19f-c33449267dab -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:1d242a68-64d8-4574-ad33-2e303142315d
WLIDSvcM.exe 1236
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\System32\svchost.exe -k secsvcs
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\OO Software\Defrag\oodtray.exe"
"C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe" /TUStart /pid:1048
"C:\Windows\system32\wbengine.exe"
C:\Windows\System32\vds.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
taskmgr.exe /3
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"L:\Viry\RSITx64(1).exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Tomáš Vyskočil\AppData\Roaming\Mozilla\Firefox\Profiles\a6r4pcln.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://start.icq.com/"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.8, {EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.2, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.3.0&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Tomáš Vyskočil\AppData\Roaming\Mozilla\Firefox\Profiles\a6r4pcln.default\searchplugins\
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-08-04 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-09-22 8116256]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2009-09-12 3832064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=C:\Program Files (x86)\ICQ7.2\ICQ.exe [2011-01-05 133432]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"MRUTray"=C:\Program Files (x86)\Marvell\raid\tray\MarvellTray.exe [2009-10-09 741376]
"NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2009-09-25 106496]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-09-06 3722416]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2011-08-04 1955208]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2011-08-31 449608]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktopChanges"=1
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-09-26 19:23:18 ----D---- C:\rsit
2011-09-26 19:23:18 ----D---- C:\Program Files\trend micro
2011-09-24 15:34:31 ----A---- C:\Windows\system32\drivers\atksgt.sys
2011-09-24 15:34:30 ----A---- C:\Windows\system32\drivers\lirsgt.sys
2011-09-17 15:53:44 ----SHD---- C:\found.000
2011-09-17 11:15:19 ----D---- C:\Program Files (x86)\Steam
2011-09-10 18:42:05 ----D---- C:\Users\Tomáš Vyskočil\AppData\Roaming\Mount&Blade Warband
2011-09-01 15:34:09 ----D---- C:\Program Files\GamePark2
2011-08-29 13:57:53 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-08-29 13:57:53 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-08-29 13:57:53 ----A---- C:\Windows\SYSWOW64\java.exe
2011-08-29 10:31:29 ----D---- C:\Program Files\iTunes
2011-08-29 10:31:29 ----D---- C:\Program Files\iPod
2011-08-29 10:25:28 ----D---- C:\Program Files (x86)\QuickTime

======List of files/folders modified in the last 1 month======

2011-09-26 19:25:49 ----D---- C:\Windows\Temp
2011-09-26 19:25:49 ----D---- C:\Windows\Prefetch
2011-09-26 19:24:30 ----D---- C:\Windows\System32
2011-09-26 19:24:30 ----D---- C:\Windows\inf
2011-09-26 19:24:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-09-26 19:23:18 ----RD---- C:\Program Files
2011-09-26 19:04:10 ----D---- C:\Windows\system32\config
2011-09-26 18:32:29 ----D---- C:\Windows
2011-09-25 22:44:34 ----D---- C:\Users\Tomáš Vyskočil\AppData\Roaming\ICQ
2011-09-25 20:44:40 ----SHD---- C:\System Volume Information
2011-09-25 13:14:58 ----D---- C:\Windows\SYSWOW64\drivers
2011-09-25 13:10:20 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-09-25 13:08:34 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-09-25 13:07:44 ----D---- C:\Users\Tomáš Vyskočil\AppData\Roaming\Media Player Classic
2011-09-25 12:21:09 ----D---- C:\Windows\SysWOW64
2011-09-25 11:06:36 ----RSD---- C:\Windows\assembly
2011-09-25 11:05:32 ----SHD---- C:\Windows\Installer
2011-09-25 11:01:50 ----D---- C:\HRY
2011-09-25 09:02:44 ----D---- C:\ProgramData\NVIDIA
2011-09-24 15:45:31 ----HD---- C:\ProgramData
2011-09-24 15:34:31 ----D---- C:\Windows\system32\drivers
2011-09-18 11:10:30 ----D---- C:\Windows\Microsoft.NET
2011-09-18 09:10:25 ----D---- C:\Windows\system32\catroot2
2011-09-17 20:05:08 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-09-17 11:24:08 ----RD---- C:\Program Files (x86)
2011-09-17 11:15:20 ----D---- C:\Program Files (x86)\Common Files
2011-09-15 20:21:27 ----D---- C:\Windows\debug
2011-09-14 23:09:06 ----D---- C:\ProgramData\Microsoft Help
2011-09-14 23:08:09 ----D---- C:\Windows\winsxs
2011-09-14 23:07:04 ----D---- C:\Windows\system32\catroot
2011-09-14 23:05:55 ----A---- C:\Windows\system32\MRT.exe
2011-09-14 11:01:45 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-09-07 15:49:51 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-09-06 22:45:29 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2011-09-06 22:45:17 ----A---- C:\Windows\system32\aswBoot.exe
2011-08-29 13:57:40 ----D---- C:\Program Files (x86)\Java
2011-08-29 10:31:43 ----D---- C:\Program Files (x86)\iTunes

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mv91cons;Marvell 91xx Config Device Driver; C:\Windows\system32\DRIVERS\mv91cons.sys [2009-10-10 22568]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-19 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-09-06 42328]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-09-06 601944]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-09-06 301912]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-09-06 58200]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-09-06 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-09-06 65368]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-09-24 43168]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-09-22 2002080]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2009-09-25 73728]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2009-09-25 178688]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-05-25 174184]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-08-20 239616]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-09-24 311968]
S3 ahockwus;ahockwus; C:\Windows\system32\drivers\ahockwus.sys []
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-05-10 51712]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-04 2329480]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-05-25 1016936]
R2 O&O Defrag;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2009-09-12 2287360]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2010-09-30 1403200]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-09-06 44768]
S2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-07-12 387944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-11 136176]
S2 Marvell RAID;Marvell RAID Event Agent; C:\Program Files (x86)\Marvell\raid\svc\mvraidsvc.exe [2009-10-05 151552]
S2 MRUWebService;MRU Web Service; C:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe [2009-04-09 24635]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
S2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2011-04-11 103736]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-20 378472]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-11 136176]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-08-19 934760]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-09-17 411432]
S3 TuneUp.Defrag;@C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-11-14 607040]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-02 1255736]
S3 WiselinkPro;SAMSUNG WiselinkPro Service; C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2009-01-08 4136960]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[MarekVys]

Btw, jedná se o tentýž problém co zde: http://www.viry.cz/forum/viewtopic.php?f=13&t=115681 předpokládám.

Nouzový režim, jsem ani nespustil, kolegovy s problémem nepomohl, podařilo se mi ale RSIT spustit z Flashdisku.

[Rudy]

Nic nebezpečného není vidět. Zkuste, zda se vám povede spustit MBAM: http://www.malwarebytes.org/mbam.php . Proveďte kompletní sken a dejte log. Předem nic nemažte.

[MarekVys]

zkusím mban, ještě napíšu, že by se mohlo jednat o problém řešený zde: http://www.viry.cz/forum/viewtopic.php?f=13&t=115632 Avast včera něco odstranil.

K mé smůle nemám bod obnovení. Poučení pro příště

[MarekVys]

Mban v normálním režimu nespustím, do nouzového se nějak nemůžu dostat. Vždycky naskočí normálně Win7.

F8 nefunguje, zkusím F2 nebo tak...

[MarekVys]

Tak do toho nouzového režimu se nějak nemůžu dostat

[Rudy]

Budete se muset pokusit o opravu systému: http://www.viry.cz/forum/viewtopic.php?f=46&t=106339 . S tím topic, na nějž jste dal odkaz jeto sice podobné, ale řekl bych, že je za tím něco jiného. Tam šlo alespoň něco spustit.

[MarekVys]

Dobře, systém vrácen na bod do včerejšího dopoledne.

Někdy odpoledne avast odstranil nějaký bordel a dneska po restartu to dělalo výše zmíněné, nic nespustitelné.

Po navrácení bodu se načetl Win, ale vše zčernalo, při CTRL+ALT+DEL naskočil správce úloh, ale plocha i lišta Winu byly úplně černé. Tvrdy restart přes knoflik na bedně.

Win už po druhé naskočil úplně normálně. Přesto se ale necítím moc dobře, ohledně PC.

Přikládám log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Tomáš Vyskočil at 2011-09-26 21:09:29
Microsoft Windows 7 Home Premium Service Pack 2
System drive C: has 552 GB (58%) free of 954 GB
Total RAM: 4091 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:09:46, on 26.9.2011
Platform: Windows 7 SP2 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Marvell\raid\tray\MarvellTray.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Tomáš Vyskočil.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/sm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [MRUTray] C:\Program Files (x86)\Marvell\raid\tray\MarvellTray.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-4181977778-1132431620-3467244800-1006\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-4181977778-1132431620-3467244800-1006\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.co ... .3.1.0.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Marvell RAID Event Agent (Marvell RAID) - Unknown owner - C:\Program Files (x86)\Marvell\raid\svc\mvraidsvc.exe
O23 - Service: MRU Web Service (MRUWebService) - Apache Software Foundation - C:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: SAMSUNG WiselinkPro Service (WiselinkPro) - Unknown owner - C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8835 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
taskeng.exe {82B72B88-CD4A-4CDE-A0DE-7B357D60AEC2}
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe" -k runservice
"C:\Program Files\OO Software\Defrag\oodag.exe"
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe" /TUStart /pid:2412
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\OO Software\Defrag\oodtray.exe"
WLIDSvcM.exe 2452
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe" -d "C:/Program Files (x86)/Marvell/raid/Apache2"
"C:\Program Files (x86)\Marvell\raid\svc\mvraidsvc.exe"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-63ab4fea-a2ac-40ac-9b56-44c105b10b76 -SystemEventPortName:HostProcess-c98721cb-9329-4661-a769-7f8ea837071e -IoCancelEventPortName:HostProcess-66765a00-fa52-45eb-a496-73ec8231b61e -NonStateChangingEventPortName:HostProcess-92c7deaa-d925-4b82-b179-b8a6be8b6592 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6b2ac37e-b68e-435c-a799-1474466ef1e7
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Marvell\raid\tray\MarvellTray.exe"
"C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4556.87f7a60.223675252 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" Mozilla.Firefox.6.0.2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.jar" 4556 "\\.\pipe\gecko-crash-server-pipe.4556" plugin
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\Tomáš Vyskočil\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Tomáš Vyskočil\AppData\Roaming\Mozilla\Firefox\Profiles\a6r4pcln.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://start.icq.com/"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.8, {EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.2, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.3.0&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Tomáš Vyskočil\AppData\Roaming\Mozilla\Firefox\Profiles\a6r4pcln.default\searchplugins\
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-09-22 8116256]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2009-09-12 3832064]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"MRUTray"=C:\Program Files (x86)\Marvell\raid\tray\MarvellTray.exe [2009-10-09 741376]
"NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2009-09-25 106496]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-09-06 3722416]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktopChanges"=1
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-09-26 21:09:29 ----D---- C:\Program Files\trend micro
2011-09-26 19:23:18 ----D---- C:\rsit
2011-09-17 15:53:44 ----SHD---- C:\found.000
2011-09-17 11:15:19 ----D---- C:\Program Files (x86)\Steam
2011-09-10 18:42:05 ----D---- C:\Users\Tomáš Vyskočil\AppData\Roaming\Mount&Blade Warband
2011-09-01 15:34:09 ----D---- C:\Program Files\GamePark2
2011-08-29 13:57:53 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-08-29 13:57:53 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-08-29 13:57:53 ----A---- C:\Windows\SYSWOW64\java.exe
2011-08-29 10:31:29 ----D---- C:\Program Files\iTunes
2011-08-29 10:31:29 ----D---- C:\Program Files\iPod
2011-08-29 10:25:28 ----D---- C:\Program Files (x86)\QuickTime

======List of files/folders modified in the last 1 month======

2011-09-26 21:44:50 ----D---- C:\Windows\Tasks
2011-09-26 21:44:50 ----D---- C:\Windows\SYSWOW64\drivers
2011-09-26 21:44:50 ----D---- C:\Windows\system32\wfp
2011-09-26 21:44:50 ----D---- C:\Windows\system32\DriverStore
2011-09-26 21:44:50 ----D---- C:\Windows\system32\catroot2
2011-09-26 21:44:49 ----D---- C:\Windows\AppCompat
2011-09-26 21:44:49 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-09-26 21:44:49 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-09-26 21:44:48 ----D---- C:\Windows\system32\wbem
2011-09-26 21:44:48 ----D---- C:\Windows\registration
2011-09-26 21:44:44 ----RSD---- C:\Windows\assembly
2011-09-26 21:09:29 ----RD---- C:\Program Files
2011-09-26 21:09:28 ----D---- C:\Windows\Prefetch
2011-09-26 21:09:11 ----D---- C:\Windows\Temp
2011-09-26 21:06:09 ----D---- C:\ProgramData\NVIDIA
2011-09-26 21:05:13 ----D---- C:\Windows\system32\config
2011-09-26 21:04:12 ----D---- C:\Windows\system32\drivers
2011-09-26 21:01:40 ----D---- C:\Windows
2011-09-26 20:55:50 ----SHD---- C:\Windows\Installer
2011-09-26 20:55:49 ----RD---- C:\Program Files (x86)
2011-09-26 20:55:35 ----SHD---- C:\System Volume Information
2011-09-26 20:55:13 ----D---- C:\Windows\System32
2011-09-26 20:55:13 ----D---- C:\Windows\inf
2011-09-26 20:55:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-09-26 20:46:27 ----D---- C:\Windows\SysWOW64
2011-09-25 22:44:34 ----D---- C:\Users\Tomáš Vyskočil\AppData\Roaming\ICQ
2011-09-25 13:07:44 ----D---- C:\Users\Tomáš Vyskočil\AppData\Roaming\Media Player Classic
2011-09-25 11:01:50 ----D---- C:\HRY
2011-09-24 15:45:31 ----HD---- C:\ProgramData
2011-09-18 11:10:30 ----D---- C:\Windows\Microsoft.NET
2011-09-17 20:05:08 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-09-17 11:15:20 ----D---- C:\Program Files (x86)\Common Files
2011-09-15 20:21:27 ----D---- C:\Windows\debug
2011-09-14 23:09:06 ----D---- C:\ProgramData\Microsoft Help
2011-09-14 23:08:09 ----D---- C:\Windows\winsxs
2011-09-14 23:07:04 ----D---- C:\Windows\system32\catroot
2011-09-14 23:05:55 ----A---- C:\Windows\system32\MRT.exe
2011-09-14 11:01:45 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-09-07 15:49:51 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-09-06 22:45:29 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2011-09-06 22:45:17 ----A---- C:\Windows\system32\aswBoot.exe
2011-08-29 13:57:40 ----D---- C:\Program Files (x86)\Java
2011-08-29 10:31:43 ----D---- C:\Program Files (x86)\iTunes

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mv91cons;Marvell 91xx Config Device Driver; C:\Windows\system32\DRIVERS\mv91cons.sys [2009-10-10 22568]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-19 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-09-06 42328]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-09-06 601944]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-09-06 301912]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-09-06 58200]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-09-06 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-09-06 65368]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-09-22 2002080]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2009-09-25 73728]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2009-09-25 178688]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-05-25 174184]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-08-20 239616]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
S3 anilvczs;anilvczs; C:\Windows\system32\drivers\anilvczs.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-05-10 51712]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-09-06 44768]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-07-12 387944]
R2 Marvell RAID;Marvell RAID Event Agent; C:\Program Files (x86)\Marvell\raid\svc\mvraidsvc.exe [2009-10-05 151552]
R2 MRUWebService;MRU Web Service; C:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe [2009-04-09 24635]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-05-25 1016936]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
R2 O&O Defrag;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2009-09-12 2287360]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2011-04-11 103736]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-20 378472]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2010-09-30 1403200]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-11 136176]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-11 136176]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-08-19 934760]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-09-17 411432]
S3 TuneUp.Defrag;@C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-11-14 607040]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-02 1255736]
S3 WiselinkPro;SAMSUNG WiselinkPro Service; C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2009-01-08 4136960]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Rudy]

Log vypadá OK. Pro jistotu ještě poprosím o ten sken MBAM.

[MarekVys]

mbam - rychlý test

Malwarebytes' Anti-Malware 1.51.2.1300
http://www.malwarebytes.org

Verze databáze: 7802

Windows 6.1.7601 Service Pack 2
Internet Explorer 9.0.8112.16421

26.9.2011 22:46:24
mbam-log-2011-09-26 (22-46-24).txt

Typ: Rychlá kontrola
Kontrolované objekty: 197015
Uplynulý čas: 4 minut, 11 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Mwav - pouze scan (rád bych věděl, zda to můžu nechat projet i s odstraněním, aniž by se něco nezkazilo, je tam toho dost)

26 9 2011 21:32:22 - **********************************************************

26 9 2011 21:32:22 - eScan AntiVirus & Spyware Toolkit Utility.

26 9 2011 21:32:22 - Copyright © MicroWorld Technologies

26 9 2011 21:32:22 - **********************************************************

26 9 2011 21:32:22 - Source: C:\Users\TOMVYS~1\Desktop\mwav.exe

26 9 2011 21:32:22 - Version 12.0.166 (C:\USERS\TOMáš VYSKOčIL\APPDATA\LOCAL\TEMP\MEXETMP.EX~)

26 9 2011 21:32:22 - Log File: C:\Users\Tomáš Vyskočil\AppData\Local\Temp\MWAV.LOG

26 9 2011 21:32:22 - Last Scan Date and Time: 08.05.2011 16:24:38

26 9 2011 21:32:22 - MWAV Registered: TRUE

26 9 2011 21:32:22 - User Account: Tomáš Vyskočil (Administrator Mode)

26 9 2011 21:32:22 - OS Type: Windows Workstation

26 9 2011 21:32:22 - OS: Windows 7 64-Bit

26 9 2011 21:32:22 - Ver: Personal Service Pack 2 (Build 7601)

26 9 2011 21:32:22 - System Up Time: 26 Minutes, 34 Seconds



26 9 2011 21:32:22 - Parent Process Name : C:\Users\Tomáš Vyskočil\AppData\Local\Temp\mexe.com

26 9 2011 21:32:22 - Windows Root Folder: C:\Windows

26 9 2011 21:32:22 - Windows Sys32 Folder: C:\Windows\system32

26 9 2011 21:32:22 - DHCP NameServer: 10.0.0.138

26 9 2011 21:32:22 - Interface0 DHCPNameServer: 10.0.0.138

26 9 2011 21:32:22 - Local Fixed Drives: c:\

26 9 2011 21:32:22 - MWAV Mode: Scan and Clean files (for viruses, adware and spyware)

26 9 2011 21:32:22 - [CREATED ZIP FILE: C:\Users\Tomáš Vyskočil\AppData\Local\Temp\pinfect.zip]



26 9 2011 21:32:22 - ****** Files/Folders created/modified during last fortnight in Windows and ROOT Folder ******

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll (3072), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll (3072), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll (3072), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll (3072), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll (3072), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll (3072), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll (5120), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll (3072), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll (3584), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll (3584), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll (3072), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll (3584), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll (4096), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll (4096), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll (3584), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll (4096), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll (3584), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll (3584), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll (4608), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll (3072), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll (3072), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll (3072), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll (4096), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll (4096), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll (4608), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll (3072), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll (3584), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll (6144), 10-Aug-2011 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-security-lsalookup-l1-1-0.dll (3584), 13-Jul-2009 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-security-sddl-l1-1-0.dll (3072), 13-Jul-2009 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-service-core-l1-1-0.dll (2560), 13-Jul-2009 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-service-management-l1-1-0.dll (2560), 13-Jul-2009 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-service-management-l2-1-0.dll (2560), 13-Jul-2009 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:23 - C:\Windows\system32\api-ms-win-service-winsvc-l1-1-0.dll (3584), 13-Jul-2009 [H], Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\BACKUP.16364015.mexe.com (2554440), 26-Sep-2011, MicroWorld Technologies Inc., MicroWorld AntiVirus Toolkit Utility (MWAV)

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\bdc.exe (91904), 26-Sep-2011, MicroWorld Tech, eScan

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\bdfltlib2k.dll (231944), 26-Sep-2011, MicroWorld Technologies Inc., eScan for Windows

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\clean.bat (11), 26-Sep-2011 [Added C:\Users\TOMVYS~1\AppData\Local\Temp\clean.bat to ZIP FILE]

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\DEVCON.EXE (61184), 26-Sep-2011, Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\encdec.dll (180744), 26-Sep-2011, MicroWorld Technologies Inc., eScan/MailScan/eConceal

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\erootdrv.sys (13832), 26-Sep-2011, MicroWorld Technologies Inc., eScan/MWAV

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\mexe.com (2583112), 26-Sep-2011, MicroWorld Technologies Inc., MicroWorld AntiVirus Toolkit Utility (MWAV)

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\msvclnt.dll (240136), 26-Sep-2011, MicroWorld Technologies Inc., MailScan

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\mwavdwnl.exe (838152), 26-Sep-2011, MicroWorld Technologies Inc., eScan

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\MWAVReg.EXE (700424), 26-Sep-2011, MicroWorld Technologies Inc., eScan / MailScan / eConceal

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\MWAVSCAN.COM (2554440), 26-Sep-2011, MicroWorld Technologies Inc., MicroWorld AntiVirus Toolkit Utility (MWAV)

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\plugins.htm (3650), 26-Sep-2011 [Added C:\Users\TOMVYS~1\AppData\Local\Temp\plugins.htm to ZIP FILE]

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\red32.dll (10248), 26-Sep-2011, Microsoft Corporation, Microsoft® Windows® Operating System

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\reload.exe (375304), 26-Sep-2011, MicroWorld Technologies Inc., eScan for Windows

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\setpriv.exe (66568), 26-Sep-2011, MicroWorld Technologies Inc., eScan AntiVirus Toolkit Utility

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\unregx.exe (77832), 26-Sep-2011, MicroWorld Technologies Inc., MicroWorld AntiVirus Toolkit Utility

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\UPDLL10.DLL (904712), 26-Sep-2011, MicroWorld Technologies Inc., eScan/MailScan/MWAV

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\viewtcp.exe (1680904), 26-Sep-2011, MicroWorld Technologies Inc., ViewTCP

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\~DFEB3EB070F77383AB.TMP (147456), 26-Sep-2011 [Added C:\Users\TOMVYS~1\AppData\Local\Temp\~DFEB3EB070F77383AB.TMP to ZIP FILE]



26 9 2011 21:32:24 - C:\Windows\Fonts, 14-Jul-2009 [SR] [Folder]

26 9 2011 21:32:24 - C:\Windows\Media, 14-Jul-2009 [SR] [Folder]

26 9 2011 21:32:24 - C:\Windows\msdownld.tmp, 06-Jul-2011 [H] [Folder]

26 9 2011 21:32:24 - C:\Windows\system32\%APPDATA%, 20-Aug-2010 [HS] [Folder]

26 9 2011 21:32:24 - C:\Documents and Settings, 14-Jul-2009 [HS] [Folder]

26 9 2011 21:32:24 - C:\found.000, 17-Sep-2011 [HS] [Folder]

26 9 2011 21:32:24 - C:\MSOCache, 09-Oct-2010 [HR] [Folder]

26 9 2011 21:32:24 - C:\ProgramData, 14-Jul-2009 [H] [Folder]

26 9 2011 21:32:24 - C:\Recovery, 19-Aug-2010 [HS] [Folder]

26 9 2011 21:32:24 - C:\rsit, 26-Sep-2011 [Folder]

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\AVCBack, 26-Sep-2011 [Folder]

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\FtpTemp, 26-Sep-2011 [Folder]

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\FtpTempF, 26-Sep-2011 [Folder]

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\hsperfdata_Tomáš Vyskočil, 26-Sep-2011 [Folder]

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\LOCK, 26-Sep-2011 [Folder]

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\Log, 26-Sep-2011 [Folder]

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\plugins, 26-Sep-2011 [Folder]

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\tmp00004670, 26-Sep-2011 [Folder]

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\WPDNSE, 26-Sep-2011 [Folder]

26 9 2011 21:32:24 - C:\Users\TOMVYS~1\AppData\Local\Temp\_avast_, 26-Sep-2011 [Folder]

26 9 2011 21:32:24 - C:\Users\Tomáš Vyskočil\AppData\Roaming\Microsoft, 19-Aug-2010 [S] [Folder]

26 9 2011 21:32:24 - C:\ProgramData\Application Data, 14-Jul-2009 [HS] [Folder]

26 9 2011 21:32:24 - C:\ProgramData\Data aplikací, 19-Aug-2010 [HS] [Folder]

26 9 2011 21:32:24 - C:\ProgramData\Desktop, 14-Jul-2009 [HS] [Folder]

26 9 2011 21:32:24 - C:\ProgramData\Documents, 14-Jul-2009 [HS] [Folder]

26 9 2011 21:32:24 - C:\ProgramData\Dokumenty, 19-Aug-2010 [HS] [Folder]

26 9 2011 21:32:24 - C:\ProgramData\DSS, 17-Oct-2010 [HS] [Folder]

26 9 2011 21:32:24 - C:\ProgramData\Microsoft, 14-Jul-2009 [S] [Folder]

26 9 2011 21:32:24 - C:\ProgramData\Nabídka Start, 19-Aug-2010 [HS] [Folder]

26 9 2011 21:32:24 - C:\ProgramData\Oblíbené položky, 19-Aug-2010 [HS] [Folder]

26 9 2011 21:32:24 - C:\ProgramData\Plocha, 19-Aug-2010 [HS] [Folder]

26 9 2011 21:32:24 - C:\ProgramData\Start Menu, 14-Jul-2009 [HS] [Folder]

26 9 2011 21:32:24 - C:\ProgramData\Templates, 14-Jul-2009 [HS] [Folder]

26 9 2011 21:32:24 - C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}, 19-Aug-2010 [HS] [Folder]

26 9 2011 21:32:24 - C:\ProgramData\Šablony, 19-Aug-2010 [HS] [Folder]

26 9 2011 21:32:24 - C:\ProgramData\..\Documents and Settings, 14-Jul-2009 [HS] [Folder]

26 9 2011 21:32:24 - C:\ProgramData\..\found.000, 17-Sep-2011 [HS] [Folder]

26 9 2011 21:32:24 - C:\ProgramData\..\MSOCache, 09-Oct-2010 [HR] [Folder]

26 9 2011 21:32:24 - C:\ProgramData\..\ProgramData, 14-Jul-2009 [H] [Folder]

26 9 2011 21:32:24 - C:\ProgramData\..\Recovery, 19-Aug-2010 [HS] [Folder]

26 9 2011 21:32:24 - C:\ProgramData\..\rsit, 26-Sep-2011 [Folder]

26 9 2011 21:32:24 - C:\Program Files (x86)\Steam, 17-Sep-2011 [Folder]

26 9 2011 21:32:24 - C:\Program Files (x86)\Common Files\Steam, 17-Sep-2011 [Folder]



26 9 2011 21:32:24 - *********************************************************************************************



26 9 2011 21:32:24 - Command Line Options Given: /xsign

26 9 2011 21:32:25 - Latest Date of files inside MWAV: Mon Sep 26 20:53:15 2011.

26 9 2011 21:32:25 - Plugins FileCount: 895 Sign Version: 7.39185

26 9 2011 21:32:25 - Loading/Creating FileScan Database C:\ProgramData\MicroWorld\MWAV\ESCANDBX.MDB [Log: C:\Users\Tomáš Vyskočil\AppData\Local\Temp\ESCANDB.LOG]

26 9 2011 21:32:26 - Loaded/Created FileScan Database...

26 9 2011 21:32:26 - Loading AV Library [DB]...

26 9 2011 21:32:34 - AV Library Loaded [DB-DIRECT].

26 9 2011 21:32:34 - MWAV doing self scanning...

26 9 2011 21:32:34 - MWAV files are clean.
26 9 2011 21:32:39 - Virus Database Date: 26 Sep 2011
26 9 2011 21:32:39 - Virus Database Count: 9223684

26 9 2011 21:32:53 - **********************************************************
26 9 2011 21:32:53 - eScan AntiVirus & Spyware Toolkit Utility.
26 9 2011 21:32:53 - Copyright © MicroWorld Technologies
26 9 2011 21:32:53 -
26 9 2011 21:32:53 - Support: support@escanav.com
26 9 2011 21:32:53 - Web: http://www.escanav.com
26 9 2011 21:32:53 - **********************************************************
26 9 2011 21:32:53 - Version 12.0.166[DB] (C:\USERS\TOMáš VYSKOčIL\APPDATA\LOCAL\TEMP\MEXETMP.EX~)
26 9 2011 21:32:53 - Log File: C:\Users\Tomáš Vyskočil\AppData\Local\Temp\MWAV.LOG
26 9 2011 21:32:53 - User Account: Tomáš Vyskočil (Administrator Mode)
26 9 2011 21:32:53 - Parent Process Name : C:\Users\Tomáš Vyskočil\AppData\Local\Temp\mexe.com
26 9 2011 21:32:53 - Windows Root Folder: C:\Windows
26 9 2011 21:32:53 - Windows Sys32 Folder: C:\Windows\system32
26 9 2011 21:32:53 - OS: Windows 7 64-Bit
26 9 2011 21:32:53 - Ver: Personal Service Pack 2 (Build 7601)
26 9 2011 21:32:53 - Latest Date of files inside MWAV: Mon Sep 26 20:53:15 2011.
26 9 2011 21:32:53 - Plugins FileCount: 895 Sign Version: 7.39185

26 9 2011 21:32:56 - Options Selected by User:
26 9 2011 21:32:56 - Memory Check: Enabled
26 9 2011 21:32:56 - Registry Check: Enabled
26 9 2011 21:32:56 - StartUp Folder Check: Enabled
26 9 2011 21:32:56 - System Folder Check: Enabled
26 9 2011 21:32:56 - Services Check: Enabled
26 9 2011 21:32:56 - Scan Spyware: Enabled
26 9 2011 21:32:56 - Drive Check: Disabled
26 9 2011 21:32:56 - All Drive Check :Enabled
26 9 2011 21:32:56 - Folder Check: Enabled
26 9 2011 21:32:56 - Folder Selected = C:\Windows
26 9 2011 21:32:56 - SCAN: All_Files
26 9 2011 21:32:56 - MWAV Mode: Only Scan files (Do Not Clean)


26 9 2011 21:32:57 - ***** Scanning Memory Files *****

26 9 2011 21:33:09 - ***** Scanning Registry Files *****

26 9 2011 21:33:13 - ***** Scanning StartUp Folders *****

26 9 2011 21:33:14 - ***** Scanning Service Files *****

26 9 2011 21:33:18 - ***** Scanning Registry and File system for Adware/Spyware *****
26 9 2011 21:33:19 - Loading Spyware Signatures from new External Database [Name: C:\Users\TOMVYS~1\AppData\Local\Temp\spydb.avs, Size: 978804]...
26 9 2011 21:33:19 - Indexed Spyware Databases Successfully Created...


26 9 2011 21:33:35 - ***** Scanning System32 Folders *****
26 9 2011 21:34:03 - Scanning File C:\Windows\system32\PnkBstrA.exe.mwt
26 9 2011 21:34:03 - File C:\Windows\system32\PnkBstrA.exe.mwt infected by "Win-Trojan/Fakeav.66872.TE (ES)" Virus! Action Taken: No Action Taken.



26 9 2011 21:34:36 - ***** Scanning All Drives *****
26 9 2011 21:34:36 - Scanning C:\ Drive
26 9 2011 21:37:09 - Scanning File C:\HRY\Bulletstorm\Binaries\Win32\SKIDROW.dll
26 9 2011 21:37:09 - ScanFile took 11186 ms
26 9 2011 21:37:09 - File C:\HRY\Bulletstorm\Binaries\Win32\SKIDROW.dll infected by "Trojan.Generic.5482034 (DB)" Virus! Action Taken: No Action Taken.

26 9 2011 21:49:52 - Scanning File C:\HRY\The Witcher 2\bin\paul.dll
26 9 2011 21:49:52 - File C:\HRY\The Witcher 2\bin\paul.dll infected by "HeurEngine.Vmpbad.TE (ES)" Virus! Action Taken: No Action Taken.

26 9 2011 21:50:10 - Scanning File C:\HRY\Warhammer.40K.Space.Marine\data\config\??????.url
26 9 2011 21:50:10 - ERROR(3)!!! ScanFile fails for C:\HRY\Warhammer.40K.Space.Marine\data\config\??????.url
26 9 2011 21:50:33 - Scanning File C:\HRY\Warhammer.40K.Space.Marine\??.txt
26 9 2011 21:50:33 - ERROR(3)!!! ScanFile fails for C:\HRY\Warhammer.40K.Space.Marine\??.txt
26 9 2011 21:59:28 - C:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager\MpSfc.bin not Scanned. Possibly password protected...
26 9 2011 21:59:32 - C:\System Volume Information\Syscache.hve not Scanned. Possibly password protected...
26 9 2011 21:59:32 - C:\System Volume Information\Syscache.hve.LOG1 not Scanned. Possibly password protected...
26 9 2011 21:59:32 - Scanning File C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
26 9 2011 21:59:32 - ERROR(3)!!! ScanFile fails for C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
26 9 2011 21:59:32 - Scanning File C:\System Volume Information\{51ad414f-e744-11e0-9928-6cf049e0be3d}{3808876b-c176-4e48-b7ae-04046e6cc752}
26 9 2011 21:59:32 - ERROR(3)!!! ScanFile fails for C:\System Volume Information\{51ad414f-e744-11e0-9928-6cf049e0be3d}{3808876b-c176-4e48-b7ae-04046e6cc752}
26 9 2011 21:59:32 - Scanning File C:\System Volume Information\{55beaf77-e870-11e0-9045-6cf049e0be3d}{3808876b-c176-4e48-b7ae-04046e6cc752}
26 9 2011 21:59:32 - ERROR(3)!!! ScanFile fails for C:\System Volume Information\{55beaf77-e870-11e0-9045-6cf049e0be3d}{3808876b-c176-4e48-b7ae-04046e6cc752}
26 9 2011 22:02:37 - C:\Users\Tomáš Vyskočil\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 not Scanned. Possibly password protected...
26 9 2011 22:04:19 - Scanning File C:\Users\Tomáš Vyskočil\Downloads\gtasa\1\GTA San Andreas\hlm-intro.exe
26 9 2011 22:04:19 - File C:\Users\Tomáš Vyskočil\Downloads\gtasa\1\GTA San Andreas\hlm-intro.exe infected by "Backdoor.Hupigon.KG (DB)" Virus! Action Taken: No Action Taken.

26 9 2011 22:04:52 - Scanning File C:\Users\Tomáš Vyskočil\Music\Fake Number - Fake Number\Fake Number - 01. Voce Vai Lembrar.mp3
26 9 2011 22:04:52 - ERROR(3)!!! ScanFile fails for C:\Users\Tomáš Vyskočil\Music\Fake Number - Fake Number\Fake Number - 01. Voce Vai Lembrar.mp3
26 9 2011 22:04:59 - Scanning File C:\Users\Tomáš Vyskočil\Music\Gorillaz discography\Demon Days\07 El Manana.mp3
26 9 2011 22:04:59 - ERROR(3)!!! ScanFile fails for C:\Users\Tomáš Vyskočil\Music\Gorillaz discography\Demon Days\07 El Manana.mp3
26 9 2011 22:05:00 - INVALID ATTRIBUTES FOR FOLDER [C:\Users\Tomáš Vyskočil\Music\Gorillaz discography\El Manana-Kids With Guns]. IGNORING.
26 9 2011 22:05:01 - Scanning File C:\Users\Tomáš Vyskočil\Music\Gorillaz discography\Laika Come Home\03 Banana Baby (Tomorrow Comes Today).mp3
26 9 2011 22:05:01 - ERROR(3)!!! ScanFile fails for C:\Users\Tomáš Vyskočil\Music\Gorillaz discography\Laika Come Home\03 Banana Baby (Tomorrow Comes Today).mp3
26 9 2011 22:05:01 - Scanning File C:\Users\Tomáš Vyskočil\Music\Gorillaz discography\Laika Come Home\07 Dub O 9 (Starshine).mp3
26 9 2011 22:05:01 - ERROR(3)!!! ScanFile fails for C:\Users\Tomáš Vyskočil\Music\Gorillaz discography\Laika Come Home\07 Dub O 9 (Starshine).mp3
26 9 2011 22:05:20 - Scanning File C:\Users\Tomáš Vyskočil\Music\Hip Hop\from domino\Piggo HH\Royce Da 5'9? - My Friend.mp3
26 9 2011 22:05:20 - ERROR(3)!!! ScanFile fails for C:\Users\Tomáš Vyskočil\Music\Hip Hop\from domino\Piggo HH\Royce Da 5'9? - My Friend.mp3
26 9 2011 22:05:22 - Scanning File C:\Users\Tomáš Vyskočil\Music\Hip Hop\from domino\piggo hip hop\G-Hot - Feiern ? Hassen.mp3
26 9 2011 22:05:22 - ERROR(3)!!! ScanFile fails for C:\Users\Tomáš Vyskočil\Music\Hip Hop\from domino\piggo hip hop\G-Hot - Feiern ? Hassen.mp3
26 9 2011 22:05:22 - Scanning File C:\Users\Tomáš Vyskočil\Music\Hip Hop\from domino\Piggo House\Kerri Chandler - Kong ? Pong (Kong).mp3
26 9 2011 22:05:22 - ERROR(3)!!! ScanFile fails for C:\Users\Tomáš Vyskočil\Music\Hip Hop\from domino\Piggo House\Kerri Chandler - Kong ? Pong (Kong).mp3
26 9 2011 22:05:22 - Scanning File C:\Users\Tomáš Vyskočil\Music\Hip Hop\from domino\Piggo House\Kerri Chandler - Kong ? Pong (Pong).mp3
26 9 2011 22:05:22 - ERROR(3)!!! ScanFile fails for C:\Users\Tomáš Vyskočil\Music\Hip Hop\from domino\Piggo House\Kerri Chandler - Kong ? Pong (Pong).mp3
26 9 2011 22:05:23 - Scanning File C:\Users\Tomáš Vyskočil\Music\Hip Hop\from domino\Piggo House\Mixtapes\didier\._07 - Carl Craig - Paperclip People ?Throw?.mp3
26 9 2011 22:05:23 - ERROR(3)!!! ScanFile fails for C:\Users\Tomáš Vyskočil\Music\Hip Hop\from domino\Piggo House\Mixtapes\didier\._07 - Carl Craig - Paperclip People ?Throw?.mp3
26 9 2011 22:05:23 - Scanning File C:\Users\Tomáš Vyskočil\Music\Hip Hop\from domino\Piggo House\Mixtapes\didier\._17 - Theo Parrish - Roots Revisited ?Dan Ryan?.mp3
26 9 2011 22:05:23 - ERROR(3)!!! ScanFile fails for C:\Users\Tomáš Vyskočil\Music\Hip Hop\from domino\Piggo House\Mixtapes\didier\._17 - Theo Parrish - Roots Revisited ?Dan Ryan?.mp3
26 9 2011 22:05:23 - Scanning File C:\Users\Tomáš Vyskočil\Music\Hip Hop\from domino\Piggo House\Mixtapes\didier\07 - Carl Craig - Paperclip People ?Throw?.mp3
26 9 2011 22:05:23 - ERROR(3)!!! ScanFile fails for C:\Users\Tomáš Vyskočil\Music\Hip Hop\from domino\Piggo House\Mixtapes\didier\07 - Carl Craig - Paperclip People ?Throw?.mp3
26 9 2011 22:05:23 - Scanning File C:\Users\Tomáš Vyskočil\Music\Hip Hop\from domino\Piggo House\Mixtapes\didier\17 - Theo Parrish - Roots Revisited ?Dan Ryan?.mp3
26 9 2011 22:05:23 - ERROR(3)!!! ScanFile fails for C:\Users\Tomáš Vyskočil\Music\Hip Hop\from domino\Piggo House\Mixtapes\didier\17 - Theo Parrish - Roots Revisited ?Dan Ryan?.mp3
26 9 2011 22:05:47 - Scanning File C:\Users\Tomáš Vyskočil\Music\Hip Hop\Taneční liga Best Dance Hits 2008\CD1\07-ALEX C. feat. Yass _ Du Hast Den Sch?nsten Arsch Der Welt.mp3
26 9 2011 22:05:47 - ERROR(3)!!! ScanFile fails for C:\Users\Tomáš Vyskočil\Music\Hip Hop\Taneční liga Best Dance Hits 2008\CD1\07-ALEX C. feat. Yass _ Du Hast Den Sch?nsten Arsch Der Welt.mp3
26 9 2011 22:05:47 - Scanning File C:\Users\Tomáš Vyskočil\Music\Hip Hop\Taneční liga Best Dance Hits 2008\CD1\09-BASSHUNTER feat. DJ Mental Theo _ Now You?re Gone.mp3
26 9 2011 22:05:47 - ERROR(3)!!! ScanFile fails for C:\Users\Tomáš Vyskočil\Music\Hip Hop\Taneční liga Best Dance Hits 2008\CD1\09-BASSHUNTER feat. DJ Mental Theo _ Now You?re Gone.mp3
26 9 2011 22:05:47 - Scanning File C:\Users\Tomáš Vyskočil\Music\Hip Hop\Taneční liga Best Dance Hits 2008\CD1\12-FRAGMA _ Toca?s Miracle 08.mp3
26 9 2011 22:05:47 - ERROR(3)!!! ScanFile fails for C:\Users\Tomáš Vyskočil\Music\Hip Hop\Taneční liga Best Dance Hits 2008\CD1\12-FRAGMA _ Toca?s Miracle 08.mp3
26 9 2011 22:05:47 - Scanning File C:\Users\Tomáš Vyskočil\Music\Hip Hop\Taneční liga Best Dance Hits 2008\CD1\18-TOPMODELZ _ When You?re Looking Like That.mp3
26 9 2011 22:05:47 - ERROR(3)!!! ScanFile fails for C:\Users\Tomáš Vyskočil\Music\Hip Hop\Taneční liga Best Dance Hits 2008\CD1\18-TOPMODELZ _ When You?re Looking Like That.mp3
26 9 2011 22:05:47 - Scanning File C:\Users\Tomáš Vyskočil\Music\Hip Hop\Taneční liga Best Dance Hits 2008\CD1\21-2-4 GROOVES _ Writing On The Wall (St. Elmo?s Fire).mp3
26 9 2011 22:05:47 - ERROR(3)!!! ScanFile fails for C:\Users\Tomáš Vyskočil\Music\Hip Hop\Taneční liga Best Dance Hits 2008\CD1\21-2-4 GROOVES _ Writing On The Wall (St. Elmo?s Fire).mp3
26 9 2011 22:05:47 - Scanning File C:\Users\Tomáš Vyskočil\Music\Hip Hop\Taneční liga Best Dance Hits 2008\CD1\22-GLOBAL DEEJAYS feat. Rozalla _ Everybody?s Free.mp3
26 9 2011 22:05:47 - ERROR(3)!!! ScanFile fails for C:\Users\Tomáš Vyskočil\Music\Hip Hop\Taneční liga Best Dance Hits 2008\CD1\22-GLOBAL DEEJAYS feat. Rozalla _ Everybody?s Free.mp3
26 9 2011 22:06:40 - C:\Users\Tomáš Vyskočil\ntuser.dat.LOG1 not Scanned. Possibly password protected...
26 9 2011 22:06:44 - C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 not Scanned. Possibly password protected...
26 9 2011 22:06:45 - C:\Users\UpdatusUser\ntuser.dat.LOG1 not Scanned. Possibly password protected...
26 9 2011 22:07:41 - Scanning File C:\Windows\ConfigSetRoot\!Data\RAdmin\Remote Administrator Control v3.3.1\Patch\patch331.exe.mwt
26 9 2011 22:07:41 - File C:\Windows\ConfigSetRoot\!Data\RAdmin\Remote Administrator Control v3.3.1\Patch\patch331.exe.mwt infected by "Backdoor.Generic.180973 (DB)" Virus! Action Taken: No Action Taken.

26 9 2011 22:07:41 - Scanning File C:\Windows\ConfigSetRoot\!Data\RAdmin\Remote Administrator Control v3.3.1\Patch\rac.server.3.3.1-patch-icu.exe.mwt
26 9 2011 22:07:41 - File C:\Windows\ConfigSetRoot\!Data\RAdmin\Remote Administrator Control v3.3.1\Patch\rac.server.3.3.1-patch-icu.exe.mwt infected by "Virtool.16778 (DB)" Virus! Action Taken: No Action Taken.

26 9 2011 22:07:56 - Scanning File C:\Windows\ConfigSetRoot\!Data\Windows\LEGALIZACE WINDOWS\02 CHANGE_WINXP_KEY\CHANGE WINXP KEY.EXE.mwt
26 9 2011 22:07:56 - File C:\Windows\ConfigSetRoot\!Data\Windows\LEGALIZACE WINDOWS\02 CHANGE_WINXP_KEY\CHANGE WINXP KEY.EXE.mwt infected by "Application.Findkeyxp.F (DB)" Virus! Action Taken: No Action Taken.

26 9 2011 22:07:56 - Scanning File C:\Windows\ConfigSetRoot\!Data\Windows\LEGALIZACE WINDOWS\03 WINXP_GENUINE_ADVANTAGE_FIX\WINXP GENUINE ADVANTAGE FIX.EXE.mwt
26 9 2011 22:07:56 - File C:\Windows\ConfigSetRoot\!Data\Windows\LEGALIZACE WINDOWS\03 WINXP_GENUINE_ADVANTAGE_FIX\WINXP GENUINE ADVANTAGE FIX.EXE.mwt infected by "Generic.dx!vdw.TE (ES)" Virus! Action Taken: No Action Taken.

26 9 2011 22:07:57 - C:\Windows\ConfigSetRoot\!Data\Windows\Vista all versions [x86x64] activator\Vst.X-Free.AO_2.1.2.1.2.exe not Scanned. Possibly password protected...
26 9 2011 22:08:20 - Scanning File C:\Windows\ConfigSetRoot\Portable Aplikace\HardDiskTune\HDTune.exe.mwt
26 9 2011 22:08:20 - File C:\Windows\ConfigSetRoot\Portable Aplikace\HardDiskTune\HDTune.exe.mwt infected by "Trojan.Generic.1718016 (DB)" Virus! Action Taken: No Action Taken.

26 9 2011 22:08:31 - Scanning File C:\Windows\ConfigSetRoot\Portable Aplikace\PDF Password Cracker\keygen.exe.mwt
26 9 2011 22:08:31 - File C:\Windows\ConfigSetRoot\Portable Aplikace\PDF Password Cracker\keygen.exe.mwt infected by "Trojan.Generic.922692 (DB)" Virus! Action Taken: No Action Taken.

26 9 2011 22:11:04 - C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat not Scanned. Possibly password protected...
26 9 2011 22:11:04 - C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat not Scanned. Possibly password protected...
26 9 2011 22:11:05 - C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\PeerNetworking\a65f26169b8ecf9482327b6f52ecba62edfcb279.HomeGroupClassifier\1e6baa727de69cef6e140fdaea94d1a4\grouping\db.mdb not Scanned. Possibly password protected...
26 9 2011 22:11:05 - C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\PeerNetworking\a65f26169b8ecf9482327b6f52ecba62edfcb279.HomeGroupClassifier\1e6baa727de69cef6e140fdaea94d1a4\grouping\tmp.edb not Scanned. Possibly password protected...
26 9 2011 22:11:05 - C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1 not Scanned. Possibly password protected...
26 9 2011 22:12:23 - C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1 not Scanned. Possibly password protected...
26 9 2011 22:14:20 - C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb not Scanned. Possibly password protected...
26 9 2011 22:14:20 - C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb not Scanned. Possibly password protected...
26 9 2011 22:15:45 - C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl not Scanned. Possibly password protected...
26 9 2011 22:15:45 - C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl not Scanned. Possibly password protected...
26 9 2011 22:15:45 - C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl not Scanned. Possibly password protected...
26 9 2011 22:15:45 - C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl not Scanned. Possibly password protected...
26 9 2011 22:15:45 - C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl not Scanned. Possibly password protected...
26 9 2011 22:16:02 - Scanning File C:\Windows\System32\PnkBstrA.exe.mwt
26 9 2011 22:16:02 - File C:\Windows\System32\PnkBstrA.exe.mwt infected by "Win-Trojan/Fakeav.66872.TE (ES)" Virus! Action Taken: No Action Taken.

26 9 2011 22:17:13 - Scanning File C:\Windows\SysWOW64\PnkBstrA.exe.mwt
26 9 2011 22:17:13 - File C:\Windows\SysWOW64\PnkBstrA.exe.mwt infected by "Win-Trojan/Fakeav.66872.TE (ES)" Virus! Action Taken: No Action Taken.

26 9 2011 22:29:39 - Scanning File C:\Windows\ConfigSetRoot\!Data\RAdmin\Remote Administrator Control v3.3.1\Patch\patch331.exe.mwt
26 9 2011 22:29:39 - File C:\Windows\ConfigSetRoot\!Data\RAdmin\Remote Administrator Control v3.3.1\Patch\patch331.exe.mwt infected by "Backdoor.Generic.180973 (DB)" Virus! Action Taken: No Action Taken.

26 9 2011 22:29:39 - Scanning File C:\Windows\ConfigSetRoot\!Data\RAdmin\Remote Administrator Control v3.3.1\Patch\rac.server.3.3.1-patch-icu.exe.mwt
26 9 2011 22:29:39 - File C:\Windows\ConfigSetRoot\!Data\RAdmin\Remote Administrator Control v3.3.1\Patch\rac.server.3.3.1-patch-icu.exe.mwt infected by "Virtool.16778 (DB)" Virus! Action Taken: No Action Taken.

26 9 2011 22:29:41 - Scanning File C:\Windows\ConfigSetRoot\!Data\Windows\LEGALIZACE WINDOWS\02 CHANGE_WINXP_KEY\CHANGE WINXP KEY.EXE.mwt
26 9 2011 22:29:41 - File C:\Windows\ConfigSetRoot\!Data\Windows\LEGALIZACE WINDOWS\02 CHANGE_WINXP_KEY\CHANGE WINXP KEY.EXE.mwt infected by "Application.Findkeyxp.F (DB)" Virus! Action Taken: No Action Taken.

26 9 2011 22:29:41 - Scanning File C:\Windows\ConfigSetRoot\!Data\Windows\LEGALIZACE WINDOWS\03 WINXP_GENUINE_ADVANTAGE_FIX\WINXP GENUINE ADVANTAGE FIX.EXE.mwt
26 9 2011 22:29:41 - File C:\Windows\ConfigSetRoot\!Data\Windows\LEGALIZACE WINDOWS\03 WINXP_GENUINE_ADVANTAGE_FIX\WINXP GENUINE ADVANTAGE FIX.EXE.mwt infected by "Generic.dx!vdw.TE (ES)" Virus! Action Taken: No Action Taken.

26 9 2011 22:29:42 - C:\Windows\ConfigSetRoot\!Data\Windows\Vista all versions [x86x64] activator\Vst.X-Free.AO_2.1.2.1.2.exe not Scanned. Possibly password protected...
26 9 2011 22:29:48 - Scanning File C:\Windows\ConfigSetRoot\Portable Aplikace\HardDiskTune\HDTune.exe.mwt
26 9 2011 22:29:48 - File C:\Windows\ConfigSetRoot\Portable Aplikace\HardDiskTune\HDTune.exe.mwt infected by "Trojan.Generic.1718016 (DB)" Virus! Action Taken: No Action Taken.

26 9 2011 22:29:55 - Scanning File C:\Windows\ConfigSetRoot\Portable Aplikace\PDF Password Cracker\keygen.exe.mwt
26 9 2011 22:29:55 - File C:\Windows\ConfigSetRoot\Portable Aplikace\PDF Password Cracker\keygen.exe.mwt infected by "Trojan.Generic.922692 (DB)" Virus! Action Taken: No Action Taken.

26 9 2011 22:31:46 - C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat not Scanned. Possibly password protected...
26 9 2011 22:31:46 - C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat not Scanned. Possibly password protected...
26 9 2011 22:31:46 - C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\PeerNetworking\a65f26169b8ecf9482327b6f52ecba62edfcb279.HomeGroupClassifier\1e6baa727de69cef6e140fdaea94d1a4\grouping\db.mdb not Scanned. Possibly password protected...
26 9 2011 22:31:46 - C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\PeerNetworking\a65f26169b8ecf9482327b6f52ecba62edfcb279.HomeGroupClassifier\1e6baa727de69cef6e140fdaea94d1a4\grouping\tmp.edb not Scanned. Possibly password protected...
26 9 2011 22:31:46 - C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1 not Scanned. Possibly password protected...
26 9 2011 22:33:01 - C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1 not Scanned. Possibly password protected...
26 9 2011 22:34:40 - C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb not Scanned. Possibly password protected...
26 9 2011 22:34:40 - C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb not Scanned. Possibly password protected...
26 9 2011 22:35:46 - C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl not Scanned. Possibly password protected...
26 9 2011 22:35:46 - C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl not Scanned. Possibly password protected...
26 9 2011 22:35:46 - C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl not Scanned. Possibly password protected...
26 9 2011 22:35:46 - C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl not Scanned. Possibly password protected...
26 9 2011 22:35:46 - C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl not Scanned. Possibly password protected...
26 9 2011 22:36:00 - Scanning File C:\Windows\System32\PnkBstrA.exe.mwt
26 9 2011 22:36:00 - File C:\Windows\System32\PnkBstrA.exe.mwt infected by "Win-Trojan/Fakeav.66872.TE (ES)" Virus! Action Taken: No Action Taken.

26 9 2011 22:37:02 - Scanning File C:\Windows\SysWOW64\PnkBstrA.exe.mwt
26 9 2011 22:37:02 - File C:\Windows\SysWOW64\PnkBstrA.exe.mwt infected by "Win-Trojan/Fakeav.66872.TE (ES)" Virus! Action Taken: No Action Taken.


26 9 2011 22:48:56 - ***** Checking for specific ITW Viruses *****

26 9 2011 22:48:56 - ***** Scanning complete. *****

26 9 2011 22:48:56 - Total Objects Scanned: 384158
26 9 2011 22:48:56 - Total Critical Objects: 20
26 9 2011 22:48:56 - Total Disinfected Objects: 0
26 9 2011 22:48:56 - Total Objects Renamed: 0
26 9 2011 22:48:56 - Total Deleted Objects: 0
26 9 2011 22:48:56 - Total Errors: 0
26 9 2011 22:48:56 - Time Elapsed: 01:14:59
26 9 2011 22:48:56 - Virus Database Date: 26 Sep 2011
26 9 2011 22:48:56 - Virus Database Count: 9223684

26 9 2011 22:48:56 - Scan Completed.

Nálezy:

File C:\Windows\system32\PnkBstrA.exe.mwt infected by "Win-Trojan/Fakeav.66872.TE (ES)" Virus! Action Taken: No Action Taken.
File C:\HRY\Bulletstorm\Binaries\Win32\SKIDROW.dll infected by "Trojan.Generic.5482034 (DB)" Virus! Action Taken: No Action Taken.
File C:\HRY\The Witcher 2\bin\paul.dll infected by "HeurEngine.Vmpbad.TE (ES)" Virus! Action Taken: No Action Taken.
File C:\Users\Tomáš Vyskočil\Downloads\gtasa\1\GTA San Andreas\hlm-intro.exe infected by "Backdoor.Hupigon.KG (DB)" Virus! Action Taken: No Action Taken.
File C:\Windows\ConfigSetRoot\!Data\RAdmin\Remote Administrator Control v3.3.1\Patch\patch331.exe.mwt infected by "Backdoor.Generic.180973 (DB)" Virus! Action Taken: No Action Taken.
File C:\Windows\ConfigSetRoot\!Data\RAdmin\Remote Administrator Control v3.3.1\Patch\rac.server.3.3.1-patch-icu.exe.mwt infected by "Virtool.16778 (DB)" Virus! Action Taken: No Action Taken.
File C:\Windows\ConfigSetRoot\!Data\Windows\LEGALIZACE WINDOWS\02 CHANGE_WINXP_KEY\CHANGE WINXP KEY.EXE.mwt infected by "Application.Findkeyxp.F (DB)" Virus! Action Taken: No Action Taken.
File C:\Windows\ConfigSetRoot\!Data\Windows\LEGALIZACE WINDOWS\03 WINXP_GENUINE_ADVANTAGE_FIX\WINXP GENUINE ADVANTAGE FIX.EXE.mwt infected by "Generic.dx!vdw.TE (ES)" Virus! Action Taken: No Action Taken.
File C:\Windows\ConfigSetRoot\Portable Aplikace\HardDiskTune\HDTune.exe.mwt infected by "Trojan.Generic.1718016 (DB)" Virus! Action Taken: No Action Taken.
File C:\Windows\ConfigSetRoot\Portable Aplikace\PDF Password Cracker\keygen.exe.mwt infected by "Trojan.Generic.922692 (DB)" Virus! Action Taken: No Action Taken.
File C:\Windows\System32\PnkBstrA.exe.mwt infected by "Win-Trojan/Fakeav.66872.TE (ES)" Virus! Action Taken: No Action Taken.
File C:\Windows\SysWOW64\PnkBstrA.exe.mwt infected by "Win-Trojan/Fakeav.66872.TE (ES)" Virus! Action Taken: No Action Taken.
File C:\Windows\ConfigSetRoot\!Data\RAdmin\Remote Administrator Control v3.3.1\Patch\patch331.exe.mwt infected by "Backdoor.Generic.180973 (DB)" Virus! Action Taken: No Action Taken.
File C:\Windows\ConfigSetRoot\!Data\RAdmin\Remote Administrator Control v3.3.1\Patch\rac.server.3.3.1-patch-icu.exe.mwt infected by "Virtool.16778 (DB)" Virus! Action Taken: No Action Taken.
File C:\Windows\ConfigSetRoot\!Data\Windows\LEGALIZACE WINDOWS\02 CHANGE_WINXP_KEY\CHANGE WINXP KEY.EXE.mwt infected by "Application.Findkeyxp.F (DB)" Virus! Action Taken: No Action Taken.
File C:\Windows\ConfigSetRoot\!Data\Windows\LEGALIZACE WINDOWS\03 WINXP_GENUINE_ADVANTAGE_FIX\WINXP GENUINE ADVANTAGE FIX.EXE.mwt infected by "Generic.dx!vdw.TE (ES)" Virus! Action Taken: No Action Taken.
File C:\Windows\ConfigSetRoot\Portable Aplikace\HardDiskTune\HDTune.exe.mwt infected by "Trojan.Generic.1718016 (DB)" Virus! Action Taken: No Action Taken.
File C:\Windows\ConfigSetRoot\Portable Aplikace\PDF Password Cracker\keygen.exe.mwt infected by "Trojan.Generic.922692 (DB)" Virus! Action Taken: No Action Taken.
File C:\Windows\System32\PnkBstrA.exe.mwt infected by "Win-Trojan/Fakeav.66872.TE (ES)" Virus! Action Taken: No Action Taken.
File C:\Windows\SysWOW64\PnkBstrA.exe.mwt infected by "Win-Trojan/Fakeav.66872.TE (ES)" Virus! Action Taken: No Action Taken.

[Rudy]

Kromě MBAM je to snůška nesmyslů. MWAV už dávno není to co býval, navíc označil MBAM jako virus, což je nesmysl. O eScanu raději ani nebudu mluvit. Třeba toto: C:\Windows\SysWOW64\PnkBstrA.exe patří k nějaké hře.

[MarekVys]

Dobře, tak moc děkuji za váš čas a pomoc

Zase jeden problém s počítačem zmizel, nevím jak bych je vždycky bez vás řešil

Díky!

[Rudy]

Nemáte zač!