VIRY.CZ

Dobrý den,

prosím o kontrolu logu. Nezobrazují se mi síťová připojení. Ale HW jako takový to v systému najde a podle všeho pracuje správně.
Podezřívám nějaký vir, který zablokoval službu "Network Connections", která nyní nejde spustit. Když se ji snažím spustit, tak se objeví hláška: "Error 1068: The dependency service or group failed to start"

Děkuji za pomoc.


Logfile of random's system information tool 1.08 (written by random/random)
Run by LDSERVICE at 2010-08-02 12:54:45
WIN_XP Service Pack 2
System drive C: has 21 GB (32%) free of 67 GB
Total RAM: 1142 MB (66% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll [2003-11-04 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-07-26 1619296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-09-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-05-13 98304]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-05-14 536576]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-03 208952]
"IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2003-03-31 44032]
"MSPY2002"=C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe [2003-03-31 59392]
"PHIME2002ASync"=C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE [2003-03-31 455168]
"PHIME2002A"=C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE [2003-03-31 455168]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2004-10-30 385024]
"Synchronization Manager"=C:\WINDOWS\system32\mobsync.exe [2004-08-04 143360]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688]
"PCSuiteTrayApplication"=C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE [2006-06-15 229376]
"Track-It! Workstation Manager Service Monitor"=C:\WINDOWS\TIREMOTE\TIServiceMonitor.exe [2006-08-18 414720]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-11 149280]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-06-22 2065760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"=C:\WINDOWS\system32\sti_ci.dll [2004-08-04 136704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe [2002-12-17 684032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bacstray]
C:\WINDOWS\system32\BacsTray.exe [2003-05-14 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bascstray]
BascsTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDSentry]
C:\WINDOWS\System32\DSentry.exe [2002-07-17 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\System32\igfxtray.exe [2005-09-20 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
C:\PROGRA~1\DIGITA~1\DLG.exe [2003-06-20 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^iPassConnect.lnk]
C:\PROGRA~1\iPass\IPASSC~1\IPASSC~1.EXE [2003-10-23 553061]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-06-22 12536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [2004-09-07 110592]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"disablecad"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:AVG Control Center"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:AVG Control Center"
"C:\WINDOWS\avgagent.exe"="C:\WINDOWS\avgagent.exe:*:Enabled:avgagent.exe"
"C:\WINDOWS\TIREMOTE\wuser32.exe"="C:\WINDOWS\TIREMOTE\wuser32.exe:*:Enabled:Track-It! Remote Control"
"C:\WINDOWS\TIREMOTE\TIRemoteService.exe"="C:\WINDOWS\TIREMOTE\TIRemoteService.exe:*:Enabled:Track-It! Workstation Manager"
"C:\Program Files\AVG\AVG8\avgdiag.exe"="C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe"
"C:\Program Files\AVG\AVG8\avgdiagex.exe"="C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\AVG\AVG9\avgdiagex.exe"="C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG9\avgam.exe"="C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"

======List of files/folders created in the last 1 months======

2010-08-02 12:54:45 ----D---- C:\rsit
2010-08-02 12:54:45 ----D---- C:\Program Files\trend micro
2010-08-02 10:25:08 ----D---- C:\Program Files\CCleaner
2010-08-02 09:59:35 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 1 months======

2010-08-02 12:54:45 ----RD---- C:\Program Files
2010-08-02 10:58:34 ----D---- C:\WINDOWS
2010-08-02 10:48:26 ----D---- C:\WINDOWS\system32\DRIVERS
2010-08-02 10:48:26 ----D---- C:\WINDOWS\SYSTEM32
2010-08-02 10:26:51 ----D---- C:\WINDOWS\Debug
2010-08-02 10:26:51 ----D---- C:\TEMP
2010-08-02 10:26:50 ----D---- C:\WINDOWS\Temp
2010-07-30 15:23:41 ----D---- C:\WINDOWS\SECURITY
2010-07-30 15:23:37 ----A---- C:\WINDOWS\system32\NetAccessLog.txt
2010-07-30 11:39:55 ----A---- C:\WINDOWS\hpbafd.ini
2010-07-30 11:23:55 ----D---- C:\WINDOWS\system32\drivers\Avg
2010-07-29 14:17:32 ----D---- C:\WINDOWS\Prefetch
2010-07-29 10:39:16 ----A---- C:\WINDOWS\smscfg.ini
2010-07-23 16:24:03 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2010-07-23 16:09:48 ----D---- C:\WINDOWS\system32\CatRoot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AvgRkx86;avgrkx86.sys; C:\WINDOWS\System32\Drivers\avgrkx86.sys [2010-03-05 52872]
R0 BTKRNL;Bluetooth Protocol Stack; C:\WINDOWS\System32\drivers\btkrnl.sys [2004-04-08 1239338]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2004-08-04 61056]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
R0 rmedia;Ricoh MediaCard Driver; C:\WINDOWS\system32\DRIVERS\rmedia.sys [2002-12-24 59520]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-06-22 216400]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-06-03 29584]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-06-22 243024]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2002-12-17 241152]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-03 36096]
R1 omci;OMCI WDM Device Driver; C:\WINDOWS\System32\DRIVERS\omci.sys [2004-02-13 17153]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2004-11-12 143834]
R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2004-11-12 206464]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.1.0.1; C:\WINDOWS\System32\DRIVERS\AegisP.sys [2004-12-03 17056]
R2 CVPNDRVA;Cisco Systems IPsec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys []
R2 irda;IrDA Protocol; C:\WINDOWS\System32\DRIVERS\irda.sys [2004-08-04 87424]
R2 Machnm32;Machnm32 Driver; \??\C:\WINDOWS\System32\Machnm32.sys []
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v1.4.0.13; C:\WINDOWS\System32\DRIVERS\mdc8021x.sys [2005-11-09 8256]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 s24trans;WLAN Transport; C:\WINDOWS\System32\DRIVERS\s24trans.sys [2004-08-31 11354]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 b57w2k;Broadcom 570x Gigabit Integrated Controller; C:\WINDOWS\System32\DRIVERS\b57xp32.sys [2003-05-21 175360]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2004-04-08 16896]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\System32\DRIVERS\btport.sys [2004-04-08 30235]
R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [2004-04-08 147864]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2003-07-24 139604]
R3 Duntlw;UNTLW device; C:\WINDOWS\System32\Drivers\DuntlwNT.sys [2006-02-24 53568]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.SYS [2005-05-03 1033728]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\System32\DRIVERS\HSFHWICH.sys [2005-05-03 208384]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 IWCA;Intel Wireless Connection Agent Miniport for Win XP; C:\WINDOWS\System32\DRIVERS\iwca.sys [2004-08-12 234496]
R3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2004-11-12 30630]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\System32\DRIVERS\nscirda.sys [2004-08-04 28672]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 smsmdd;smsmdd; C:\WINDOWS\system32\DRIVERS\smsmdm.sys [2007-06-26 12792]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\STAC97.sys [2004-11-15 264440]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2004-05-13 182688]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\System32\DRIVERS\w29n51.sys [2004-10-21 3210496]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2005-05-03 705408]
S1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2006-10-05 2432]
S1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2006-10-05 2560]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-10-27 120830]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-10-27 98938]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2004-04-08 53336]
S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys [2002-05-13 4272]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [2003-05-01 5220]
S3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2004-11-12 25898]
S3 FTDIBUS;Telemecanique USB Serial Cable Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2004-11-25 24369]
S3 FTSER2K;Telemecanique USB Cable Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2004-11-25 57820]
S3 gv3;Intel GV3 Processor Driver; C:\WINDOWS\System32\DRIVERS\gv3.sys [2002-11-18 30976]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2004-06-17 1041536]
S3 hwcdcmdm0;HUAWEI Mobile Connect - 3G Modem; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-09-26 101376]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-09-26 101376]
S3 hwusbapp;HUAWEI Mobile Connect - 3G PC UI Interface; C:\WINDOWS\system32\DRIVERS\ewusbapp.sys [2005-07-26 65152]
S3 hwusbser;HUAWEI Mobile Connect - 3G Application Interface; C:\WINDOWS\system32\DRIVERS\ewusbser.sys [2005-07-26 65152]
S3 jlink;J-Link driver; C:\WINDOWS\System32\Drivers\jlink.sys [2007-07-11 14208]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-04 22016]
S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2006-05-29 8704]
S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2006-05-29 13312]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2006-05-29 127488]
S3 Nokia USB Port;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2006-05-29 13312]
S3 prepdrvr;SMS Process Event Driver; \??\C:\WINDOWS\system32\CCM\prepdrv.sys []
S3 Ser2pl;Prolific2 Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-12-01 43136]
S3 sermouse;Serial Mouse Driver; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-08-17 17664]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\agp440.sys [2004-08-04 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\agpCPQ.sys [2004-08-04 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\alim1541.sys [2004-08-04 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\System32\DRIVERS\amdagp.sys [2004-08-04 43008]
S4 cbidf;cbidf; C:\WINDOWS\System32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\sisagp.sys [2004-08-04 41088]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\viaagp.sys [2004-08-04 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 avg9emc;AVG E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-07-26 921952]
S2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-06-22 308136]
S2 BAsfIpM;Broadcom ASF IP monitoring service v6.0.3; C:\WINDOWS\system32\basfipm.exe [2003-04-17 77824]
S2 btwdins;Bluetooth Service; C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe [2004-04-09 163840]
S2 CcmExec;SMS Agent Host; C:\WINDOWS\system32\CCM\CcmExec.exe [2007-08-16 758648]
S2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2004-08-04 1445912]
S2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2004-09-07 86016]
S2 Irmon;Infrared Monitor; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-11 153376]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
S2 NA_Service;NetAccess Service; C:\WINDOWS\system32\NA_Service.exe [2005-09-13 49152]
S2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2004-09-07 139264]
S2 Rpcnet;Remote Procedure Call (RPC) Net; C:\WINDOWS\SYSTEM32\Rpcnet.exe [2004-03-19 221184]
S2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2004-09-07 360521]
S2 TIRmtCtl;Track-It! Remote Control; C:\WINDOWS\TIREMOTE\wuser32.exe [2006-08-18 311374]
S2 TIRmtSvc;Track-It! Workstation Manager; C:\WINDOWS\TIREMOTE\TIRemoteService.exe [2006-08-18 610816]
S2 WLANKEEPER;WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2004-09-07 225353]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe [2006-06-05 174080]
S3 smstsmgr;SMS Task Sequence Agent; C:\WINDOWS\system32\CCM\TSManager.exe [2007-08-16 247672]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2009-06-15 79360]

-----------------EOF-----------------

prosím je to velmi důležité abych to co nejdříve opravil

Dobrý večer

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript: - zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde



Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Dborý den,

log z OTL(rozdělený na dvě části):


OTL logfile created on: 3.8.2010 9:06:12 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = E:\
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 564 1128 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 65,22 Gb Total Space | 20,97 Gb Free Space | 32,16% Space Free | Partition Type: NTFS
Drive D: | 9,25 Gb Total Space | 7,72 Gb Free Space | 83,44% Space Free | Partition Type: NTFS
Drive E: | 7,53 Gb Total Space | 6,13 Gb Free Space | 81,36% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WPR9040
Current User Name: LDSERVICE
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.08.03 09:00:06 | 000,574,976 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2010.06.22 06:42:51 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010.06.22 06:42:47 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010.06.22 06:41:58 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010.06.22 06:41:53 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2007.06.13 12:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.08.18 14:23:12 | 000,414,720 | ---- | M] (Numara Software, Inc.) -- C:\WINDOWS\TIREMOTE\TIServiceMonitor.exe
PRC - [2006.06.15 12:36:18 | 000,229,376 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PRC - [2004.10.30 15:59:54 | 000,385,024 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2004.09.07 17:08:02 | 000,389,120 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2004.05.13 21:23:56 | 000,098,304 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2003.10.24 06:37:56 | 000,217,194 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
PRC - [2003.10.23 10:02:14 | 000,553,061 | ---- | M] () -- C:\Program Files\iPass\iPassConnect\IPassConnectGUI.exe
PRC - [2003.06.20 05:43:00 | 000,024,576 | ---- | M] (BVRP Software) -- C:\Program Files\Digital Line Detect\DLG.exe
PRC - [2003.05.14 20:37:56 | 000,098,304 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\SYSTEM32\BacsTray.exe
PRC - [2002.12.17 14:28:00 | 000,684,032 | ---- | M] (Roxio) -- C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe
PRC - [2002.07.17 12:18:06 | 000,028,672 | ---- | M] (Dell - Advanced Desktop Engineering) -- C:\WINDOWS\SYSTEM32\DSentry.exe


========== Modules (SafeList) ==========

MOD - [2010.08.03 09:00:06 | 000,574,976 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
MOD - [2006.08.25 17:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004.08.04 00:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\msscript.ocx
MOD - [2004.05.13 21:23:50 | 000,066,048 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\SYSTEM32\SynTPFcs.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\mspmspsv.dll -- (WmdmPmSp)
SRV - [2010.07.26 07:04:56 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010.06.22 06:42:43 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009.06.15 10:36:22 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2007.08.16 04:00:00 | 000,758,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\SYSTEM32\CCM\CcmExec.exe -- (CcmExec)
SRV - [2007.08.16 04:00:00 | 000,247,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\CCM\TSManager.exe -- (smstsmgr)
SRV - [2006.08.18 14:23:12 | 000,610,816 | ---- | M] (Numara Software, Inc.) [Auto | Stopped] -- C:\WINDOWS\TIREMOTE\TIRemoteService.exe -- (TIRmtSvc)
SRV - [2006.08.18 14:08:44 | 000,311,374 | ---- | M] (Intuit Track-It!) [Auto | Stopped] -- C:\WINDOWS\TIREMOTE\wuser32.exe -- (TIRmtCtl)
SRV - [2006.06.05 13:59:18 | 000,174,080 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe -- (ServiceLayer)
SRV - [2005.09.13 16:22:52 | 000,049,152 | ---- | M] (Schneider Automation SAS) [Auto | Stopped] -- C:\WINDOWS\SYSTEM32\NA_Service.exe -- (NA_Service)
SRV - [2004.09.07 17:12:32 | 000,225,353 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER)
SRV - [2004.09.07 17:05:10 | 000,360,521 | ---- | M] (Intel Corporation ) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2004.09.07 17:02:40 | 000,086,016 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng)
SRV - [2004.09.07 17:02:04 | 000,139,264 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc)
SRV - [2004.08.04 05:56:32 | 001,445,912 | ---- | M] (Cisco Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2004.04.09 17:54:44 | 000,163,840 | ---- | M] (WIDCOMM, Inc.) [Auto | Stopped] -- C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2004.03.19 19:34:44 | 000,221,184 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\SYSTEM32\RPCNET.EXE -- (Rpcnet) Remote Procedure Call (RPC)
SRV - [2003.04.17 14:00:12 | 000,077,824 | ---- | M] (Broadcom Corp.) [Auto | Stopped] -- C:\WINDOWS\SYSTEM32\BAsfIpM.exe -- (BAsfIpM)


========== Driver Services (SafeList) ==========

DRV - [2010.06.22 06:42:49 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010.06.22 06:41:53 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010.06.03 00:23:57 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010.03.05 07:36:37 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2008.09.26 18:01:00 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - [2008.09.26 18:01:00 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ewusbmdm.sys -- (hwcdcmdm0)
DRV - [2007.09.21 10:00:00 | 000,002,304 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\Machnm32.sys -- (Machnm32)
DRV - [2007.08.16 04:00:00 | 000,023,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CCM\PrepDrv.sys -- (prepdrvr)
DRV - [2007.07.11 20:11:00 | 000,014,208 | ---- | M] (SEGGER Microcontroller Systeme GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\jlink.sys -- (jlink)
DRV - [2007.06.26 04:00:00 | 000,012,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\smsmdm.sys -- (smsmdd)
DRV - [2006.10.05 04:42:42 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006.10.05 04:42:42 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2006.05.29 08:26:38 | 000,127,488 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nmwcd.sys -- (Nokia USB Phone Parent)
DRV - [2006.05.29 08:26:36 | 000,013,312 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nmwcdcj.sys -- (Nokia USB Port)
DRV - [2006.05.29 08:26:36 | 000,013,312 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nmwcdcm.sys -- (Nokia USB Modem)
DRV - [2006.05.29 08:26:36 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nmwcdc.sys -- (Nokia USB Generic)
DRV - [2006.02.24 17:42:54 | 000,053,568 | ---- | M] (Schneider Automation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\DuntlwNT.sys -- (Duntlw)
DRV - [2005.11.09 12:15:59 | 000,008,256 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2005.07.26 10:46:54 | 000,065,152 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ewusbser.sys -- (hwusbser)
DRV - [2005.07.26 10:46:54 | 000,065,152 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ewusbapp.sys -- (hwusbapp)
DRV - [2005.05.03 16:09:28 | 001,033,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DPV.SYS -- (HSF_DPV)
DRV - [2005.05.03 16:08:50 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWICH.sys -- (HSFHWICH)
DRV - [2005.05.03 16:08:44 | 000,705,408 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys -- (winachsf)
DRV - [2004.11.25 11:55:04 | 000,024,369 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ftdibus.sys -- (FTDIBUS)
DRV - [2004.11.25 11:54:50 | 000,057,820 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ftser2k.sys -- (FTSER2K)
DRV - [2004.11.15 16:37:52 | 000,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\stac97.sys -- (STAC97) Audio Driver (WDM)
DRV - [2004.11.12 21:46:35 | 000,206,464 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\udfreadr_xp.sys -- (UdfReadr_xp)
DRV - [2004.11.12 21:46:35 | 000,143,834 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2004.11.12 21:46:35 | 000,030,630 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2004.11.12 21:46:35 | 000,025,898 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2004.10.21 16:56:04 | 003,210,496 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\w29n51.sys -- (w29n51) Intel(R)
DRV - [2004.08.31 09:53:04 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\s24trans.sys -- (s24trans)
DRV - [2004.08.12 09:44:04 | 000,234,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\iwca.sys -- (IWCA)
DRV - [2004.08.04 05:54:32 | 000,269,387 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2004.08.04 00:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004.08.04 00:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004.08.04 00:00:52 | 000,028,672 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\nscirda.sys -- (NSCIRDA)
DRV - [2004.06.17 16:55:04 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys -- (HSF_DP)
DRV - [2004.05.13 21:19:22 | 000,182,688 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SynTP.sys -- (SynTP)
DRV - [2004.04.08 23:48:22 | 000,016,896 | ---- | M] (WIDCOMM, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\btaudio.sys -- (btaudio)
DRV - [2004.04.08 23:41:50 | 001,239,338 | ---- | M] (WIDCOMM, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2004.04.08 23:34:52 | 000,147,864 | ---- | M] (WIDCOMM, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - [2004.04.08 23:34:44 | 000,030,235 | ---- | M] (WIDCOMM, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\btport.sys -- (BTDriver)
DRV - [2004.04.08 23:25:00 | 000,053,336 | ---- | M] (WIDCOMM, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\btwusb.sys -- (BTWUSB)
DRV - [2004.02.13 12:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2003.12.01 12:54:20 | 000,043,136 | R--- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ser2pl.sys -- (Ser2pl)
DRV - [2003.08.28 22:40:26 | 000,189,792 | ---- | M] (Zone Labs Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\vsdatant.sys -- (vsdatant)
DRV - [2003.07.24 19:55:50 | 000,139,604 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dne2000.sys -- (DNE)
DRV - [2003.05.21 20:47:12 | 000,175,360 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\b57xp32.sys -- (b57w2k)
DRV - [2003.05.01 14:26:34 | 000,005,220 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\CVirtA.sys -- (CVirtA)
DRV - [2002.12.24 20:52:00 | 000,059,520 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\rmedia.sys -- (rmedia)
DRV - [2002.12.17 14:27:32 | 000,241,152 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\cdudf_xp.sys -- (cdudf_xp)
DRV - [2002.11.18 19:20:44 | 000,030,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\gv3.sys -- (gv3)
DRV - [2002.05.13 21:59:20 | 000,004,272 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2001.08.17 16:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001.08.17 16:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001.08.17 16:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001.08.17 16:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001.08.17 16:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001.08.17 15:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001.08.17 15:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001.08.17 15:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001.08.17 15:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001.08.17 15:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001.08.17 15:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001.08.17 15:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\asc.sys -- (asc)
DRV - [2001.08.17 15:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001.08.17 15:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001.08.17 15:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://intranet
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2064799677-1758937666-12547700-9053\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKU\S-1-5-21-2064799677-1758937666-12547700-9053\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2064799677-1758937666-12547700-9053\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2004.03.19 19:37:50 | 000,000,734 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O4 - HKLM..\Run: [AdaptecDirectCD] C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe (Roxio)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [bacstray] C:\WINDOWS\System32\BacsTray.exe (Broadcom Corporation)
O4 - HKLM..\Run: [bascstray] File not found
O4 - HKLM..\Run: [DVDSentry] C:\WINDOWS\SYSTEM32\DSentry.exe (Dell - Advanced Desktop Engineering)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\IME\IMKR6_1\imekrmig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Track-It! Workstation Manager Service Monitor] C:\WINDOWS\TIREMOTE\TIServiceMonitor.exe (Numara Software, Inc.)
O4 - HKLM..\RunOnce: [WIAWizardMenu] C:\WINDOWS\System32\sti_ci.DLL (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\iPassConnect.lnk = C:\Program Files\iPass\iPassConnect\IPassConnectGUI.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-21-2064799677-1758937666-12547700-9053\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2064799677-1758937666-12547700-9053\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Dell\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O15 - HKLM\..Trusted Domains: intranet ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: ocr ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: secheron.com ([]file in Local intranet)
O15 - HKLM\..Trusted Domains: secheron.com ([]http in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: intranet ([]http in Local intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: ocr ([]http in Local intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: secheron.com ([]file in Local intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: secheron.com ([]http in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: intranet ([]http in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: ocr ([]http in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: secheron.com ([]file in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: secheron.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-2064799677-1758937666-12547700-9053\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-2064799677-1758937666-12547700-9053\..Trusted Domains: ocr ([]http in Local intranet)
O15 - HKU\S-1-5-21-2064799677-1758937666-12547700-9053\..Trusted Domains: secheron.com ([]file in Local intranet)
O15 - HKU\S-1-5-21-2064799677-1758937666-12547700-9053\..Trusted Domains: secheron.com ([]http in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://v5.windowsupdate.microsoft.com/v ... 1129160478 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jldser ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jldser ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jldser ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.18.8.3 172.16.20.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = secheron.com
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\widimg {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\SYSTEM32\BTXPPanel.dll (WIDCOMM, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (IWPDGINA.DLL) - C:\WINDOWS\System32\IWPDGINA.dll (Intel Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\IntelWireless: DllName - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.03.20 14:58:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - C:\WINDOWS\System32\mspmspsv.dll File not found
NetSvcs: Ip6FwHlp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\L3CODECX.ACM (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\TSSOFT32.ACM (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\WINDOWS\System32\ffdshow.ax ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\IR32_32.DLL ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\IR32_32.DLL ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Unable to start service RpcSs!

========== Files/Folders - Created Within 30 Days ==========

[2010.08.02 16:48:25 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{65893B95-F47B-4483-B883-86BA181E9B54}
[2010.08.02 14:02:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010.08.02 12:54:45 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.08.02 12:54:45 | 000,000,000 | ---D | C] -- C:\rsit
[2010.08.02 10:26:50 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ldservice\Recent
[2010.08.02 10:25:08 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2004.11.24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.08.02 14:05:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2010.08.02 14:05:21 | 1197,568,000 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.02 14:04:31 | 002,097,152 | ---- | M] () -- C:\Documents and Settings\ldservice\NTUSER.DAT
[2010.08.02 14:04:31 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\ldservice\ntuser.ini
[2010.08.02 14:04:27 | 003,763,092 | -H-- | M] () -- C:\Documents and Settings\ldservice\Local Settings\Application Data\IconCache.db
[2010.08.02 13:59:29 | 000,000,671 | ---- | M] () -- C:\WINDOWS\WIN.INI
[2010.08.02 13:59:29 | 000,000,227 | ---- | M] () -- C:\WINDOWS\SYSTEM.INI
[2010.08.02 13:59:29 | 000,000,211 | RHS- | M] () -- C:\BOOT.INI
[2010.08.02 12:38:48 | 000,164,320 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.08.02 10:25:10 | 000,000,685 | ---- | M] () -- C:\Documents and Settings\ldservice\Desktop\CCleaner.lnk
[2010.08.02 07:24:24 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2010.07.30 15:23:33 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.07.30 15:07:42 | 000,118,628 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2010.07.30 11:39:55 | 000,000,352 | ---- | M] () -- C:\WINDOWS\hpbafd.ini
[2010.07.30 11:23:41 | 062,757,562 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010.07.29 10:40:37 | 000,000,065 | -H-- | M] () -- C:\TrackitAudit.id
[2010.07.29 10:39:16 | 000,000,463 | ---- | M] () -- C:\WINDOWS\smscfg.ini
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.08.02 13:59:25 | 000,001,750 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\iPassConnect.lnk
[2010.08.02 13:59:25 | 000,000,493 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
[2010.08.02 10:25:10 | 000,000,685 | ---- | C] () -- C:\Documents and Settings\ldservice\Desktop\CCleaner.lnk
[2010.08.02 09:59:35 | 1197,568,000 | -HS- | C] () -- C:\hiberfil.sys
[2010.05.14 13:59:18 | 000,000,352 | ---- | C] () -- C:\WINDOWS\d.ini
[2010.02.23 17:22:14 | 000,000,037 | ---- | C] () -- C:\WINDOWS\RPX.INI
[2009.10.20 16:21:17 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\Machnm64.sys
[2009.10.20 16:21:17 | 000,002,304 | ---- | C] () -- C:\WINDOWS\System32\Machnm32.sys
[2009.09.03 09:32:20 | 000,001,418 | ---- | C] () -- C:\WINDOWS\MODSERV.INI
[2009.08.05 22:33:06 | 000,000,748 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009.08.01 14:30:22 | 000,000,065 | ---- | C] () -- C:\WINDOWS\eFaxView.ini
[2009.06.15 10:36:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI
[2009.05.19 21:30:06 | 000,000,084 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2009.05.11 08:45:50 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI
[2008.11.13 14:03:57 | 000,000,352 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2008.10.05 03:31:10 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2008.05.23 14:04:34 | 000,004,764 | ---- | C] () -- C:\WINDOWS\System32\CcmFramework.ini
[2008.05.16 18:51:47 | 000,000,076 | ---- | C] () -- C:\WINDOWS\SFT2841.INI
[2008.05.12 14:20:52 | 000,000,128 | ---- | C] () -- C:\WINDOWS\System32\FTDIUN2K.INI
[2008.05.06 14:12:03 | 000,013,888 | ---- | C] () -- C:\WINDOWS\WDTGR.DLL
[2008.05.06 14:12:03 | 000,008,096 | ---- | C] () -- C:\WINDOWS\WCDTGR.DLL
[2008.05.06 14:12:03 | 000,006,656 | ---- | C] () -- C:\WINDOWS\WNETWAY.DLL
[2008.05.06 14:12:03 | 000,004,064 | ---- | C] () -- C:\WINDOWS\WNETWT16.DLL
[2008.04.23 18:25:37 | 000,000,310 | ---- | C] () -- C:\WINDOWS\System32\MODBUS01.ini
[2008.04.07 14:55:03 | 000,197,120 | ---- | C] () -- C:\WINDOWS\System32\WCPDPA24.dll
[2008.04.07 14:55:03 | 000,142,848 | ---- | C] () -- C:\WINDOWS\System32\WCPDDA24.dll
[2008.04.07 14:55:02 | 000,137,216 | ---- | C] () -- C:\WINDOWS\System32\WCEDPA24.dll
[2008.04.07 14:55:02 | 000,122,368 | ---- | C] () -- C:\WINDOWS\System32\WCEDDA24.dll
[2008.04.07 12:42:42 | 000,003,933 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.02.02 15:22:52 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2007.02.02 11:39:27 | 000,036,962 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2005.12.07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2005.11.10 08:45:27 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2005.08.12 18:37:46 | 000,189,440 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2005.01.04 10:01:40 | 000,000,352 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2004.11.29 12:04:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2004.11.29 12:04:25 | 000,051,712 | ---- | C] () -- C:\WINDOWS\System32\JinPanel.dll
[2004.11.25 12:29:02 | 000,000,147 | ---- | C] () -- C:\WINDOWS\avgagent.ini
[2004.11.23 17:17:19 | 000,004,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2004.11.23 09:36:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004.11.22 14:12:41 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004.11.12 21:48:19 | 000,000,463 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004.11.12 21:45:21 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2004.11.12 21:14:28 | 000,000,546 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004.10.12 08:40:58 | 002,255,360 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2004.10.12 08:39:48 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2004.10.12 08:39:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2004.10.09 08:40:16 | 000,454,144 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2004.10.05 10:16:08 | 000,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2004.10.03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004.08.12 09:44:10 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2004.04.09 00:03:24 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2004.03.20 15:21:34 | 000,000,791 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2003.01.07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.05.16 01:29:04 | 000,000,607 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2001.11.23 20:18:00 | 000,000,597 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001.11.14 15:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== LOP Check ==========

[2009.06.02 13:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG7
[2010.02.12 14:13:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009.06.15 10:36:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
[2008.05.06 09:20:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2008.05.06 09:21:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010.02.12 14:10:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2007.02.02 12:05:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010.08.02 16:48:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{65893B95-F47B-4483-B883-86BA181E9B54}
[2010.02.16 07:46:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\blaha\Application Data\AVG9
[2009.06.15 10:36:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\blaha\Application Data\DassaultSystemes
[2008.07.28 14:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\blaha\Application Data\Datalayer
[2009.06.15 10:37:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\blaha\Application Data\EDrawings
[2008.11.26 15:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\blaha\Application Data\FLVPlayer4Free
[2004.12.03 16:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\blaha\Application Data\InterVideo
[2009.07.24 06:44:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\blaha\Application Data\Nokia
[2010.04.13 09:11:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\blaha\Application Data\Nokia Multimedia Player
[2004.11.12 21:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\blaha\Application Data\OLDIdentities
[2009.07.24 07:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\blaha\Application Data\PC Suite
[2007.02.01 11:43:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\AVG7
[2004.12.03 16:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\InterVideo
[2004.11.12 21:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\OLDIdentities
[2009.06.02 13:23:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ldservice\Application Data\AVG7
[2004.12.03 16:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ldservice\Application Data\InterVideo
[2004.11.12 21:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ldservice\Application Data\OLDIdentities
[2008.07.29 13:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ldservice\Application Data\PC Suite
[2008.04.07 11:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ldservice.SECHERON\Application Data\AVG7
[2004.12.03 16:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalBoss\Application Data\InterVideo
[2004.11.12 21:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalBoss\Application Data\OLDIdentities
[2009.06.02 13:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\AVG7
[2004.12.03 16:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PkgSVC\Application Data\InterVideo
[2004.11.12 21:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PkgSVC\Application Data\OLDIdentities
[2004.12.03 16:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\runassvc\Application Data\InterVideo
[2004.11.12 21:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\runassvc\Application Data\OLDIdentities
[2007.02.01 11:43:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\runspsvc\Application Data\AVG7
[2004.12.03 16:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\runspsvc\Application Data\InterVideo
[2004.11.12 21:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\runspsvc\Application Data\OLDIdentities
[2008.04.07 12:26:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\testcpo2\Application Data\AVG7

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.04 01:56:50 | 000,015,360 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2009.07.13 06:48:41 | 000,005,632 | ---- | M] (Absolute Software Corp.) -- C:\ctrestrt.exe

< %ALLUSERSPROFILE%\Application Data\*. >
[2009.06.22 13:48:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2005.11.07 09:22:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009.06.02 13:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG7
[2010.02.12 14:14:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg8
[2010.02.12 14:13:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009.06.15 10:36:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
[2008.05.06 09:20:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2004.12.03 15:16:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intel
[2009.09.07 13:23:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2008.05.06 09:21:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2005.11.07 09:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real
[2004.11.12 21:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2009.02.06 15:11:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2008.10.10 19:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010.02.12 14:10:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2007.02.02 12:05:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2005.11.09 11:00:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010.08.02 16:48:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{65893B95-F47B-4483-B883-86BA181E9B54}

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2010.01.25 14:38:50 | 003,777,816 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\All Users\Application Data\Temp\AVG\setup.exe

< %APPDATA%\*. >
[2004.11.23 17:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ldservice\Application Data\Adobe
[2009.06.22 13:49:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ldservice\Application Data\AdobeUM
[2009.06.02 13:23:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ldservice\Application Data\AVG7
[2004.11.25 15:42:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ldservice\Application Data\Help
[2005.01.11 08:19:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ldservice\Application Data\Identities
[2004.12.03 15:17:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ldservice\Application Data\Intel
[2004.12.03 16:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ldservice\Application Data\InterVideo
[2004.11.23 15:50:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ldservice\Application Data\Lavasoft
[2008.07.29 13:17:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ldservice\Application Data\Macromedia
[2005.11.07 09:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ldservice\Application Data\Media Player Classic
[2008.07.29 13:31:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\ldservice\Application Data\Microsoft
[2004.11.12 21:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ldservice\Application Data\OLDIdentities
[2008.07.29 13:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ldservice\Application Data\PC Suite
[2008.04.07 13:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ldservice\Application Data\Real
[2004.11.12 21:37:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ldservice\Application Data\Sun

< %APPDATA%\*.exe /s >


< MD5 for: AGP440.SYS >
[2004.08.04 02:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp2.cab:AGP440.sys
[2004.08.04 02:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2004.08.04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\SYSTEM32\DLLCACHE\agp440.sys
[2004.08.04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\SYSTEM32\DRIVERS\agp440.sys
[2001.08.17 15:58:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.03.19 19:43:04 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp1.cab:atapi.sys
[2004.08.04 02:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp2.cab:atapi.sys
[2004.08.04 02:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2004.03.19 19:43:04 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtUninstallQ331060$\ATAPI.SYS
[2002.08.29 03:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\SYSTEM32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\SYSTEM32\DRIVERS\atapi.sys
[2003.04.23 11:29:54 | 000,087,296 | ---- | M] (Microsoft Corporation) MD5=E52B3B3F78C9AE85806CE49DCDD80C18 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: CDROM.SYS >
[2004.03.19 19:43:04 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp1.cab:cdrom.sys
[2004.08.04 02:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp2.cab:cdrom.sys
[2004.08.04 02:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2004.03.19 19:43:04 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=6506E033AD04CFEC9EE56DBEFD1083DD -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\SYSTEM32\DRIVERS\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.04 01:56:42 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2004.08.04 01:56:42 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\SYSTEM32\cryptsvc.dll
[2004.03.19 19:34:50 | 000,053,248 | ---- | M] (Microsoft Corporation) MD5=41C70161BFCB17E7E12ED89BADD2AEF4 -- C:\WINDOWS\$NtUninstallKB826939$\CRYPTSVC.DLL
[2003.03.25 14:40:14 | 000,053,760 | ---- | M] (Microsoft Corporation) MD5=8B6DA0009AB7B3B8A5E9E28015A32EA7 -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2004.08.04 01:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004.08.04 01:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\SYSTEM32\eventlog.dll
[2004.03.19 19:37:08 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=BF3C8CF53C77B48206B39910B6D6CBCC -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2007.06.13 13:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 12:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\explorer.exe
[2007.06.13 12:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\SYSTEM32\DLLCACHE\explorer.exe
[2004.08.04 01:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2004.08.04 01:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2003.05.11 22:12:10 | 000,996,352 | ---- | M] (Microsoft Corporation) MD5=A73BC66A95CF4F7B597FC8975778A889 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004.03.19 19:37:14 | 001,004,032 | ---- | M] (Microsoft Corporation) MD5=A82B28BFC2E4455FE43022A498C0EF0A -- C:\WINDOWS\$NtUninstallKB820291$\explorer.exe

< MD5 for: HAL.DLL >
[2004.03.19 19:43:04 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp1.cab:hal.dll
[2004.08.04 02:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp2.cab:hal.dll
[2004.08.04 02:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2004.03.19 19:43:04 | 000,077,440 | ---- | M] (Microsoft Corporation) MD5=09C4C15D18A7133C91C3EF3C4600D256 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
[2004.08.03 23:59:08 | 000,081,280 | ---- | M] (Microsoft Corporation) MD5=4AF58CA3425F28FC5E3DB47DC122F722 -- C:\WINDOWS\SYSTEM32\HAL.DLL
[2004.08.03 23:59:20 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C321C95318495909A0066FB0EDC97287 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.04 02:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp2.cab:Changer.sys
[2004.08.04 02:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2004.08.04 00:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2001.08.17 15:58:02 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\SYSTEM32\DLLCACHE\isapnp.sys
[2001.08.17 15:58:02 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\SYSTEM32\DRIVERS\ISAPNP.SYS
[2001.08.17 15:58:02 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\SYSTEM32\ReinstallBackups\0002\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.04 01:56:52 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2004.08.04 01:56:52 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\SYSTEM32\lsass.exe
[2004.03.19 19:38:40 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=B2B6BA905D0E3F8A32A0EB3B4051807B -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe

< MD5 for: NDIS.SYS >
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\SYSTEM32\DLLCACHE\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\SYSTEM32\DRIVERS\ndis.sys
[2003.10.04 09:54:08 | 000,168,192 | ---- | M] (Microsoft Corporation) MD5=D999CE17681D7D074D534FC5BC662E0A -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.03.19 19:40:30 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=3ADD563ED7A1C66E6F5E0F7A661AA96D -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004.08.04 01:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004.08.04 01:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\SYSTEM32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.04 01:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.04 01:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\SYSTEM32\scecli.dll
[2004.03.19 19:42:24 | 000,174,592 | ---- | M] (Microsoft Corporation) MD5=97418A5C642A5C748A28BD7CF6860B57 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.04 01:56:58 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2004.08.04 01:56:58 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\SYSTEM32\smss.exe
[2004.03.19 19:42:46 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=BDDAC60BDEBBF51E71B2B65EBF80ED90 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe

< MD5 for: SVCHOST.EXE >
[2004.03.19 19:43:22 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=0F7D9C87B0CE1FA520473119752C6F79 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2004.08.04 01:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2004.08.04 01:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\SYSTEM32\svchost.exe

< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2005.05.25 21:41:10 | 000,339,968 | ---- | M] (Microsoft Corporation) MD5=228B0385BBFCA24332FA22DB45A8B684 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2004.03.19 19:43:34 | 000,332,928 | ---- | M] (Microsoft Corporation) MD5=244A2F9816BC9B593957281EF577D976 -- C:\WINDOWS\$NtUninstallKB893066_0$\tcpip.sys
[2005.05.25 21:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2005.05.25 21:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\WINDOWS\$hf_mig$\KB893066\SP2GDR\tcpip.sys
[2005.05.25 21:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\SYSTEM32\DLLCACHE\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\SYSTEM32\DRIVERS\tcpip.sys
[2004.08.04 00:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys
[2004.08.04 00:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.04 01:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004.08.04 01:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\SYSTEM32\userinit.exe
[2004.03.19 19:44:02 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=E931E0A2B8BF0019DB902E98D03662CB -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.04 01:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004.08.04 01:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\SYSTEM32\winlogon.exe
[2004.03.19 19:44:38 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=2246D8D8F4714A2CEDB21AB9B1849ABB -- C:\WINDOWS\$NtUninstallKB840987$\winlogon.exe
[2004.05.27 03:38:46 | 000,483,328 | ---- | M] (Microsoft Corporation) MD5=E7F9D2E4E4A94A6F58014E5FFA16A65E -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

< MD5 for: WS2_32.DLL >
[2003.07.10 13:19:10 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=06BF1D3C21274F92DDD0E09317C80B35 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2004.08.04 01:56:48 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2004.08.04 01:56:48 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\SYSTEM32\ws2_32.dll
[2004.03.19 19:45:10 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=8529C295DF59B564D37A73B5629162B1 -- C:\WINDOWS\$NtUninstallKB817778$\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2004.03.20 14:49:04 | 000,094,208 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.SAV
[2004.03.20 14:49:04 | 000,626,688 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.SAV
[2004.03.20 14:49:02 | 000,421,888 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
GINADLL REG_SZ IWPDGINA.DLL

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.08.02 12:38:48 | 000,164,320 | ---- | M] () -- C:\WINDOWS\SYSTEM32\FNTCACHE.DAT
[2010.08.02 07:24:24 | 000,001,170 | ---- | M] () -- C:\WINDOWS\SYSTEM32\WPA.DBL
< End of report >




MBAM bohužel nemohu spustit.
Nainstaloval jsem jej, ale kvůli nefunkčnímu internetu mi to nedovolilo provést aktualizaci a při spuštění neaktualizovaného MBAM se mi zobrazí tato hláška:

Run-time error '372':
Failed to load control 'vbalGrid' from vbalsgrid6.ocx. Your version of vbalsgrid6.ocx may be outdated. Make sure you are using the version of the control that was provided with you application.

Ani ruční přehární aktualizovaného souboru vbalsgrid6.ocx nepomohlo, pořád stejná hláška.


Děkuji

Mbam se musí opravit jinak , ted to tedy necháme být.

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe


- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

ComboFix 10-08-02.03 - LDSERVICE 03.08.2010 10:16:54.2.1 - x86
Spuštěný z: c:\documents and settings\All Users\Desktop\ComboFix.exe

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-07-03 do 2010-08-03 )))))))))))))))))))))))))))))))
.

2010-08-03 08:19 . 2010-08-03 08:19 53248 ----a-w- c:\temp\catchme.dll
2010-08-03 07:16 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-03 07:16 . 2010-08-03 07:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-08-03 07:16 . 2010-08-03 07:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-03 07:16 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-02 14:48 . 2010-08-02 14:48 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{65893B95-F47B-4483-B883-86BA181E9B54}
2010-08-02 12:02 . 2010-08-02 12:02 -------- d-----w- c:\windows\system32\CatRoot2
2010-08-02 10:54 . 2010-08-02 10:54 -------- d-----w- C:\rsit
2010-08-02 10:54 . 2010-08-02 10:54 -------- d-----w- c:\program files\trend micro
2010-08-02 08:25 . 2010-08-02 08:25 -------- d-----w- c:\program files\CCleaner

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-30 05:44 . 2008-04-07 10:32 -------- d-----w- c:\documents and settings\blaha\Application Data\AdobeUM
2010-07-02 04:54 . 2005-11-04 14:16 -------- d-----w- c:\program files\Common Files\Secheron
2010-06-22 04:42 . 2009-06-02 11:22 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-06-22 04:42 . 2010-03-05 05:37 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-06-22 04:41 . 2009-06-02 11:22 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-06-02 22:23 . 2009-06-02 11:22 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-05-27 10:27 . 2010-05-27 10:27 503808 ----a-w- c:\documents and settings\blaha\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-4441fe82-n\msvcp71.dll
2010-05-27 10:27 . 2010-05-27 10:27 499712 ----a-w- c:\documents and settings\blaha\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-4441fe82-n\jmc.dll
2010-05-27 10:27 . 2010-05-27 10:27 348160 ----a-w- c:\documents and settings\blaha\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-4441fe82-n\msvcr71.dll
.

------- Sigcheck -------

Chyba šifrovací služby !!
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-13 98304]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-14 536576]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 208952]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2003-03-31 44032]
"MSPY2002"="c:\windows\System32\IME\PINTLGNT\ImScInst.exe" [2003-03-31 59392]
"PHIME2002ASync"="c:\windows\System32\IME\TINTLGNT\TINTSETP.EXE" [2003-03-31 455168]
"PHIME2002A"="c:\windows\System32\IME\TINTLGNT\TINTSETP.EXE" [2003-03-31 455168]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-10-30 385024]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2004-08-03 143360]
"igfxtray"="c:\windows\System32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"Track-It! Workstation Manager Service Monitor"="c:\windows\TIREMOTE\TIServiceMonitor.exe" [2006-08-18 414720]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-11 149280]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-06-22 2065760]
"DVDSentry"="c:\windows\System32\DSentry.exe" [2002-07-17 28672]
"bacstray"="BacsTray.exe" [2003-05-14 98304]
"AdaptecDirectCD"="c:\program files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-12-17 684032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"="c:\windows\system32\sti_ci.dll" [2004-08-03 136704]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"disablecad"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-06-22 04:42 12536 ----a-w- c:\windows\SYSTEM32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
2004-09-07 15:08 110592 ----a-w- c:\program files\Intel\Wireless\Bin\LgNotify.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-07-26 921952]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-06-22 308136]
R2 NA_Service;NetAccess Service;c:\windows\system32\NA_Service.exe [2005-09-13 49152]
R2 TIRmtCtl;Track-It! Remote Control;c:\windows\TIREMOTE\wuser32.exe [2006-08-18 311374]
R2 TIRmtSvc;Track-It! Workstation Manager;c:\windows\TIREMOTE\TIRemoteService.exe [2006-08-18 610816]
R3 hwcdcmdm0;HUAWEI Mobile Connect - 3G Modem;c:\windows\system32\DRIVERS\ewusbmdm.sys [2008-09-26 101376]
R3 hwusbapp;HUAWEI Mobile Connect - 3G PC UI Interface;c:\windows\system32\DRIVERS\ewusbapp.sys [2005-07-26 65152]
R3 hwusbser;HUAWEI Mobile Connect - 3G Application Interface;c:\windows\system32\DRIVERS\ewusbser.sys [2005-07-26 65152]
R3 jlink;J-Link driver;c:\windows\system32\Drivers\jlink.sys [2007-07-11 14208]
S0 AvgRkx86;avgrkx86.sys;c:\windows\System32\Drivers\avgrkx86.sys [2010-03-05 52872]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-06-22 216400]
S1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-06-22 243024]
S3 Duntlw;UNTLW device;c:\windows\system32\Drivers\DuntlwNT.sys [2006-02-24 53568]

.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = hxxp://www.dell.com
uInternet Connection Wizard,ShellNext = hxxp://www.idnes.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\Dell\Bluetooth Software\btsendto_ie_ctx.htm
Trusted Zone: secheron.com
Trusted Zone: secheron.com
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-03 10:19
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,79,00,73,00,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1832)
c:\windows\system32\IWPDGINA.DLL
c:\program files\Intel\Wireless\Bin\LgNotify.dll
.
Celkový čas: 2010-08-03 10:22:27
ComboFix-quarantined-files.txt 2010-08-03 08:22
ComboFix2.txt 2010-08-03 08:14

Před spuštěním: 22 445 993 984 bytes free
Po spuštění: 22 424 457 216 bytes free

- - End Of File - - 4EDEB302314C56A53584D1B044276EDA

Změnilo se něco?

Nikoliv. Většina windows služeb je stále nefunkční. Už nevím co zkusit dál. Chtěl bych se vyhnout reinstalaci systému.

Ale na opravu z inst. cd by jste si troufnul?

Určitě

Zkuste to tedy. Ideální by bylo, kdyby jste měl instalační cd k Vašemu OS se sp2, který na pc máte.

Instalační CD s XP SP2 mám, ale nevím jak v konzoli pro zotavení opravit můj problém.

Poradíte?

Zkuste tento návod,pokud uděláte pouze opravu systému, o data nepřijdete.
Ale stejně bych Vám ty nejdůležitější doporučila zazálohovat.
http://www.viry.cz/forum/viewtopic.php?f=46&t=41036

Jak to vypadá?