VIRY.CZ

zdravim, ked som prisla z intraku domov nasi sa postazovali, ze pocitac neskutocne blbne
ked som to videla...sama nechapem kde je problem a preto vas prosim o pomoc

ide o to, ze pri surfovani na roznych prehliadacoch dochadza k prepinaniu "okien" so strankami...priklad...vcera som bola na poslednom webe na googli..otvori sa mi ten...zadam inu adresu, prejde na nu, ale po par sekundach mi zas prepne na google, alebo predchadzajuco navstivene webstranky...to iste sa deje aj v dokumentoch a tomto pocitaci na pc...samo mi to prehodi tam, kde to bolo naposledy...nic sa na compe prakticky neda robit a preto sa pytam, co to moze sposobovat resp. ci sa to da nejak zachranit

pripajam log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:58:01, on 6.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
F:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
F:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
F:\WINDOWS\system32\nvsvc32.exe
F:\WINDOWS\system32\PSIService.exe
F:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
F:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
F:\WINDOWS\system32\wscntfy.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\LClock\LClock.exe
F:\WINDOWS\VistaDrive\VistaDrive.exe
F:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
F:\WINDOWS\SOUNDMAN.EXE
F:\WINDOWS\vsnp2std.exe
F:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\OpenOffice.org 3\program\soffice.exe
F:\Program Files\OpenOffice.org 3\program\soffice.bin
F:\PROGRA~1\ICQ7.1\ICQ.exe
F:\Programy\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - F:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - F:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - F:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [LClock] F:\Program Files\LClock\LClock.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VistaDrive] F:\WINDOWS\VistaDrive\VistaDrive.exe
O4 - HKLM\..\Run: [egui] "F:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [snp2std] F:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ICQ] "F:\Program Files\ICQ7.1\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] F:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] F:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = F:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - F:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - F:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: f:\windows\system32\nwprovau.dll
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/d ... ontrol.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - F:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - F:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - F:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe LM Service - Adobe Systems - F:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - F:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - F:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Update Service (gupdate1c995eeefd62074) (gupdate1c995eeefd62074) - Google Inc. - F:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - F:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - F:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - F:\WINDOWS\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - F:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - F:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - F:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 8605 bytes

Zdravim
Stahni OTListIt2>> OTL
Označ položku Pro všechny uživatele.
Označ položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Klikn na tlačítko Prohledat
Po dokončení, sem vlož logy OTL.Txt a Extras.tx

OTL

OTL logfile created on: 6.5.2010 18:30:15 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = F:\Programy
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

767,00 Mb Total Physical Memory | 343,00 Mb Available Physical Memory | 45,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): F:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files
Drive C: | 38,28 Gb Total Space | 30,13 Gb Free Space | 78,70% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 111,78 Gb Total Space | 39,63 Gb Free Space | 35,45% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CODENAME
Current User Name: Veronika
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.05.06 18:29:12 | 000,570,880 | ---- | M] (OldTimer Tools) -- F:\Programy\OTL.exe
PRC - [2010.04.08 10:59:33 | 000,133,368 | ---- | M] (ICQ, LLC.) -- F:\Program Files\ICQ7.1\ICQ.exe
PRC - [2010.04.04 09:45:20 | 000,910,296 | ---- | M] (Mozilla Corporation) -- F:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.02.25 12:02:02 | 000,716,616 | ---- | M] (TuneUp Software) -- F:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) -- F:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2009.09.28 10:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- F:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009.02.06 14:23:36 | 000,727,720 | ---- | M] (ESET) -- F:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009.02.06 14:23:12 | 002,021,400 | ---- | M] (ESET) -- F:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2008.06.10 04:27:04 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- F:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
PRC - [2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\explorer.exe
PRC - [2007.08.31 17:46:28 | 001,460,560 | ---- | M] (Safer Networking Limited) -- F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2007.06.05 14:20:32 | 000,177,704 | ---- | M] () -- F:\WINDOWS\system32\PSIService.exe
PRC - [2007.04.16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- F:\WINDOWS\SOUNDMAN.EXE
PRC - [2006.10.05 15:56:28 | 000,280,779 | ---- | M] () -- F:\WINDOWS\VistaDrive\VistaDrive.exe
PRC - [2006.01.06 14:57:06 | 000,344,064 | ---- | M] (Sonix) -- F:\WINDOWS\vsnp2std.exe
PRC - [2004.09.19 07:27:46 | 000,065,536 | ---- | M] () -- F:\Program Files\LClock\LClock.exe


========== Modules (SafeList) ==========

MOD - [2010.05.06 18:29:12 | 000,570,880 | ---- | M] (OldTimer Tools) -- F:\Programy\OTL.exe
MOD - [2008.04.14 02:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010.04.08 11:23:30 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- F:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.02.25 11:59:54 | 001,047,880 | ---- | M] (TuneUp Software) [Auto | Running] -- F:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.02.25 11:56:02 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- F:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.09.28 10:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- F:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.02.06 14:27:06 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- F:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.02.06 14:23:36 | 000,727,720 | ---- | M] (ESET) [Auto | Running] -- F:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2007.06.05 14:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- F:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2007.03.26 13:06:24 | 000,292,864 | ---- | M] (Nokia.) [On_Demand | Stopped] -- F:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)


========== Driver Services (SafeList) ==========

DRV - [2009.10.14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- F:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.02.06 14:24:24 | 000,093,336 | ---- | M] (ESET) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009.02.06 14:23:18 | 000,106,208 | ---- | M] (ESET) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.02.06 14:19:52 | 000,113,448 | ---- | M] (ESET) [File_System | Auto | Running] -- F:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2008.08.15 22:03:34 | 000,021,672 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2008.08.15 22:03:34 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2008.04.13 20:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.13 20:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008.01.07 10:37:36 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2007.11.02 17:56:50 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- F:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2007.04.25 16:20:48 | 004,030,144 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2007.04.19 14:26:00 | 003,988,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007.02.22 10:15:56 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\nmwcd.sys -- (nmwcd)
DRV - [2007.02.22 10:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\nmwcdcm.sys -- (nmwcdcm)
DRV - [2007.02.22 10:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\nmwcdcj.sys -- (nmwcdcj)
DRV - [2007.02.22 10:15:14 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\nmwcdc.sys -- (nmwcdc)
DRV - [2006.09.01 01:52:22 | 000,094,274 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2006.02.26 17:21:19 | 000,089,856 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- F:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2006.02.26 17:21:19 | 000,016,640 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- F:\WINDOWS\system32\DRIVERS\nvcchflt.sys -- (nvcchflt)
DRV - [2006.02.26 17:03:29 | 000,021,760 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- F:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2006.02.15 15:36:50 | 010,221,568 | ---- | M] () [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD)
DRV - [2006.01.13 15:00:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\vd_filedisk.sys -- (VD_FileDisk)
DRV - [2005.10.27 08:01:58 | 000,150,016 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\DDPlayCam.sys -- (DDPlayCam)
DRV - [2003.10.10 16:06:26 | 000,062,720 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- F:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2003.10.10 15:06:24 | 000,052,128 | ---- | M] (Protection Technology) [Kernel | System | Running] -- F:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.09.06 14:27:06 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- F:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.09.06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- F:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2001.08.23 20:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001.08.23 20:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-842925246-1364589140-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-21-842925246-1364589140-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-842925246-1364589140-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru
IE - HKU\S-1-5-21-842925246-1364589140-682003330-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-842925246-1364589140-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..extensions.enabledItems: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}:0.9.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3
FF - prefs.js..extensions.enabledItems: firefox@facebook.com:1.4.4
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:3.0.8
FF - prefs.js..extensions.enabledItems: {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.5
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.21
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.2
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8
FF - prefs.js..extensions.enabledItems: smartbookmarksbar@remy.juteau:1.4.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: noia2_option@kk.noia:3.76
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76
FF - prefs.js..extensions.enabledItems: {069FB356-C69F-7349-D092-AB28AF836D0E}:0.9.030
FF - prefs.js..extensions.enabledItems: {33A8946C-B859-4f7d-8382-ADAB29623DEE}:3.6
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.90
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... 2.0.0.2&q="


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: F:\Program Files\Mozilla Firefox\components [2010.04.12 17:58:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: F:\Program Files\Mozilla Firefox\plugins [2010.04.29 20:21:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: F:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009.04.16 10:58:59 | 000,000,000 | ---D | M]

[2009.03.05 22:43:15 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Extensions
[2009.03.05 22:43:15 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010.05.05 19:09:50 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\extensions
[2010.03.12 12:10:54 | 000,000,000 | ---D | M] (Phoenity Next (formerly Phoenity Reborn)) -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\extensions\{069FB356-C69F-7349-D092-AB28AF836D0E}
[2010.04.08 11:32:38 | 000,000,000 | ---D | M] (Vista-aero) -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
[2010.04.29 20:08:17 | 000,000,000 | ---D | M] (FlashGot) -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010.04.08 11:32:34 | 000,000,000 | ---D | M] (Scribblies Kids) -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\extensions\{33A8946C-B859-4f7d-8382-ADAB29623DEE}
[2010.03.12 12:10:53 | 000,000,000 | ---D | M] (Linkification) -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010.04.08 11:00:36 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.03.12 12:10:56 | 000,000,000 | ---D | M] (Firefox Showcase) -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}
[2010.04.08 11:32:15 | 000,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2010.05.05 19:09:32 | 000,000,000 | ---D | M] (DownloadHelper) -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009.07.27 13:25:57 | 000,000,000 | ---D | M] (PitchDark) -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\extensions\{c1dffba0-628e-11d9-9669-0800200c9a66}
[2010.01.13 17:45:30 | 000,000,000 | ---D | M] (Fast Video Download (with SearchMenu)) -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2010.05.05 19:09:29 | 000,000,000 | ---D | M] (Adblock Plus) -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.04.11 16:39:57 | 000,000,000 | ---D | M] (Greasemonkey) -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.03.12 12:10:43 | 000,000,000 | ---D | M] (Download Manager Tweak) -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}
[2010.05.05 19:09:37 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\extensions\firefox@facebook.com
[2010.04.08 11:33:20 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\extensions\noia2_option@kk.noia
[2009.03.04 20:43:47 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\extensions\smartbookmarksbar@remy.juteau
[2010.04.08 11:32:38 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}\chrome\mozapps\extensions
[2010.04.30 13:20:52 | 000,000,950 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-1.xml
[2009.04.24 12:10:04 | 000,000,950 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-10.xml
[2008.11.13 17:51:14 | 000,000,950 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-11.xml
[2008.12.18 15:10:30 | 000,000,950 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-12.xml
[2009.01.11 15:16:40 | 000,000,950 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-13.xml
[2009.02.06 15:08:03 | 000,000,950 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-14.xml
[2009.03.06 17:16:15 | 000,000,950 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-15.xml
[2009.04.16 18:54:49 | 000,000,950 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-16.xml
[2009.05.13 09:45:26 | 000,000,950 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-17.xml
[2009.06.26 11:36:05 | 000,000,950 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-18.xml
[2009.07.26 13:53:49 | 000,000,950 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-19.xml
[2007.11.02 17:50:37 | 000,000,949 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-2.xml
[2009.07.27 14:14:45 | 000,000,950 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-20.xml
[2009.08.23 17:17:41 | 000,000,950 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-21.xml
[2009.10.03 15:06:40 | 000,000,950 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-22.xml
[2010.01.13 17:45:44 | 000,000,950 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-23.xml
[2010.02.22 11:19:22 | 000,000,961 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-24.xml
[2010.03.12 12:25:44 | 000,000,950 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-25.xml
[2010.04.08 10:56:32 | 000,000,950 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-26.xml
[2010.04.08 11:01:04 | 000,000,950 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-27.xml
[2007.11.28 08:35:36 | 000,000,949 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-3.xml
[2007.12.02 16:30:00 | 000,000,949 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-4.xml
[2008.01.24 14:51:26 | 000,000,949 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-5.xml
[2008.02.08 18:54:23 | 000,000,949 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-6.xml
[2008.02.19 19:46:37 | 000,000,949 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-7.xml
[2008.03.27 13:18:33 | 000,000,949 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-8.xml
[2008.04.17 18:04:11 | 000,000,949 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin-9.xml
[2010.04.08 11:00:36 | 000,000,168 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin.gif
[2010.04.08 11:00:36 | 000,000,618 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin.src
[2010.02.03 14:37:50 | 000,000,947 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\icqplugin.xml
[2009.02.14 19:18:05 | 000,002,061 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\qipsearch.xml
[2009.02.02 17:00:03 | 000,001,363 | ---- | M] () -- F:\Documents and Settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\searchplugins\war-board-search.xml
[2010.05.05 19:09:50 | 000,000,000 | ---D | M] -- F:\Program Files\Mozilla Firefox\extensions
[2009.01.11 10:32:37 | 000,000,000 | ---D | M] (No name found) -- F:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.04.08 11:25:26 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- F:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.04.29 20:21:34 | 000,000,000 | ---D | M] (Java Console) -- F:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.29 20:21:20 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- F:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.04.02 15:17:23 | 000,001,583 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2010.04.02 15:17:23 | 000,001,380 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2010.04.02 15:17:23 | 000,001,479 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2010.04.02 15:17:23 | 000,001,473 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2010.04.02 15:17:23 | 000,001,104 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2010.04.02 15:17:23 | 000,000,830 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2008.09.04 14:26:02 | 000,000,027 | ---- | M]) - F:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - F:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - F:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - F:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - F:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-842925246-1364589140-682003330-1004\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - F:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [egui] F:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [LClock] F:\Program Files\LClock\LClock.exe ()
O4 - HKLM..\Run: [NvCplDaemon] F:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [snp2std] F:\WINDOWS\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [SoundMan] F:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] F:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VistaDrive] F:\WINDOWS\VistaDrive\VistaDrive.exe ()
O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] F:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] F:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-21-842925246-1364589140-682003330-1004..\Run: [ICQ] F:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-842925246-1364589140-682003330-1004..\Run: [SpybotSD TeaTimer] F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: F:\Documents and Settings\Andrej\Start Menu\Programs\Startup\NHL® 09 Registration.lnk = C:\Program Files\EA Sports\NHL 09\Support\EAregister.exe (Leader Technologies)
O4 - Startup: F:\Documents and Settings\Ivka\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = F:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-21-842925246-1364589140-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-842925246-1364589140-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-842925246-1364589140-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-21-842925246-1364589140-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-21-842925246-1364589140-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-21-842925246-1364589140-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-842925246-1364589140-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-21-842925246-1364589140-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-842925246-1364589140-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - F:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - F:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - F:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - F:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: CabBuilder http://ak.imgag.com/imgag/kiw/toolbar/d ... ontrol.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - F:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - F:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - F:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - F:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - F:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (F:\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe) - F:\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - F:\WINDOWS\System32\WgaLogon.dll ()
O24 - Desktop WallPaper: F:\Documents and Settings\Veronika\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: F:\Documents and Settings\Veronika\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - F:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.11.01 12:50:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8b21b626-6e96-11dd-a83e-00508d4c3bc1}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.04.29 20:22:18 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Veronika\Application Data\OpenOffice.org
[2010.04.29 20:21:33 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- F:\WINDOWS\System32\deployJava1.dll
[2010.04.29 20:21:32 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- F:\WINDOWS\System32\javaws.exe
[2010.04.29 20:21:32 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- F:\WINDOWS\System32\javaw.exe
[2010.04.29 20:21:31 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- F:\WINDOWS\System32\java.exe
[2010.04.29 20:17:16 | 000,000,000 | ---D | C] -- F:\Program Files\OpenOffice.org 3
[2010.04.29 20:16:01 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Veronika\Desktop\OpenOffice.org 3.2 (sk) Installation Files
[2010.04.09 12:16:51 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Veronika\Local Settings\Application Data\DFX
[2010.04.08 14:22:42 | 000,021,504 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\hidserv.dll
[2010.04.08 14:22:21 | 000,060,032 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\drivers\USBAUDIO.sys
[2010.04.08 14:22:21 | 000,060,032 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\usbaudio.sys
[2010.04.08 14:09:28 | 000,000,000 | ---D | C] -- F:\Program Files\Your Uninstaller 2010
[2010.04.08 14:06:05 | 000,000,000 | RH-D | C] -- F:\Documents and Settings\Veronika\Recent
[2010.04.08 11:25:17 | 000,000,000 | ---D | C] -- F:\Program Files\Common Files\Skype
[2010.04.08 11:19:00 | 000,030,536 | ---- | C] (TuneUp Software) -- F:\WINDOWS\System32\TURegOpt.exe
[2010.04.08 11:18:59 | 000,030,024 | ---- | C] (TuneUp Software) -- F:\WINDOWS\System32\uxtuneup.dll
[2010.04.08 11:18:22 | 000,000,000 | ---D | C] -- F:\Program Files\TuneUp Utilities 2010
[2010.04.08 11:17:38 | 000,000,000 | -HSD | C] -- F:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.04.08 10:59:38 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Veronika\Local Settings\Application Data\AOL
[2010.04.08 10:59:25 | 000,000,000 | ---D | C] -- F:\Program Files\ICQ7.1
[2010.04.08 10:58:12 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Veronika\My Documents\Preberanie
[2007.11.10 16:43:03 | 000,147,456 | ---- | C] ( ) -- F:\WINDOWS\rsnp2std.dll
[2007.11.10 16:43:03 | 000,053,248 | ---- | C] ( ) -- F:\WINDOWS\System32\csnp2std.dll
[1 F:\WINDOWS\System32\*.tmp files -> F:\WINDOWS\System32\*.tmp -> ]
[1 F:\WINDOWS\*.tmp files -> F:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.05.06 18:27:45 | 000,088,723 | ---- | M] () -- F:\WINDOWS\System32\nvapps.xml
[2010.05.06 18:27:42 | 000,000,868 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.05.06 17:49:00 | 000,000,872 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.06 17:34:20 | 000,000,908 | ---- | M] () -- F:\WINDOWS\tasks\Google Software Updater.job
[2010.05.06 17:34:01 | 000,000,006 | -H-- | M] () -- F:\WINDOWS\tasks\SA.DAT
[2010.05.06 17:33:59 | 000,002,048 | --S- | M] () -- F:\WINDOWS\bootstat.dat
[2010.05.06 17:33:57 | 804,839,424 | -HS- | M] () -- F:\hiberfil.sys
[2010.05.06 13:32:38 | 009,175,040 | ---- | M] () -- F:\Documents and Settings\Veronika\NTUSER.DAT
[2010.05.06 13:32:38 | 000,000,178 | -HS- | M] () -- F:\Documents and Settings\Veronika\ntuser.ini
[2010.05.04 15:36:54 | 000,000,592 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\Opera.lnk
[2010.05.03 15:01:23 | 000,002,262 | ---- | M] () -- F:\WINDOWS\System32\wpa.dbl
[2010.04.30 13:09:34 | 000,380,832 | ---- | M] () -- F:\WINDOWS\System32\FNTCACHE.DAT
[2010.04.29 20:21:17 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- F:\WINDOWS\System32\javaws.exe
[2010.04.29 20:21:16 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- F:\WINDOWS\System32\javaw.exe
[2010.04.29 20:21:16 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- F:\WINDOWS\System32\javacpl.cpl
[2010.04.29 20:21:15 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- F:\WINDOWS\System32\java.exe
[2010.04.29 20:21:14 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- F:\WINDOWS\System32\deployJava1.dll
[2010.04.29 20:18:37 | 000,000,893 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.2.lnk
[2010.04.17 11:58:00 | 000,001,915 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\Google Zem.lnk
[2010.04.16 15:18:12 | 000,000,069 | ---- | M] () -- F:\WINDOWS\NeroDigital.ini
[2010.04.08 14:09:50 | 000,000,761 | ---- | M] () -- F:\Documents and Settings\Veronika\Desktop\Your Uninstaller!.lnk
[2010.04.08 13:56:40 | 000,100,096 | ---- | M] () -- F:\Documents and Settings\Veronika\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010.04.08 12:15:43 | 000,022,528 | ---- | M] () -- F:\Documents and Settings\Veronika\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.08 11:57:59 | 000,000,654 | ---- | M] () -- F:\Documents and Settings\Veronika\Desktop\CCleaner.lnk
[2010.04.08 11:25:17 | 000,001,896 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010.04.08 11:23:29 | 000,001,731 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\TuneUp 1-Click Maintenance.lnk
[2010.04.08 11:23:29 | 000,001,729 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\TuneUp Utilities.lnk
[2010.04.08 11:05:05 | 000,001,487 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\ICQ7.1.lnk
[2010.04.08 10:35:55 | 000,028,736 | ---- | M] () -- F:\WINDOWS\hpdj3840.his
[2010.04.08 10:35:55 | 000,004,007 | ---- | M] () -- F:\WINDOWS\hpdj3840.ini
[1 F:\WINDOWS\System32\*.tmp files -> F:\WINDOWS\System32\*.tmp -> ]
[1 F:\WINDOWS\*.tmp files -> F:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.04.29 20:18:37 | 000,000,893 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.2.lnk
[2010.04.17 11:58:00 | 000,001,915 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\Google Zem.lnk
[2010.04.08 14:09:50 | 000,000,761 | ---- | C] () -- F:\Documents and Settings\Veronika\Desktop\Your Uninstaller!.lnk
[2010.04.08 11:25:17 | 000,001,896 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010.04.08 11:18:57 | 000,001,731 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\TuneUp 1-Click Maintenance.lnk
[2010.04.08 11:18:57 | 000,001,729 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\TuneUp Utilities.lnk
[2010.04.08 11:05:05 | 000,001,487 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\ICQ7.1.lnk
[2010.04.08 10:34:31 | 000,243,652 | ---- | C] () -- F:\WINDOWS\hpdj3840.hi2
[2010.04.08 10:34:31 | 000,009,180 | ---- | C] () -- F:\WINDOWS\hpdj3840.bu2
[2009.01.15 12:10:23 | 000,069,632 | ---- | C] () -- F:\WINDOWS\System32\xmltok.dll
[2009.01.15 12:10:23 | 000,036,864 | ---- | C] () -- F:\WINDOWS\System32\xmlparse.dll
[2008.10.01 13:58:53 | 000,000,023 | ---- | C] () -- F:\WINDOWS\System32\w_madriver.dll
[2008.09.22 16:56:10 | 000,354,816 | ---- | C] () -- F:\WINDOWS\System32\psisdecd.dll
[2008.09.04 13:59:13 | 000,000,250 | ---- | C] () -- F:\WINDOWS\gmer.ini
[2008.09.04 13:59:11 | 000,884,736 | ---- | C] () -- F:\WINDOWS\gmer.dll
[2008.05.07 18:41:23 | 000,003,485 | ---- | C] () -- F:\WINDOWS\Translator 2005.INI
[2008.04.22 08:43:44 | 000,000,055 | ---- | C] () -- F:\WINDOWS\usdthank.ini
[2008.04.22 08:43:44 | 000,000,031 | ---- | C] () -- F:\WINDOWS\idc.ini
[2008.01.29 16:01:19 | 000,000,600 | ---- | C] () -- F:\WINDOWS\Rtcw.INI
[2008.01.17 19:05:09 | 000,000,034 | ---- | C] () -- F:\WINDOWS\cdplayer.ini
[2007.12.24 19:44:09 | 000,356,352 | ---- | C] () -- F:\WINDOWS\System32\licence.dll
[2007.12.21 21:58:26 | 000,000,092 | ---- | C] () -- F:\WINDOWS\wininit.ini
[2007.11.14 13:45:35 | 000,000,069 | ---- | C] () -- F:\WINDOWS\NeroDigital.ini
[2007.11.11 16:21:33 | 000,004,224 | ---- | C] () -- F:\WINDOWS\Slovnik 2005.INI
[2007.11.10 16:43:05 | 000,015,497 | ---- | C] () -- F:\WINDOWS\snp2std.ini
[2007.11.10 16:43:04 | 010,221,568 | ---- | C] () -- F:\WINDOWS\System32\drivers\snp2sxp.sys
[2007.11.08 13:06:48 | 000,006,580 | -HS- | C] () -- F:\WINDOWS\System32\KGyGaAvL.sys
[2007.11.02 21:10:02 | 000,013,312 | ---- | C] () -- F:\WINDOWS\System32\BASSMOD.dll
[2007.11.02 17:56:50 | 000,685,816 | ---- | C] () -- F:\WINDOWS\System32\drivers\sptd.sys
[2007.11.01 22:05:44 | 000,000,061 | ---- | C] () -- F:\WINDOWS\TEXTware.ini
[2007.11.01 22:05:39 | 000,147,456 | ---- | C] () -- F:\WINDOWS\System32\Twavbx32.dll
[2007.11.01 22:05:39 | 000,115,200 | ---- | C] () -- F:\WINDOWS\System32\UnzDll.dll
[2007.11.01 22:05:39 | 000,090,112 | ---- | C] () -- F:\WINDOWS\System32\idiom010227.dll
[2007.11.01 22:05:38 | 000,113,288 | ---- | C] () -- F:\WINDOWS\System32\bass.dll
[2007.11.01 22:05:37 | 000,143,360 | ---- | C] () -- F:\WINDOWS\System32\ILXTBS.DLL
[2007.11.01 19:40:56 | 001,703,936 | ---- | C] () -- F:\WINDOWS\System32\nvwdmcpl.dll
[2007.11.01 19:40:56 | 001,474,560 | ---- | C] () -- F:\WINDOWS\System32\nview.dll
[2007.11.01 19:40:56 | 001,019,904 | ---- | C] () -- F:\WINDOWS\System32\nvwimg.dll
[2007.11.01 19:40:56 | 000,466,944 | ---- | C] () -- F:\WINDOWS\System32\nvshell.dll
[2007.11.01 19:35:01 | 000,147,456 | ---- | C] () -- F:\WINDOWS\System32\RTLCPAPI.dll
[2007.11.01 19:32:12 | 000,286,720 | ---- | C] () -- F:\WINDOWS\System32\nvnt4cpl.dll
[2007.11.01 19:31:50 | 000,581,632 | ---- | C] () -- F:\WINDOWS\System32\nvhwvid.dll
[2007.11.01 19:31:48 | 000,212,992 | ---- | C] () -- F:\WINDOWS\System32\nvapi.dll
[2007.11.01 14:11:22 | 000,004,007 | ---- | C] () -- F:\WINDOWS\hpdj3840.ini
[2007.11.01 13:56:27 | 000,005,278 | ---- | C] () -- F:\WINDOWS\WDICT32.INI
[2007.11.01 13:56:05 | 000,004,790 | ---- | C] () -- F:\WINDOWS\WTRAN32.INI
[2007.11.01 13:22:11 | 000,002,654 | ---- | C] () -- F:\WINDOWS\wincmd.ini
[2007.11.01 12:46:20 | 000,000,156 | ---- | C] () -- F:\WINDOWS\System32\cpuz.ini
[2007.07.01 12:55:24 | 000,394,240 | ---- | C] () -- F:\WINDOWS\System32\HMTCD.dll
[2007.04.10 15:02:50 | 001,481,728 | ---- | C] () -- F:\WINDOWS\System32\LegitCheckControl.dll
[2007.04.10 15:00:46 | 000,190,976 | ---- | C] () -- F:\WINDOWS\System32\WgaLogon.dll
[2005.12.07 12:31:00 | 000,202,752 | R--- | C] () -- F:\WINDOWS\System32\CddbCdda.dll
[2005.10.14 12:56:50 | 003,596,288 | ---- | C] () -- F:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- F:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 000,761,856 | ---- | C] () -- F:\WINDOWS\System32\xvidcore.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- F:\WINDOWS\System32\xvid.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- F:\WINDOWS\System32\OggDS.dll
[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- F:\WINDOWS\System32\vorbis.dll
[2005.10.14 12:56:50 | 000,155,136 | ---- | C] () -- F:\WINDOWS\System32\unrar.dll
[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- F:\WINDOWS\System32\ogg.dll
[2001.08.23 20:00:00 | 000,061,440 | ---- | C] () -- F:\WINDOWS\System32\CopyToSendTo.dll

========== LOP Check ==========

[2007.11.08 11:02:35 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\avg7
[2007.11.04 20:49:09 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Azureus
[2009.12.06 11:43:54 | 000,000,000 | -H-D | M] -- F:\Documents and Settings\All Users\Application Data\CanonBJ
[2009.12.11 11:38:15 | 000,000,000 | -H-D | M] -- F:\Documents and Settings\All Users\Application Data\CanonIJScan
[2009.08.26 20:14:35 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\DFX
[2009.06.21 17:06:49 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009.04.16 10:58:57 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\ESET
[2010.04.08 11:00:32 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\ICQ
[2008.06.24 18:55:38 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Installations
[2007.11.01 15:00:01 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Last.fm
[2005.01.25 21:46:06 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\LogMeIn
[2008.06.24 18:59:36 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\PC Suite
[2010.04.08 14:10:41 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\TEMP
[2010.04.08 11:18:14 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\TuneUp Software
[2008.01.09 19:32:36 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\vsosdk
[2009.02.01 21:35:33 | 000,000,000 | -HSD | M] -- F:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2009.04.09 12:30:53 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010.04.08 11:17:38 | 000,000,000 | -HSD | M] -- F:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2007.11.02 10:32:22 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Andrej\Application Data\AVG7
[2009.12.14 17:30:20 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Andrej\Application Data\Azureus
[2008.10.07 14:52:17 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Andrej\Application Data\BSplayer
[2010.01.06 15:22:43 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Andrej\Application Data\Canon
[2009.12.10 17:21:32 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Andrej\Application Data\Canon Easy-WebPrint EX
[2010.01.03 22:54:15 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Andrej\Application Data\HDRsoft
[2010.05.02 12:49:29 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Andrej\Application Data\ICQ
[2007.11.02 13:29:51 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Andrej\Application Data\ICQ Toolbar
[2008.07.02 16:09:26 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Andrej\Application Data\Leadertech
[2008.09.21 10:58:37 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Andrej\Application Data\MonkeyJam
[2009.12.01 15:16:43 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Andrej\Application Data\MSNInstaller
[2009.01.14 18:42:50 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Andrej\Application Data\Nokia
[2009.04.30 17:30:15 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Andrej\Application Data\Nokia Multimedia Player
[2008.05.23 14:08:36 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Andrej\Application Data\Opera
[2008.04.01 16:08:09 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Andrej\Application Data\Oxford
[2008.06.24 19:28:20 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Andrej\Application Data\PC Suite
[2008.10.28 15:02:37 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Andrej\Application Data\Subory.sk Uploader
[2007.11.17 14:18:34 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Andrej\Application Data\TuneUp Software
[2007.11.02 11:04:27 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Andrej\Application Data\URSoft
[2008.10.16 14:41:30 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Andrej\Application Data\Xilisoft Corporation
[2007.11.02 22:59:56 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Ivka\Application Data\AVG7
[2009.02.22 17:28:09 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Ivka\Application Data\BSplayer
[2009.12.13 18:38:08 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Ivka\Application Data\Canon
[2010.01.12 17:37:04 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Ivka\Application Data\Canon Easy-WebPrint EX
[2008.01.26 13:48:11 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Ivka\Application Data\ICQ
[2008.06.30 14:11:22 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Ivka\Application Data\ICQ Toolbar
[2009.09.13 17:14:41 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Ivka\Application Data\Opera
[2008.06.30 14:08:37 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Ivka\Application Data\PC Suite
[2008.07.21 12:53:03 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Ivka\Application Data\TuneUp Software
[2007.11.01 13:45:49 | 000,000,000 | ---D | M] -- F:\Documents and Settings\LocalService\Application Data\AVG7
[2007.11.02 23:02:27 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Lubo\Application Data\AVG7
[2007.11.04 17:13:19 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Lubo\Application Data\ICQ Toolbar
[2009.11.19 20:28:48 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Lubo\Application Data\Nokia
[2008.05.19 18:17:41 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Lubo\Application Data\Opera
[2009.11.19 20:29:28 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Lubo\Application Data\PC Suite
[2008.05.20 19:43:15 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Lubo\Application Data\TuneUp Software
[2007.11.01 14:38:02 | 000,000,000 | ---D | M] -- F:\Documents and Settings\NetworkService\Application Data\AVG7
[2007.11.02 14:16:37 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\AVG7
[2008.12.31 23:36:44 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\Azureus
[2009.03.09 13:12:13 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\BSplayer
[2009.03.09 13:14:43 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\BSplayer Pro
[2009.12.11 11:38:15 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\Canon
[2010.04.08 11:01:47 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\Canon Easy-WebPrint EX
[2009.01.04 18:24:58 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\fltk.org
[2008.09.16 09:12:44 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\HEXelon
[2010.04.08 11:05:19 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\ICQ
[2007.11.01 14:50:16 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\ICQ Toolbar
[2008.10.23 13:57:57 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\Leadertech
[2009.03.07 11:21:38 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\LimeWire
[2008.06.24 18:59:40 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\Nokia
[2008.06.28 19:06:02 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\Nokia Multimedia Player
[2010.04.29 20:22:18 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\OpenOffice.org
[2007.11.05 11:29:49 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\Opera
[2007.11.13 20:06:38 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\Oxford
[2008.06.26 19:24:49 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\PC Suite
[2008.10.29 11:51:18 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\QIP
[2009.01.02 14:58:02 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\ScummVM
[2008.10.16 13:45:19 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\Subory.sk Uploader
[2008.12.29 22:41:54 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\TeamViewer
[2007.11.02 21:10:38 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\TuneUp Software
[2010.04.08 14:02:21 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\URSoft
[2009.02.13 19:12:03 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\uTorrent
[2010.04.08 11:54:39 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\Vso
[2008.10.11 21:35:27 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Veronika\Application Data\Xilisoft Corporation

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 157 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:1CE11B51
@Alternate Data Stream - 155 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:C4252FE0
@Alternate Data Stream - 120 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:89EAFAFC
< End of report >

Extras

OTL Extras logfile created on: 6.5.2010 18:30:15 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = F:\Programy
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

767,00 Mb Total Physical Memory | 343,00 Mb Available Physical Memory | 45,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): F:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files
Drive C: | 38,28 Gb Total Space | 30,13 Gb Free Space | 78,70% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 111,78 Gb Total Space | 39,63 Gb Free Space | 35,45% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CODENAME
Current User Name: Veronika
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- F:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-842925246-1364589140-682003330-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- F:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "F:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "F:\Program Files\Opera\Opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- F:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"F:\Program Files\ICQ7.1\ICQ.exe" = F:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1 -- (ICQ, LLC.)
"F:\Program Files\ICQ7.1\aolload.exe" = F:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"F:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = F:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"F:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = F:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"F:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = F:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"F:\Program Files\Last.fm\LastFM.exe" = F:\Program Files\Last.fm\LastFM.exe:*:Enabled:Last.fm -- (Last.fm)
"F:\Program Files\iTunes\iTunes.exe" = F:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"F:\Program Files\Opera\opera.exe" = F:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"F:\Program Files\ICQ7.1\ICQ.exe" = F:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1 -- (ICQ, LLC.)
"F:\Program Files\ICQ7.1\aolload.exe" = F:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066D65EA-ED53-44E4-A96A-F81B6E409D2E}" = PC Connectivity Solution
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Zem
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP990_series" = Canon MP990 series MP Drivers
"{1A0D2EFC-C4FC-446A-8BC3-57A54CE5EADD}" = Opera 10.53
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Odovzdávací nástroj lokality Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}" = Nokia PC Suite
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = SLIM322
"{77E927C4-C603-4E77-8E4E-5EEAD58EBF41}" = Windows Live Messenger
"{7CCEBC24-62DB-4280-A8EC-BFA49F167920}" = Software Update for Web Folders
"{81C6BFED-691E-402A-95DA-F6DE1A351051}" = Nero 8 Demo
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{3C3813E1-C370-4F32-9639-8B43C7C780CD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{F67648A4-713E-4298-BBAD-A83D8283B0F3}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{2659571A-3405-4486-B7D8-2F125BC0E3B2}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}" = Nokia Connectivity Cable Driver
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}" = iTunes
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{B7CF6A5E-EBBE-4B79-B833-BDF71BBF399E}" = OpenOffice.org 3.2
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDF97135-7FD2-4289-96B8-DD4505267ACD}" = ESET NOD32 Antivirus
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{ED8EF3C2-FA5B-4A1E-950D-5A0227161F97}" = ArcSoft PhotoStudio 6
"{EE092FB2-4B8D-4C02-AEDA-D8DE697F7794}" = Windows Live Essentials
"{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}" = Adobe Stock Photos 1.0
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F2B5A2A7-2DF9-4361-8BD5-362714528B51}" = NHL® 09
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"Advanced Grammar in Use" = Advanced Grammar in Use
"ASIO4ALL" = ASIO4ALL
"BSPlayerp" = BS.Player PRO
"Canon MP990 series User Registration" = Canon MP990 series User Registration
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"CPLBonus" = CPL All-in-One
"DFX for Windows Media Player" = DFX for Windows Media Player
"DVDFab Platinum 4_is1" = DVDFab Platinum 4.0.3.2 Ghosthunter release
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-PhotoPrint Pro" = Canon Utilities Easy-PhotoPrint Pro
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"English Grammar in Use" = English Grammar in Use
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"IE7-MUI" = Windows Internet Explorer 7 Multilingual User Interface (MUI)
"ie8" = Windows Internet Explorer 8
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"LastFM_is1" = Last.fm 1.5.4.24567
"LClock" = LClock
"Lexicon 4.0" = Lingea Lexicon 2002
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Oxford Advanced Genie" = Oxford Advanced Genie
"PhotomatixPro3Betax32_is1" = Photomatix Pro version 3.2.5
"PSPad editor_is1" = PSPad editor
"ST6UNST #1" = Slovník profesionála
"TC UP" = Total Commander Ultima Prime 4.2.0.0
"TuneUp Utilities" = TuneUp Utilities
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"YU2010_is1" = Your Uninstaller! 2010

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-842925246-1364589140-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2005" = QIP 2005 8092

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 25.2.2010 10:39:50 | Computer Name = CODENAME | Source = MsiInstaller | ID = 11704
Description = Product: Google Update Helper -- Error 1704. An installation for Google
Zem is currently suspended. You must undo the changes made by that installation
to continue. Do you want to undo those changes?

Error - 8.4.2010 5:12:07 | Computer Name = CODENAME | Source = MsiInstaller | ID = 11905
Description = Product: HP Software Update -- Error 1905.Module F:\Program Files\Hewlett-Packard\eSupportDiags\HPCommunication.dll
failed to unregister. HRESULT -2147220472. Contact your support personnel.

Error - 8.4.2010 5:12:08 | Computer Name = CODENAME | Source = MsiInstaller | ID = 11905
Description = Product: HP Software Update -- Error 1905.Module F:\Program Files\Hewlett-Packard\eSupportDiags\InternetUtil.dll
failed to unregister. HRESULT -2147220472. Contact your support personnel.

Error - 8.4.2010 5:12:08 | Computer Name = CODENAME | Source = MsiInstaller | ID = 11905
Description = Product: HP Software Update -- Error 1905.Module F:\Program Files\Hewlett-Packard\eSupportDiags\HPeSupport.dll
failed to unregister. HRESULT -2147220472. Contact your support personnel.

Error - 8.4.2010 5:12:09 | Computer Name = CODENAME | Source = MsiInstaller | ID = 11905
Description = Product: HP Software Update -- Error 1905.Module F:\Program Files\Hewlett-Packard\eSupportDiags\HPBasicDetection.dll
failed to unregister. HRESULT -2147220472. Contact your support personnel.

Error - 8.4.2010 5:12:09 | Computer Name = CODENAME | Source = MsiInstaller | ID = 11905
Description = Product: HP Software Update -- Error 1905.Module F:\Program Files\Hewlett-Packard\eSupportDiags\RulesEngine.dll
failed to unregister. HRESULT -2147220472. Contact your support personnel.

Error - 8.4.2010 5:12:09 | Computer Name = CODENAME | Source = MsiInstaller | ID = 11905
Description = Product: HP Software Update -- Error 1905.Module F:\Program Files\Hewlett-Packard\eSupportDiags\HPeDiag.dll
failed to unregister. HRESULT -2147220472. Contact your support personnel.

Error - 8.4.2010 5:12:09 | Computer Name = CODENAME | Source = MsiInstaller | ID = 11905
Description = Product: HP Software Update -- Error 1905.Module F:\Program Files\Hewlett-Packard\eSupportDiags\HPScripting.dll
failed to unregister. HRESULT -2147220472. Contact your support personnel.

Error - 8.4.2010 5:12:09 | Computer Name = CODENAME | Source = MsiInstaller | ID = 11905
Description = Product: HP Software Update -- Error 1905.Module F:\Program Files\Hewlett-Packard\eSupportDiags\capicom.dll
failed to unregister. HRESULT -2147220472. Contact your support personnel.

Error - 29.4.2010 14:19:42 | Computer Name = CODENAME | Source = MsiInstaller | ID = 11500
Description = Product: Java(TM) 6 Update 20 -- Error 1500.Another installation is
in progress. You must complete that installation before continuing this one.

[ System Events ]
Error - 5.5.2010 9:38:02 | Computer Name = CODENAME | Source = DCOM | ID = 10010
Description = Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} sa v danom časovom limite
nezaregistroval na serveri DCOM.

Error - 5.5.2010 10:12:23 | Computer Name = CODENAME | Source = nv | ID = 11141134
Description = Unknown error on

Error - 5.5.2010 10:50:28 | Computer Name = CODENAME | Source = DCOM | ID = 10010
Description = Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} sa v danom časovom limite
nezaregistroval na serveri DCOM.

Error - 5.5.2010 11:54:48 | Computer Name = CODENAME | Source = nv | ID = 11141134
Description = Unknown error on

Error - 5.5.2010 12:40:13 | Computer Name = CODENAME | Source = DCOM | ID = 10010
Description = Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} sa v danom časovom limite
nezaregistroval na serveri DCOM.

Error - 5.5.2010 13:14:55 | Computer Name = CODENAME | Source = Disk | ID = 262151
Description = Zariadenie \Device\Harddisk0\D má chybný blok.

Error - 5.5.2010 13:15:40 | Computer Name = CODENAME | Source = Disk | ID = 262151
Description = Zariadenie \Device\Harddisk0\D má chybný blok.

Error - 6.5.2010 5:17:15 | Computer Name = CODENAME | Source = DCOM | ID = 10010
Description = Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} sa v danom časovom limite
nezaregistroval na serveri DCOM.

Error - 6.5.2010 8:17:39 | Computer Name = CODENAME | Source = DCOM | ID = 10010
Description = Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} sa v danom časovom limite
nezaregistroval na serveri DCOM.

Error - 6.5.2010 11:36:04 | Computer Name = CODENAME | Source = DCOM | ID = 10010
Description = Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} sa v danom časovom limite
nezaregistroval na serveri DCOM.

[ TuneUp Events ]
Error - 27.8.2009 6:34:32 | Computer Name = CODENAME | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 27.8.2009 6:38:06 | Computer Name = CODENAME | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 28.8.2009 3:46:10 | Computer Name = CODENAME | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 17.1.2010 7:10:00 | Computer Name = CODENAME | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 5.4.2010 13:15:11 | Computer Name = CODENAME | Source = TuneUp Program Statistics | ID = 131840
Description =


< End of report >

spust OTL-do okna vlastni skenovani/opravy-vloz zeleny text a klik-RunFix-log po restarte vloz sem

Stiahnes>>Malwarebytes' Anti-Malware stiahnut-nainstalovat -aktualizovat-
sprav komplet skan,co najde zmaz,log vloz sem,

Stáhni, nainstaluj program CCleaner - http://www.ccleaner.com/download/downloadpage.aspx?f=2
- PravyKlik na kos-spustit ccleaner ->>>Cakas>>na cistenie,,
PravyKlik na kos-otvorit ccleaner-záložka Windows a stiskni Analyzovat a poté Spustit Cleaner
- Klikni na záložku Aplikace a stiskni Analyzovat a poté Spustit Cleaner
- Klikni na Registry, stiskni Hledej problémy, po dokončení skenování klikni na Opravit vybrané problémy,
-zvol Ano pro vytvoření zálohy, ulož nabídnutý soubor a klikni na Opravit všechny problémy,

PROSIM CITAJTE POZORNE NAVODY!!!,

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte>>
http://download.bleepingcomputer.com/sUBs/ComboFix.exe



Suhlasit instalacio Konzoly pre zotavenie (Recovery console)


- ComboFix je třeba spustit pod účtem s právy administrátora.
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano;

A este raz >ANO<

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího modreho okna

- Po dokončení skenování, trvajícího maximálně 10-15 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah do svého threadu na forum
- Před použitím ComboFixu je treba vypnout všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary. NAVOD: http://www.bleepingcomputer.com/forums/topic114351.html
Mohou zasahovat do činnosti ComboFixu, což může způsobit, že nebude fungovat korektně.
V případě detekce antiviru u ComboFixu se jedná o falešný poplach.

takze postupne

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKU\S-1-5-21-842925246-1364589140-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-842925246-1364589140-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-842925246-1364589140-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "http://start.icq.com/" removed from browser.startup.homepage
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\VistaDrive deleted successfully.
F:\WINDOWS\VistaDrive\VistaDrive.exe moved successfully.
Starting removal of ActiveX control CabBuilder
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\CabBuilder\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\CabBuilder\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\CabBuilder\ not found.
ADS F:\Documents and Settings\All Users\Application Data\TEMP:1CE11B51 deleted successfully.
ADS F:\Documents and Settings\All Users\Application Data\TEMP:C4252FE0 deleted successfully.
ADS F:\Documents and Settings\All Users\Application Data\TEMP:89EAFAFC deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Andrej
->Temp folder emptied: 40442148 bytes
->Temporary Internet Files folder emptied: 13371049 bytes
->Java cache emptied: 1443309 bytes
->FireFox cache emptied: 47741245 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 4159 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41 bytes

User: Ivka
->Temp folder emptied: 3030565 bytes
->Temporary Internet Files folder emptied: 10861256 bytes
->Java cache emptied: 117938 bytes
->FireFox cache emptied: 40145661 bytes
->Opera cache emptied: 28178583 bytes
->Flash cache emptied: 45127 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Lubo
->Temp folder emptied: 12075146 bytes
->Temporary Internet Files folder emptied: 566649 bytes
->FireFox cache emptied: 34407177 bytes
->Flash cache emptied: 4951 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Veronika
->Temp folder emptied: 72462588 bytes
->Temporary Internet Files folder emptied: 3335191 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 62944075 bytes
->Apple Safari cache emptied: 4795433 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 12417 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 712764 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 359,00 mb


[EMPTYFLASH]

User: All Users

User: Andrej
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Ivka
->Flash cache emptied: 0 bytes

User: LocalService

User: Lubo
->Flash cache emptied: 0 bytes

User: NetworkService

User: Veronika
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.4.1 log created on 05072010_105126

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verzia databázy: 4073

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7.5.2010 11:51:36
mbam-log-2010-05-07 (11-51-36).txt

Typ kontroly: Úplná kontrola (C:\|F:\|)
Objektov kontrolovaných: 263171
Uplynulý čas: 53 min, 57 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 1
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 4

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
HKEY_CURRENT_USER\SOFTWARE\xprepairpro2007 (Rogue.XPRepairPro2007) -> Quarantined and deleted successfully.

Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
C:\Downloads\BS.Player.Pro.v2.35.985\Keygen-CORE\keygen.exe (Trojan.Agent) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{3B123AE6-B9BA-4778-AA27-37B4BE2229B5}\RP101\A0117811.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{3B123AE6-B9BA-4778-AA27-37B4BE2229B5}\RP73\A0089909.DLL (Hacktool) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\directx.cpl (Malware.Packer.Gen) -> Quarantined and deleted successfully.

ComboFix 10-05-06.04 - Veronika 07.05.2010 12:11:37.5.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.767.493 [GMT 2:00]
Running from: f:\documents and settings\Veronika\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

f:\documents and settings\Veronika\My Documents\cc_20100507_120055.reg
f:\windows\system32\winlogon.bak

.
((((((((((((((((((((((((( Files Created from 2010-04-07 to 2010-05-07 )))))))))))))))))))))))))))))))
.

2010-05-07 08:56 . 2010-05-07 08:56 -------- d-----w- f:\documents and settings\Veronika\Application Data\Malwarebytes
2010-05-07 08:56 . 2010-04-29 13:39 38224 ----a-w- f:\windows\system32\drivers\mbamswissarmy.sys
2010-05-07 08:56 . 2010-05-07 08:56 -------- d-----w- f:\documents and settings\All Users\Application Data\Malwarebytes
2010-05-07 08:56 . 2010-04-29 13:39 20952 ----a-w- f:\windows\system32\drivers\mbam.sys
2010-05-07 08:56 . 2010-05-07 08:56 -------- d-----w- f:\program files\Malwarebytes' Anti-Malware
2010-05-07 08:51 . 2010-05-07 08:51 -------- d-----w- F:\_OTL
2010-04-29 18:22 . 2010-04-29 18:22 1 ----a-w- f:\documents and settings\Veronika\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-04-29 18:22 . 2010-04-29 18:22 -------- d-----w- f:\documents and settings\Veronika\Application Data\OpenOffice.org
2010-04-29 18:21 . 2010-04-29 18:21 411368 ----a-w- f:\windows\system32\deployJava1.dll
2010-04-29 18:17 . 2010-04-29 18:17 -------- d-----w- f:\program files\OpenOffice.org 3
2010-04-26 18:07 . 2010-04-26 18:07 0 ----a-w- f:\documents and settings\Ivka\jagex__preferences3.dat
2010-04-21 10:17 . 2010-04-21 10:17 -------- d-----w- f:\documents and settings\Andrej\Local Settings\Application Data\AOL
2010-04-09 10:16 . 2010-04-09 10:16 -------- d-----w- f:\documents and settings\Veronika\Local Settings\Application Data\DFX
2010-04-08 12:22 . 2008-04-14 00:11 21504 ----a-w- f:\windows\system32\hidserv.dll
2010-04-08 12:22 . 2008-04-14 00:11 21504 ----a-w- f:\windows\system32\dllcache\hidserv.dll
2010-04-08 12:22 . 2008-04-13 18:45 60032 ----a-w- f:\windows\system32\drivers\USBAUDIO.sys
2010-04-08 12:22 . 2008-04-13 18:45 60032 ----a-w- f:\windows\system32\dllcache\usbaudio.sys
2010-04-08 12:09 . 2010-04-08 12:09 -------- d-----w- f:\program files\Your Uninstaller 2010
2010-04-08 09:25 . 2010-04-08 09:25 -------- d-----w- f:\program files\Common Files\Skype
2010-04-08 09:19 . 2010-02-25 10:03 30536 ----a-w- f:\windows\system32\TURegOpt.exe
2010-04-08 09:18 . 2010-02-25 09:56 30024 ----a-w- f:\windows\system32\uxtuneup.dll
2010-04-08 09:18 . 2010-04-08 09:23 -------- d-----w- f:\program files\TuneUp Utilities 2010
2010-04-08 09:17 . 2010-04-08 09:17 -------- d-sh--w- f:\documents and settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-04-08 08:59 . 2010-04-08 08:59 -------- d-----w- f:\documents and settings\Veronika\Local Settings\Application Data\AOL
2010-04-08 08:59 . 2010-04-21 10:17 -------- d-----w- f:\program files\ICQ7.1
2010-04-07 14:42 . 2010-04-07 14:42 503808 ----a-w- f:\documents and settings\Veronika\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-44ee2812-n\msvcp71.dll
2010-04-07 14:42 . 2010-04-07 14:42 499712 ----a-w- f:\documents and settings\Veronika\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-44ee2812-n\jmc.dll
2010-04-07 14:42 . 2010-04-07 14:42 348160 ----a-w- f:\documents and settings\Veronika\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-44ee2812-n\msvcr71.dll
2010-04-07 14:42 . 2010-04-07 14:42 61440 ----a-w- f:\documents and settings\Veronika\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6da1ad8f-n\decora-sse.dll
2010-04-07 14:42 . 2010-04-07 14:42 12800 ----a-w- f:\documents and settings\Veronika\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6da1ad8f-n\decora-d3d.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-07 10:06 . 2007-11-01 12:06 105488 ----a-w- f:\documents and settings\Veronika\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-07 09:54 . 2007-12-21 19:00 -------- d-----w- f:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-05-06 18:09 . 2010-02-02 15:15 75 ----a-w- f:\documents and settings\Andrej\jagex_runescape_preferences2.dat
2010-05-06 18:09 . 2010-03-24 15:40 50 ----a-w- f:\documents and settings\Andrej\jagex__preferences3.dat
2010-05-06 18:09 . 2010-02-02 15:14 41 ----a-w- f:\documents and settings\Andrej\jagex_runescape_preferences.dat
2010-05-05 17:05 . 2010-03-16 18:57 41 ----a-w- f:\documents and settings\Ivka\jagex_runescape_preferences.dat
2010-05-05 17:05 . 2010-03-16 18:57 75 ----a-w- f:\documents and settings\Ivka\jagex_runescape_preferences2.dat
2010-05-04 13:36 . 2007-11-05 09:29 -------- d-----w- f:\program files\Opera
2010-05-02 13:14 . 2008-06-30 12:27 105488 ----a-w- f:\documents and settings\Ivka\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-02 10:49 . 2007-11-06 14:41 -------- d-----w- f:\documents and settings\Andrej\Application Data\ICQ
2010-05-01 14:56 . 2007-11-07 15:23 105488 ----a-w- f:\documents and settings\Andrej\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-04-29 18:21 . 2008-01-03 19:26 -------- d-----w- f:\program files\Java
2010-04-29 18:08 . 2007-11-04 10:30 181096 ----a-w- f:\documents and settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\FlashGot.exe
2010-04-29 15:44 . 2007-11-10 11:11 -------- d-----w- f:\documents and settings\Andrej\Application Data\Skype
2010-04-29 14:02 . 2008-07-20 08:21 -------- d-----w- f:\documents and settings\Andrej\Application Data\skypePM
2010-04-17 09:54 . 2008-07-14 16:49 -------- d-----w- f:\program files\Google
2010-04-08 12:10 . 2007-11-01 12:26 -------- d---a-w- f:\documents and settings\All Users\Application Data\TEMP
2010-04-08 12:02 . 2007-11-01 12:26 -------- d-----w- f:\documents and settings\Veronika\Application Data\URSoft
2010-04-08 09:54 . 2008-01-09 17:25 -------- d-----w- f:\documents and settings\Veronika\Application Data\Vso
2010-04-08 09:44 . 2007-11-01 12:45 -------- d--h--w- f:\program files\InstallShield Installation Information
2010-04-08 09:42 . 2007-11-01 12:45 -------- d-----w- f:\documents and settings\Veronika\Application Data\Skype
2010-04-08 09:25 . 2007-11-01 12:44 -------- d-----r- f:\program files\Skype
2010-04-08 09:18 . 2007-11-02 19:10 -------- d-----w- f:\documents and settings\All Users\Application Data\TuneUp Software
2010-04-08 09:07 . 2007-11-01 12:44 -------- d-----w- f:\documents and settings\All Users\Application Data\Skype
2010-04-08 09:05 . 2007-11-01 12:44 -------- d-----w- f:\documents and settings\Veronika\Application Data\ICQ
2010-04-08 09:01 . 2009-12-06 09:50 -------- d-----w- f:\documents and settings\Veronika\Application Data\Canon Easy-WebPrint EX
2010-04-08 09:00 . 2008-11-09 17:53 -------- d-----w- f:\documents and settings\All Users\Application Data\ICQ
2010-04-08 08:54 . 2008-10-10 12:21 -------- d-----w- f:\program files\Common Files\Apple
2010-04-08 08:51 . 2007-11-01 12:01 -------- d-----w- f:\documents and settings\All Users\Application Data\Microsoft Help
2010-04-08 08:32 . 2007-11-08 11:16 -------- d-----w- f:\documents and settings\Veronika\Application Data\Corel
2010-04-08 08:31 . 2007-11-08 11:15 -------- d-----w- f:\documents and settings\All Users\Application Data\Corel
2010-04-08 08:26 . 2009-12-06 09:41 -------- d-----w- f:\program files\Canon
2010-04-07 14:41 . 2007-11-01 20:00 -------- d-----w- f:\program files\Slovnik
2010-03-22 13:49 . 2010-03-22 13:49 503808 ----a-w- f:\documents and settings\Ivka\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2fb8958e-n\msvcp71.dll
2010-03-22 13:49 . 2010-03-22 13:49 499712 ----a-w- f:\documents and settings\Ivka\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2fb8958e-n\jmc.dll
2010-03-22 13:49 . 2010-03-22 13:49 348160 ----a-w- f:\documents and settings\Ivka\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2fb8958e-n\msvcr71.dll
2010-03-22 13:49 . 2010-03-22 13:49 61440 ----a-w- f:\documents and settings\Ivka\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3f1f63d6-n\decora-sse.dll
2010-03-22 13:49 . 2010-03-22 13:49 12800 ----a-w- f:\documents and settings\Ivka\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3f1f63d6-n\decora-d3d.dll
2010-03-12 13:25 . 2010-03-12 13:25 348160 ----a-w- f:\documents and settings\Andrej\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-528789d7-n\msvcr71.dll
2010-03-12 13:25 . 2010-03-12 13:25 503808 ----a-w- f:\documents and settings\Andrej\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-528789d7-n\msvcp71.dll
2010-03-12 13:25 . 2010-03-12 13:25 499712 ----a-w- f:\documents and settings\Andrej\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-528789d7-n\jmc.dll
2010-03-12 13:25 . 2010-03-12 13:25 61440 ----a-w- f:\documents and settings\Andrej\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-57c3fd44-n\decora-sse.dll
2010-03-12 13:25 . 2010-03-12 13:25 12800 ----a-w- f:\documents and settings\Andrej\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-57c3fd44-n\decora-d3d.dll
2010-03-12 13:25 . 2008-01-03 19:25 -------- d-----w- f:\program files\Common Files\Java
2010-02-25 19:11 . 2010-02-25 19:06 -------- d-----w- f:\windows\Fonts\Graffiti_Fonts_by_milos1_www.balkan-media.org
2008-03-19 11:21 . 2007-11-08 11:06 6580 --sha-w- f:\windows\system32\KGyGaAvL.sys
2008-11-26 14:23 . 2008-11-24 19:38 32 --sha-w- f:\windows\system32\drivers\fidbox.dat
.

------- Sigcheck -------

[-] 2009-07-23 . 679A7259741F6A09994F02CE261B5F2E . 507904 . . [5.1.2600.5512] . . f:\windows\system32\winlogon.exe
[7] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . f:\windows\ServicePackFiles\i386\winlogon.exe
[7] 2004-08-03 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . f:\windows\$NtServicePackUninstall$\winlogon.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="f:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 1460560]
"ICQ"="f:\program files\ICQ7.1\ICQ.exe" [2010-04-08 133368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LClock"="f:\program files\LClock\LClock.exe" [2004-09-19 65536]
"NvCplDaemon"="f:\windows\system32\NvCpl.dll" [2007-04-19 7700480]
"egui"="f:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"snp2std"="f:\windows\vsnp2std.exe" [2006-01-06 344064]
"SunJavaUpdateSched"="f:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="f:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2009-03-08 128512]

f:\documents and settings\Andrej\Start Menu\Programs\Startup\
NHLR 09 Registration.lnk - c:\program files\EA Sports\NHL 09\Support\EAregister.exe [2008-10-4 4374792]

f:\documents and settings\Ivka\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - f:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="f:\documents and settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=f:\windows\system32\ctfmon.exe
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="f:\program files\Common Files\Nero\Lib\NMBgMonitor.exe"
"Firefox"=f:\program files\Mozilla Firefox\firefox.exe
"Skype"="f:\program files\Skype\Phone\Skype.exe" /nosplash /minimized

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NvCplDaemon"=RUNDLL32.EXE f:\windows\system32\NvCpl.dll,NvStartup
"NvMediaCenter"=RUNDLL32.EXE f:\windows\system32\NvMcTray.dll,NvTaskbarInit
"nwiz"=nwiz.exe /install
"tsnp2std"=f:\windows\tsnp2std.exe
"Adobe Reader Speed Launcher"="f:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"NeroFilterCheck"=f:\program files\Common Files\Nero\Lib\NeroCheck.exe
"Adobe Photo Downloader"="f:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
"NBKeyScan"="f:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"PCSuiteTrayApplication"=f:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
"QuickTime Task"="f:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="f:\program files\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="f:\program files\Java\jre1.6.0_07\bin\jusched.exe"
"PDVD8LanguageShortcut"="f:\program files\CyberLink\PowerDVD8\Language\Language.exe"
"CanonMyPrinter"=f:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
"RemoteControl8"="f:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe"
"UnlockerAssistant"=f:\program files\Unlocker\UnlockerAssistant.exe -H
"GrooveMonitor"="f:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"ArcSoft Connection Service"=f:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"CanonSolutionMenu"=f:\program files\Canon\SolutionMenu\CNSLMAIN.exe /logon

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"f:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"f:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"f:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"f:\\Program Files\\Last.fm\\LastFM.exe"=
"f:\\Program Files\\iTunes\\iTunes.exe"=
"f:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"f:\\Program Files\\Opera\\opera.exe"=
"f:\\Program Files\\ICQ7.1\\ICQ.exe"=
"f:\\Program Files\\ICQ7.1\\aolload.exe"=
"f:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"f:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 nvcchflt;NVIDIA Disk Cache Filter Driver;f:\windows\system32\drivers\nvcchflt.sys [1.11.2007 19:34 16640]
R1 ehdrv;ehdrv;f:\windows\system32\drivers\ehdrv.sys [6.2.2009 14:23 106208]
R1 epfwtdir;epfwtdir;f:\windows\system32\drivers\epfwtdir.sys [6.2.2009 14:24 93336]
R1 VD_FileDisk;VD_FileDisk;f:\windows\system32\drivers\vd_filedisk.sys [13.1.2006 15:00 15872]
R2 ekrn;ESET Service;f:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [6.2.2009 14:23 727720]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;f:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [25.2.2010 11:59 1047880]
R3 DDPlayCam;DDPlay Virtual Camera;f:\windows\system32\drivers\DDPlayCam.sys [2.3.2006 8:08 150016]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;f:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
S0 sptd;sptd;f:\windows\system32\drivers\sptd.sys [2.11.2007 17:56 685816]
S1 aswSP;avast! Self Protection; [x]
S2 aswFsBlk;aswFsBlk;f:\windows\system32\DRIVERS\aswFsBlk.sys --> f:\windows\system32\DRIVERS\aswFsBlk.sys [?]
S2 gupdate1c995eeefd62074;Google Update Service (gupdate1c995eeefd62074);f:\program files\Google\Update\GoogleUpdate.exe [23.2.2009 21:43 133104]
S3 ggflt;SEMC USB Flash Driver Filter;f:\windows\system32\drivers\ggflt.sys [15.8.2008 22:03 13352]
S3 teamviewervpn;TeamViewer VPN Adapter;f:\windows\system32\drivers\teamviewervpn.sys [7.1.2008 10:37 25088]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WudfServiceGroup REG_SZ hex(7):57,00,55,00,44,00,46,00,53,00,76,00,63,00,00,00,00,00

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2010-05-07 f:\windows\Tasks\Google Software Updater.job
- f:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-04 17:37]

2010-05-07 f:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- f:\program files\Google\Update\GoogleUpdate.exe [2009-02-23 19:42]

2010-05-07 f:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- f:\program files\Google\Update\GoogleUpdate.exe [2009-02-23 19:42]
.
.
------- Supplementary Scan -------
.
uStart Page =
uDefault_Search_URL =
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovat do aplikace Microsoft Excel - f:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - f:\program files\ICQ7.1\ICQ.exe
DPF: CabBuilder
FF - ProfilePath - f:\documents and settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.2&q=
FF - component: f:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: f:\program files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: f:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: f:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
FF - plugin: f:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: f:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: f:\program files\Opera\program\plugins\npqtplugin8.dll
FF - plugin: f:\program files\QuickTime\Plugins\npqtplugin8.dll

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
f:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
f:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
f:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
f:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
f:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
f:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
f:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
f:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
f:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -

AddRemove-QIP 2005 - f:\program files\QIP\unins001.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-07 12:17
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2010-05-07 12:21:18
ComboFix-quarantined-files.txt 2010-05-07 10:21

Pre-Run: 42 852 708 352 bytes free
Post-Run: 10 adresárov, 42 816 700 416 voľných bajtov

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(1)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - A37928EAC98C3A83DFA10238584D81A6

Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý zeleny tex: Potom klik na Subor -> Uložiť ako.. .. -> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *všetky súbory
A ulož ho na plochu.> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :


Po skonceni skenu vlož log čo ComboFix vytvorí

ComboFix 10-05-06.04 - Veronika 07.05.2010 14:15:07.6.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.767.438 [GMT 2:00]
Running from: f:\documents and settings\Veronika\Desktop\ComboFix.exe
Command switches used :: f:\documents and settings\Veronika\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
--------------- FCopy ---------------

f:\windows\ServicePackFiles\i386\winlogon.exe --> f:\windows\system32\winlogon.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ASWFSBLK
-------\Legacy_ASWSP
-------\Service_aswFsBlk
-------\Service_aswSP


((((((((((((((((((((((((( Files Created from 2010-04-07 to 2010-05-07 )))))))))))))))))))))))))))))))
.

2010-05-07 11:35 . 2010-02-12 04:33 100864 ------w- f:\windows\system32\dllcache\6to4svc.dll
2010-05-07 11:32 . 2009-12-16 18:43 343040 ------w- f:\windows\system32\dllcache\mspaint.exe
2010-05-07 11:31 . 2009-11-27 16:07 8704 ------w- f:\windows\system32\dllcache\tsbyuv.dll
2010-05-07 11:31 . 2009-11-27 16:07 84992 ------w- f:\windows\system32\dllcache\avifil32.dll
2010-05-07 11:31 . 2009-11-27 16:07 11264 ------w- f:\windows\system32\dllcache\msrle32.dll
2010-05-07 11:31 . 2009-11-27 16:07 28672 ------w- f:\windows\system32\dllcache\msvidc32.dll
2010-05-07 11:31 . 2009-11-27 16:07 48128 ------w- f:\windows\system32\dllcache\iyuv_32.dll
2010-05-07 11:31 . 2009-11-27 17:11 17920 ------w- f:\windows\system32\dllcache\msyuv.dll
2010-05-07 11:30 . 2009-12-14 07:08 33280 ------w- f:\windows\system32\dllcache\csrsrv.dll
2010-05-07 11:30 . 2009-10-15 16:28 81920 ------w- f:\windows\system32\dllcache\fontsub.dll
2010-05-07 11:30 . 2009-10-15 16:28 119808 ------w- f:\windows\system32\dllcache\t2embed.dll
2010-05-07 11:30 . 2009-11-21 15:51 471552 ------w- f:\windows\system32\dllcache\aclayers.dll
2010-05-07 11:29 . 2009-10-13 10:30 270336 ------w- f:\windows\system32\dllcache\oakley.dll
2010-05-07 11:29 . 2009-10-12 13:38 79872 ------w- f:\windows\system32\dllcache\raschap.dll
2010-05-07 11:29 . 2009-10-12 13:38 149504 ------w- f:\windows\system32\dllcache\rastls.dll
2010-05-07 11:28 . 2009-06-24 11:18 92928 ------w- f:\windows\system32\dllcache\ksecdd.sys
2010-05-07 11:28 . 2009-09-11 14:18 136192 ------w- f:\windows\system32\dllcache\msv1_0.dll
2010-05-07 11:28 . 2009-06-25 08:25 54272 ------w- f:\windows\system32\dllcache\wdigest.dll
2010-05-07 11:28 . 2009-06-25 08:25 301568 ------w- f:\windows\system32\dllcache\kerberos.dll
2010-05-07 11:28 . 2009-10-23 15:28 3558912 ------w- f:\windows\system32\dllcache\moviemk.exe
2010-05-07 11:28 . 2009-07-17 16:22 1435648 ------w- f:\windows\system32\dllcache\query.dll
2010-05-07 11:27 . 2009-09-04 21:03 58880 ------w- f:\windows\system32\dllcache\msasn1.dll
2010-05-07 11:25 . 2009-06-21 21:44 153088 ------w- f:\windows\system32\dllcache\triedit.dll
2010-05-07 11:25 . 2009-06-10 06:14 132096 ------w- f:\windows\system32\dllcache\wkssvc.dll
2010-05-07 11:24 . 2009-06-12 12:31 80896 ------w- f:\windows\system32\dllcache\tlntsess.exe
2010-05-07 11:24 . 2009-06-12 12:31 76288 ------w- f:\windows\system32\dllcache\telnet.exe
2010-05-07 11:24 . 2009-07-17 19:01 58880 ------w- f:\windows\system32\dllcache\atl.dll
2010-05-07 11:24 . 2009-07-10 13:27 1315328 ------w- f:\windows\system32\dllcache\msoe.dll
2010-05-07 11:17 . 2010-02-12 10:03 293376 ------w- f:\windows\system32\browserchoice.exe
2010-05-07 10:50 . 2009-04-15 14:51 585216 ------w- f:\windows\system32\dllcache\rpcrt4.dll
2010-05-07 10:50 . 2009-05-07 15:32 345600 ------w- f:\windows\system32\dllcache\localspl.dll
2010-05-07 10:47 . 2009-12-24 06:59 177664 ------w- f:\windows\system32\dllcache\wintrust.dll
2010-05-07 10:47 . 2010-01-13 14:01 86016 ------w- f:\windows\system32\dllcache\cabview.dll
2010-05-07 08:56 . 2010-05-07 08:56 -------- d-----w- f:\documents and settings\Veronika\Application Data\Malwarebytes
2010-05-07 08:56 . 2010-04-29 13:39 38224 ----a-w- f:\windows\system32\drivers\mbamswissarmy.sys
2010-05-07 08:56 . 2010-05-07 08:56 -------- d-----w- f:\documents and settings\All Users\Application Data\Malwarebytes
2010-05-07 08:56 . 2010-04-29 13:39 20952 ----a-w- f:\windows\system32\drivers\mbam.sys
2010-05-07 08:56 . 2010-05-07 08:56 -------- d-----w- f:\program files\Malwarebytes' Anti-Malware
2010-05-07 08:51 . 2010-05-07 08:51 -------- d-----w- F:\_OTL
2010-04-29 18:22 . 2010-04-29 18:22 -------- d-----w- f:\documents and settings\Veronika\Application Data\OpenOffice.org
2010-04-29 18:21 . 2010-04-29 18:21 411368 ----a-w- f:\windows\system32\deployJava1.dll
2010-04-29 18:17 . 2010-04-29 18:17 -------- d-----w- f:\program files\OpenOffice.org 3
2010-04-26 18:07 . 2010-04-26 18:07 0 ----a-w- f:\documents and settings\Ivka\jagex__preferences3.dat
2010-04-21 10:17 . 2010-04-21 10:17 -------- d-----w- f:\documents and settings\Andrej\Local Settings\Application Data\AOL
2010-04-09 10:16 . 2010-04-09 10:16 -------- d-----w- f:\documents and settings\Veronika\Local Settings\Application Data\DFX
2010-04-08 12:22 . 2008-04-14 00:11 21504 ----a-w- f:\windows\system32\hidserv.dll
2010-04-08 12:22 . 2008-04-14 00:11 21504 ----a-w- f:\windows\system32\dllcache\hidserv.dll
2010-04-08 12:22 . 2008-04-13 18:45 60032 ----a-w- f:\windows\system32\drivers\USBAUDIO.sys
2010-04-08 12:22 . 2008-04-13 18:45 60032 ----a-w- f:\windows\system32\dllcache\usbaudio.sys
2010-04-08 12:09 . 2010-04-08 12:09 -------- d-----w- f:\program files\Your Uninstaller 2010
2010-04-08 09:25 . 2010-04-08 09:25 -------- d-----w- f:\program files\Common Files\Skype
2010-04-08 09:19 . 2010-02-25 10:03 30536 ----a-w- f:\windows\system32\TURegOpt.exe
2010-04-08 09:18 . 2010-02-25 09:56 30024 ----a-w- f:\windows\system32\uxtuneup.dll
2010-04-08 09:18 . 2010-04-08 09:23 -------- d-----w- f:\program files\TuneUp Utilities 2010
2010-04-08 09:17 . 2010-04-08 09:17 -------- d-sh--w- f:\documents and settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-04-08 08:59 . 2010-04-08 08:59 -------- d-----w- f:\documents and settings\Veronika\Local Settings\Application Data\AOL
2010-04-08 08:59 . 2010-04-21 10:17 -------- d-----w- f:\program files\ICQ7.1

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-07 12:08 . 2007-11-01 12:06 105488 ----a-w- f:\documents and settings\Veronika\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-07 11:59 . 2007-11-01 12:01 -------- d-----w- f:\documents and settings\All Users\Application Data\Microsoft Help
2010-05-07 11:40 . 2007-11-01 12:04 -------- d-----w- f:\program files\Microsoft Works
2010-05-07 09:54 . 2007-12-21 19:00 -------- d-----w- f:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-05-06 18:09 . 2010-02-02 15:15 75 ----a-w- f:\documents and settings\Andrej\jagex_runescape_preferences2.dat
2010-05-06 18:09 . 2010-03-24 15:40 50 ----a-w- f:\documents and settings\Andrej\jagex__preferences3.dat
2010-05-06 18:09 . 2010-02-02 15:14 41 ----a-w- f:\documents and settings\Andrej\jagex_runescape_preferences.dat
2010-05-05 17:05 . 2010-03-16 18:57 41 ----a-w- f:\documents and settings\Ivka\jagex_runescape_preferences.dat
2010-05-05 17:05 . 2010-03-16 18:57 75 ----a-w- f:\documents and settings\Ivka\jagex_runescape_preferences2.dat
2010-05-04 13:36 . 2007-11-05 09:29 -------- d-----w- f:\program files\Opera
2010-05-02 13:14 . 2008-06-30 12:27 105488 ----a-w- f:\documents and settings\Ivka\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-02 10:49 . 2007-11-06 14:41 -------- d-----w- f:\documents and settings\Andrej\Application Data\ICQ
2010-05-01 14:56 . 2007-11-07 15:23 105488 ----a-w- f:\documents and settings\Andrej\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-04-29 18:22 . 2010-04-29 18:22 1 ----a-w- f:\documents and settings\Veronika\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-04-29 18:21 . 2008-01-03 19:26 -------- d-----w- f:\program files\Java
2010-04-29 18:08 . 2007-11-04 10:30 181096 ----a-w- f:\documents and settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\FlashGot.exe
2010-04-29 15:44 . 2007-11-10 11:11 -------- d-----w- f:\documents and settings\Andrej\Application Data\Skype
2010-04-29 14:02 . 2008-07-20 08:21 -------- d-----w- f:\documents and settings\Andrej\Application Data\skypePM
2010-04-17 09:54 . 2008-07-14 16:49 -------- d-----w- f:\program files\Google
2010-04-08 12:10 . 2007-11-01 12:26 -------- d---a-w- f:\documents and settings\All Users\Application Data\TEMP
2010-04-08 12:02 . 2007-11-01 12:26 -------- d-----w- f:\documents and settings\Veronika\Application Data\URSoft
2010-04-08 09:54 . 2008-01-09 17:25 -------- d-----w- f:\documents and settings\Veronika\Application Data\Vso
2010-04-08 09:44 . 2007-11-01 12:45 -------- d--h--w- f:\program files\InstallShield Installation Information
2010-04-08 09:42 . 2007-11-01 12:45 -------- d-----w- f:\documents and settings\Veronika\Application Data\Skype
2010-04-08 09:25 . 2007-11-01 12:44 -------- d-----r- f:\program files\Skype
2010-04-08 09:18 . 2007-11-02 19:10 -------- d-----w- f:\documents and settings\All Users\Application Data\TuneUp Software
2010-04-08 09:07 . 2007-11-01 12:44 -------- d-----w- f:\documents and settings\All Users\Application Data\Skype
2010-04-08 09:05 . 2007-11-01 12:44 -------- d-----w- f:\documents and settings\Veronika\Application Data\ICQ
2010-04-08 09:01 . 2009-12-06 09:50 -------- d-----w- f:\documents and settings\Veronika\Application Data\Canon Easy-WebPrint EX
2010-04-08 09:00 . 2008-11-09 17:53 -------- d-----w- f:\documents and settings\All Users\Application Data\ICQ
2010-04-08 08:54 . 2008-10-10 12:21 -------- d-----w- f:\program files\Common Files\Apple
2010-04-08 08:32 . 2007-11-08 11:16 -------- d-----w- f:\documents and settings\Veronika\Application Data\Corel
2010-04-08 08:31 . 2007-11-08 11:15 -------- d-----w- f:\documents and settings\All Users\Application Data\Corel
2010-04-08 08:26 . 2009-12-06 09:41 -------- d-----w- f:\program files\Canon
2010-04-07 14:42 . 2010-04-07 14:42 503808 ----a-w- f:\documents and settings\Veronika\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-44ee2812-n\msvcp71.dll
2010-04-07 14:42 . 2010-04-07 14:42 499712 ----a-w- f:\documents and settings\Veronika\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-44ee2812-n\jmc.dll
2010-04-07 14:42 . 2010-04-07 14:42 348160 ----a-w- f:\documents and settings\Veronika\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-44ee2812-n\msvcr71.dll
2010-04-07 14:42 . 2010-04-07 14:42 61440 ----a-w- f:\documents and settings\Veronika\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6da1ad8f-n\decora-sse.dll
2010-04-07 14:42 . 2010-04-07 14:42 12800 ----a-w- f:\documents and settings\Veronika\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6da1ad8f-n\decora-d3d.dll
2010-04-07 14:41 . 2007-11-01 20:00 -------- d-----w- f:\program files\Slovnik
2010-03-22 13:49 . 2010-03-22 13:49 503808 ----a-w- f:\documents and settings\Ivka\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2fb8958e-n\msvcp71.dll
2010-03-22 13:49 . 2010-03-22 13:49 499712 ----a-w- f:\documents and settings\Ivka\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2fb8958e-n\jmc.dll
2010-03-22 13:49 . 2010-03-22 13:49 348160 ----a-w- f:\documents and settings\Ivka\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2fb8958e-n\msvcr71.dll
2010-03-22 13:49 . 2010-03-22 13:49 61440 ----a-w- f:\documents and settings\Ivka\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3f1f63d6-n\decora-sse.dll
2010-03-22 13:49 . 2010-03-22 13:49 12800 ----a-w- f:\documents and settings\Ivka\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3f1f63d6-n\decora-d3d.dll
2010-03-12 13:25 . 2010-03-12 13:25 348160 ----a-w- f:\documents and settings\Andrej\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-528789d7-n\msvcr71.dll
2010-03-12 13:25 . 2010-03-12 13:25 503808 ----a-w- f:\documents and settings\Andrej\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-528789d7-n\msvcp71.dll
2010-03-12 13:25 . 2010-03-12 13:25 499712 ----a-w- f:\documents and settings\Andrej\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-528789d7-n\jmc.dll
2010-03-12 13:25 . 2010-03-12 13:25 61440 ----a-w- f:\documents and settings\Andrej\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-57c3fd44-n\decora-sse.dll
2010-03-12 13:25 . 2010-03-12 13:25 12800 ----a-w- f:\documents and settings\Andrej\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-57c3fd44-n\decora-d3d.dll
2010-03-12 13:25 . 2008-01-03 19:25 -------- d-----w- f:\program files\Common Files\Java
2010-03-10 06:15 . 2007-07-01 10:54 420352 ----a-w- f:\windows\system32\vbscript.dll
2010-02-25 19:11 . 2010-02-25 19:06 -------- d-----w- f:\windows\Fonts\Graffiti_Fonts_by_milos1_www.balkan-media.org
2010-02-25 06:24 . 2007-07-01 10:54 916480 ----a-w- f:\windows\system32\wininet.dll
2010-02-24 13:11 . 2007-07-01 10:53 455680 ----a-w- f:\windows\system32\drivers\mrxsmb.sys
2010-02-17 07:10 . 2007-07-01 10:53 2189952 ------w- f:\windows\system32\ntoskrnl.exe
2010-02-16 13:25 . 2007-02-28 12:15 2066816 ------w- f:\windows\system32\ntkrnlpa.exe
2010-02-12 04:33 . 2007-07-01 10:50 100864 ----a-w- f:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2007-07-01 10:54 226880 ----a-w- f:\windows\system32\drivers\tcpip6.sys
2008-03-19 11:21 . 2007-11-08 11:06 6580 --sha-w- f:\windows\system32\KGyGaAvL.sys
2008-11-26 14:23 . 2008-11-24 19:38 32 --sha-w- f:\windows\system32\drivers\fidbox.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="f:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 1460560]
"ICQ"="f:\program files\ICQ7.1\ICQ.exe" [2010-04-08 133368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LClock"="f:\program files\LClock\LClock.exe" [2004-09-19 65536]
"NvCplDaemon"="f:\windows\system32\NvCpl.dll" [2007-04-19 7700480]
"egui"="f:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"snp2std"="f:\windows\vsnp2std.exe" [2006-01-06 344064]
"SunJavaUpdateSched"="f:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"GrooveMonitor"="f:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="f:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2009-03-08 128512]

f:\documents and settings\Andrej\Start Menu\Programs\Startup\
NHLR 09 Registration.lnk - c:\program files\EA Sports\NHL 09\Support\EAregister.exe [2008-10-4 4374792]

f:\documents and settings\Ivka\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - f:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="f:\documents and settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=f:\windows\system32\ctfmon.exe
"Skype"="f:\program files\Skype\Phone\Skype.exe" /nosplash /minimized

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NvCplDaemon"=RUNDLL32.EXE f:\windows\system32\NvCpl.dll,NvStartup
"NvMediaCenter"=RUNDLL32.EXE f:\windows\system32\NvMcTray.dll,NvTaskbarInit
"nwiz"=nwiz.exe /install
"tsnp2std"=f:\windows\tsnp2std.exe
"Adobe Reader Speed Launcher"="f:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"NeroFilterCheck"=f:\program files\Common Files\Nero\Lib\NeroCheck.exe
"Adobe Photo Downloader"="f:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
"NBKeyScan"="f:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"PCSuiteTrayApplication"=f:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
"QuickTime Task"="f:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="f:\program files\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="f:\program files\Java\jre1.6.0_07\bin\jusched.exe"
"PDVD8LanguageShortcut"="f:\program files\CyberLink\PowerDVD8\Language\Language.exe"
"CanonMyPrinter"=f:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
"RemoteControl8"="f:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe"
"UnlockerAssistant"=f:\program files\Unlocker\UnlockerAssistant.exe -H
"GrooveMonitor"="f:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"ArcSoft Connection Service"=f:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"CanonSolutionMenu"=f:\program files\Canon\SolutionMenu\CNSLMAIN.exe /logon

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"f:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"f:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"f:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"f:\\Program Files\\Last.fm\\LastFM.exe"=
"f:\\Program Files\\iTunes\\iTunes.exe"=
"f:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"f:\\Program Files\\Opera\\opera.exe"=
"f:\\Program Files\\ICQ7.1\\ICQ.exe"=
"f:\\Program Files\\ICQ7.1\\aolload.exe"=
"f:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"f:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 nvcchflt;NVIDIA Disk Cache Filter Driver;f:\windows\system32\drivers\nvcchflt.sys [1.11.2007 19:34 16640]
R0 sptd;sptd;f:\windows\system32\drivers\sptd.sys [2.11.2007 17:56 685816]
R1 ehdrv;ehdrv;f:\windows\system32\drivers\ehdrv.sys [6.2.2009 14:23 106208]
R1 epfwtdir;epfwtdir;f:\windows\system32\drivers\epfwtdir.sys [6.2.2009 14:24 93336]
R1 VD_FileDisk;VD_FileDisk;f:\windows\system32\drivers\vd_filedisk.sys [13.1.2006 15:00 15872]
R2 ekrn;ESET Service;f:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [6.2.2009 14:23 727720]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;f:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [25.2.2010 11:59 1047880]
R3 DDPlayCam;DDPlay Virtual Camera;f:\windows\system32\drivers\DDPlayCam.sys [2.3.2006 8:08 150016]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;f:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
S2 gupdate1c995eeefd62074;Google Update Service (gupdate1c995eeefd62074);f:\program files\Google\Update\GoogleUpdate.exe [23.2.2009 21:43 133104]
S3 ggflt;SEMC USB Flash Driver Filter;f:\windows\system32\drivers\ggflt.sys [15.8.2008 22:03 13352]
S3 teamviewervpn;TeamViewer VPN Adapter;f:\windows\system32\drivers\teamviewervpn.sys [7.1.2008 10:37 25088]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WudfServiceGroup REG_SZ hex(7):57,00,55,00,44,00,46,00,53,00,76,00,63,00,00,00,00,00

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2010-05-07 f:\windows\Tasks\Google Software Updater.job
- f:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-04 17:37]

2010-05-07 f:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- f:\program files\Google\Update\GoogleUpdate.exe [2009-02-23 19:42]

2010-05-07 f:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- f:\program files\Google\Update\GoogleUpdate.exe [2009-02-23 19:42]
.
.
------- Supplementary Scan -------
.
uStart Page =
uDefault_Search_URL =
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovat do aplikace Microsoft Excel - f:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - f:\program files\ICQ7.1\ICQ.exe
DPF: CabBuilder
FF - ProfilePath - f:\documents and settings\Veronika\Application Data\Mozilla\Firefox\Profiles\sqm8f9d0.default\
FF - component: f:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: f:\program files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: f:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: f:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
FF - plugin: f:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: f:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: f:\program files\Opera\program\plugins\npqtplugin8.dll
FF - plugin: f:\program files\QuickTime\Plugins\npqtplugin8.dll

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
f:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
f:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
f:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
f:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
f:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
f:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
f:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
f:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
f:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-07 14:24
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll prosync1.sys nvatabus.sys sptd.sys >>UNKNOWN [0x8368D8AC]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf74cbf28
\Driver\ACPI -> ACPI.sys @ 0xf733ccb8
\Driver\atapi -> atapi.sys @ 0xf72d1b40
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0615
ParseProcedure -> ntoskrnl.exe @ 0x8056c3ac
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0615
ParseProcedure -> ntoskrnl.exe @ 0x8056c3ac
NDIS: NVIDIA nForce Networking Controller -> SendCompleteHandler -> NDIS.sys @ 0xf71c4bb0
PacketIndicateHandler -> NDIS.sys @ 0xf71d1a21
SendHandler -> NDIS.sys @ 0xf71af87b
user & kernel MBR OK

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3320)
f:\windows\system32\WININET.dll
f:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll
f:\windows\system32\ieframe.dll
f:\program files\LClock\LC.dll
f:\windows\system32\WPDShServiceObj.dll
f:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
f:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
f:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_slk.nlr
f:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
f:\windows\system32\webcheck.dll
f:\windows\system32\PortableDeviceTypes.dll
f:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
f:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
f:\program files\Java\jre6\bin\jqs.exe
f:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
f:\windows\system32\nvsvc32.exe
f:\windows\system32\PSIService.exe
f:\windows\system32\wscntfy.exe
f:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
f:\windows\SOUNDMAN.EXE
.
**************************************************************************
.
Completion time: 2010-05-07 14:30:41 - machine was rebooted
ComboFix-quarantined-files.txt 2010-05-07 12:30
ComboFix2.txt 2010-05-07 10:21

Pre-Run: 39 983 730 688 bytes free
Post-Run: 39 938 678 784 bytes free

- - End Of File - - 59262EA04AD74D9EC471A6AF075FD50B

no nic,,ako sa chova pocitac??

zatial to slape ako ma dik moc, keby bol problem napisem sem do temy

ok
odinstaluj combofix-start-spustit-vloz prikaz combofix /uninstall ok
Precisti pc CCleanerom,ak este budu problemy tak napis
nemas zaco.

super nasi si nevedia zmenu vynachvalit odinstalovane, precistene...vsetko funguje

este raz velka vdaka zelam pekny vikend

nemas zaco
pekny vikend .