Help with not working antivirus/firewall/ ...

Hallo,
as many here I used file from my friend and it was a malware or whatever . It stopped all my antivirus, firewall, and some other functions. I tried to do few actions - restore point (no success), another antivirus (no success) etc. I'm ready to format HDD and my last chance is this forum where I found few people they get help from analysts. I read the related posts and passed few general steps till I get to the using combofix.exe. Here I stopped because I see warnings for not to use it if I'm not expert.

So here I post my logs from Decard. Not to bother and use too much space I attach the logs.
If here is anybody that could help to the stupid guy installing not secure files, I appreciate your help.

Many thanks

Mahroch

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Genuine Intel(R) CPU T2400 @ 1.83GHz
CPU 1: Genuine Intel(R) CPU T2400 @ 1.83GHz
Percentage of Memory in Use: 44%
Physical Memory (total/avail): 1014.37 MiB / 565.64 MiB
Pagefile Memory (total/avail): 2441.54 MiB / 2131.73 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1896.11 MiB

C: is Fixed (NTFS) - 70.03 GiB total, 11.12 GiB free.
D: is CDROM (CDFS)
E: is CDROM (No Media)
G: is Removable (FAT32)

\\.\PHYSICALDRIVE0 - ST98823AS - 73.13 GiB - 3 partitions
\PARTITION0 - Unknown - 78.41 MiB
\PARTITION1 (bootable) - Installable File System - 70.03 GiB - C:
\PARTITION2 - Unknown - 3 GiB

\\.\PHYSICALDRIVE1 - USB Flash Drive USB Device - 243.17 MiB - 1 partition
\PARTITION0 - 16-bit FAT - 248 MiB - G:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.

FW: McAfee Personal Firewall Plus v (McAfee) Disabled

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Zend\\jre\\bin\\javaw.exe"="C:\\Program Files\\Zend\\jre\\bin\\javaw.exe:*:Enabled:javaw"
"C:\\Program Files\\Zend\\ZendStudioClient-5.1.0\\jre\\bin\\javaw.exe"="C:\\Program Files\\Zend\\ZendStudioClient-5.1.0\\jre\\bin\\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\WINDOWS\\system32\\java.exe"="C:\\WINDOWS\\system32\\java.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\\Program Files\\AOL\\Active Virus Shield\\avp.exe"="C:\\Program Files\\AOL\\Active Virus Shield\\avp.exe:*:Enabled:Active Virus Shield"
"C:\\Program Files\\ICQLite\\ICQLite.exe"="C:\\Program Files\\ICQLite\\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\\Program Files\\totalcmd\\TOTALCMD.EXE"="C:\\Program Files\\totalcmd\\TOTALCMD.EXE:*isabled:Total Commander 32 bit international version, file manager replacement for Windows"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\DAP\\DAP.exe"="C:\\Program Files\\DAP\\DAP.exe:*:Enabledownload Accelerator Plus (DAP)"
"D:\\SETUP.EXE"="D:\\SETUP.EXE:*:Enabled:Setup"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Apache Software Foundation\\Apache2.2\\bin\\httpd.exe"="C:\\Program Files\\Apache Software Foundation\\Apache2.2\\bin\\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\\Program Files\\Zend\\ZendStudioClient5\\jre\\bin\\javaw.exe"="C:\\Program Files\\Zend\\ZendStudioClient5\\jre\\bin\\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\eMule\\eMule.exe"="C:\\Program Files\\eMule\\eMule.exe:*:Enabled:eMule"
"C:\\Program Files\\CZDCplusplus\\CZDC.exe"="C:\\Program Files\\CZDCplusplus\\CZDC.exe:*:Enabled:CZDC"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Documents and Settings\\Maros\\My Documents\\My Received Files\\strong\\StrongDC.exe"="C:\\Documents and Settings\\Maros\\My Documents\\My Received Files\\strong\\StrongDC.exe:*:Enabled:StrongDC++"
"C:\\Program Files\\strong\\StrongDC.exe"="C:\\Program Files\\strong\\StrongDC.exe:*:Enabled:StrongDC++"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Stock Photo Express\\spe.exe"="C:\\Program Files\\Stock Photo Express\\spe.exe:*:Enabled:Stock Photo Express"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Maros\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MANGROWEB
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Maros
LOGONSERVER=\\MANGROWEB
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Program Files\PC Connectivity Solution\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0e08
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SonicCentral=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Maros\LOCALS~1\Temp
TMP=C:\DOCUME~1\Maros\LOCALS~1\Temp
USERDOMAIN=MANGROWEB
USERNAME=Maros
USERPROFILE=C:\Documents and Settings\Maros
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI


-- User Profiles ---------------------------------------------------------------

Maros (admin)
Programator (admin)
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.57 --> "C:\Program Files\7-Zip\Uninstall.exe"
ACDSee 10 Photo Manager --> MsiExec.exe /I{F8B98EB6-FC06-45BF-87D4-9784E0408611}
Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Illustrator CS2 --> msiexec /I {B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}
Adobe InDesign CS --> RunDll32 "C:\Program Files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}\zidxp.exe"
Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 7.0.9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
Adobe Stock Photos 1.0 --> MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}
Adobe SVG Viewer 3.0 --> C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Altdo Mp3 Record&Edit Audio Master 4.7 --> "C:\Program Files\Altdo Mp3 Record&Edit Audio Master\unins000.exe"
Apache HTTP Server 1.3.33 --> MsiExec.exe /I{5D29A4EF-A57F-4F47-89F8-4EB3C5302A53}
Apple Mobile Device Support --> MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Ask Toolbar --> rundll32 C:\PROGRA~1\AskPBar\bar\1.bin\AskPBar.dll,O
Audio Editor --> "C:\Program Files\ae\unins000.exe"
AVI/MPEG/RM/WMV Joiner 4.82 --> "C:\Program Files\AVI MPEG RM WMV Joiner\unins000.exe"
Bluetooth Stack for Windows by Toshiba --> MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Broadcom Management Programs --> MsiExec.exe /I{26E1BFB0-E87E-4696-9F89-B467F01F81E5}
CDDataBase --> C:\Program Files\Crown_s Soft\CDDataBase\Uninstall.exe
Color LaserJet 2600n --> C:\Program Files\Zenographics\{6DF8F9EF-944F-4B6B-B889-EEB0432C71A7}\setup.exe -u "HPCLJKCInstaller.dll=CLJ2600.INF"
CommonName --> "C:\Program Files\CommonName\AddressBar\unins.exe"
Conexant HDA D110 MDC V.92 Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3\HXFSETUP.EXE -U -Idel1028k.inf
Corel Paint Shop Pro X --> MsiExec.exe /I{1A15507A-8551-4626-915D-3D5FA095CC1B}
CorelDRAW Graphics Suite X3 --> MsiExec.exe /I{63218538-4A69-497F-8455-904261B0E9E4}
Creatures of Darkness --> MsiExec.exe /I{B8646288-1822-44EE-A728-0E4D8D6D48DD}
Crimson Editor (remove only) --> C:\Program Files\Crimson Editor\uninstall.exe
CZech 2 (remove only) --> C:\Program Files\CZech\Uninst.exe
DataCastComponent --> C:\Program Files\InstallShield Installation Information\{0354C0B5-AA35-49D8-B7B7-1CF3412465DD}\setup.exe -runfromtemp -l0x0009 -removeonly
Deep Space Voices --> MsiExec.exe /I{F7C680B7-3B53-4903-9082-E949558D4380}
DeepMeta --> MsiExec.exe /I{E11CAEE2-1DD8-4D90-9B66-51925542A971}
Dell Media Experience --> MsiExec.exe /I{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}
Dell ResourceCD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D78653C3-A8FF-415F-92E6-D774E634FF2D}\setup.exe"
Dell Wireless WLAN Card --> "C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Dell\Dell Wireless WLAN Card"
DeZign for Databases V3 --> "C:\Program Files\Datanamic\DeZign for Databases V3\unins000.exe"
Digital Line Detect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
DirLister 1.0 --> C:\Program Files\DirLister\uninst.exe
Download Accelerator Plus (DAP) --> C:\PROGRA~1\DAP\DAPREMOVE.EXE
DSS DJ 5.6 --> "C:\Program Files\DSS DJ\unins000.exe"
Easy Thumbnails (Remove only) --> "C:\Program Files\Easy Thumbnails\unins000.exe"
eMule --> "C:\Program Files\eMule\Uninstall.exe"
eMule_v0.47a --> C:\Program Files\eMule\Uninstall.exe
EN --> MsiExec.exe /I{32A72502-BC2C-4C39-ACEA-BC3D463F0697}
Excel to PDF Converter 3.0 --> "C:\Program Files\PDF-Convert\xls2pdf\unins000.exe"
Fantasy Sound Pack --> MsiExec.exe /I{7F8820C8-F640-492B-87BE-92019A3BF1DF}
FirmTools Panorama Composer 3 --> C:\Program Files\Panorama Composer 3\uninstall.exe
FLV Player 2.0, build 24 --> C:\Program Files\FLV Player\uninst.exe
FontNav --> MsiExec.exe /I{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}
Foxit PDF Editor --> C:\Program Files\PDF Editor\uninstall.exe
Free Easy Burner V 1.2.43 --> "C:\Program Files\Free Easy Burner\unins001.exe"
Free MP3 Recorder 1.0 --> "C:\Program Files\MP3Recorder1\unins000.exe"
Free PS Convert driver 8.15 --> "C:\Program Files\psconvert\unins000.exe"
FreeDiff v1.1.2 --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\FreeDiff\ST6UNST.LOG"
GenoPro 2.0.1.1 --> C:\Program Files\GenoPro\Uninstall.exe
High Definition Audio Driver Package - KB835221 --> C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Format SDK (KB902344) --> "C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"
ICQ 5.1 --> C:\Program Files\ICQLite\ICQLiteUninstall.EXE
iKiteboarding.com Screensaver --> "C:\WINDOWS\uninstall ikiteboarding-screensaver-1280.exe"
ImageSkill Outliner (remove only) --> "C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\ImageSkill\Outliner\uninstall.exe"
Intel(R) Graphics Media Accelerator Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
Internet Explorer Developer Toolbar --> MsiExec.exe /I{15C9AAEF-20D4-4416-A1BE-7D75FB5F2FE9}
Interstitial Ad Delivery by n-CASE --> C:\Program Files\n-Case\msbb.exe /disable_ads_init=y
IrfanView (remove only) --> C:\Program Files\IrfanView\iv_uninstall.exe
iTunes --> MsiExec.exe /I{18388EF8-E0A3-442B-8BFE-E2F1B3D05C91}
J2SE Development Kit 5.0 Update 8 --> MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0150080}
J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 7 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150070}
J2SE Runtime Environment 5.0 Update 8 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150080}
J2SE Runtime Environment 5.0 Update 9 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java 2 Runtime Environment, SE v1.4.2_03 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Kadeřník --> C:\WINDOWS\maUninst.exe Coiffeur
Karaoke Anything! --> C:\WINDOWS\iun6002.exe "C:\Program Files\Karaoke Anything!\irunin.ini"
Karaoke CD+G Creator Pro --> "C:\Program Files\Karaoke CD+G Creator Pro\unins000.exe"
KaraokeKanta 4.01 (Ilusion Software) --> C:\Program Files\KaraokeKanta\uninstall.exe
KaraWin Std --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3755EF2-5AE0-4DCB-8B36-CE44FD2C6F4F}\Setup.exe"
Lame ACM MP3 Codec --> "C:\WINDOWS\IFinst26.exe" -UC:\Program Files\Lame MP3 Codec\IFU18.inf
LaserJet 1020 series --> C:\Program Files\Zenographics\{70F7AD13-747F-437F-9F89-9E8D6F9A48DC}\setup.exe -u "HPLJInstaller.dll=Hplj1020.inf"
Lernout & Hauspie TruVoice American English TTS Engine --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tv_enua.inf, Uninstall
Macromedia Extension Manager --> MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Macromedia Flash 8 --> MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Macromedia Flash 8 Video Encoder --> MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash Player 8 --> MsiExec.exe /X{885A63EA-382B-4DD4-A755-14809B8557D6}
Macromedia Flash Player 8 Plugin --> MsiExec.exe /X{91057632-CA70-413C-B628-2D3CDBBB906B}
MCU --> MsiExec.exe /I{D2988E9B-C73F-422C-AD4B-A66EBE257120}
Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Expression Web --> MsiExec.exe /X{90120000-0026-0000-0000-0000000FF1CE}
Microsoft Expression Web MUI (English) --> MsiExec.exe /X{90120000-0026-0409-0000-0000000FF1CE}
Microsoft Expression Web Trial --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall WEBDESIGNER /dll ESETUP.DLL
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{9011041B-6000-11D3-8CFE-0150048383C9}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Modem Helper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
MorphVOX Pro --> MsiExec.exe /I{C541EEFC-49B0-4976-80DB-4D5B78B50114}
Mozilla Firefox (2.0.0.12) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Sunbird (0.5) --> C:\Program Files\Mozilla Sunbird\uninstall\uninst.exe
Mozilla Thunderbird (1.5.0.12) --> C:\Program Files\Mozilla Thunderbird\uninstall\uninstall.exe /ua "1.5.0.12 (sk)"
MP3 Remix Player Standalone --> MsiExec.exe /I{E717820A-5DCE-4b9e-98E7-2A992395AB5A}
Mp3tag v2.38 --> C:\Program Files\Mp3tag\Mp3tagUninstall.EXE
MSVC80_x86 --> MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
MySQL-Front 2.4 --> "C:\Program Files\MySQL-Front\unins000.exe"
MySQL Server 4.1 --> MsiExec.exe /I{E30D130A-B775-4EC2-BF61-9974D1E6CE6C}
MySQL Server 5.0 --> MsiExec.exe /I{AAE0048D-02E0-42E2-AED8-996995ADE4D4}
Native Instruments Traktor Dj Studio v3.0.1.108 --> C:\PROGRA~1\TRAKTO~1\UNWISE.EXE C:\PROGRA~1\TRAKTO~1\INSTALL.LOG
Nero 6 Ultra Edition --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NetSetMan 2.1.0 --> "C:\Program Files\NetSetMan\unins000.exe"
NetWaiting --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
Nikon Message Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\Setup.exe" -l0x9 UNINSTALL
Noise Ninja 2 (Standalone Version) --> "C:\Program Files\NoiseNinja2\unins000.exe"
Nokia Connectivity Cable Driver --> MsiExec.exe /X{0A3D3C54-2EC0-4D67-B265-FF17926E6D67}
Nokia Multimedia Factory --> "C:\Documents and Settings\All Users\Application Data\Installations\{4CFB3821-1582-4f3b-BF8D-30986923B36B}\Nokia_Multimedia_Factory_2_0.exe" /MAINTENANCE /SILENT="SWLPCER" /LANG="2057" /MSI_COMMON_OPTIONS="PCSLANG= MMFLANG=eng"
Nokia Multimedia Factory --> MsiExec.exe /I{4CFB3821-1582-4F3B-BF8D-30986923B36B}
Nokia PC Suite --> C:\Documents and Settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Nokia_PC_Suite_rel_6_85_14_1_slk.exe
Nokia PC Suite --> MsiExec.exe /I{29466F9C-7C6A-419C-B301-F440FAF78760}
OmniPage SE 2.0 --> MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}
OpenOffice.org 2.0 --> MsiExec.exe /I{137A1D92-07AA-4AFB-99DA-EB771A85AFFE}
PAD Lookups by n-CASE --> C:\Program Files\n-Case\msbb.exe /uninst_init=y
PaperPort --> MsiExec.exe /I{85D0883A-6099-4485-8D5B-F7F7E3F88ADE}
PC Connectivity Solution --> MsiExec.exe /I{BA084E7C-8ABA-4670-BDE8-B85E689A5C1B}
PDF Extract TIFF v2.0 --> "C:\Program Files\PDF Extract TIFF v2.0\unins000.exe"
PhotoPresets with One-Click WOW! for Adobe Camera Raw --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EB083118-49ED-4CD7-8CE8-241C1F958E2C}\setup.exe" -l0x9 -uninst -removeonly
Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe"
PictureProject --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF3999BE-1A7B-4738-88AA-97BF14094A4A}\Setup.exe" -l0x9 UNINSTALL
PowerDVD 5.7 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
ProStockMaster v1.3.4 --> "C:\Program Files\ProStockMaster\unins000.exe"
QuickSet --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe" -l0x9 APPDRVNT4
QuickTime --> MsiExec.exe /I{E0D51394-1D45-460A-B62D-383BC4F8B335}
RawShooter essentials 2006 --> C:\PROGRA~1\PIXMAN~1\RAWSHO~1.0\UNWISE.EXE C:\PROGRA~1\PIXMAN~1\RAWSHO~1.0\INSTALL.LOG
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Rhapsody Player Engine --> MsiExec.exe /I{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}
Sci-Fi 2 Sound Pack --> MsiExec.exe /I{BC2338E1-8E22-4E41-A7F3-11943B0A52E7}
Sci-Fi Sound Pack --> MsiExec.exe /I{53ECE501-B51A-46B8-B3A9-9AB3CE5920C3}
Sci-Fi Voice Pack --> MsiExec.exe /I{B18D2AD7-8922-4588-B22C-04AAD4E14946}
Security Update for Office 2007 (KB934062) --> msiexec /package {90120000-0026-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33}
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for the 2007 Microsoft Office System (KB936960) --> msiexec /package {90120000-0026-0000-0000-0000000FF1CE} /uninstall {5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86}
Skype™ 3.5 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Sonic Audio module --> MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic MyDVD LE --> MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Copy --> MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data --> MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TopStyle (Version 3) --> C:\PROGRA~1\Bradbury\TOPSTY~1\UNWISE.EXE C:\PROGRA~1\Bradbury\TOPSTY~1\INSTALL.LOG
Total Commander (Remove or Repair) --> C:\Program Files\totalcmd\tcuninst.exe
Update for Office 2007 (KB932080) --> msiexec /package {90120000-0026-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}
Update for Office 2007 (KB934391) --> msiexec /package {90120000-0026-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}
Update for Office 2007 (KB934393) --> msiexec /package {90120000-0026-0000-0000-0000000FF1CE} /uninstall {92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15}
Update Manager --> MsiExec.exe /I{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}
VBA --> MsiExec.exe /I{C94E45B0-6AA6-4FB9-9AAE-22085F631880}
Vertus Fluid Mask 3 3.0.1 --> "C:\Program Files\Vertus Fluid Mask 3\Uninstall.exe"
VideoThang™ 1.1.5 --> "C:\Program Files\VideoThangTM\unins000.exe"
Virtual Dj Studio 5.3 --> "C:\Program Files\VDJ5\unins000.exe"
Vizážista --> C:\WINDOWS\maUninst.exe Visage
Volume Logic Plug-in for iTunes (remove only) --> "C:\Program Files\iTunes\uninst_vl.exe"
WinC --> C:\Program Files\WinCDG Pro\TyrannUnInst.exe C:\Program Files\WinCDG Pro\
Windows Communication Foundation --> MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Driver Package - Nokia Modem (02/15/2007 3.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf
Windows Driver Package - Nokia Modem (02/15/2007 3.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_F12A08B6F776984A95553486F64C541356F86E38\pccs_bluetooth.inf
Windows Driver Package - Nokia Modem (05/24/2007 6.84.0.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_5E1541AFF1E1EA3554CE566743CCAD323ED1C108\nokbtmdm.inf
Windows Driver Package - Nokia Modem (08/03/2007 3.2) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_05A76228EE0EF20D8B64523AD40E95C8F09D6988\pccs_bluetooth.inf
Windows Driver Package - Nokia Modem (08/03/2007 6.84.0.2) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_1EB5F2E6F54A6BEDE9F436D1BA5D830FC71739BE\nokbtmdm.inf
Windows Driver Package - Nokia Modem (08/08/2007 3.3) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_32E2E448B53EE5B28E074D88802D0BAF984038DA\pccs_bluetooth.inf
Windows Driver Package - Nokia Modem (10/12/2007 3.6) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_0A5D98F754C6588B2E3DDE89DDEF097075ADFFB7\nokia_bluetooth.inf
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Media Connect --> "C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe"
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122 --> "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation --> MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Word to PDF Converter 3.0 --> "C:\Program Files\PDF-Convert\doc2pdf\unins000.exe"
WordToPDF 1.6.0.44 --> "C:\Program Files\WordToPDF\unins000.exe"
WorkCentre M20 Series ControlCentre --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{60A2658A-D1D6-468E-B795-8F06D7206E1A}\Setup.exe"
Xerox WC M20 Series PCL 6 --> "C:\WINDOWS\XEROX\WCM20\setup.exe" /UNINSTALL /L0009
Xerox WC M20 Series PS --> "C:\WINDOWS\XEROX\WCM20PS\setup.exe" /UNINSTALL /L0009
Xerox WorkCentre M20 Series --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9BCA3848-D03E-40F6-B8F3-FBF06EB4E951}\Setup.exe" -l0x9
XML Paper Specification Shared Components Pack 1.0 -->
XnView 1.82.4 --> "C:\Program Files\XnView\unins000.exe"
XviD MPEG-4 Video Codec --> "C:\Program Files\XviD\unins000.exe"
Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe
YouConvert Classic --> "C:\Program Files\YouConvert Classic\unins000.exe"
Zend Studio Server --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3708CAA8-AEC2-47DE-A71F-8C1C537F0FA4}\setup.exe" -l0x9 -removeonly
ZendStudioClient-5.1.0 --> "C:\Program Files\Zend\ZendStudioClient5\Uninstall ZendStudioClient-5.1.0\Uninstall ZendStudioClient-5.1.0.exe"

-- Application Event Log -------------------------------------------------------

Event Record #/Type30764 / Error
Event Submitted/Written: 03/22/2008 02:12:46 PM
Event ID/Source: 2001 / Microsoft Office 11
Event Description:
Microsoft Office OutlookOutlook failed to start correctly last time. Starting Outlook in safe mode will help you correct or isolate a startup problem in order to successfully start the program. Some functionality may be disabled in this mode.

Do you want to start Outlook in safe mode?

Event Record #/Type30762 / Error
Event Submitted/Written: 03/22/2008 02:07:13 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application OUTLOOK.EXE, version 11.0.5510.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type30751 / Success
Event Submitted/Written: 03/22/2008 01:28:05 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type30737 / Success
Event Submitted/Written: 03/22/2008 09:45:48 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type30725 / Success
Event Submitted/Written: 03/21/2008 09:34:55 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type22213 / Error
Event Submitted/Written: 03/22/2008 03:35:44 PM
Event ID/Source: 12 / PlugPlayManager
Event Description:
The device 'OpenManage Client Instrumentation device driver' (Root\SYSTEM\0003) disappeared from the system without first being prepared for removal.

Event Record #/Type22212 / Error
Event Submitted/Written: 03/22/2008 03:35:44 PM
Event ID/Source: 12 / PlugPlayManager
Event Description:
The device 'Microsoft System Management BIOS Driver' (Root\SYSTEM\0002) disappeared from the system without first being prepared for removal.

Event Record #/Type22211 / Error
Event Submitted/Written: 03/22/2008 03:35:44 PM
Event ID/Source: 12 / PlugPlayManager
Event Description:
The device 'Microcode Update Device' (Root\SYSTEM\0001) disappeared from the system without first being prepared for removal.

Event Record #/Type22210 / Error
Event Submitted/Written: 03/22/2008 03:35:44 PM
Event ID/Source: 12 / PlugPlayManager
Event Description:
The device 'Plug and Play Software Device Enumerator' (Root\SYSTEM\0000) disappeared from the system without first being prepared for removal.

Event Record #/Type22209 / Error
Event Submitted/Written: 03/22/2008 03:34:44 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The AVG7 Alert Manager Server service failed to start due to the following error:
%%193



-- End of Deckard's System Scanner: finished at 2008-03-22 22:10:11 ------------


now I'll try the main.txt, but still get the info about not valid to post the URLS ...

I replaced for c-\.
m.

Deckard's System Scanner v20071014.68
Run by Maros on 2008-03-22 22:02:19
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
22: 2008-03-22 21:02:31 UTC - RP476 - Deckard's System Scanner Restore Point
21: 2008-03-22 14:34:46 UTC - RP475 - Installed AVG 7.5
20: 2008-03-22 14:01:14 UTC - RP474 - Installed AVG 7.5
19: 2008-03-22 13:54:36 UTC - RP473 - Removed AVG 7.5
18: 2008-03-22 13:11:59 UTC - RP472 - Restore Operation


-- First Restore Point --
1: 2008-02-22 11:18:07 UTC - RP455 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-03-22 22:09:25
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16608)
Boot mode: Normal

Running processes:
c-\WINDOWS\system32\smss.exe
c-\WINDOWS\system32\winlogon.exe
c-\WINDOWS\system32\services.exe
c-\WINDOWS\system32\lsass.exe
c-\WINDOWS\system32\svchost.exe
c-\WINDOWS\system32\svchost.exe
c-\WINDOWS\system32\svchost.exe
c-\WINDOWS\system32\WLTRYSVC.EXE
c-\WINDOWS\system32\BCMWLTRY.EXE
c-\WINDOWS\system32\spoolsv.exe
c-\WINDOWS\explorer.exe
c-\WINDOWS\system32\igfxsrvc.exe
c-\WINDOWS\system32\hkcmd.exe
c-\WINDOWS\system32\igfxpers.exe
c-\WINDOWS\stsystra.exe
c-\Program Files\Synaptics\SynTP\SynTPEnh.exe
c-\WINDOWS\system32\WLTRAY.EXE
c-\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
c-\Program Files\Dell\Media Experience\DMXLauncher.exe
c-\WINDOWS\system32\dla\tfswctrl.exe
c-\Program Files\ScanSoft\PaperPort\pptd40nt.exe
c-\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
c-\WINDOWS\system32\ctfmon.exe
c-\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c-\WINDOWS\system32\svchost.exe
c-\Program Files\Dell\QuickSet\NicConfigSvc.exe
c-\WINDOWS\system32\svchost.exe
c-\Program Files\totalcmd\TOTALCMD.EXE
g-\dss.exe
c-\Program Files\PC Connectivity Solution\ServiceLayer.exe
c-\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c-\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
c-\Program Files\PC Connectivity Solution\Transports\NclToBTSrv.exe

replaced : for - because of URL rules
m.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = (URL address blocked- See forum rules)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = (URL address blocked- See forum rules)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = (URL address blocked- See forum rules)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file-///c-/www/homepage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = (URL address blocked- See forum rules)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = (URL address blocked- See forum rules)
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = (URL address blocked- See forum rules)=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = (URL address blocked- See forum rules)=sk&l=sk&s=gen
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = (URL address blocked- See forum rules)=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = (URL address blocked- See forum rules)=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = (URL address blocked- See forum rules)=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = (URL address blocked- See forum rules)=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O2 - BHO- BabeIE - {00000000-0000-0000-0000-000000000000} - c-\PROGRA~1\COMMON~2\ADDRES~1\cnbabe.dll (file missing)
O2 - BHO- Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - c-\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO- Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c-\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO- RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c-\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO- (no name) - {465E08E7-F005-4389-980F-1D8764B3486C} - (no file)
O2 - BHO- DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - c-\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO- SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c-\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO- (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO- IE DOM Explorer - {CC7E636D-39AA-49b6-B511-65413DA137A1} - c-\Program Files\IE7\Adons\Developer Toolbar\IEDevToolbar.dll
O2 - BHO- Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - c-\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar- Developer Toolbar - {CC962137-2E78-4f94-975E-FC0C07DBD78F} - c-\Program Files\IE7\Adons\Developer Toolbar\IEDevToolbar.dll
O3 - Toolbar- Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - c-\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar- Zend Studio - {95188727-288F-4581-A48D-EAB3BD027314} - c-\Program Files\Zend\ZendStudioClient5\bin\ZendIEToolbar.dll
O4 - HKLM\..\Run- [igfxtray] c-\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run- [igfxhkcmd] c-\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run- [igfxpers] c-\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run- [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run- [SynTPEnh] c-\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run- [Dell QuickSet] c-\Program Files\Dell\QuickSet\Quickset.exe
O4 - HKLM\..\Run- [Broadcom Wireless Manager UI] c-\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run- [DVDLauncher] "c-\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run- [DMXLauncher] c-\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run- [ISUSPM Startup] "c-\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run- [ISUSScheduler] "c-\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run- [MpsOnn] c-\WINDOWS\System32\spool\DRIVERS\W32X86\3\MpsOnn.exe
O4 - HKLM\..\Run- [dla] c-\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run- [SunJavaUpdateSched] "c-\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run- [ICQ Lite] "c-\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run- [SSBkgdUpdate] "c-\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run- [PaperPort PTD] c-\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run- [IndexSearch] c-\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run- [OpwareSE2] "c-\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run- [fYFHYkox] c-\PROGRA~1\wuovqtrp\cMADCAQM.exe
O4 - HKLM\..\Run- [NeroFilterCheck] c-\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run- [QuickTime Task] "c-\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run- [iTunesHelper] "c-\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run- [ShaPlus Bandwidth Meter] "c-\Program Files\ShaPlus Bandwidth Meter\ShaPlus Bandwidth Meter" /s
O4 - HKLM\..\Run- [Adobe Photo Downloader] "c-\Program Files\Adobe\Adobe Photoshop Lightroom\apdproxy.exe"
O4 - HKLM\..\Run- [TkBellExe] "c-\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run- [ctfmon.exe] c-\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run- [MsnMsgr] "c-\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run- [Switchboard] c-\Program Files\Switchboard\Switchboard.exe
O4 - HKCU\..\Run- [bandmon] c-\Program Files\Bandwidth Monitor\BandMon.exe
O4 - HKCU\..\Run- [DU Meter] c-\WINDOWS\system32\DUMeter.exe
O4 - HKCU\..\Run- [Right Web Monitor Pro] c-\Program Files\Right Web Monitor Pro\webmonpro.exe
O4 - HKUS\S-1-5-18\..\Run- [CTFMON.EXE] c-\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run- [Picasa Media Detector] c-\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run- [Nokia.PCSync] "c-\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run- [CTFMON.EXE] c-\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run- [Picasa Media Detector] c-\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run- [Nokia.PCSync] "c-\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Startup- Microsoft Office Outlook 2003.lnk = ?
O4 - Startup- Total Commander.lnk = c-\Program Files\totalcmd\TOTALCMD.EXE
O4 - Global Startup- Adobe Gamma Loader.lnk = ?
O8 - Extra context menu item- &Clean Traces - c-\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item- &Download with &DAP - c-\Program Files\DAP\dapextie.htm
O8 - Extra context menu item- Add A Page Note - c-\Program Files\CommonName\AddressBar\createnote.htm
O8 - Extra context menu item- Bookmark This Page - c-\Program Files\CommonName\AddressBar\createbookmark.htm
O8 - Extra context menu item- Download &all with DAP - c-\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item- Download &Flash Movies - c-\Program Files\Flash Hunter\save.htm
O8 - Extra context menu item- E&xportovat do programu Microsoft Excel - res-//c-\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item- Email This Link - c-\Program Files\CommonName\AddressBar\emaillink.htm
O8 - Extra context menu item- Search using CommonName - c-\Program Files\CommonName\AddressBar\navigate.htm
O8 - Extra context menu item- Zend Studio - Debug current page - res-//c-\Program Files\Zend\ZendStudioClient5\bin\ZendIEToolbar.dll/DebugCurrent.html
O8 - Extra context menu item- Zend Studio - Debug next page - res-//c-\Program Files\Zend\ZendStudioClient5\bin\ZendIEToolbar.dll/DebugNext.html
O9 - Extra button- iOpus iMacros - {0483894E-2422-45E0-8384-021AFF1AF3CD} - (file missing)
O9 - Extra button- (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c-\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem- Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c-\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button- Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button- Zend Studio Toolbar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - (file missing)
O9 - Extra 'Tools' menuitem- Zend Studio - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - (file missing)
O9 - Extra button- ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - c-\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem- ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - c-\Program Files\ICQLite\ICQLite.exe
O9 - Extra button- (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c-\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem- @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c-\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button- Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c-\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem- Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c-\Program Files\Messenger\msmsgs.exe
O11 - Options Group- [CommonName] CommonName
O16 - DPF- {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - (URL address blocked- See forum rules)
O16 - DPF- {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - (URL address blocked- See forum rules)
O16 - DPF- {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} (CTAdjust Class) - (URL address blocked- See forum rules)
O18 - Protocol- cn - {9346A6BB-1ED0-4174-AFB4-13CD4EC0AA40} - c-\PROGRA~1\COMMON~2\ADDRES~1\cnbabe.dll (file missing)
O18 - Protocol- livecall - {828030A1-22C1-4009-854F-8E305202313F} - c-\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol- ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - c-\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol- msnim - {828030A1-22C1-4009-854F-8E305202313F} - c-\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol- mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - c-\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Protocol- skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c-\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Filter- text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - c-\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O23 - Service- Adobe LM Service - Adobe Systems - c-\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service- Apple Mobile Device - Apple, Inc. - c-\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service- Bluetooth Hid Switch Service - Cambridge Silicon Radio - c-\Program Files\BlueTooth\HidSwitchService\HidSw.exe
O23 - Service- Google Updater Service (gusvc) - Google - c-\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service- iPod Service - Apple Inc. - c-\Program Files\iPod\bin\iPodService.exe
O23 - Service- Macromedia Licensing Service - Unknown owner - c-\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service- McAfee WSC Integration (McDetect.exe) - Unknown owner - c-\program files\mcafee.com\agent\mcdetect.exe
O23 - Service- McAfee.com McShield (McShield) - Unknown owner - c-\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service- McAfee Task Scheduler (McTskshd.exe) - Unknown owner - c-\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service- McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - c-\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service- McAfee Personal Firewall Service (MpfService) - Unknown owner - c-\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service- MySQL5 - Unknown owner - c-\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt
O23 - Service- NICCONFIGSVC - Dell Inc. - c-\Program Files\Dell\QuickSet\NicConfigSvc.exe
O23 - Service- ServiceLayer - Nokia. - c-\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service- Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - c-\WINDOWS\system32\WLTRYSVC.EXE


--
End of file - 13810 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers- 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 TPkd - c-\windows\system32\drivers\tpkd.sys <Not Verified; PACE Anti-Piracy, Inc.; InterLok(R)>
R1 APPDRV - c-\windows\system32\drivers\appdrv.sys <Not Verified; Dell Inc; Application Driver>
R1 MPFIREWL - c-\windows\system32\drivers\mpfirewall.sys <Not Verified; McAfee; McAfee Personal Firewall>
R1 srosa (Megadrv3) - c-\windows\system32\drivers\srosa.sys
R1 Tosrfcom (Bluetooth RFCOMM from TOSHIBA) - c-\windows\system32\drivers\tosrfcom.sys <Not Verified; TOSHIBA Corporation; Bluetooth RFCOMM Driver>
R3 tosporte (Bluetooth Port Driver from Toshiba) - c-\windows\system32\drivers\tosporte.sys <Not Verified; TOSHIBA Corporation; TOSHIBA Bluetooth Port Emulation Driver>

S0 WinIK - c-\windows\system32\drivers\winik.sys (file missing)
S1 omci (OMCI WDM Device Driver) - c-\windows\system32\drivers\omci.sys <Not Verified; Dell Inc; OMCI Driver>
S2 DgivEcp (Team MFP Comm Driver) - c-\windows\system32\drivers\dgivecp.sys <Not Verified; DeviceGuys, Inc.; DeviceGuys, Inc. Team MFP for Windows NT, 9x, and 3.1>
S2 SpPortEx (Samsung Port Exclusion) - c-\windows\system32\drivers\spportex.sys <Not Verified; Samsung Electronics Co.; Samsung Port Exclusion Driver>
S3 toshidpt (TOSHIBA Bluetooth HID port driver) - c-\windows\system32\drivers\toshidpt.sys <Not Verified; TOSHIBA Corporation.; TOSHIBA Bluetooth HID Mini Port Driver>
S3 Tosrfbd (Bluetooth RFBUS from TOSHIBA) - c-\windows\system32\drivers\tosrfbd.sys <Not Verified; TOSHIBA CORPORATION; Bluetooth BUS Driver(WindowsXP,Windows2000)>
S3 Tosrfbnp (Bluetooth RFBNEP from TOSHIBA) - c-\windows\system32\drivers\tosrfbnp.sys <Not Verified; TOSHIBA Corporation; Bluetooth RFBNEP Driver from TOSHIBA>
S3 Tosrfhid (Bluetooth RFHID from TOSHIBA) - c-\windows\system32\drivers\tosrfhid.sys <Not Verified; TOSHIBA Corporation.; Bluetooth HID Driver from TOSHIBA>
S3 tosrfnds (Bluetooth Personal Area Network from TOSHIBA) - c-\windows\system32\drivers\tosrfnds.sys <Not Verified; TOSHIBA Corporation.; Bluetooth BNEP Driver from TOSHIBA>
S3 TosRfSnd (Bluetooth Audio Device (WDM) from TOSHIBA) - c-\windows\system32\drivers\tosrfsnd.sys <Not Verified; TOSHIBA Corporation; Bluetooth Audio Driver>
S3 Tosrfusb (Bluetooth USB Controller) - c-\windows\system32\drivers\tosrfusb.sys <Not Verified; TOSHIBA CORPORATION; Microsoft(R) Windows NT(R) Operating System>


-- Services- 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c-\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 NICCONFIGSVC - c-\program files\dell\quickset\nicconfigsvc.exe <Not Verified; Dell Inc.; NicConfigSvc>
R3 ServiceLayer - "c-\program files\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>

S2 McDetect.exe (McAfee WSC Integration) - c-\program files\mcafee.com\agent\mcdetect.exe (file missing)
S2 McTskshd.exe (McAfee Task Scheduler) - c-\progra~1\mcafee.com\agent\mctskshd.exe (file missing)
S3 MySQL5 - "c-\program files\mysql\mysql server 5.0\bin\mysqld-nt" --defaults-file="c-\program files\mysql\mysql server 5.0\my.ini" mysql5 (file missing)
S4 Bluetooth Hid Switch Service - "c-\program files\bluetooth\hidswitchservice\hidsw.exe" <Not Verified; Cambridge Silicon Radio; HID Switch Service>
S4 McShield (McAfee.com McShield) - c-\progra~1\mcafee.com\vso\mcshield.exe (file missing)
S4 mcupdmgr.exe (McAfee SecurityCenter Update Manager) - c-\progra~1\mcafee.com\agent\mcupdmgr.exe (file missing)
S4 MpfService (McAfee Personal Firewall Service) - c-\progra~1\mcafee.com\person~1\mpfservice.exe (file missing)


-- Device Manager- Disabled ----------------------------------------------------

Class GUID- {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description- Maros
Device ID- ROOT\WPD\0000
Manufacturer- Nokia
Name- Maros
PNP Device ID- ROOT\WPD\0000
Service- WUDFRd


-- Scheduled Tasks -------------------------------------------------------------

2008-03-21 19-40-03 284 --a------ c-\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-03-21 18-30-00 350 --a------ c-\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (PINGU-Maros).job


-- Files created between 2008-02-22 and 2008-03-22 -----------------------------

2008-03-22 15-10-34 0 d-------- c-\Program Files\Alwil Software
2008-03-22 13-35-04 14852 -----n--- c-\WINDOWS\system32\wi1.exe
2008-03-22 13-06-19 58372 --a------ c-\WINDOWS\system32\1.exe
2008-03-22 13-06-15 58884 --a------ c-\WINDOWS\system32\mdelk.exe
2008-03-14 10-30-26 307200 --a------ c-\WINDOWS\IsUn0405.exe <Not Verified; InstallShield Software Corporation; InstallShield(R) unInstaller>
2008-03-14 09-54-32 302592 --a------ c-\WINDOWS\mauninst.exe
2008-03-14 09-53-58 0 d-------- c-\Program Files\Media Art
2008-03-14 08-45-55 0 d-------- c-\Documents and Settings\Maros\Application Data\AdobeAUM
2008-02-28 15-29-43 0 d-------- c-\Program Files\ProStockMaster_DB
2008-02-26 15-32-59 0 d-------- c-\Program Files\ProStockMaster
2008-02-26 10-03-33 0 d-------- c-\Program Files\Stock Photo Express
2008-02-26 09-29-59 0 d-------- c-\Program Files\onOne Software
2008-02-22 11-19-17 0 d-------- c-\DVTemp
2008-02-22 11-08-31 0 d-------- c-\Program Files\SuperDVD Video Editor


-- Find3M Report ---------------------------------------------------------------

2008-03-22 13-50-12 0 d-------- c-\Program Files\CZDCplusplus
2008-03-22 13-01-52 0 d-------- c-\Documents and Settings\Maros\Application Data\AVG7
2008-03-22 11-29-32 0 d-------- c-\Program Files\eMule
2008-03-21 11-59-48 0 d-------- c-\Documents and Settings\Maros\Application Data\OpenOffice.org2
2008-03-20 10-33-09 0 d-------- c-\Documents and Settings\Maros\Application Data\Adobe
2008-03-20 07-56-02 0 d-------- c-\Documents and Settings\Maros\Application Data\Real
2008-03-14 17-28-59 9550 --ahs---- c-\WINDOWS\system32\KGyGaAvL.sys
2008-03-14 08-31-09 0 d--h----- c-\Program Files\InstallShield Installation Information
2008-02-28 23-01-20 0 d-------- c-\Program Files\Mp3tag
2008-02-27 22-25-08 0 d-------- c-\Documents and Settings\Maros\Application Data\Skype
2008-02-22 11-30-38 0 d-------- c-\Program Files\AviSynth 2.5
2008-02-21 22-06-12 0 d-------- c-\Documents and Settings\Maros\Application Data\HighAndes
2008-02-21 19-26-29 0 d-------- c-\Program Files\VideoThangTM
2008-02-16 15-47-46 0 d-------- c-\Program Files\totalcmd
2008-02-16 14-55-46 0 d-------- c-\Program Files\strong
2008-02-16 14-54-37 0 d-------- c-\Program Files\7-Zip
2008-02-14 22-30-50 0 d-------- c-\Program Files\FBOffline
2008-02-14 22-29-58 0 d-------- c-\Program Files\BSplayer
2008-02-14 22-29-58 0 d-------- c-\Documents and Settings\Maros\Application Data\BSplayer
2008-02-14 22-29-42 0 d-------- c-\Program Files\BrowserSizer
2008-02-14 22-29-27 0 d-------- c-\Program Files\Bandwidth Monitor
2008-02-14 21-51-37 0 --a------ c-\as.dat
2008-02-14 15-45-58 0 d-------- c-\Program Files\Common Files
2008-02-14 15-45-58 0 d-------- c-\Program Files\Common Files\xing shared
2008-02-14 15-45-54 0 d-------- c-\Program Files\Real
2008-02-14 15-45-39 0 d-------- c-\Program Files\Common Files\Real
2008-02-12 15-18-56 0 d-------- c-\Program Files\NoiseNinja2
2008-02-11 20-22-51 1736 --a------ c-\WINDOWS\checkip.dat
2008-02-07 13-41-57 0 d-------- c-\Program Files\ElcomSoft
2008-02-07 13-41-21 1024 --a------ c-\WINDOWS\system32\pwdremover.dat
2008-02-01 12-52-52 0 d-------- c-\Documents and Settings\Maros\Application Data\ACD Systems
2008-02-01 12-50-57 0 d-------- c-\Program Files\Common Files\ACD Systems
2008-02-01 12-50-40 0 d-------- c-\Program Files\ACD Systems
2008-01-28 11-52-22 0 d-------- c-\Program Files\Mozilla Sunbird
2008-01-23 12-55-55 0 d-------- c-\Program Files\istock widget
2008-01-23 10-54-49 0 d-------- c-\Documents and Settings\Maros\Application Data\Eazign
2008-01-23 10-50-53 0 d-------- c-\Program Files\DeepMeta
2008-01-19 20-43-01 45096 --a------ c-\Documents and Settings\Maros\Application Data\NMM-MetaData.db
2008-01-18 16-12-25 200 --a------ c-\WINDOWS\mirrorqws.dat
2008-01-18 16-12-25 200 --a------ c-\Program Files\chargeqws
2008-01-15 10-57-03 73216 --a------ c-\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2007-12-29 20-07-30 100 --a------ c-\WINDOWS\system32\prsgrc.dll


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c-\WINDOWS\system32\igfxtray.exe" [13.12.2005 16-44]
"igfxhkcmd"="c-\WINDOWS\system32\hkcmd.exe" [13.12.2005 16-41]
"igfxpers"="c-\WINDOWS\system32\igfxpers.exe" [13.12.2005 16-45]
"SigmatelSysTrayApp"="stsystra.exe" [24.03.2006 16-30 c-\WINDOWS\stsystra.exe]
"SynTPEnh"="c-\Program Files\Synaptics\SynTP\SynTPEnh.exe" [08.03.2006 11-48]
"Dell QuickSet"="c-\Program Files\Dell\QuickSet\Quickset.exe" [06.04.2006 14-58]
"Broadcom Wireless Manager UI"="c-\WINDOWS\system32\WLTRAY.exe" [19.12.2005 08-08]
"DVDLauncher"="c-\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [09.12.2005 20-29]
"DMXLauncher"="c-\Program Files\Dell\Media Experience\DMXLauncher.exe" [27.01.2005 01-02]
"ISUSPM Startup"="c-\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [11.08.2005 15-30]
"ISUSScheduler"="c-\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [11.08.2005 15-30]
"MpsOnn"="c-\WINDOWS\System32\spool\DRIVERS\W32X86\3\MpsOnn.exe" [19.11.2001 19-14]
"dla"="c-\WINDOWS\system32\dla\tfswctrl.exe" [31.05.2005 04-33]
"SunJavaUpdateSched"="c-\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25.09.2007 01-11]
"ICQ Lite"="c-\Program Files\ICQLite\ICQLite.exe" [27.07.2006 19-12]
"SSBkgdUpdate"="c-\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [14.10.2003 09-22]
"PaperPort PTD"="c-\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [02.03.2004 08-29]
"IndexSearch"="c-\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [02.03.2004 08-42]
"OpwareSE2"="c-\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [08.05.2003 11-00]
"fYFHYkox"="c-\PROGRA~1\wuovqtrp\cMADCAQM.exe" []
"NeroFilterCheck"="c-\WINDOWS\system32\NeroCheck.exe" [09.07.2001 11-50]
"QuickTime Task"="c-\Program Files\QuickTime\QTTask.exe" [11.12.2007 10-56]
"iTunesHelper"="c-\Program Files\iTunes\iTunesHelper.exe" [11.12.2007 12-10]
"ShaPlus Bandwidth Meter"="c-\Program Files\ShaPlus Bandwidth Meter\ShaPlus Bandwidth Meter /s" []
"Adobe Photo Downloader"="c-\Program Files\Adobe\Adobe Photoshop Lightroom\apdproxy.exe" []
"TkBellExe"="c-\Program Files\Common Files\Real\Update_OB\realsched.exe" [14.02.2008 15-45]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c-\WINDOWS\system32\ctfmon.exe" [04.08.2004 05-00]
"MsnMsgr"="c-\Program Files\MSN Messenger\MsnMsgr.exe" [19.01.2007 12-54]
"Switchboard"="c-\Program Files\Switchboard\Switchboard.exe" []
"bandmon"="c-\Program Files\Bandwidth Monitor\BandMon.exe" [02.03.2004 08-09]
"DU Meter"="c-\WINDOWS\system32\DUMeter.exe" []
"Right Web Monitor Pro"="c-\Program Files\Right Web Monitor Pro\webmonpro.exe" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Picasa Media Detector"=c-\Program Files\Picasa2\PicasaMediaDetector.exe
"Nokia.PCSync"="c-\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog

c-\Documents and Settings\Maros\Start Menu\Programs\Startup\
Microsoft Office Outlook 2003.lnk - c-\WINDOWS\Installer\{9011041B-6000-11D3-8CFE-0150048383C9}\outicon.exe [12.11.2007 11-05-50]
Total Commander.lnk - c-\Program Files\totalcmd\TOTALCMD.EXE [22.7.2006 15-10-05]


c-\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c-\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [7.10.2006 9-10-50]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"=0 (0x0)

SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Schedule


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{312c3853-188c-11db-8b0c-806d6172696f}]
AutoRun\command- D-\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a7e847ed-a66c-11dc-87c0-0015c51863bb}]
Auto\command- SVCH0ST.EXE
AutoRun\command- c-\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL SVCH0ST.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d15e8b07-ef86-11dc-8873-0015c51863bb}]
AutoRun\command- c-\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
Open(0)\command- E-\Recycled\ctfmon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d15e8b08-ef86-11dc-8873-0015c51863bb}]
AutoRun\command- E-\xfoolavp.com
explore\Command- E-\xfoolavp.com
open\Command- E-\xfoolavp.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e9ff4d45-e243-11dc-885b-0015c51863bb}]
Auto\command- F-\Ghost.pif
AutoRun\command- c-\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Ghost.pif

*Newly Created Service* - AVG7CORE
*Newly Created Service* - AVG7RSXP
*Newly Created Service* - AVGCLEAN



-- End of Deckard's System Scanner- finished at 2008-03-22 22-10-11 ------------