Logfile of random's system information tool 1.08 (written by random/random)
Run by Martin at 2010-09-15 20:19:30
Microsoft Windows 7 Home Premium  
System drive C: has 10 GB (7%) free of 153 GB
Total RAM: 3071 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:48:30, on 15.9.2010
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.7930.16406)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Windows\System32\ACEngSvr.exe
C:\Program Files\NSNetMon\netmon.exe
C:\Program Files\Uptime2\Uptime2.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\SE-SOFT.COM\SE-TrayMenu\SE-TrayMenu.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Users\Martin\Desktop\HTC Home 2.0 Build 123\HTCHome.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\System32\rundll32.exe
F:\Downloads\RSIT.exe
C:\Windows\explorer.exe
F:\Downloads\Martin.exe
C:\Windows\explorer.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [NSNetMon_aaeifggihfdfbgca] C:\Program Files\NSNetMon\netmon.exe
O4 - HKLM\..\Run: [Uptime2] C:\Program Files\Uptime2\Uptime2.exe /tray
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SE-TrayMenu] C:\Program Files\SE-SOFT.COM\SE-TrayMenu\SE-TrayMenu.exe
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [HTC Home 2] C:\Users\Martin\Desktop\HTC Home 2.0 Build 123\HTCHome.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Trillian.lnk = C:\Program Files\Trillian\trillian.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Sthnout FlashGetem - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Sthnout vechny FlashGetem - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Pizpsobit Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RF Nstrojov lita - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ANYCOM\Blue USB-200-250\btsendto_ie_ctx.htm
O8 - Extra context menu item: Uloit formule - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Vyplnit formul - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra 'Tools' menuitem: Nastaven aplikace &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra 'Tools' menuitem: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Vyplnit formul - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Vyplnit formul - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Uloit - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Uloit formule - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RF Nstrojov lita - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: P&ropojen poznmky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojen poznmky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: DroidExplorer Service (DroidExplorerService) - Ryan Conrad - C:\Program Files\Droid Explorer\DroidExplorer.Service.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\BurnAware Free\NMSAccess32.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 13146 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2991250655-3979899331-599909808-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2991250655-3979899331-599909808-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2010-09-02 13046264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-07-29 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-08-09 387952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
Google Gears Helper - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll [2010-02-23 2121728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-18 163840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2010-09-02 13046264]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NSNetMon_aaeifggihfdfbgca"=C:\Program Files\NSNetMon\netmon.exe [2010-02-13 61440]
"Uptime2"=C:\Program Files\Uptime2\Uptime2.exe [2003-05-05 100352]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"SE-TrayMenu"=C:\Program Files\SE-SOFT.COM\SE-TrayMenu\SE-TrayMenu.exe [2010-04-04 213504]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-06-26 1311312]
"MSSE"=C:\Program Files\Microsoft Security Essentials\msseces.exe [2010-06-01 1093208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2010-09-02 13351304]
"HTC Home 2"=C:\Users\Martin\Desktop\HTC Home 2.0 Build 123\HTCHome.exe [2010-08-30 371200]
"RoboForm"=C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2010-09-02 66040]

C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Trillian.lnk - C:\Program Files\Trillian\trillian.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-05-06 64592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2010-09-01 208384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2009-05-12 233888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"legalnoticetext"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2010-09-15 20:18:08 ----D---- C:\_rf
2010-09-15 20:15:52 ----A---- C:\ComboFix.txt
2010-09-15 20:07:27 ----SHD---- C:\$RECYCLE.BIN
2010-09-15 19:55:02 ----A---- C:\Windows\NIRCMD.exe
2010-09-15 19:55:02 ----A---- C:\Windows\MBR.exe
2010-09-15 19:55:01 ----A---- C:\Windows\zip.exe
2010-09-15 19:55:01 ----A---- C:\Windows\SWSC.exe
2010-09-15 19:55:01 ----A---- C:\Windows\SWREG.exe
2010-09-15 19:55:01 ----A---- C:\Windows\sed.exe
2010-09-15 19:55:01 ----A---- C:\Windows\PEV.exe
2010-09-15 19:55:01 ----A---- C:\Windows\grep.exe
2010-09-15 19:54:43 ----D---- C:\Windows\ERDNT
2010-09-15 19:52:30 ----AD---- C:\Qoobox
2010-09-15 19:52:10 ----A---- C:\Windows\SWXCACLS.exe
2010-09-15 19:37:52 ----D---- C:\Windows\Panther
2010-09-15 19:33:28 ----A---- C:\Windows\system32\urlmon.dll
2010-09-15 19:33:28 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2010-09-15 19:33:28 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2010-09-15 19:33:28 ----A---- C:\Windows\system32\pngfilt.dll
2010-09-15 19:33:28 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-09-15 19:33:28 ----A---- C:\Windows\system32\msfeeds.dll
2010-09-15 19:33:28 ----A---- C:\Windows\system32\licmgr10.dll
2010-09-15 19:33:28 ----A---- C:\Windows\system32\jsproxy.dll
2010-09-15 19:33:28 ----A---- C:\Windows\system32\jscript9.dll
2010-09-15 19:33:28 ----A---- C:\Windows\system32\jscript.dll
2010-09-15 19:33:28 ----A---- C:\Windows\system32\inseng.dll
2010-09-15 19:33:27 ----A---- C:\Windows\system32\vbscript.dll
2010-09-15 19:33:27 ----A---- C:\Windows\system32\url.dll
2010-09-15 19:33:27 ----A---- C:\Windows\system32\occache.dll
2010-09-15 19:33:27 ----A---- C:\Windows\system32\msrating.dll
2010-09-15 19:33:27 ----A---- C:\Windows\system32\msls31.dll
2010-09-15 19:33:27 ----A---- C:\Windows\system32\mshtmler.dll
2010-09-15 19:33:27 ----A---- C:\Windows\system32\mshtmled.dll
2010-09-15 19:33:27 ----A---- C:\Windows\system32\mshtml.dll
2010-09-15 19:33:27 ----A---- C:\Windows\system32\mshta.exe
2010-09-15 19:33:27 ----A---- C:\Windows\system32\msfeedssync.exe
2010-09-15 19:33:27 ----A---- C:\Windows\system32\ieakui.dll
2010-09-15 19:33:27 ----A---- C:\Windows\system32\ieaksie.dll
2010-09-15 19:33:27 ----A---- C:\Windows\system32\ieakeng.dll
2010-09-15 19:33:27 ----A---- C:\Windows\system32\IEAdvpack.dll
2010-09-15 19:33:27 ----A---- C:\Windows\system32\admparse.dll
2010-09-15 19:33:24 ----A---- C:\Windows\system32\iedkcs32.dll
2010-09-15 19:33:24 ----A---- C:\Windows\system32\ieapfltr.dll
2010-09-15 19:33:23 ----A---- C:\Windows\system32\dxtrans.dll
2010-09-15 19:33:22 ----A---- C:\Windows\system32\dxtmsft.dll
2010-09-15 19:33:20 ----A---- C:\Windows\system32\imgutil.dll
2010-09-15 19:33:20 ----A---- C:\Windows\system32\ieUnatt.exe
2010-09-15 19:33:20 ----A---- C:\Windows\system32\ieui.dll
2010-09-15 19:33:20 ----A---- C:\Windows\system32\iesysprep.dll
2010-09-15 19:33:20 ----A---- C:\Windows\system32\iesetup.dll
2010-09-15 19:33:20 ----A---- C:\Windows\system32\ie4uinit.exe
2010-09-15 19:33:20 ----A---- C:\Windows\system32\icardie.dll
2010-09-15 19:33:18 ----A---- C:\Windows\system32\iexpress.exe
2010-09-15 19:33:15 ----A---- C:\Windows\system32\wininet.dll
2010-09-15 19:33:15 ----A---- C:\Windows\system32\wextract.exe
2010-09-15 19:33:15 ----A---- C:\Windows\system32\webcheck.dll
2010-09-15 19:33:15 ----A---- C:\Windows\system32\iertutil.dll
2010-09-15 19:33:15 ----A---- C:\Windows\system32\iernonce.dll
2010-09-15 19:33:15 ----A---- C:\Windows\system32\iepeers.dll
2010-09-15 19:33:15 ----A---- C:\Windows\system32\ieframe.dll
2010-09-15 19:32:50 ----A---- C:\Windows\system32\FntCache.dll
2010-09-15 19:32:50 ----A---- C:\Windows\system32\DWrite.dll
2010-09-15 19:32:50 ----A---- C:\Windows\system32\d3d10warp.dll
2010-09-15 19:32:50 ----A---- C:\Windows\system32\d3d10_1core.dll
2010-09-15 19:32:50 ----A---- C:\Windows\system32\d2d1.dll
2010-09-15 19:32:18 ----A---- C:\Windows\system32\ExplorerFrame.dll
2010-09-15 19:31:59 ----D---- C:\Program Files\Feedback Tool
2010-09-15 19:21:59 ----D---- C:\rsit
2010-09-15 19:09:59 ----D---- C:\Program Files\Trend Micro
2010-09-15 19:03:32 ----D---- C:\Users\Martin\AppData\Roaming\Malwarebytes
2010-09-15 19:03:26 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-09-15 19:03:24 ----D---- C:\ProgramData\Malwarebytes
2010-09-15 19:03:24 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-09-15 19:03:24 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-09-15 17:24:07 ----A---- C:\Windows\system32\drivers\utexnjiw.sys
2010-09-15 17:23:23 ----A---- C:\Windows\system32\drivers\uzexnjiw.sys
2010-09-15 17:23:02 ----A---- C:\Windows\system32\drivers\ujexnjiw.sys
2010-09-15 17:18:41 ----D---- C:\Program Files\Microsoft Security Essentials
2010-09-15 14:47:11 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-14 18:40:49 ----A---- C:\Windows\system32\unrar.dll
2010-09-14 18:40:45 ----A---- C:\Windows\system32\yv12vfw.dll
2010-09-14 18:40:45 ----A---- C:\Windows\system32\huffyuv.dll
2010-09-14 18:40:44 ----A---- C:\Windows\system32\xvidvfw.dll
2010-09-14 18:40:44 ----A---- C:\Windows\system32\xvidcore.dll
2010-09-14 18:40:44 ----A---- C:\Windows\system32\x264vfw.dll
2010-09-14 18:40:44 ----A---- C:\Windows\system32\vp7vfw.dll
2010-09-14 18:40:44 ----A---- C:\Windows\system32\vp6vfw.dll
2010-09-14 18:40:44 ----A---- C:\Windows\system32\ff_vfw.dll.manifest
2010-09-14 18:40:44 ----A---- C:\Windows\system32\DivXc32f.dll
2010-09-14 18:40:44 ----A---- C:\Windows\system32\DivXc32.dll
2010-09-14 18:40:43 ----A---- C:\Windows\system32\ff_vfw.dll
2010-09-14 18:40:41 ----D---- C:\Program Files\K-Lite Codec Pack
2010-09-12 23:31:20 ----D---- C:\Program Files\SystemRequirementsLab
2010-09-12 00:09:09 ----D---- C:\Temp
2010-09-11 18:59:19 ----D---- C:\Program Files\Android Commander
2010-09-10 22:28:57 ----AH---- C:\aaw7boot.cmd
2010-09-10 22:16:40 ----A---- C:\Windows\system32\drivers\SBREDrv.sys
2010-09-10 22:12:21 ----D---- C:\ProgramData\Lavasoft
2010-09-10 22:12:21 ----D---- C:\Program Files\Lavasoft
2010-09-08 13:42:24 ----D---- C:\ProgramData\organiser
2010-09-08 13:42:24 ----A---- C:\Windows\Crypkey.ini
2010-09-08 13:42:19 ----RA---- C:\Windows\Setup_ck.exe
2010-09-08 13:42:19 ----A---- C:\Windows\system32\Crypserv.exe
2010-09-08 13:42:19 ----A---- C:\Windows\system32\Ckldrv.sys
2010-09-08 13:42:19 ----A---- C:\Windows\Setup_ck.dll
2010-09-08 13:42:19 ----A---- C:\Windows\Ckrfresh.exe
2010-09-08 13:42:19 ----A---- C:\Windows\Ckconfig.exe
2010-09-08 13:42:17 ----D---- C:\ProgramData\WorkshopData
2010-09-05 00:42:23 ----A---- C:\Windows\is-VEUVL.exe
2010-09-04 13:38:34 ----D---- C:\Users\Martin\AppData\Roaming\Songbird2
2010-09-04 09:59:44 ----D---- C:\Users\Martin\AppData\Roaming\Zoner
2010-09-04 09:59:24 ----D---- C:\Program Files\Zoner
2010-09-03 09:43:47 ----D---- C:\Users\Martin\AppData\Roaming\Auslogics
2010-09-02 23:09:23 ----D---- C:\Program Files\Microsoft Synchronization Services
2010-09-02 23:09:22 ----D---- C:\Program Files\Common Files\DESIGNER
2010-09-02 23:08:55 ----D---- C:\Program Files\Microsoft Sync Framework
2010-09-02 23:01:21 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-09-02 22:59:49 ----D---- C:\Program Files\Microsoft Analysis Services
2010-09-02 21:59:39 ----D---- C:\Users\Martin\AppData\Roaming\Posta
2010-09-02 21:59:39 ----D---- C:\Program Files\Pota 3
2010-09-02 10:39:54 ----D---- C:\Program Files\Mozilla Firefox
2010-09-02 10:21:45 ----D---- C:\Users\Martin\AppData\Roaming\RoboForm
2010-09-01 11:59:49 ----D---- C:\Users\Martin\AppData\Roaming\ICZ
2010-09-01 11:59:40 ----HD---- C:\Program Files\Zero G Registry
2010-09-01 11:59:40 ----D---- C:\Program Files\JRF
2010-08-31 19:07:39 ----A---- C:\Users\Martin\AppData\Roaming\myMPQ.ini
2010-08-31 18:43:55 ----D---- C:\Program Files\StarCraft II
2010-08-31 14:26:48 ----D---- C:\Users\Martin\AppData\Roaming\Sun
2010-08-31 13:27:44 ----A---- C:\Windows\system32\TURegOpt.exe
2010-08-31 13:27:42 ----A---- C:\Windows\system32\uxtuneup.dll
2010-08-31 13:27:42 ----A---- C:\Windows\system32\authuitu.dll
2010-08-31 13:27:15 ----D---- C:\Users\Martin\AppData\Roaming\TuneUp Software
2010-08-31 13:27:08 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-08-31 13:26:28 ----D---- C:\ProgramData\TuneUp Software
2010-08-31 13:26:09 ----SHD---- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-08-28 22:18:44 ----D---- C:\Program Files\QuickTime
2010-08-27 19:29:45 ----D---- C:\Program Files\Obalky
2010-08-27 12:36:41 ----D---- C:\Windows\en
2010-08-27 12:30:33 ----D---- C:\Program Files\Windows Live
2010-08-25 20:54:25 ----D---- C:\Program Files\RapidShareManager
2010-08-25 15:23:48 ----D---- C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2010-08-25 15:23:40 ----D---- C:\ProgramData\NVIDIA Corporation
2010-08-25 15:22:21 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2010-08-25 15:22:20 ----A---- C:\Windows\system32\OpenCL.dll
2010-08-25 15:22:19 ----A---- C:\Windows\system32\nvoglv32.dll
2010-08-25 15:22:19 ----A---- C:\Windows\system32\nvdecodemft.dll
2010-08-25 15:22:19 ----A---- C:\Windows\system32\nvcuvid.dll
2010-08-25 15:22:19 ----A---- C:\Windows\system32\nvcuvenc.dll
2010-08-25 15:22:19 ----A---- C:\Windows\system32\nvcuda.dll
2010-08-25 15:22:17 ----A---- C:\Windows\system32\nvcompiler.dll
2010-08-25 15:22:17 ----A---- C:\Windows\system32\nvcod1922.dll
2010-08-25 15:22:17 ----A---- C:\Windows\system32\nvcod.dll
2010-08-25 11:53:53 ----D---- C:\Program Files\Logitech
2010-08-25 08:19:47 ----D---- C:\Users\Martin\AppData\Roaming\dvdcss
2010-08-25 02:29:21 ----A---- C:\Windows\system32\oleaut32.dll
2010-08-24 21:39:12 ----D---- C:\Program Files\GmoteServer
2010-08-23 22:53:29 ----D---- C:\Users\Martin\AppData\Roaming\RigNRoll_usa_ws
2010-08-23 22:48:50 ----RA---- C:\Windows\system32\tmp2BD.tmp
2010-08-23 22:48:50 ----D---- C:\Program Files\OpenAL
2010-08-23 22:48:50 ----A---- C:\Windows\system32\wrap_oal.dll
2010-08-23 22:48:50 ----A---- C:\Windows\system32\OpenAL32.dll
2010-08-21 22:16:07 ----D---- C:\Program Files\CABviaActiveSync
2010-08-18 23:11:15 ----A---- C:\Windows\system32\pkcs11wrapper.dll
2010-08-18 18:21:03 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-08-18 18:20:46 ----D---- C:\Program Files\Windows Live SkyDrive

======List of files/folders modified in the last 1 months======

2010-09-16 04:44:22 ----D---- C:\Windows\Tasks
2010-09-16 04:44:22 ----D---- C:\Windows\system32\wfp
2010-09-16 04:44:22 ----D---- C:\Windows\system32\wbem
2010-09-16 04:44:22 ----D---- C:\Windows\system32\DriverStore
2010-09-16 04:44:22 ----D---- C:\Windows\system32\CodeIntegrity
2010-09-16 04:44:21 ----D---- C:\Windows\inf
2010-09-16 04:44:20 ----D---- C:\ProgramData\P4G
2010-09-16 04:44:19 ----D---- C:\Program Files\NSNetMon
2010-09-16 04:44:18 ----D---- C:\Windows\registration
2010-09-16 04:41:59 ----D---- C:\Program Files\Windows Portable Devices
2010-09-16 00:33:03 ----D---- C:\Program Files\The KMPlayer
2010-09-15 20:19:01 ----D---- C:\Windows\system32\config
2010-09-15 20:18:30 ----D---- C:\Windows\Temp
2010-09-15 20:18:00 ----AD---- C:\Windows
2010-09-15 20:15:55 ----D---- C:\Windows\system32\drivers
2010-09-15 20:11:22 ----D---- C:\Users\Martin\AppData\Roaming\Skype
2010-09-15 20:07:55 ----D---- C:\Program Files\Trillian
2010-09-15 20:07:29 ----A---- C:\Windows\system.ini
2010-09-15 20:07:18 ----D---- C:\Windows\system32\drivers\etc
2010-09-15 20:07:15 ----D---- C:\Windows\system32\Tasks
2010-09-15 20:05:57 ----D---- C:\Boot
2010-09-15 20:05:01 ----D---- C:\Windows\System32
2010-09-15 20:02:01 ----D---- C:\Windows\AppPatch
2010-09-15 20:02:00 ----D---- C:\Program Files\Common Files
2010-09-15 19:38:07 ----D---- C:\Windows\winsxs
2010-09-15 19:36:11 ----D---- C:\Windows\system32\catroot
2010-09-15 19:35:48 ----D---- C:\Windows\system32\cs-CZ
2010-09-15 19:35:47 ----D---- C:\Windows\PolicyDefinitions
2010-09-15 19:35:47 ----D---- C:\Program Files\Internet Explorer
2010-09-15 19:35:46 ----D---- C:\Windows\system32\migration
2010-09-15 19:35:46 ----D---- C:\Windows\system32\en-US
2010-09-15 19:34:08 ----SHD---- C:\System Volume Information
2010-09-15 19:33:44 ----D---- C:\Windows\system32\catroot2
2010-09-15 19:32:06 ----D---- C:\Config.Msi
2010-09-15 19:32:04 ----SHD---- C:\Windows\Installer
2010-09-15 19:31:59 ----D---- C:\Program Files
2010-09-15 19:31:40 ----D---- C:\Windows\Logs
2010-09-15 19:03:24 ----D---- C:\ProgramData
2010-09-15 18:08:05 ----D---- C:\Windows\Prefetch
2010-09-15 16:26:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-15 14:51:04 ----D---- C:\ProgramData\Microsoft Help
2010-09-15 14:47:48 ----A---- C:\Windows\system32\MRT.exe
2010-09-15 14:07:40 ----D---- C:\Windows\debug
2010-09-14 18:31:12 ----D---- C:\Program Files\Mp4ForHD
2010-09-13 21:29:41 ----D---- C:\Windows\system32\LogFiles
2010-09-13 21:24:06 ----D---- C:\Users\Martin\AppData\Roaming\GoodSync
2010-09-10 22:30:39 ----DC---- C:\Windows\system32\DRVSTORE
2010-09-10 18:25:15 ----D---- C:\Windows\system32\NDF
2010-09-09 21:03:40 ----D---- C:\Program Files\Droid Explorer
2010-09-09 21:03:29 ----RSD---- C:\Windows\assembly
2010-09-09 13:42:48 ----D---- C:\Users\Martin\AppData\Roaming\ICQ
2010-09-09 13:40:13 ----D---- C:\Program Files\ICQ7.1
2010-09-08 13:54:33 ----AD---- C:\ProgramData\Temp
2010-09-08 11:54:02 ----D---- C:\Program Files\JDownloader
2010-09-07 17:11:54 ----A---- C:\Windows\system32\aswBoot.exe
2010-09-05 21:48:16 ----D---- C:\Windows\rescache
2010-09-05 20:00:21 ----D---- C:\Program Files\CDBurnerXP
2010-09-05 19:58:45 ----D---- C:\Program Files\Windows Sidebar
2010-09-04 10:31:16 ----D---- C:\Program Files\Siber Systems
2010-09-04 00:09:39 ----D---- C:\Program Files\CCleaner
2010-09-03 21:50:31 ----D---- C:\Users\Martin\AppData\Roaming\Outlook
2010-09-03 21:50:31 ----D---- C:\Users\Martin\AppData\Roaming\HTC
2010-09-03 08:12:37 ----D---- C:\Windows\Microsoft.NET
2010-09-02 23:17:42 ----D---- C:\Program Files\Common Files\microsoft shared
2010-09-02 23:17:29 ----D---- C:\Windows\ShellNew
2010-09-02 23:16:57 ----A---- C:\Windows\win.ini
2010-09-02 23:10:16 ----RSD---- C:\Windows\Fonts
2010-09-02 23:10:02 ----D---- C:\Program Files\MSBuild
2010-09-02 23:08:57 ----D---- C:\Program Files\Microsoft Office
2010-09-02 23:08:55 ----SD---- C:\Users\Martin\AppData\Roaming\Microsoft
2010-09-02 23:08:55 ----SD---- C:\ProgramData\Microsoft
2010-09-02 23:08:55 ----D---- C:\Program Files\Microsoft.NET
2010-09-02 22:51:57 ----D---- C:\Windows\WindowsMobile
2010-09-02 10:39:58 ----D---- C:\Users\Martin\AppData\Roaming\Mozilla
2010-09-02 08:21:30 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-02 00:21:09 ----D---- C:\Program Files\JPEG Resampler
2010-08-31 22:01:13 ----D---- C:\Program Files\Google
2010-08-31 21:47:27 ----D---- C:\Users\Martin\AppData\Roaming\MotionDSP
2010-08-31 21:42:17 ----D---- C:\Program Files\Bonjour
2010-08-31 21:30:45 ----D---- C:\Program Files\Core Services
2010-08-31 21:30:17 ----D---- C:\Program Files\Mp3tag
2010-08-31 19:00:03 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-08-31 13:49:31 ----D---- C:\Program Files\Steam
2010-08-27 19:50:41 ----A---- C:\Windows\yklabo.ini
2010-08-26 06:54:07 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-08-25 15:27:27 ----D---- C:\ProgramData\NVIDIA
2010-08-25 15:23:34 ----D---- C:\Program Files\NVIDIA Corporation
2010-08-25 11:54:50 ----D---- C:\Program Files\Common Files\Logishrd
2010-08-25 11:53:57 ----D---- C:\ProgramData\Logishrd
2010-08-24 21:39:47 ----HD---- C:\Program Files\InstallJammer Registry
2010-08-23 21:22:08 ----D---- C:\Program Files\HTC
2010-08-23 21:21:06 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-08-23 01:45:36 ----D---- C:\Program Files\MSECache
2010-08-22 19:42:28 ----D---- C:\Users\Martin\AppData\Roaming\Dropbox
2010-08-22 19:38:45 ----D---- C:\Windows\LiveKernelReports
2010-08-18 15:14:08 ----D---- C:\Program Files\Common Files\Windows Live

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2010-02-13 30264]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15416]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R1 NetworkX;NetworkX; C:\Windows\system32\ckldrv.sys [2008-08-22 21638]
R1 uzexnjiw;AVZ-RK Kernel Driver; \??\C:\Windows\system32\Drivers\uzexnjiw.sys [2010-09-15 11264]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 20936]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
R3 BthEnum;Sluba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zazen Bluetooth (s PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovlada rozhran USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-07-09 81960]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-05-13 100392]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-05-13 17320]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-01-20 2317536]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 13880]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2010-03-18 38864]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2010-03-18 28624]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2009-05-13 14392]
R3 RFCOMM;Zazen Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-05-08 165888]
R3 SiSGbeLH;SiS191/SiS190  ovlada NDIS 6.0 zazen st Ethernet; C:\Windows\system32\DRIVERS\SiSGB6.sys [2009-07-14 48128]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-03-16 1753984]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-20 213552]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-24 10064]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S1 SRTSP;SRTSP; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS []
S1 SRTSPX;SRTSPX; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 26112]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovlada portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 catchme;catchme; \??\C:\Users\Martin\AppData\Local\Temp\catchme.sys []
S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2010-04-29 26112]
S3 ipswuio;ipswuio; C:\Windows\System32\DRIVERS\ipswuio.sys []
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS []
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys []
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pnetmdm;PdaNet Modem; C:\Windows\system32\DRIVERS\pnetmdm.sys [2006-09-28 9472]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-05-07 62976]
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-11-12 7168]
S3 ujexnjiw;AVZ-SG Kernel Driver; \??\C:\Windows\system32\Drivers\ujexnjiw.sys [2010-09-15 10240]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys []
S3 usb_rndisx;Adaptr USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;Ovlada skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys []
S3 utexnjiw;AVZ Kernel Driver; \??\C:\Windows\system32\Drivers\utexnjiw.sys [2010-09-15 7168]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-02-13 691696]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 Crypkey License;Crypkey License; C:\Windows\system32\crypserv.exe [2008-05-08 122880]
R2 DroidExplorerService;DroidExplorer Service; C:\Program Files\Droid Explorer\DroidExplorer.Service.exe [2010-08-21 253952]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2010-04-22 73728]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R2 NMSAccess;NMSAccess; C:\Program Files\BurnAware Free\NMSAccess32.exe [2009-01-12 71096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-08-27 1051968]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-07 135664]
S2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-11-12 71096]
S2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll /prefetch:1 []
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe []
S3 aspnet_state;Stavov sluba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-19 654848]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-08-06 194104]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-05-06 293456]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office  Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-04-27 611840]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-08-31 435008]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-12 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------













ComboFix 10-09-14.05 - Martin 15.09.2010  19:57:15.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7600.0.1250.420.1029.18.3071.1748 [GMT 2:00]
Sputn z: f:\downloads\ComboFix.exe
.
[i] ADS - Windows: deleted 24 bytes in 1 streams. [/i]

(((((((((((((((((((((((((((((((((((((((   Ostatn vmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\detoured.dll
c:\windows\system32\sqlite3.dll
J:\Autorun.inf

.
(((((((((((((((((((((((((   Soubory vytvoen od 2010-08-15 do 2010-09-15  )))))))))))))))))))))))))))))))
.

2010-09-15 17:37 . 2010-09-15 17:37	--------	d-----w-	c:\windows\Panther
2010-09-15 17:32 . 2010-08-16 06:15	804864	----a-w-	c:\windows\system32\FntCache.dll
2010-09-15 17:32 . 2010-08-16 06:14	1076224	----a-w-	c:\windows\system32\DWrite.dll
2010-09-15 17:32 . 2010-08-16 06:14	737280	----a-w-	c:\windows\system32\d2d1.dll
2010-09-15 17:32 . 2010-08-16 06:14	218624	----a-w-	c:\windows\system32\d3d10_1core.dll
2010-09-15 17:32 . 2010-08-16 06:14	1172480	----a-w-	c:\windows\system32\d3d10warp.dll
2010-09-15 17:32 . 2010-06-26 05:14	1495040	----a-w-	c:\windows\system32\ExplorerFrame.dll
2010-09-15 17:31 . 2010-09-15 17:32	--------	d-----w-	c:\program files\Feedback Tool
2010-09-15 17:21 . 2010-09-15 17:22	--------	d-----w-	C:\rsit
2010-09-15 17:09 . 2010-09-15 17:09	--------	d-----w-	c:\program files\Trend Micro
2010-09-15 17:03 . 2010-09-15 17:03	--------	d-----w-	c:\users\Martin\AppData\Roaming\Malwarebytes
2010-09-15 17:03 . 2010-04-29 13:39	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-15 17:03 . 2010-09-15 17:03	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-09-15 17:03 . 2010-09-15 17:03	--------	d-----w-	c:\programdata\Malwarebytes
2010-09-15 17:03 . 2010-04-29 13:39	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-09-15 15:24 . 2010-09-15 15:24	7168	----a-w-	c:\windows\system32\drivers\utexnjiw.sys
2010-09-15 15:23 . 2010-09-15 15:23	11264	----a-w-	c:\windows\system32\drivers\uzexnjiw.sys
2010-09-15 15:23 . 2010-09-15 15:23	10240	----a-w-	c:\windows\system32\drivers\ujexnjiw.sys
2010-09-15 15:18 . 2010-09-16 02:44	--------	d-----w-	c:\program files\Microsoft Security Essentials
2010-09-15 12:47 . 2010-08-21 05:32	316928	----a-w-	c:\windows\system32\spoolsv.exe
2010-09-12 21:31 . 2010-09-12 21:31	--------	d-----w-	c:\program files\SystemRequirementsLab
2010-09-12 21:31 . 2010-09-12 21:31	--------	d-----w-	c:\users\Martin\SystemRequirementsLab
2010-09-11 22:11 . 2010-09-11 22:11	--------	d-----w-	c:\temp\mplayer
2010-09-11 22:09 . 2009-01-14 05:25	9548288	----a-w-	c:\temp\ffmpeg.exe
2010-09-11 22:09 . 2009-01-14 07:17	14285824	----a-w-	c:\temp\MEncoder.exe
2010-09-11 22:09 . 2009-06-12 03:14	13551635	----a-w-	c:\temp\MPlayer.exe
2010-09-11 22:09 . 2010-09-14 16:43	--------	d-----w-	C:\Temp
2010-09-11 22:09 . 2008-12-09 14:50	199680	----a-w-	c:\temp\MediaInfo.exe
2010-09-11 22:09 . 2008-12-09 14:50	1548288	----a-w-	c:\temp\MediaInfo.dll
2010-09-11 16:59 . 2010-09-11 17:10	--------	d-----w-	c:\program files\Android Commander
2010-09-10 20:28 . 2010-09-10 20:28	90	---ha-w-	C:\aaw7boot.cmd
2010-09-10 20:16 . 2010-09-10 20:16	95024	----a-w-	c:\windows\system32\drivers\SBREDrv.sys
2010-09-10 20:12 . 2010-09-10 20:12	--------	d-----w-	c:\users\Martin\AppData\Local\Sunbelt Software
2010-09-10 20:12 . 2010-09-11 17:04	--------	d-----w-	c:\program files\Lavasoft
2010-09-10 20:12 . 2010-09-10 20:30	--------	d-----w-	c:\programdata\Lavasoft
2010-09-08 11:42 . 2010-09-08 11:44	--------	d-----w-	c:\programdata\organiser
2010-09-08 11:42 . 2008-08-22 20:14	21638	----a-w-	c:\windows\system32\Ckldrv.sys
2010-09-08 11:42 . 2008-05-07 23:29	122880	----a-w-	c:\windows\system32\Crypserv.exe
2010-09-08 11:42 . 1999-06-18 20:49	165888	----a-w-	c:\windows\Ckconfig.exe
2010-09-08 11:42 . 1996-05-03 16:21	27648	----a-r-	c:\windows\Setup_ck.exe
2010-09-08 11:42 . 1996-05-03 14:36	18432	----a-w-	c:\windows\Setup_ck.dll
2010-09-08 11:42 . 1995-07-04 17:33	11776	----a-w-	c:\windows\Ckrfresh.exe
2010-09-08 11:42 . 2010-09-08 11:42	--------	d-----w-	c:\programdata\WorkshopData
2010-09-04 22:42 . 2010-09-04 22:42	1556992	----a-w-	c:\windows\is-VEUVL.exe
2010-09-04 11:38 . 2010-09-04 11:38	--------	d-----w-	c:\users\Martin\AppData\Local\Songbird2
2010-09-04 11:38 . 2010-09-04 11:38	--------	d-----w-	c:\users\Martin\AppData\Roaming\Songbird2
2010-09-04 07:59 . 2010-09-04 08:00	--------	d-----w-	c:\users\Martin\AppData\Roaming\Zoner
2010-09-04 07:59 . 2010-09-04 07:59	--------	d-----w-	c:\users\Martin\AppData\Local\Zoner
2010-09-04 07:59 . 2010-09-04 07:59	--------	d-----w-	c:\program files\Zoner
2010-09-03 07:43 . 2010-09-03 07:51	--------	d-----w-	c:\users\Martin\AppData\Roaming\Auslogics
2010-09-02 21:09 . 2010-09-02 21:09	--------	d-----w-	c:\program files\Microsoft Synchronization Services
2010-09-02 21:08 . 2010-09-02 21:08	--------	d-----w-	c:\program files\Microsoft Sync Framework
2010-09-02 21:01 . 2010-09-02 21:16	--------	d-----w-	c:\program files\Microsoft Visual Studio 8
2010-09-02 20:59 . 2010-09-02 20:59	--------	d-----w-	c:\program files\Microsoft Analysis Services
2010-09-02 19:59 . 2010-09-06 20:50	--------	d-----w-	c:\program files\Pota 3
2010-09-02 19:59 . 2010-09-02 19:59	--------	d-----w-	c:\users\Martin\AppData\Roaming\Posta
2010-09-02 08:21 . 2010-09-02 08:21	--------	d-----w-	c:\users\Martin\AppData\Roaming\RoboForm
2010-09-01 09:59 . 2010-09-01 09:59	--------	d-----w-	c:\users\Martin\AppData\Roaming\ICZ
2010-09-01 09:59 . 2010-09-01 09:59	--------	d--h--w-	c:\program files\Zero G Registry
2010-09-01 09:59 . 2010-09-01 09:59	--------	d-----w-	c:\program files\JRF
2010-09-01 09:59 . 2010-09-01 09:59	--------	d--h--w-	c:\users\Martin\InstallAnywhere
2010-08-31 16:43 . 2010-08-31 16:43	--------	d-----w-	c:\program files\StarCraft II
2010-08-31 11:27 . 2010-08-27 13:02	30528	----a-w-	c:\windows\system32\TURegOpt.exe
2010-08-31 11:27 . 2010-08-27 12:56	21312	----a-w-	c:\windows\system32\authuitu.dll
2010-08-31 11:27 . 2010-08-27 12:56	30016	----a-w-	c:\windows\system32\uxtuneup.dll
2010-08-31 11:27 . 2010-08-31 11:27	--------	d-----w-	c:\users\Martin\AppData\Roaming\TuneUp Software
2010-08-31 11:27 . 2010-08-31 11:27	--------	d-----w-	c:\program files\TuneUp Utilities 2010
2010-08-31 11:26 . 2010-08-31 11:27	--------	d-----w-	c:\programdata\TuneUp Software
2010-08-31 11:26 . 2010-08-31 11:26	--------	d-sh--w-	c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-08-28 20:18 . 2010-09-01 10:36	--------	d-----w-	c:\program files\QuickTime
2010-08-27 17:29 . 2010-08-27 17:29	--------	d-----w-	c:\program files\Obalky
2010-08-27 10:36 . 2010-08-27 10:36	--------	d-----w-	c:\windows\en
2010-08-27 10:30 . 2010-08-31 19:16	--------	d-----w-	c:\program files\Windows Live
2010-08-25 20:20 . 2010-08-25 20:20	--------	d-----w-	c:\users\Public\Recorded TV
2010-08-25 18:54 . 2010-09-03 10:07	--------	d-----w-	c:\program files\RapidShareManager
2010-08-25 13:23 . 2010-08-25 13:23	--------	d-----w-	c:\windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2010-08-25 13:23 . 2010-08-25 13:23	--------	d-----w-	c:\programdata\NVIDIA Corporation
2010-08-25 13:22 . 2010-07-09 22:37	11008040	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2010-08-25 13:22 . 2010-07-09 22:37	56936	----a-w-	c:\windows\system32\OpenCL.dll
2010-08-25 13:22 . 2010-07-09 22:37	4553832	----a-w-	c:\windows\system32\nvcuda.dll
2010-08-25 13:22 . 2010-07-09 22:37	314984	----a-w-	c:\windows\system32\nvdecodemft.dll
2010-08-25 13:22 . 2010-07-09 22:37	2892904	----a-w-	c:\windows\system32\nvcuvid.dll
2010-08-25 13:22 . 2010-07-09 22:37	2506344	----a-w-	c:\windows\system32\nvcuvenc.dll
2010-08-25 13:22 . 2010-07-09 22:37	14092904	----a-w-	c:\windows\system32\nvoglv32.dll
2010-08-25 13:22 . 2010-07-09 22:37	236136	----a-w-	c:\windows\system32\nvcod1922.dll
2010-08-25 13:22 . 2010-07-09 22:37	236136	----a-w-	c:\windows\system32\nvcod.dll
2010-08-25 13:22 . 2010-07-09 22:37	10267240	----a-w-	c:\windows\system32\nvcompiler.dll
2010-08-25 09:53 . 2010-08-25 09:53	--------	d-----w-	c:\program files\Logitech
2010-08-25 06:19 . 2010-08-25 06:21	--------	d-----w-	c:\users\Martin\AppData\Roaming\dvdcss
2010-08-25 00:29 . 2010-04-07 07:10	571904	----a-w-	c:\windows\system32\oleaut32.dll
2010-08-24 19:39 . 2010-08-24 19:39	--------	d-----w-	c:\program files\GmoteServer
2010-08-23 20:53 . 2010-08-23 20:53	--------	d-----w-	c:\users\Martin\AppData\Roaming\RigNRoll_usa_ws
2010-08-23 20:48 . 2010-08-23 20:48	413696	----a-w-	c:\windows\system32\wrap_oal.dll
2010-08-23 20:48 . 2010-08-23 20:48	110592	----a-w-	c:\windows\system32\OpenAL32.dll
2010-08-23 20:48 . 2010-08-23 20:48	--------	d-----w-	c:\program files\OpenAL
2010-08-21 20:16 . 2010-08-21 20:39	--------	d-----w-	c:\program files\CABviaActiveSync
2010-08-18 21:11 . 2010-08-18 21:11	94208	----a-w-	c:\windows\system32\pkcs11wrapper.dll
2010-08-18 16:21 . 2010-09-02 21:08	--------	d-----w-	c:\program files\Microsoft SQL Server Compact Edition
2010-08-18 16:20 . 2010-08-27 10:38	--------	d-----w-	c:\program files\Windows Live SkyDrive
2010-08-17 21:53 . 2010-08-18 14:25	--------	d-----w-	c:\users\Martin\AppData\Local\Xmarks
2010-08-17 20:52 . 2010-08-17 20:52	--------	d-----w-	c:\users\Martin\AppData\Local\119614890734200052
2010-08-17 20:52 . 2010-08-17 20:52	--------	d-----w-	c:\users\Martin\AppData\Local\119611678098662644

.
((((((((((((((((((((((((((((((((((((((((   Find3M vpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-16 02:44 . 2010-02-12 23:52	--------	d-----w-	c:\programdata\P4G
2010-09-16 02:44 . 2010-02-13 07:57	--------	d-----w-	c:\program files\NSNetMon
2010-09-16 02:41 . 2009-07-14 04:52	--------	d-----w-	c:\program files\Windows Portable Devices
2010-09-15 22:33 . 2010-02-20 21:54	--------	d-----w-	c:\program files\The KMPlayer
2010-09-15 18:09 . 2010-02-13 07:45	--------	d-----w-	c:\users\Martin\AppData\Roaming\Skype
2010-09-15 18:07 . 2010-05-26 13:46	--------	d-----w-	c:\program files\Trillian
2010-09-15 17:14 . 2010-09-15 17:14	388096	----a-r-	c:\users\Martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-09-15 14:26 . 2009-08-26 09:31	669198	----a-w-	c:\windows\system32\perfh005.dat
2010-09-15 14:26 . 2009-08-26 09:31	140798	----a-w-	c:\windows\system32\perfc005.dat
2010-09-15 12:51 . 2009-07-07 19:10	--------	d-----w-	c:\programdata\Microsoft Help
2010-09-14 16:41 . 2010-09-14 16:40	--------	d-----w-	c:\program files\K-Lite Codec Pack
2010-09-14 16:31 . 2010-04-06 19:09	--------	d-----w-	c:\program files\Mp4ForHD
2010-09-13 19:24 . 2010-02-13 08:07	--------	d-----w-	c:\users\Martin\AppData\Roaming\GoodSync
2010-09-09 19:03 . 2010-05-29 21:34	--------	d-----w-	c:\program files\Droid Explorer
2010-09-09 19:03 . 2010-09-09 19:03	1868800	----a-r-	c:\users\Martin\AppData\Roaming\Microsoft\Installer\{1D7F1C32-E5D9-42CB-836D-352CBCCCD4D3}\AppIcon.exe
2010-09-09 11:42 . 2010-05-07 17:09	--------	d-----w-	c:\users\Martin\AppData\Roaming\ICQ
2010-09-09 11:40 . 2010-05-07 17:09	--------	d-----w-	c:\program files\ICQ7.1
2010-09-08 09:54 . 2010-04-09 09:09	--------	d-----w-	c:\program files\JDownloader
2010-09-07 15:12 . 2010-06-29 12:34	38848	----a-w-	c:\windows\avastSS.scr
2010-09-07 15:11 . 2010-05-26 18:23	167592	----a-w-	c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2010-05-26 18:24	46672	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2010-05-26 18:24	165584	----a-w-	c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2010-05-26 18:24	23376	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2010-05-26 18:24	50768	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2010-09-07 14:47 . 2010-05-26 18:24	17744	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2010-09-06 20:50 . 2010-09-02 19:59	--------	d-----w-	c:\program files\Pota 3
2010-09-05 18:00 . 2010-02-18 21:15	--------	d-----w-	c:\program files\CDBurnerXP
2010-09-05 17:58 . 2009-07-14 04:52	--------	d-----w-	c:\program files\Windows Sidebar
2010-09-04 08:31 . 2010-02-13 08:07	--------	d-----w-	c:\program files\Siber Systems
2010-09-03 22:09 . 2010-02-13 07:28	--------	d-----w-	c:\program files\CCleaner
2010-09-03 19:50 . 2010-08-12 11:24	--------	d-----w-	c:\users\Martin\AppData\Roaming\HTC
2010-09-03 19:50 . 2010-08-05 15:09	--------	d-----w-	c:\users\Martin\AppData\Roaming\Outlook
2010-09-03 07:44 . 2010-09-03 07:56	53632	----a-w-	c:\users\Martin\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-09-03 07:44 . 2010-09-03 07:56	2605008	----a-w-	c:\users\Martin\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2010-09-02 21:24 . 2010-02-12 22:54	401704	----a-w-	c:\users\Martin\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-02 21:10 . 2009-07-14 04:52	--------	d-----w-	c:\program files\MSBuild
2010-09-02 21:08 . 2009-07-07 19:15	--------	d-----w-	c:\program files\Microsoft.NET
2010-09-02 06:21 . 2010-02-13 11:28	--------	d-----w-	c:\program files\Microsoft Silverlight
2010-09-01 22:21 . 2010-04-29 15:33	--------	d-----w-	c:\program files\JPEG Resampler
2010-08-31 22:46 . 2010-09-15 17:33	1355264	----a-w-	c:\windows\system32\jscript9.dll
2010-08-31 22:44 . 2010-09-15 17:33	1122304	----a-w-	c:\windows\system32\wininet.dll
2010-08-31 22:44 . 2010-09-15 17:33	424960	----a-w-	c:\windows\system32\vbscript.dll
2010-08-31 22:43 . 2010-09-15 17:33	23552	----a-w-	c:\windows\system32\licmgr10.dll
2010-08-31 22:43 . 2010-09-15 17:33	142848	----a-w-	c:\windows\system32\ieUnatt.exe
2010-08-31 22:43 . 2010-09-15 17:33	114176	----a-w-	c:\windows\system32\iesysprep.dll
2010-08-31 22:43 . 2010-09-15 17:33	76800	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2010-08-31 22:43 . 2010-09-15 17:33	74752	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2010-08-31 22:42 . 2010-09-15 17:33	51200	----a-w-	c:\windows\system32\admparse.dll
2010-08-31 22:42 . 2010-09-15 17:33	75264	----a-w-	c:\windows\system32\iesetup.dll
2010-08-31 22:42 . 2010-09-15 17:33	110592	----a-w-	c:\windows\system32\IEAdvpack.dll
2010-08-31 22:42 . 2010-09-15 17:33	150016	----a-w-	c:\windows\system32\iexpress.exe
2010-08-31 22:42 . 2010-09-15 17:33	149504	----a-w-	c:\windows\system32\wextract.exe
2010-08-31 22:42 . 2010-09-15 17:33	33280	----a-w-	c:\windows\system32\imgutil.dll
2010-08-31 22:42 . 2010-09-15 17:33	48640	----a-w-	c:\windows\system32\mshtmler.dll
2010-08-31 22:42 . 2010-09-15 17:33	11264	----a-w-	c:\windows\system32\mshta.exe
2010-08-31 22:41 . 2010-09-15 17:33	160768	----a-w-	c:\windows\system32\msls31.dll
2010-08-31 20:01 . 2009-07-07 19:25	--------	d-----w-	c:\program files\Google
2010-08-31 19:47 . 2010-08-07 22:32	--------	d-----w-	c:\users\Martin\AppData\Roaming\MotionDSP
2010-08-31 19:42 . 2010-02-19 17:44	--------	d-----w-	c:\program files\Bonjour
2010-08-31 19:30 . 2010-08-13 11:51	--------	d-----w-	c:\program files\Core Services
2010-08-31 19:30 . 2010-08-06 20:53	--------	d-----w-	c:\program files\Mp3tag
2010-08-31 17:00 . 2010-08-03 21:19	--------	d-----w-	c:\program files\Common Files\Blizzard Entertainment
2010-08-31 15:18 . 2010-09-02 21:53	536576	----a-w-	c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\uankx7h9.default\extensions\{22119944-ED35-4ab1-910B-E619EA06A115}\components\rfproxy_31.dll
2010-08-31 11:49 . 2010-06-22 16:58	--------	d-----w-	c:\program files\Steam
2010-08-30 13:15 . 2010-09-04 11:40	282624	----a-w-	c:\users\Martin\AppData\Roaming\Songbird2\Profiles\l1xopy82.default\extensions\windowsmedia@songbirdnest.com\platform\WINNT_x86-msvc\components\sbWindowsMediacore.dll
2010-08-30 13:14 . 2010-09-04 11:40	110592	----a-w-	c:\users\Martin\AppData\Roaming\Songbird2\Profiles\l1xopy82.default\extensions\quicktime@songbirdnest.com\platform\WINNT_x86-msvc\components\sbQuickTimeMediacore.dll
2010-08-30 13:14 . 2010-09-04 11:40	835584	----a-w-	c:\users\Martin\AppData\Roaming\Songbird2\Profiles\l1xopy82.default\extensions\mtp@songbirdnest.com\platform\WINNT_x86-msvc\components\sbMTPWin32.dll
2010-08-30 13:13 . 2010-09-04 11:40	770048	----a-w-	c:\users\Martin\AppData\Roaming\Songbird2\Profiles\l1xopy82.default\extensions\msc@songbirdnest.com\platform\WINNT_x86-msvc\components\sbMSCDevice.dll
2010-08-30 13:13 . 2010-09-04 11:40	13312	----a-w-	c:\users\Martin\AppData\Roaming\Songbird2\Profiles\l1xopy82.default\extensions\gracenote@songbirdnest.com\platform\WINNT_x86-msvc\components\sbGracenoteStub.dll
2010-08-30 13:13 . 2010-09-04 11:40	94208	----a-w-	c:\users\Martin\AppData\Roaming\Songbird2\Profiles\l1xopy82.default\extensions\gracenote@songbirdnest.com\platform\WINNT_x86-msvc\lib\sbGracenote.dll
2010-08-30 13:13 . 2010-09-04 11:40	81408	----a-w-	c:\users\Martin\AppData\Roaming\Songbird2\Profiles\l1xopy82.default\extensions\gracenote@songbirdnest.com\platform\WINNT_x86-msvc\lib\gnsdk_musicid_cd.dll
2010-08-30 13:13 . 2010-09-04 11:40	571904	----a-w-	c:\users\Martin\AppData\Roaming\Songbird2\Profiles\l1xopy82.default\extensions\gracenote@songbirdnest.com\platform\WINNT_x86-msvc\lib\gnsdk_sdkmanager.dll
2010-08-30 13:13 . 2010-09-04 11:40	154624	----a-w-	c:\users\Martin\AppData\Roaming\Songbird2\Profiles\l1xopy82.default\extensions\gracenote@songbirdnest.com\platform\WINNT_x86-msvc\lib\gnsdk_search.dll
2010-08-30 13:13 . 2010-09-04 11:40	114688	----a-w-	c:\users\Martin\AppData\Roaming\Songbird2\Profiles\l1xopy82.default\extensions\gracenote@songbirdnest.com\platform\WINNT_x86-msvc\lib\gnsdk_link.dll
2010-08-30 13:13 . 2010-09-04 11:40	13312	----a-w-	c:\users\Martin\AppData\Roaming\Songbird2\Profiles\l1xopy82.default\extensions\cd-rip@songbirdnest.com\platform\WINNT_x86-msvc\components\sbGearworksStub.dll
2010-08-30 13:13 . 2010-09-04 11:40	65536	----a-w-	c:\users\Martin\AppData\Roaming\Songbird2\Profiles\l1xopy82.default\extensions\cd-rip@songbirdnest.com\platform\WINNT_x86-msvc\lib\sbGearworksCD.dll
2010-08-30 13:13 . 2010-09-04 11:40	394600	----a-w-	c:\users\Martin\AppData\Roaming\Songbird2\Profiles\l1xopy82.default\extensions\cd-rip@songbirdnest.com\platform\WINNT_x86-msvc\lib\gwrks32.dll
2010-08-30 13:13 . 2010-09-04 11:40	3573096	----a-w-	c:\users\Martin\AppData\Roaming\Songbird2\Profiles\l1xopy82.default\extensions\cd-rip@songbirdnest.com\platform\WINNT_x86-msvc\lib\gearaw32.dll
2010-08-30 13:13 . 2010-09-04 11:40	238952	----a-w-	c:\users\Martin\AppData\Roaming\Songbird2\Profiles\l1xopy82.default\extensions\cd-rip@songbirdnest.com\platform\WINNT_x86-msvc\lib\gwlangen.dll
2010-08-30 13:12 . 2010-09-04 11:40	49152	----a-w-	c:\users\Martin\AppData\Roaming\Songbird2\Profiles\l1xopy82.default\extensions\concerts@songbirdnest.com\platform\WINNT_x86-msvc\components\sbConcertsComponent.dll
2010-08-26 04:54 . 2010-02-18 19:43	--------	d-----w-	c:\program files\Common Files\Wise Installation Wizard
2010-08-25 20:23 . 2010-08-25 20:23	48648	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-08-25 20:23 . 2010-08-25 20:23	484160	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-08-25 13:27 . 2009-07-07 19:59	--------	d-----w-	c:\programdata\NVIDIA
2010-08-25 13:23 . 2010-02-18 19:43	--------	d-----w-	c:\program files\NVIDIA Corporation
2010-08-25 09:55 . 2010-08-25 09:55	53248	----a-r-	c:\users\Martin\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2010-08-25 09:54 . 2010-02-14 10:59	--------	d-----w-	c:\program files\Common Files\Logishrd
2010-08-25 09:54 . 2010-04-09 20:23	16400	----a-w-	c:\windows\system32\drivers\LNonPnP.sys
2010-08-25 09:53 . 2010-04-09 20:22	--------	d-----w-	c:\programdata\Logishrd
2010-08-24 19:39 . 2010-07-07 14:19	--------	d--h--w-	c:\program files\InstallJammer Registry
2010-08-23 19:22 . 2010-08-12 11:22	--------	d-----w-	c:\program files\HTC
2010-08-23 19:21 . 2010-05-03 19:37	--------	d-----w-	c:\program files\Common Files\Adobe AIR
2010-08-23 19:21 . 2010-05-03 19:37	53632	----a-w-	c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-08-22 23:45 . 2010-04-26 19:21	--------	d-----w-	c:\program files\MSECache
2010-08-22 17:42 . 2010-05-19 19:35	--------	d-----w-	c:\users\Martin\AppData\Roaming\Dropbox
2010-08-18 13:14 . 2010-02-12 20:39	--------	d-----w-	c:\program files\Common Files\Windows Live
2010-08-15 13:32 . 2010-08-15 13:33	720896	----a-w-	c:\windows\iun6002.exe
2010-08-15 13:29 . 2010-08-15 13:29	--------	d-----w-	c:\program files\Recuva
2010-08-14 10:43 . 2010-08-14 10:43	--------	d-----w-	c:\program files\Valve
2010-08-12 17:13 . 2010-08-12 17:13	--------	d-----w-	c:\program files\Common Files\Java
2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42	396800	--sha-w-	c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((   Spoutc body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznmka* przdn zznamy a legitimn vchoz daje nejsou zobrazeny. 
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 16:08	143360	----a-w-	c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19	94208	----a-w-	c:\users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19	94208	----a-w-	c:\users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19	94208	----a-w-	c:\users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\\Phone\Skype.exe" [2010-09-02 13351304]
"HTC Home 2"="c:\users\Martin\Desktop\HTC Home 2.0 Build 123\HTCHome.exe" [2010-08-30 371200]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2010-09-02 66040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSNetMon_aaeifggihfdfbgca"="c:\program files\NSNetMon\netmon.exe" [2010-02-13 61440]
"Uptime2"="c:\program files\Uptime2\Uptime2.exe" [2003-05-05 100352]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"SE-TrayMenu"="c:\program files\SE-SOFT.COM\SE-TrayMenu\SE-TrayMenu.exe" [2010-04-04 213504]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1311312]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-06-01 1093208]

c:\users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Trillian.lnk - c:\program files\Trillian\trillian.exe [2010-9-2 2291552]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-05-06 09:29	64592	----a-w-	c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk /p \??\j:\0autocheck autochk /p \??\J:\0autocheck autochk *

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-07 135664]
R2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [2010-04-29 26112]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2010-04-29 26112]
R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm.sys [2006-09-28 9472]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 ujexnjiw;AVZ-SG Kernel Driver;c:\windows\system32\Drivers\ujexnjiw.sys [2010-09-15 10240]
R3 utexnjiw;AVZ Kernel Driver;c:\windows\system32\Drivers\utexnjiw.sys [2010-09-15 7168]
R3 WatAdminSvc;Sluba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-12 1343400]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-02-13 691696]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2009-06-18 15416]
S1 aswSP;aswSP; [x]
S1 uzexnjiw;AVZ-RK Kernel Driver;c:\windows\system32\Drivers\uzexnjiw.sys [2010-09-15 11264]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 DroidExplorerService;DroidExplorer Service;c:\program files\Droid Explorer\DroidExplorer.Service.exe [2010-08-21 253952]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-08-27 1051968]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-05-08 165888]
S3 SiSGbeLH;SiS191/SiS190  ovlada NDIS 6.0 zazen st Ethernet;c:\windows\system32\DRIVERS\SiSGB6.sys [2009-07-13 48128]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-24 10064]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile	REG_MULTI_SZ   	wcescomm rapimgr
LocalServiceRestricted	REG_MULTI_SZ   	WcesComm RapiMgr

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-04-22 11:09	451872	----a-w-	c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adrese 'Naplnovan lohy'

2010-09-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-07 17:35]

2010-09-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-07 17:35]

2010-09-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2991250655-3979899331-599909808-1000Core.job
- c:\users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-05 21:07]

2010-09-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2991250655-3979899331-599909808-1000UA.job
- c:\users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-05 21:07]
.
.
------- Doplkov sken -------
.
uStart Page = hxxp://www.centrum.cz/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE: &Sthnout FlashGetem - c:\program files\FlashGet\jc_link.htm
IE: &Sthnout vechny FlashGetem - c:\program files\FlashGet\jc_all.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Pizpsobit Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: RF Nstrojov lita - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Send to &Bluetooth Device... - c:\program files\ANYCOM\Blue USB-200-250\btsendto_ie_ctx.htm
IE: Uloit formule - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Vyplnit formul - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: {{14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files\Get Styles\ct.htm
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
IE: {{0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\Windows Live\Companion\companioncore.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\uankx7h9.default\
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - component: c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\uankx7h9.default\extensions\{22119944-ED35-4ab1-910B-E619EA06A115}\components\rfproxy_31.dll
FF - component: c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\uankx7h9.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\WINNT_x86-msvc\components\WeaveCrypto.dll
FF - plugin: c:\progra~1\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Opera\program\plugins\nppl3260.dll
FF - plugin: c:\program files\Opera\program\plugins\nprjplug.dll
FF - plugin: c:\program files\Opera\program\plugins\nprpjplug.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\users\Martin\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\windows\system32\Wat\npWatWeb.dll

---- NASTAVEN FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); 
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATN POLOKY ODSTRANN Z REGISTRU - - - -

URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
Toolbar-Locked - (no file)
AddRemove-Mafia II Update 1_is1 - d:\2k games\Mafia II\Mafia II\unins000.exe



[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
.
--------------------- ZAMKNUT KLE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="10A2E7C9641E32C9F1A84762257C5352BE210E2912CFF73591DDD495E4F7D9C0AA90299AFABC0D6CE1797D4AEA7E6B456324EE7E7680B6E145B85EA8B43C197463D54B97A94B73DE110492E593DCF2E29BB06B62193987D81A403F96BFDC96F989274FDDB49B8F3E459D26FE6658C243BFDD5C63EA4D8F499A6CB05BB95E633C7EFDE86F3602FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808FEBC9E127BECC74C9DB7CE019D40AA5C9DB7CE019D40AA5C34805AFA9A463793A2AB3C5B535EDC54DCD83532C47C1F3987ACA6EEE18727C61E93A3BB866F0597EFD1D5D36106BBBE6C972875A3DE974041ADCCE507BF5B98C3B287F625A8B0D031E2D5AA9861F6A8B77156E2F31DD94955F5941B832DBA0E03E50CBAE3C5E55B329E9572E4CBA00097018FAA413CFB34C99761821F1B809A2ED9CADC6778A6D5B0EC060066811E35D505374548A26761954C2DD3D3B93A2E885F70F4065D44E7DD5627EBF22727BDB2DFC3E9FA1CD83A266E028AD09E4D434B6B3E5FCD6F66B86088111491C04795DF9B401AFE586326D9FD8164F7C06D54A3170A3CFB120B7551576C99FEBAE1B8055F4C94ACE9EC17052060E4E07EA660B39E3C6F840A7F4EC0B677E0AC632AA73C7B1C6212C8AE7DF01CE5555516586D8FE353A00FFE6A782FC10613BEEA296A96E2F54CF1D03750585DED3ED2AC3400416B5E3D7801C02B93B5FD1E0D6A3C0995ACB55F4041660C6B74EA6F0DCA42A643DE85F44E004F25D674D7B225DA93913014C9EFA63C742CCD94DEFCEADD5C6E898900BCD5D1B525D784A346469B3496D2F63793844B69351916633C0634316DF7DC1DC98530E8716710839167EDF5ACDA5813A3E8D724AED7F5244AAC04443966EE3C1C09372F524DE2AD12AD7808ED1C600ABE9AB2D4228AD1E0066365EB6E24F7D1F03FE9A493C2F06B0978466877DD595BC6938D831E26EEEF915ED2D2ACF0D3E94E3D2CB907F5CF9B7AD6456DEBDAB0D862800208B4113637D409AF7798818421FAC949327F08B832328DC8BE6FC1FB6BFA438A11FD29B0347A81BE2DD77F2FA68360ECA4D71089B23A95855B2D36708EBF7106A094BB9177F19BA89B97871BC139AFA87EEA97C538651B9691D2CEE8502353380C958FA9A4EEDC793C86AB374BAD9C73FD9A1D1272497E7B871196E3D35969C87D25DA7373E780225ED86F9330BC3F2438CB923722BD5515B51E0C06525DE1C2F1E84B89321774F6A3C6CC65717F60FA14E5DCA51FE0E62BE8B2241594EEA495BB8C7F2C3F7DDAAF040BAF84255602174D56586DD114AFE6410EC3FC7C8EC915013D0C3E8FDD8A694A647BEEF3E6577F740DD045B87A61D6357048CAFA029FF7BA2F79492A3E8EA4959803461C19469CEC000986"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jin sputen procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Essentials\MsMpEng.exe
c:\windows\system32\nvvsvc.exe
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\ASUS\ASUS CopyProtect\aspg.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\ASUS\Splendid\ACMON.exe
c:\windows\system32\crypserv.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\ASUS\ATK Hotkey\HControl.exe
c:\windows\System32\ACEngSvr.exe
c:\program files\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files\ASUS\ATK Hotkey\WDC.exe
c:\program files\Droid Explorer\SDK\tools\adb.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\BurnAware Free\NMSAccess32.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Skype\Phone\Skype.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\program files\Microsoft Security Essentials\MpCmdRun.exe
.
**************************************************************************
.
Celkov as: 2010-09-15  20:15:52 - pota byl restartovn
ComboFix-quarantined-files.txt  2010-09-15 18:15

Ped sputnm: Volnch bajt: 10889936896
Po sputn: Volnch bajt: 10457812992

- - End Of File - - 09600946A2F6A71D05CED661F75BB31A















Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databze: 4621

Windows 6.1.7600
Internet Explorer 9.0.7930.16406

15.9.2010 20:34:25
mbam-log-2010-09-15 (20-34-25).txt

Typ skenu: Rychl sken
Skenovan objekty: 141251
Uplynul as: 7 minuta(y), 16 sekunda(y)

Infikovan procesy v pamti: 0
Infikovan moduly v pamti: 0
Infikovan kle registru: 0
Infikovan hodnoty registru: 0
Infikovan datov poloky registru: 0
Infikovan sloky: 0
Infikovan soubory: 2

Infikovan procesy v pamti:
(dn kodliv poloky nebyly zjitny)

Infikovan moduly v pamti:
(dn kodliv poloky nebyly zjitny)

Infikovan kle registru:
(dn kodliv poloky nebyly zjitny)

Infikovan hodnoty registru:
(dn kodliv poloky nebyly zjitny)

Infikovan datov poloky registru:
(dn kodliv poloky nebyly zjitny)

Infikovan sloky:
(dn kodliv poloky nebyly zjitny)

Infikovan soubory:
C:\Users\Martin\Local Settings\Temp\_check32.bat (Malware.Trace) -> Delete on reboot.
C:\Users\Martin\Local Settings\Temp\QvodSetupPlu27.exe (Trojan.Downloader) -> Delete on reboot.
