ComboFix 11-07-31.04 - Markis 31.07.2011  22:54:49.3.2 - x86
Microsoft Windows 7 Professional   6.1.7600.0.1250.420.1029.18.3037.2153 [GMT 2:00]
Sputn z: c:\users\Markis\Desktop\ComboFix.exe
Pouit ovldac pepnae :: c:\users\Markis\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\drivers\hdzqyejd.sys"
"c:\windows\unrar.exe"
.
.
(((((((((((((((((((((((((((((((((((((((   Ostatn vmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe
c:\users\Default\AppData\Local\temp
c:\users\Markis\AppData\Local\temp
c:\users\Markis\AppData\Local\temp\catchme.dll
c:\users\Markis\AppData\Local\temp\FXSAPIDebugLogFile.txt
c:\users\Markis\AppData\Local\temp\plugtmp\plugin-105718633361740672694
c:\users\Markis\AppData\Local\temp\plugtmp\plugin-5589597740252941201
c:\windows\av_ico
c:\windows\av_ico\ico_avast_desktop.ico
c:\windows\av_ico\ico_avast_start.ico
c:\windows\system32\drivers\hdzqyejd.sys
c:\windows\ufa
c:\windows\ufa\ufa.exe
c:\windows\unrar.exe
c:\windows\update.tray-5-0-lnk
c:\windows\update.tray-5-0
c:\windows\update.tray-7-0-lnk
c:\windows\update.tray-7-0-lnk\xwteqnn
c:\windows\update.tray-7-0
.
.
(((((((((((((((((((((((((((((((((((((((   Ovladae/Sluby   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_hdzqyejd
.
.
(((((((((((((((((((((((((   Soubory vytvoen od 2011-06-28 do 2011-07-31  )))))))))))))))))))))))))))))))
.
.
2011-07-31 21:02 . 2011-07-31 21:03	--------	d-----w-	c:\users\Markis\AppData\Local\Temp
2011-07-30 19:18 . 2011-07-30 19:18	--------	d-----w-	c:\users\Markis\AppData\Roaming\Malwarebytes
2011-07-30 19:18 . 2011-07-06 17:52	41272	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-30 19:18 . 2011-07-30 19:18	--------	d-----w-	c:\programdata\Malwarebytes
2011-07-30 19:18 . 2011-07-06 17:52	22712	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-07-30 19:18 . 2011-07-30 19:18	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-07-30 12:22 . 2011-07-31 20:13	--------	d-----w-	C:\rsit
2011-07-30 12:22 . 2011-07-30 12:26	--------	d-----w-	c:\program files\trend micro
2011-07-30 08:37 . 2011-07-30 12:19	--------	d-----w-	c:\programdata\Comodo
2011-07-30 08:36 . 2011-07-30 12:19	--------	d-----w-	c:\programdata\Comodo Downloader
2011-07-30 07:34 . 2011-07-30 07:34	--------	d-----w-	c:\windows\system32\SPReview
2011-07-29 22:17 . 2011-03-25 03:06	258560	----a-w-	c:\windows\system32\drivers\usbhub.sys
2011-07-29 22:17 . 2011-03-25 03:06	284160	----a-w-	c:\windows\system32\drivers\usbport.sys
2011-07-29 22:17 . 2011-03-25 03:06	75776	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2011-07-29 22:17 . 2011-03-25 03:06	43008	----a-w-	c:\windows\system32\drivers\usbehci.sys
2011-07-29 22:17 . 2011-03-25 03:06	20480	----a-w-	c:\windows\system32\drivers\usbohci.sys
2011-07-29 22:17 . 2011-03-25 03:06	24064	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2011-07-29 22:17 . 2011-03-25 03:06	5888	----a-w-	c:\windows\system32\drivers\usbd.sys
2011-07-29 22:15 . 2011-07-13 03:39	6881616	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{F2BB8768-E8A5-4039-850C-718204AD3458}\mpengine.dll
2011-07-29 22:01 . 2011-07-29 22:01	--------	d-----w-	c:\programdata\Alwil Software
2011-07-29 21:54 . 2011-07-29 21:54	--------	d-----w-	c:\windows\CheckSur
2011-07-29 20:09 . 2011-07-31 20:34	--------	d-----w-	c:\program files\Spybot - Search & Destroy
2011-07-29 13:23 . 2011-07-29 13:23	--------	d-----w-	c:\users\Markis\AppData\Local\Apps
2011-07-18 12:37 . 2011-07-18 12:37	--------	d-----w-	c:\users\Markis\AppData\Roaming\SUPERAntiSpyware.com
2011-07-18 12:37 . 2011-07-18 12:37	--------	d-----w-	c:\programdata\SUPERAntiSpyware.com
2011-07-18 12:37 . 2011-07-29 21:14	--------	d-----w-	c:\program files\SUPERAntiSpyware
2011-07-18 10:49 . 2011-07-29 22:09	--------	d-----w-	c:\programdata\AVAST Software
2011-07-18 10:49 . 2011-07-18 10:49	--------	d-----w-	c:\program files\AVAST Software
2011-07-18 09:29 . 2011-07-31 20:41	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2011-07-18 08:49 . 2011-07-29 21:14	--------	d-----w-	c:\program files\CCleaner
2011-07-16 06:25 . 2011-07-21 07:04	--------	d-----w-	c:\users\Markis\AppData\Local\ElevatedDiagnostics
2011-07-15 19:26 . 2011-07-29 21:16	--------	d-----w-	c:\windows\system32\EventProviders
2011-07-15 19:26 . 2011-07-29 21:14	--------	d-----w-	C:\82530f33dc244afc2757a9
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M vpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-30 07:52 . 2009-07-14 02:05	152064	----a-w-	c:\windows\system32\msclmd.dll
2011-07-03 09:25 . 2010-10-18 18:16	45056	----a-w-	c:\windows\system32\acovcnt.exe
2011-05-24 17:14 . 2010-06-28 17:56	222080	------w-	c:\windows\system32\MpSigStub.exe
2011-05-24 10:35 . 2011-06-29 07:34	294912	----a-w-	c:\windows\system32\umpnpmgr.dll
2011-05-04 04:53 . 2011-06-29 07:34	1553920	----a-w-	c:\windows\system32\tquery.dll
2011-05-04 04:52 . 2011-06-29 07:34	1401856	----a-w-	c:\windows\system32\mssrch.dll
2011-05-04 04:52 . 2011-06-29 07:34	666624	----a-w-	c:\windows\system32\mssvp.dll
2011-05-04 04:52 . 2011-06-29 07:34	337408	----a-w-	c:\windows\system32\mssph.dll
2011-05-04 04:52 . 2011-06-29 07:34	197120	----a-w-	c:\windows\system32\mssphtb.dll
2011-05-04 04:52 . 2011-06-29 07:34	59392	----a-w-	c:\windows\system32\msscntrs.dll
2011-05-04 04:52 . 2011-06-29 07:34	428032	----a-w-	c:\windows\system32\SearchIndexer.exe
2011-05-04 04:52 . 2011-06-29 07:34	164352	----a-w-	c:\windows\system32\SearchProtocolHost.exe
2011-05-04 04:52 . 2011-06-29 07:34	86528	----a-w-	c:\windows\system32\SearchFilterHost.exe
2011-05-04 02:43 . 2011-06-17 13:06	222720	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2011-05-04 02:43 . 2011-06-17 13:06	96256	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2011-05-04 02:43 . 2011-06-17 13:06	123392	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-05-03 04:50 . 2011-06-17 13:07	740864	----a-w-	c:\windows\system32\inetcomm.dll
2009-04-08 08:31 . 2009-04-08 08:31	106496	----a-w-	c:\program files\Common Files\CPInstallAction.dll
2008-08-11 19:45 . 2008-08-11 19:45	155648	----a-w-	c:\program files\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((((((((   Spoutc body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznmka* przdn zznamy a legitimn vchoz daje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 15:08	143360	----a-w-	c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2011-01-05 133432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2009-08-12 233472]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-07-30 497024]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 1474560]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2009-08-19 170624]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-07-06 1047656]
.
c:\users\Markis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2010-6-28 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	scecli c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-08-12 25600]
R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-07-06 41272]
R3 WatAdminSvc;Sluba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-28 1343400]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2009-06-18 15416]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 FastBootAgent;FastBootAgent;c:\windows\system32\FBAgent.exe [2009-08-21 280704]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-07-29 87040]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-07-06 22712]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-07-09 1066496]
.
.
.
------- Doplkov sken -------
.
uStart Page = about:blank
TCP: DhcpNameServer = 10.137.96.1 192.168.15.2
FF - ProfilePath - c:\users\Markis\AppData\Roaming\Mozilla\Firefox\Profiles\v8p7g45p.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZNzfb010YYcz_ZNzfb014&ptb=97B20125-23D5-4E12-8BF4-DCB07DAD6DF1&psa=&ind=2011010205&ptnrS=ZNzfb010YYcz_ZNzfb014&si=&st=kwd&n=77dd949d&searchfor=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.
.
--------------------- Knihovny navzan na bc procesy ---------------------
.
- - - - - - - > 'lsass.exe'(524)
c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.DLL
.
- - - - - - - > 'Explorer.exe'(3636)
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
------------------------ Jin sputen procesy ------------------------
.
c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\windows\system32\taskhost.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\ASUS\SmartLogon\sensorsrv.exe
c:\program files\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files\ASUS\ASUS CopyProtect\aspg.exe
c:\windows\system32\conhost.exe
c:\program files\ASUS\ATK Hotkey\HControl.exe
c:\program files\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files\ASUS\ATK Hotkey\WDC.exe
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\ASUS\Splendid\ACMON.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files\ASUS\ASUS Live Update\ALU.exe
c:\program files\ASUS\Wireless Console 3\wcourier.exe
c:\windows\System32\ACEngSvr.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkov as: 2011-07-31  23:08:13 - pota byl restartovn
ComboFix-quarantined-files.txt  2011-07-31 21:08
ComboFix2.txt  2011-07-31 10:45
.
Ped sputnm: Volnch bajt: 439443165184
Po sputn: Volnch bajt: 439041978368
.
- - End Of File - - D0C7E24F4D1244F80A1043BBBA0D7739
