ComboFix 11-08-12.01 - Hilltor 13.08.2011   0:33.2.2 - x86
Microsoft Windows 7 Home Premium   6.1.7600.0.1250.420.1029.18.3037.2003 [GMT 2:00]
Sputn z: c:\users\Hilltor\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Vytvoen nov Bod Obnoven
.
.
(((((((((((((((((((((((((   Soubory vytvoen od 2011-07-12 do 2011-08-12  )))))))))))))))))))))))))))))))
.
.
2011-08-12 22:41 . 2011-08-12 22:41	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-08-12 22:14 . 2011-08-12 22:24	--------	d-----w-	C:\UsbFix
2011-08-12 21:31 . 2011-08-12 21:31	--------	d-----w-	c:\users\Hilltor\AppData\Roaming\Malwarebytes
2011-08-12 21:31 . 2011-07-06 17:52	41272	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-12 21:31 . 2011-08-12 21:31	--------	d-----w-	c:\programdata\Malwarebytes
2011-08-12 21:31 . 2011-08-12 21:36	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-08-12 21:31 . 2011-07-06 17:52	22712	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-08-12 20:23 . 2011-08-12 20:23	--------	d-----w-	c:\windows\system32\EventProviders
2011-08-12 20:23 . 2011-08-12 20:26	--------	d-----w-	C:\22255e402c6d822ce98076
2011-08-12 19:23 . 2011-08-12 19:23	--------	d-----w-	c:\users\Hilltor\AppData\Local\MPlayer
2011-08-12 19:21 . 2011-08-12 19:21	--------	d-----w-	c:\programdata\OEM Links
2011-08-12 19:21 . 2011-08-12 19:21	--------	d-----w-	C:\MININT
2011-08-12 19:21 . 2011-08-12 19:33	--------	d-----w-	c:\users\Hilltor\.umplayer
2011-08-12 19:21 . 2011-08-12 19:22	--------	d-----w-	c:\program files\UMPlayer
2011-08-12 19:06 . 2011-07-20 07:44	6881616	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{4C3CDD06-C9D9-4831-9AF0-99591ABFB99D}\mpengine.dll
2011-08-12 17:50 . 2011-07-08 07:29	142296	----a-w-	c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-08-12 17:50 . 2011-07-08 07:29	781272	----a-w-	c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-08-12 17:50 . 2011-07-08 07:29	1850328	----a-w-	c:\program files\Mozilla Firefox\mozjs.dll
2011-08-12 17:50 . 2011-07-08 07:29	89048	----a-w-	c:\program files\Mozilla Firefox\libEGL.dll
2011-08-12 17:50 . 2011-07-08 07:29	465880	----a-w-	c:\program files\Mozilla Firefox\libGLESv2.dll
2011-08-12 17:50 . 2011-07-08 07:29	15832	----a-w-	c:\program files\Mozilla Firefox\mozalloc.dll
2011-08-12 17:50 . 2010-01-01 08:00	2106216	----a-w-	c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-08-12 17:50 . 2010-01-01 08:00	1998168	----a-w-	c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-08-12 12:32 . 2011-08-12 12:36	--------	d-----w-	c:\program files\Emsisoft Anti-Malware
2011-08-11 17:11 . 2011-03-11 05:44	143744	----a-w-	c:\windows\system32\drivers\nvstor.sys
2011-08-11 17:11 . 2011-03-11 05:44	1210240	----a-w-	c:\windows\system32\drivers\ntfs.sys
2011-08-11 17:11 . 2011-03-11 05:44	117120	----a-w-	c:\windows\system32\drivers\nvraid.sys
2011-08-11 17:11 . 2011-03-11 05:43	80256	----a-w-	c:\windows\system32\drivers\amdsata.sys
2011-08-11 17:11 . 2011-03-11 05:39	1686016	----a-w-	c:\windows\system32\esent.dll
2011-08-11 17:11 . 2011-03-11 05:44	146304	----a-w-	c:\windows\system32\drivers\storport.sys
2011-08-11 17:11 . 2011-03-11 05:43	332160	----a-w-	c:\windows\system32\drivers\iaStorV.sys
2011-08-11 17:11 . 2011-03-11 05:43	22400	----a-w-	c:\windows\system32\drivers\amdxata.sys
2011-08-11 17:11 . 2011-03-11 05:37	74240	----a-w-	c:\windows\system32\fsutil.exe
2011-08-11 17:07 . 2011-02-19 05:33	802304	----a-w-	c:\windows\system32\FntCache.dll
2011-08-11 17:07 . 2011-02-19 05:32	1074176	----a-w-	c:\windows\system32\DWrite.dll
2011-08-11 17:07 . 2011-02-19 05:32	739840	----a-w-	c:\windows\system32\d2d1.dll
2011-08-11 16:31 . 2011-03-25 03:06	284160	----a-w-	c:\windows\system32\drivers\usbport.sys
2011-08-11 16:31 . 2011-03-25 03:06	43008	----a-w-	c:\windows\system32\drivers\usbehci.sys
2011-08-11 16:31 . 2011-03-25 03:06	258560	----a-w-	c:\windows\system32\drivers\usbhub.sys
2011-08-11 16:31 . 2011-03-25 03:06	75776	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2011-08-11 16:31 . 2011-03-25 03:06	20480	----a-w-	c:\windows\system32\drivers\usbohci.sys
2011-08-11 16:31 . 2011-03-25 03:06	24064	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2011-08-11 16:31 . 2011-03-25 03:06	5888	----a-w-	c:\windows\system32\drivers\usbd.sys
2011-08-11 16:29 . 2011-04-29 02:57	311296	----a-w-	c:\windows\system32\drivers\srv.sys
2011-08-11 16:29 . 2011-04-29 02:57	309760	----a-w-	c:\windows\system32\drivers\srv2.sys
2011-08-11 16:29 . 2011-04-29 02:57	114176	----a-w-	c:\windows\system32\drivers\srvnet.sys
2011-08-11 16:28 . 2010-12-18 05:31	571904	----a-w-	c:\windows\system32\oleaut32.dll
2011-08-11 16:28 . 2011-07-09 02:26	222720	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2011-08-11 16:28 . 2011-05-04 02:43	96256	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2011-08-11 16:28 . 2011-05-04 02:43	123392	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-08-11 15:31 . 2011-08-11 15:31	--------	d-----w-	c:\program files\Common Files\Atheros
2011-08-11 15:13 . 2011-06-23 04:38	3957120	----a-w-	c:\windows\system32\ntkrnlpa.exe
2011-08-11 15:11 . 2011-06-11 02:37	2332672	----a-w-	c:\windows\system32\win32k.sys
2011-08-11 15:11 . 2011-06-15 09:04	86016	----a-w-	c:\windows\system32\odbccu32.dll
2011-08-11 15:11 . 2011-06-15 09:04	81920	----a-w-	c:\windows\system32\odbccr32.dll
2011-08-11 15:11 . 2011-06-15 09:04	319488	----a-w-	c:\windows\system32\odbcjt32.dll
2011-08-11 15:11 . 2011-06-15 09:04	122880	----a-w-	c:\windows\system32\odbccp32.dll
2011-08-11 15:11 . 2011-06-15 09:04	94208	----a-w-	c:\program files\Common Files\System\Ole DB\msdaosp.dll
2011-08-11 15:11 . 2011-06-15 09:04	163840	----a-w-	c:\windows\system32\odbctrac.dll
2011-08-11 15:11 . 2011-01-17 05:38	161792	----a-w-	c:\windows\system32\d3d10_1.dll
2011-08-11 15:09 . 2011-02-23 05:05	69632	----a-w-	c:\windows\system32\drivers\bowser.sys
2011-08-11 15:09 . 2010-10-19 08:10	7680	----a-w-	c:\program files\Internet Explorer\iecompat.dll
2011-08-11 15:09 . 2011-04-09 05:56	123904	----a-w-	c:\windows\system32\poqexec.exe
2011-08-11 15:09 . 2011-04-22 19:36	26496	----a-w-	c:\windows\system32\drivers\Diskdump.sys
2011-08-11 15:07 . 2011-02-18 05:33	31232	----a-w-	c:\windows\system32\prevhost.exe
2011-08-11 14:58 . 2010-09-14 06:07	276992	----a-w-	c:\windows\system32\wcncsvc.dll
2011-08-11 14:05 . 2010-11-02 04:46	728448	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2011-08-11 14:05 . 2011-02-03 05:45	219008	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2011-08-11 14:05 . 2010-11-02 04:23	107520	----a-w-	c:\windows\system32\cdd.dll
2011-08-11 11:53 . 2011-08-12 22:41	--------	d-----w-	c:\users\Hilltor\AppData\Local\temp
2011-08-11 10:17 . 2011-08-11 10:17	--------	d-----w-	c:\program files\MSXML 4.0
2011-07-29 19:52 . 2011-07-29 19:52	--------	d-----w-	c:\users\Hilltor\AppData\Local\CrashDumps
2011-07-29 19:05 . 2011-07-29 19:05	--------	d-----w-	c:\programdata\Atheros
2011-07-29 18:47 . 2011-07-29 18:47	--------	d-----w-	c:\programdata\NokiaInstallerCache
2011-07-29 18:42 . 2011-07-29 18:42	--------	d-----w-	c:\users\Hilltor\AppData\Local\BMExplorer
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M vpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-11 10:19 . 2011-05-17 14:22	404640	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-27 05:12 . 2011-05-27 05:12	2189312	----a-w-	c:\windows\system32\drivers\athr.sys
2011-05-24 17:14 . 2010-09-22 15:19	222080	------w-	c:\windows\system32\MpSigStub.exe
2011-07-08 07:29 . 2011-08-12 17:50	142296	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((   Spoutc body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznmka* przdn zznamy a legitimn vchoz daje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-12-28 3318784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-12-15 8120864]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-02-26 1713448]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"UpdatePDRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]
"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-15 91432]
"PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-15 50472]
"UpdatePPShortCut"="c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-07-21 210216]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-02-10 13834856]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-12-28 2216960]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 ArcGIS License Manager;ArcGIS License Manager;c:\program files\ESRI\License\arcgis9x\lmgrd.exe [2008-08-02 1431440]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Sluba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-09-22 136176]
R3 a2acc;a2acc;c:\program files\EMSISOFT ANTI-MALWARE\a2accx86.sys [2011-02-20 73728]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [2010-11-25 43680]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
R3 Installer Service;Installer Service;c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{07D77970-B205-460C-84E4-263F30455597}\Installer\InstallerService.exe [2011-07-29 119296]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
R3 WatAdminSvc;Sluba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-22 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-25 691696]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2009-05-28 10752]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-12-28 142592]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 a2AntiMalware;Emsisoft Anti-Malware 5.1 - Service;c:\program files\Emsisoft Anti-Malware\a2service.exe [2011-06-30 3029208]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-06-27 66080]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]
.
.
Obsah adrese 'Naplnovan lohy'
.
2011-08-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-22 15:35]
.
2011-08-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-22 15:35]
.
.
------- Doplkov sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 192.168.1.1 192.168.50.1
FF - ProfilePath - c:\users\Hilltor\AppData\Roaming\Mozilla\Firefox\Profiles\0b5rf91i.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
.
- - - - NEPLATN POLOKY ODSTRANN Z REGISTRU - - - -
.
HKLM-RunOnce-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUT KLE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkov as: 2011-08-13  00:43:16
ComboFix-quarantined-files.txt  2011-08-12 22:43
.
Ped sputnm: Volnch bajt: 133370171392
Po sputn: Volnch bajt: 133320065024
.
- - End Of File - - 9B830B56B6FC0489778966D81D453118
