ComboFix 11-09-03.01 - Jana 04.09.2011  18:09:22.1.2 - x86
Sputn z: d:\staeno\Programy\Ufa\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Ostatn vmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\btc_client_iplist.txt
c:\windows\front_ip_list.txt
c:\windows\geoiplist
c:\windows\geoiplist.rar
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\loader2.exe_ok
c:\windows\phoenix
c:\windows\phoenix.rar
c:\windows\phoenix\kernels\phatk\__init__.py
c:\windows\phoenix\kernels\phatk\__init__.pyc
c:\windows\phoenix\kernels\phatk\BFIPatcher.py
c:\windows\phoenix\kernels\phatk\kernel.cl
c:\windows\phoenix\kernels\poclbm\__init__.py
c:\windows\phoenix\kernels\poclbm\__init__.pyc
c:\windows\phoenix\kernels\poclbm\BFIPatcher.py
c:\windows\phoenix\kernels\poclbm\kernel.cl
c:\windows\phoenix\phoenix.exe
c:\windows\proc_list1.log
c:\windows\rpcminer.rar
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\update.1
c:\windows\update.2
c:\windows\update.5.0
c:\windows\update.7.1
c:\windows\winlog-dirs.txt
c:\windows\winlog-ids.txt
c:\windows\winsetupapi.log
.
.
(((((((((((((((((((((((((   Soubory vytvoen od 2011-08-04 do 2011-09-04  )))))))))))))))))))))))))))))))
.
.
2011-09-04 15:02 . 2011-09-04 15:02	--------	d-----w-	c:\users\Jana\AppData\Roaming\Malwarebytes
2011-09-04 15:01 . 2011-07-06 17:52	41272	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-04 15:01 . 2011-09-04 15:01	--------	d-----w-	c:\programdata\Malwarebytes
2011-09-04 15:01 . 2011-09-04 15:02	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-09-04 15:01 . 2011-07-06 17:52	22712	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-09-04 08:39 . 2011-09-04 15:59	--------	d--h--w-	c:\windows\update.tray-10-0
2011-09-04 08:39 . 2011-09-04 15:59	--------	d--h--w-	c:\windows\update.tray-10-0-lnk
2011-09-04 08:36 . 2011-09-04 08:36	--------	dc----w-	c:\windows\system32\DRVSTORE
2011-09-04 08:36 . 2010-08-21 04:59	26600	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2011-09-04 08:36 . 2011-09-04 08:36	126512	----a-w-	c:\windows\system32\drivers\SYMEVENT.SYS
2011-09-04 08:36 . 2011-09-04 08:36	--------	d-----w-	c:\program files\Symantec
2011-09-04 08:36 . 2011-09-04 08:36	--------	d-----w-	c:\program files\Common Files\Symantec Shared
2011-09-04 08:35 . 2010-08-21 04:59	106928	----a-w-	c:\windows\system32\GEARAspi.dll
2011-09-04 08:35 . 2011-09-04 08:35	--------	d-----w-	c:\windows\system32\drivers\N360
2011-09-04 08:35 . 2011-09-04 08:39	--------	d-----w-	c:\program files\Norton 360
2011-09-04 07:12 . 2009-02-05 20:06	51376	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2011-09-04 07:12 . 2009-02-05 20:06	23152	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2011-09-04 07:12 . 2009-02-05 20:07	114768	----a-w-	c:\windows\system32\drivers\aswSP.sys
2011-09-04 07:12 . 2009-02-05 20:07	20560	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2011-09-04 07:12 . 2009-02-05 20:04	97480	----a-w-	c:\windows\system32\AvastSS.scr
2011-09-04 07:12 . 2009-02-05 20:11	1256296	----a-w-	c:\windows\system32\aswBoot.exe
2011-09-04 07:12 . 2009-02-05 20:06	51792	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2011-09-04 07:12 . 2004-01-09 08:13	380928	----a-w-	c:\windows\system32\actskin4.ocx
2011-09-03 16:47 . 2011-09-03 16:47	--------	d-----w-	c:\users\Jana\AppData\Roaming\Ladia Group
2011-09-03 14:54 . 2011-09-03 14:54	--------	d-----w-	c:\program files\VS Revo Group
2011-08-31 16:12 . 2003-07-28 12:01	1570463	----a-w-	c:\program files\Microsoft Games\Zoo Tycoon\zoo.exe
2011-08-29 18:43 . 2011-08-29 18:43	--------	d-----w-	c:\program files\EA GAMES
2011-08-29 18:41 . 2004-10-22 00:18	749568	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2011-08-29 18:41 . 2004-10-22 00:17	69715	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2011-08-29 18:41 . 2004-10-22 00:17	274432	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2011-08-29 18:41 . 2004-10-22 00:16	180224	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2011-08-29 18:41 . 2004-10-22 00:16	5632	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2011-08-29 18:41 . 2011-08-29 18:41	192644	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2011-08-29 18:41 . 2011-08-29 18:41	323716	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2011-08-29 16:09 . 2005-04-03 20:59	5632	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2011-08-29 13:14 . 2011-09-04 16:05	--------	d-----w-	c:\users\Jana\AppData\Roaming\Skype
2011-08-29 13:14 . 2011-08-29 13:14	--------	d-----r-	c:\program files\Skype
2011-08-29 13:14 . 2011-08-29 13:14	--------	d-----w-	c:\programdata\Skype
2011-08-25 15:56 . 2011-08-25 15:56	--------	d--h--w-	c:\windows\update.8.1
2011-08-25 08:55 . 2011-07-11 13:25	2048	----a-w-	c:\windows\system32\tzres.dll
2011-08-25 07:24 . 2011-08-25 07:24	--------	d-----w-	c:\program files\Microsoft WSE
2011-08-25 07:23 . 2006-09-28 14:05	2414360	----a-w-	c:\windows\system32\d3dx9_31.dll
2011-08-25 07:12 . 2011-08-25 07:12	--------	d-----w-	c:\program files\Electronic Arts
2011-08-18 18:16 . 2011-08-18 18:16	--------	d-----w-	c:\program files\SweetIM
2011-08-18 18:16 . 2011-08-18 18:16	--------	d-----w-	c:\programdata\SweetIM
2011-08-18 16:33 . 2011-08-18 16:41	246272	----a-w-	c:\windows\unrar.exe
2011-08-18 16:32 . 2011-09-04 08:42	--------	d-----w-	c:\windows\av_ico
2011-08-18 16:30 . 2011-09-04 15:59	--------	d--h--w-	c:\windows\update.tray-7-0
2011-08-18 16:30 . 2011-09-04 15:59	--------	d--h--w-	c:\windows\update.tray-15-0
2011-08-18 16:30 . 2011-09-04 15:59	--------	d--h--w-	c:\windows\update.tray-15-0-lnk
2011-08-18 16:30 . 2011-09-04 15:04	--------	d--h--w-	c:\windows\update.tray-7-0-lnk
2011-08-17 16:31 . 2011-08-12 02:44	7152464	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{5CE9E414-A6C9-4ED6-B15D-5CADA3889D5D}\mpengine.dll
2011-08-10 08:02 . 2011-06-17 16:03	375808	----a-w-	c:\windows\system32\winsrv.dll
2011-08-10 08:02 . 2011-07-06 15:31	214016	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2011-08-10 08:02 . 2011-06-06 10:59	2409784	----a-w-	c:\program files\Windows Mail\OESpamFilter.dat
2011-08-10 08:02 . 2011-06-20 08:54	3602832	----a-w-	c:\windows\system32\ntkrnlpa.exe
2011-08-10 08:02 . 2011-06-20 08:54	3550096	----a-w-	c:\windows\system32\ntoskrnl.exe
2011-08-10 08:02 . 2011-06-17 20:13	905104	----a-w-	c:\windows\system32\drivers\tcpip.sys
2011-08-08 15:25 . 2011-08-08 15:25	--------	d-----w-	c:\program files\Microsoft Silverlight
2011-08-08 15:22 . 2011-08-08 15:22	--------	d-----w-	c:\windows\system32\x64
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M vpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-22 21:55 . 2011-06-22 21:18	404640	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-07 21:05 . 2011-06-07 21:05	86528	----a-w-	c:\windows\system32\iesysprep.dll
2011-06-07 21:05 . 2011-06-07 21:05	76800	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2011-06-07 21:05 . 2011-06-07 21:05	74752	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2011-06-07 21:05 . 2011-06-07 21:05	48640	----a-w-	c:\windows\system32\mshtmler.dll
2011-06-07 21:05 . 2011-06-07 21:05	161792	----a-w-	c:\windows\system32\msls31.dll
2011-06-07 21:05 . 2011-06-07 21:05	74752	----a-w-	c:\windows\system32\iesetup.dll
2011-06-07 21:05 . 2011-06-07 21:05	63488	----a-w-	c:\windows\system32\tdc.ocx
2011-06-07 21:05 . 2011-06-07 21:05	367104	----a-w-	c:\windows\system32\html.iec
2011-06-07 21:05 . 2011-06-07 21:05	23552	----a-w-	c:\windows\system32\licmgr10.dll
2011-06-07 21:05 . 2011-06-07 21:05	1427456	----a-w-	c:\windows\system32\inetcpl.cpl
2011-06-07 21:05 . 2011-06-07 21:05	420864	----a-w-	c:\windows\system32\vbscript.dll
2011-06-07 21:05 . 2011-06-07 21:05	152064	----a-w-	c:\windows\system32\wextract.exe
2011-06-07 21:05 . 2011-06-07 21:05	150528	----a-w-	c:\windows\system32\iexpress.exe
2011-06-07 21:05 . 2011-06-07 21:05	142848	----a-w-	c:\windows\system32\ieUnatt.exe
2011-06-07 21:05 . 2011-06-07 21:05	11776	----a-w-	c:\windows\system32\mshta.exe
2011-06-07 21:05 . 2011-06-07 21:05	101888	----a-w-	c:\windows\system32\admparse.dll
2011-06-07 21:05 . 2011-06-07 21:05	35840	----a-w-	c:\windows\system32\imgutil.dll
2011-06-07 21:05 . 2011-06-07 21:05	110592	----a-w-	c:\windows\system32\IEAdvpack.dll
2011-06-07 21:04 . 2011-06-07 21:04	98816	----a-w-	c:\windows\system32\mfps.dll
2011-06-07 21:04 . 2011-06-07 21:04	979456	----a-w-	c:\windows\system32\MFH264Dec.dll
2011-06-07 21:04 . 2011-06-07 21:04	357376	----a-w-	c:\windows\system32\MFHEAACdec.dll
2011-06-07 21:04 . 2011-06-07 21:04	302592	----a-w-	c:\windows\system32\mfmp4src.dll
2011-06-07 21:04 . 2011-06-07 21:04	2873344	----a-w-	c:\windows\system32\mf.dll
2011-06-07 21:04 . 2011-06-07 21:04	261632	----a-w-	c:\windows\system32\mfreadwrite.dll
2011-06-07 21:04 . 2011-06-07 21:04	209920	----a-w-	c:\windows\system32\mfplat.dll
2011-06-07 21:04 . 2011-06-07 21:04	586240	----a-w-	c:\windows\system32\stobject.dll
2011-06-07 21:04 . 2011-06-07 21:04	683008	----a-w-	c:\windows\system32\d2d1.dll
2011-06-07 21:04 . 2011-06-07 21:04	486400	----a-w-	c:\windows\system32\d3d10level9.dll
2011-06-07 21:04 . 2011-06-07 21:04	135680	----a-w-	c:\windows\system32\XpsRasterService.dll
2011-06-07 21:04 . 2011-06-07 21:04	667648	----a-w-	c:\windows\system32\printfilterpipelinesvc.exe
2011-06-07 21:04 . 2011-06-07 21:04	638336	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2011-06-07 21:04 . 2011-06-07 21:04	478720	----a-w-	c:\windows\system32\dxgi.dll
2011-06-07 21:04 . 2011-06-07 21:04	37376	----a-w-	c:\windows\system32\cdd.dll
2011-06-07 21:04 . 2011-06-07 21:04	26112	----a-w-	c:\windows\system32\printfilterpipelineprxy.dll
2011-06-07 21:04 . 2011-06-07 21:04	258048	----a-w-	c:\windows\system32\winspool.drv
2011-06-07 21:04 . 2011-06-07 21:04	219648	----a-w-	c:\windows\system32\d3d10_1core.dll
2011-06-07 21:04 . 2011-06-07 21:04	189952	----a-w-	c:\windows\system32\d3d10core.dll
2011-06-07 21:04 . 2011-06-07 21:04	160768	----a-w-	c:\windows\system32\d3d10_1.dll
2011-06-07 21:04 . 2011-06-07 21:04	1172480	----a-w-	c:\windows\system32\d3d10warp.dll
2011-06-07 21:04 . 2011-06-07 21:04	1029120	----a-w-	c:\windows\system32\d3d10.dll
2011-06-07 21:04 . 2011-06-07 21:04	847360	----a-w-	c:\windows\system32\OpcServices.dll
2011-06-07 21:04 . 2011-06-07 21:04	1554432	----a-w-	c:\windows\system32\xpsservices.dll
2011-06-07 21:01 . 2011-06-07 21:01	4096	----a-w-	c:\windows\system32\drivers\cs-CZ\dxgkrnl.sys.mui
2011-06-07 21:01 . 2011-06-07 21:01	519680	----a-w-	c:\windows\system32\d3d11.dll
2011-06-07 21:01 . 2011-06-07 21:01	369664	----a-w-	c:\windows\system32\WMPhoto.dll
2011-06-07 21:01 . 2011-06-07 21:01	252928	----a-w-	c:\windows\system32\dxdiag.exe
2011-06-07 21:01 . 2011-06-07 21:01	195584	----a-w-	c:\windows\system32\dxdiagn.dll
2011-06-07 21:01 . 2011-06-07 21:01	974848	----a-w-	c:\windows\system32\WindowsCodecs.dll
2011-06-07 21:01 . 2011-06-07 21:01	321024	----a-w-	c:\windows\system32\PhotoMetadataHandler.dll
2011-06-07 21:01 . 2011-06-07 21:01	189440	----a-w-	c:\windows\system32\WindowsCodecsExt.dll
.
.
((((((((((((((((((((((((((((((((((   Spoutc body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznmka* przdn zznamy a legitimn vchoz daje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2010-10-18 15:28	1485112	----a-r-	c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-10-18 1485112]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-05-14 15:05	121392	----a-w-	c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-08-18 17360520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1049896]
"RtHDVCpl"="RtHDVCpl.exe" [2008-06-13 6183456]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-09-10 809480]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-05-14 526896]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-06-11 409600]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-09-23 6144]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2010-10-13 111928]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2007-03-08 11:38	40048	----a-w-	c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
2008-04-06 20:42	34040	----a-w-	c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-03-21 18:56	1230704	----a-w-	c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2011-06-05 18:49	30192	----a-w-	c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20101123.003\BHDrvx86.sys [x]
R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20101201.001\IDSVix86.sys [x]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0500000.07D\Ironx86.SYS [2010-11-16 136312]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 N360;Norton 360;c:\program files\Norton 360\Engine\5.0.0.125\ccSvcHst.exe [x]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2011-06-05 30192]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-07-06 41272]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0500000.07D\SYMDS.SYS [2010-10-21 340016]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0500000.07D\SYMEFA.SYS [2010-11-18 652336]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\N360\0500000.07D\SYMTDIV.SYS [2010-12-01 330360]
S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-07-06 22712]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs	REG_MULTI_SZ   	BthServ
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
.
------- Doplkov sken -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0611&m=aspire_5735
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATN POLOKY ODSTRANN Z REGISTRU - - - -
.
HKCU-Run-ICQ - ~c:\program files\ICQ7.5\ICQ.exe
HKLM-Run-eRecoveryService - (no file)
MSConfigStartUp-10211613-loader2 - c:\windows\Temp\10211613-loader2.exe
MSConfigStartUp-1085201 - c:\users\Jana\AppData\Local\Temp\1085201.exe
MSConfigStartUp-2749230 - c:\windows\TEMP\2749230.exe
MSConfigStartUp-3644735 - c:\windows\Temp\3644735.exe
MSConfigStartUp-8102519 - c:\users\Jana\AppData\Local\Temp\8102519.exe
MSConfigStartUp-9464750 - c:\windows\Temp\9464750.exe
MSConfigStartUp-sysdriver32 - c:\windows\sysdriver32.exe
MSConfigStartUp-sysdriver32_ - c:\windows\sysdriver32_.exe
AddRemove-N360 - c:\program files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\A5E82D02\5.0.0.125\InstStub.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-04 18:17
Windows 6.0.6002 Service Pack 2 NTFS
.
skenovn skrytch proces ...  
.
skenovn skrytch poloek 'Po sputn' ... 
.
skenovn skrytch soubor ...  
.
sken byl spen dokonen
skryt soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\5.0.0.125\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\5.0.0.125\diMaster.dll\" /prefetch:1"
.
--------------------- ZAMKNUT KLE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}"=hex:51,66,7a,6c,4c,1d,38,12,12,38,ad,
   58,75,50,10,02,d8,cb,7a,2d,b5,19,2a,3d
"{855F3B16-6D32-4FE6-8A56-BBB695989046}"=hex:51,66,7a,6c,4c,1d,38,12,78,38,4c,
   81,00,23,88,0a,f5,40,f8,f6,90,c6,d4,52
"{EEE6C35B-6118-11DC-9C72-001320C79847}"=hex:51,66,7a,6c,4c,1d,38,12,35,c0,f5,
   ea,2a,2f,b2,54,e3,64,43,53,25,99,dc,53
"{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}"=hex:51,66,7a,6c,4c,1d,38,12,f1,9d,97,
   02,e5,86,37,08,c7,6b,3b,0b,78,35,a4,a7
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
   36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{593DDEC6-7468-4CDD-90E1-42DADAA222E9}"=hex:51,66,7a,6c,4c,1d,38,12,a8,dd,2e,
   5d,5a,3a,b3,09,ef,f7,01,9a,df,fc,66,fd
"{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}"=hex:51,66,7a,6c,4c,1d,38,12,df,fa,b1,
   87,90,4f,cb,0f,f8,c7,06,f6,bd,0e,1a,82
"{EEE6C35C-6118-11DC-9C72-001320C79847}"=hex:51,66,7a,6c,4c,1d,38,12,32,c0,f5,
   ea,2a,2f,b2,54,e3,64,43,53,25,99,dc,53
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
   fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
   b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:c0,36,4e,e2,18,60,cc,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkov as: 2011-09-04  18:20:13
ComboFix-quarantined-files.txt  2011-09-04 16:20
.
Ped sputnm: Volnch bajt: 93027229696
Po sputn: Volnch bajt: 93072871424
.
- - End Of File - - 8C9F815882DAD29DA0B1C7375E6E804E
