ComboFix 10-05-25.05 - XP 26.05.2010  15:59:23.4.2 - x86
Systm Microsoft Windows XP Professional  5.1.2600.2.1250.420.1029.18.1535.1047 [GMT 2:00]
Sputn z: c:\documents and settings\XP\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *On-access scanning disabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.

(((((((((((((((((((((((((   Soubory vytvoen od 2010-04-26 do 2010-05-26  )))))))))))))))))))))))))))))))
.

2010-05-26 11:52 . 2010-05-26 11:52	--------	d-----w-	c:\program files\Microsoft Security Essentials
2010-05-26 11:26 . 2010-05-07 16:01	30024	----a-w-	c:\windows\system32\uxtuneup.dll
2010-05-26 11:24 . 2010-05-07 16:06	30536	----a-w-	c:\windows\system32\TURegOpt.exe
2010-05-26 11:23 . 2010-05-26 11:26	--------	d-----w-	c:\program files\TuneUp Utilities 2010
2010-05-18 20:12 . 2009-03-09 13:27	453456	----a-w-	c:\windows\system32\d3dx10_41.dll
2010-05-18 20:12 . 2009-03-09 13:27	1846632	----a-w-	c:\windows\system32\D3DCompiler_41.dll
2010-05-18 18:48 . 2010-05-18 18:48	--------	d-----w-	c:\windows\system32\wbem\Repository
2010-05-17 20:46 . 2010-05-25 21:03	--------	d-----w-	c:\program files\TrackMania Nations ESWC
2010-05-17 20:19 . 2010-05-17 20:19	--------	d-----w-	c:\program files\SimBin
2010-05-17 20:18 . 2010-05-17 20:18	--------	d-----w-	c:\windows\Logs
2010-04-26 15:25 . 2010-05-24 19:21	--------	d-----w-	c:\program files\Filipova dobrodrustv - Na stop rodinnm pokladm

.
((((((((((((((((((((((((((((((((((((((((   Find3M vpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-21 12:14 . 2009-10-04 19:29	221568	------w-	c:\windows\system32\MpSigStub.exe
2010-05-20 12:41 . 2008-10-07 15:37	--------	d-----w-	c:\program files\Tajemn psmena
2010-05-04 18:50 . 2008-06-17 07:27	--------	d-----w-	c:\program files\Neposeda
2010-05-03 15:24 . 2007-06-14 15:39	32768	----a-w-	c:\windows\NCUNINST.EXE
2010-04-26 16:07 . 2010-02-11 20:34	--------	d-----w-	c:\program files\Utajen svt umn
2010-04-13 07:55 . 2010-04-13 07:55	--------	d-----w-	c:\program files\Cesta za dobrodrustvm - Zlat sen
2010-03-29 16:42 . 2001-10-25 12:00	79040	----a-w-	c:\windows\system32\perfc005.dat
2010-03-29 16:42 . 2001-10-25 12:00	431998	----a-w-	c:\windows\system32\perfh005.dat
2010-03-10 06:17 . 2004-08-17 14:49	420352	----a-w-	c:\windows\system32\vbscript.dll
.

((((((((((((((((((((((((((((((((((   Spoutc body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznmka* przdn zznamy a legitimn vchoz daje nejsou zobrazeny. 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-04-03 165784]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-10 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-21 61440]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-02-21 1093208]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]

c:\documents and settings\All Users\Nabdka Start\Programy\Po sputn\
Media Key.lnk - c:\program files\Media Key\MagicKey.exe [2007-4-13 159744]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"wcmdmgr"=c:\windows\wt\updater\wcmdmgrl.exe -launch
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Hrajte naplno 2005\\Racer\\racer.exe"=
"c:\\Program Files\\Microsoft Games\\Midtown Madness 2\\midtown2.exe"=
"c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=

R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [13.4.2007 12:52 12856]
R1 UsbFltr;WayTechUSBFilterDriver;c:\windows\system32\drivers\UsbFltr.sys [13.4.2007 12:52 8576]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [7.5.2010 18:04 1051976]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17.7.2007 18:48 682232]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Obsah adrese 'Naplnovan lohy'

2010-05-26 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2009-12-09 16:02]

2010-05-26 c:\windows\Tasks\MpIdleTask.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2009-12-09 16:02]
.
.
------- Doplkov sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-26 16:05
Windows 5.1.2600 Service Pack 2 NTFS

skenovn skrytch proces ...  

skenovn skrytch poloek 'Po sputn' ... 

skenovn skrytch soubor ...  

sken byl spen dokonen
skryt soubory: 0

**************************************************************************
.
--------------------- Knihovny navzan na bc procesy ---------------------

- - - - - - - > 'winlogon.exe'(1060)
c:\windows\system32\Ati2evxx.dll
.
Celkov as: 2010-05-26  16:07:12
ComboFix-quarantined-files.txt  2010-05-26 14:07
ComboFix2.txt  2010-05-26 13:46
ComboFix3.txt  2010-05-26 13:18
ComboFix4.txt  2010-05-26 12:36

Ped sputnm: Volnch bajt: 149289455616
Po sputn: Volnch bajt: 149278556160

- - End Of File - - B589B4B8542D6F7542E5B0BD2DEA5B3F
