ComboFix 10-05-25.05 - XP 26.05.2010  14:28:41.1.2 - x86
Systm Microsoft Windows XP Professional  5.1.2600.2.1250.420.1029.18.1535.961 [GMT 2:00]
Sputn z: c:\documents and settings\XP\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *On-access scanning disabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.

(((((((((((((((((((((((((((((((((((((((   Ostatn vmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\XP\Turbo Cars.exe

.
(((((((((((((((((((((((((   Soubory vytvoen od 2010-04-26 do 2010-05-26  )))))))))))))))))))))))))))))))
.

2010-05-26 11:52 . 2010-05-26 11:52	--------	d-----w-	c:\program files\Microsoft Security Essentials
2010-05-26 11:26 . 2010-05-07 16:01	30024	----a-w-	c:\windows\system32\uxtuneup.dll
2010-05-26 11:24 . 2010-05-07 16:06	30536	----a-w-	c:\windows\system32\TURegOpt.exe
2010-05-26 11:23 . 2010-05-26 11:26	--------	d-----w-	c:\program files\TuneUp Utilities 2010
2010-05-18 20:12 . 2009-03-09 13:27	453456	----a-w-	c:\windows\system32\d3dx10_41.dll
2010-05-18 20:12 . 2009-03-09 13:27	1846632	----a-w-	c:\windows\system32\D3DCompiler_41.dll
2010-05-18 18:48 . 2010-05-18 18:48	--------	d-----w-	c:\windows\system32\wbem\Repository
2010-05-17 20:46 . 2010-05-25 21:03	--------	d-----w-	c:\program files\TrackMania Nations ESWC
2010-05-17 20:19 . 2010-05-17 20:19	--------	d-----w-	c:\program files\SimBin
2010-05-17 20:18 . 2010-05-17 20:18	--------	d-----w-	c:\windows\Logs
2010-04-26 15:25 . 2010-05-24 19:21	--------	d-----w-	c:\program files\Filipova dobrodrustv - Na stop rodinnm pokladm

.
((((((((((((((((((((((((((((((((((((((((   Find3M vpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-24 21:15 . 2009-02-20 15:30	--------	d-----w-	c:\program files\AVG
2010-05-21 12:14 . 2009-10-04 19:29	221568	------w-	c:\windows\system32\MpSigStub.exe
2010-05-20 12:41 . 2008-10-07 15:37	--------	d-----w-	c:\program files\Tajemn psmena
2010-05-04 18:50 . 2008-06-17 07:27	--------	d-----w-	c:\program files\Neposeda
2010-05-03 15:24 . 2007-06-14 15:39	32768	----a-w-	c:\windows\NCUNINST.EXE
2010-04-26 16:07 . 2010-02-11 20:34	--------	d-----w-	c:\program files\Utajen svt umn
2010-04-13 07:55 . 2010-04-13 07:55	--------	d-----w-	c:\program files\Cesta za dobrodrustvm - Zlat sen
2010-03-29 16:42 . 2001-10-25 12:00	79040	----a-w-	c:\windows\system32\perfc005.dat
2010-03-29 16:42 . 2001-10-25 12:00	431998	----a-w-	c:\windows\system32\perfh005.dat
2010-03-10 06:17 . 2004-08-17 14:49	420352	----a-w-	c:\windows\system32\vbscript.dll
.

((((((((((((((((((((((((((((((((((   Spoutc body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznmka* przdn zznamy a legitimn vchoz daje nejsou zobrazeny. 
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}"= "c:\program files\MyPlayCity\tbMyP1.dll" [2010-05-19 2515552]

[HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]
2010-05-19 16:37	2515552	----a-w-	c:\program files\MyPlayCity\tbMyP1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}"= "c:\program files\MyPlayCity\tbMyP1.dll" [2010-05-19 2515552]

[HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC}"= "c:\program files\MyPlayCity\tbMyP1.dll" [2010-05-19 2515552]

[HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 147456]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-04-03 165784]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-10 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"wcmdmgr"="c:\windows\wt\updater\wcmdmgrl.exe" [2001-01-25 20480]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-21 61440]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-02-21 1093208]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]

c:\documents and settings\XP\Nabdka Start\Programy\Po sputn\
Vezy obrazovky a sputn aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

c:\documents and settings\All Users\Nabdka Start\Programy\Po sputn\
Media Key.lnk - c:\program files\Media Key\MagicKey.exe [2007-4-13 159744]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Hrajte naplno 2005\\Racer\\racer.exe"=
"c:\\Program Files\\Microsoft Games\\Midtown Madness 2\\midtown2.exe"=
"c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=

R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [13.4.2007 12:52 12856]
R1 UsbFltr;WayTechUSBFilterDriver;c:\windows\system32\drivers\UsbFltr.sys [13.4.2007 12:52 8576]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [7.5.2010 18:04 1051976]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17.7.2007 18:48 682232]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Obsah adrese 'Naplnovan lohy'

2010-05-26 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2009-12-09 16:02]

2010-05-26 c:\windows\Tasks\MpIdleTask.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2009-12-09 16:02]
.
.
------- Doplkov sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
- - - - NEPLATN POLOKY ODSTRANN Z REGISTRU - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)



**************************************************************************
skenovn skrytch proces ...  

skenovn skrytch poloek 'Po sputn' ... 

skenovn skrytch soubor ...  

sken byl spen dokonen
skryt soubory: 

**************************************************************************
.
--------------------- Knihovny navzan na bc procesy ---------------------

- - - - - - - > 'winlogon.exe'(940)
c:\windows\system32\Ati2evxx.dll
.
Celkov as: 2010-05-26  14:36:12
ComboFix-quarantined-files.txt  2010-05-26 12:36

Ped sputnm: Volnch bajt: 149252939776
Po sputn: Volnch bajt: 149383389184

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - A8CF19065DFC117F8302F4D3C5B3900E
