Authority system vypíná počítač
Napsal: 11 lis 2010 20:00
Mám problém,při hraní některých her mi zmodrá obrazovka a pak se objeví hláška,že vypnutí systému vyvolal Authority system.Po restartu mi to napíše,že činnost systému byla obnovena po závažné chybě.Pro jistotu přikládám log z RSIT.Díky za pomoc.solangei
Logfile of random's system information tool 1.07 (written by random/random)
Run by solangei at 2010-11-11 18:57:13
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 8 GB (38%) free of 20 GB
Total RAM: 958 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:57:58, on 11.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\WINDOWS\system32\freecell.exe
C:\Program Files\O2 Mobilni internet\O2 Mobilni internet.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\solangei\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\solangei.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyA1.dll
O2 - BHO: Lexmark Panel nástrojů - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: Adobe PDF Link Helper - {40A15B24-6472-1E4A-6842-2CCC7FC73F5F} - C:\WINDOWS\system32\wwmphoto.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyA1.dll
O3 - Toolbar: Lexmark Panel nástrojů - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyA1.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{DCFB694B-17FB-4EC8-9EEE-7F2ADFE20B86}: NameServer = 160.218.10.200 160.218.43.200
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
--
End of file - 7440 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\MP Scheduled Scan.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]
Lexmark Panel nástrojů - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-01-25 184320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2010-02-25 491520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40A15B24-6472-1E4A-6842-2CCC7FC73F5F}]
Adobe PDF Link Helper - C:\WINDOWS\system32\wwmphoto.dll [2008-04-14 200704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
MyAshampoo Toolbar - C:\Program Files\MyAshampoo\tbMyA1.dll [2010-10-21 2735200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Panel nástrojů - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-01-25 184320]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2010-02-25 491520]
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - MyAshampoo Toolbar - C:\Program Files\MyAshampoo\tbMyA1.dll [2010-10-21 2735200]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-06-10 339968]
"LXCRCATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16 []
"MSSE"=C:\Program Files\Microsoft Security Essentials\msseces.exe [2010-09-15 1094224]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Domino]
C:\WINDOWS\Domino.exe [2006-07-04 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
C:\Program Files\Lexmark 2400 Series\ezprint.exe [2006-02-07 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
C:\Program Files\Lexmark Fax Solutions\fm3032.exe [2006-02-02 290816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcrmon.exe]
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe [2006-03-06 286720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS]
C:\WINDOWS\OETRN.EXE [2010-02-25 26624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
C:\WINDOWS\system32\VTTimer.exe [2005-03-07 53248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]
C:\WINDOWS\system32\VTtrayp.exe [2006-04-11 176128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZSSnp211]
C:\WINDOWS\ZSSnp211.exe [2006-07-14 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^AudioDeck.lnk]
C:\PROGRA~1\VIATEC~1\VIAAUD~1\AUDIOD~1\AUDIOD~1.EXE [2003-07-08 581632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Corel MEDIA FOLDERS INDEXER 8.LNK]
C:\Corel\GRAPHI~1\Programs\MFINDE~1.EXE [1998-01-12 83456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-06-11 86016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\z disku C\uTorrent.exe"="D:\z disku C\uTorrent.exe:*:Enabled:uTorrent"
"C:\Program Files\O2 Mobilni internet\O2 Mobilni internet.exe"="C:\Program Files\O2 Mobilni internet\O2 Mobilni internet.exe:*:Enabled:O2 Mobilni internet"
"D:\eMule\emule.exe"="D:\eMule\emule.exe:*:Enabled:eMule"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\uTorrent\utorrent.exe"="D:\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"D:\StrongDC++\StrongDC++\StrongDC.exe"="D:\StrongDC++\StrongDC++\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-11-11 07:44:10 ----D---- C:\Config.Msi
2010-11-10 16:33:41 ----D---- C:\Program Files\Woodville Chronicles
2010-11-05 17:23:21 ----D---- C:\Program Files\Games
2010-11-01 21:24:47 ----D---- C:\WINDOWS\Chocolate Shop Frenzy
2010-11-01 21:24:47 ----D---- C:\Program Files\Chocolate Shop Frenzy
2010-10-28 10:45:23 ----D---- C:\Documents and Settings\solangei\Data aplikací\Orneon
2010-10-27 23:05:51 ----SD---- C:\ComboFix
2010-10-27 23:05:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-10-27 23:05:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-10-27 23:05:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
2010-10-27 23:05:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2010-10-27 23:05:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy2
2010-10-27 23:05:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Farm Fishes
2010-10-27 23:05:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Bluetooth
2010-10-27 23:05:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\ashampoo
2010-10-27 23:05:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2010-10-27 23:05:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\GameXzone
2010-10-27 23:05:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Friends Games
2010-10-27 23:05:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\FaxCtr
2010-10-27 23:05:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3_Madagascar
2010-10-27 23:05:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3_Arctica
2010-10-27 23:05:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3
2010-10-27 23:05:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Rumbic Studio
2010-10-27 23:05:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\page
2010-10-27 23:05:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\MumboJumbo
2010-10-27 23:05:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-10-27 23:05:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-10-27 23:05:17 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-10-27 23:05:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2010-10-27 23:05:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\The Game Equation
2010-10-27 23:05:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-10-27 23:05:17 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-10-27 23:05:09 ----D---- C:\Documents and Settings\solangei\Data aplikací\Apple Computer
2010-10-27 23:05:09 ----D---- C:\Documents and Settings\solangei\Data aplikací\Age of Japan II
2010-10-27 23:05:09 ----D---- C:\Documents and Settings\solangei\Data aplikací\Adobe
2010-10-27 23:05:08 ----D---- C:\Documents and Settings\solangei\Data aplikací\CannyGames
2010-10-27 23:05:08 ----D---- C:\Documents and Settings\solangei\Data aplikací\Ashampoo
2010-10-27 23:05:07 ----D---- C:\Documents and Settings\solangei\Data aplikací\Corel
2010-10-27 23:05:05 ----D---- C:\Documents and Settings\solangei\Data aplikací\Identities
2010-10-27 23:05:05 ----D---- C:\Documents and Settings\solangei\Data aplikací\Help
2010-10-27 23:05:05 ----D---- C:\Documents and Settings\solangei\Data aplikací\Friday's games
2010-10-27 23:05:05 ----D---- C:\Documents and Settings\solangei\Data aplikací\FairyNook
2010-10-27 23:05:05 ----D---- C:\Documents and Settings\solangei\Data aplikací\Evoly
2010-10-27 23:05:05 ----D---- C:\Documents and Settings\solangei\Data aplikací\dvdcss
2010-10-27 23:05:04 ----D---- C:\Documents and Settings\solangei\Data aplikací\LTOA
2010-10-27 22:05:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\GameXzone(2)
2010-10-27 22:01:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy(2)
2010-10-27 22:00:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\BigFishGamesCache(2)
2010-10-27 19:48:38 ----D---- C:\Documents and Settings\solangei\Data aplikací\PriceGong
2010-10-27 18:24:53 ----D---- C:\Program Files\Temple of Jewels
2010-10-26 12:53:43 ----D---- C:\Documents and Settings\solangei\Data aplikací\ShinyTales
2010-10-26 12:53:19 ----D---- C:\Program Files\bigup16
2010-10-13 06:22:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2010-10-13 06:22:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2279986$
2010-10-13 06:21:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2010-10-13 06:21:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2010-10-13 06:21:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2010-10-13 06:20:25 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2010-10-13 06:18:58 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2010-10-13 06:11:33 ----HDC---- C:\WINDOWS\$NtUninstallKB981957$
2010-10-13 06:11:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
======List of files/folders modified in the last 1 months======
2010-11-11 18:57:29 ----D---- C:\Program Files\trend micro
2010-11-11 18:57:16 ----D---- C:\WINDOWS\Prefetch
2010-11-11 18:56:31 ----D---- C:\WINDOWS
2010-11-11 18:56:31 ----A---- C:\WINDOWS\MAILTRAN.INI
2010-11-11 18:56:11 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2010-11-11 18:47:45 ----D---- C:\WINDOWS\temp
2010-11-11 18:00:28 ----D---- C:\WINDOWS\Minidump
2010-11-11 18:00:28 ----D---- C:\WINDOWS\Debug
2010-11-11 17:30:20 ----D---- C:\WINDOWS\Help
2010-11-11 15:24:50 ----SD---- C:\WINDOWS\Tasks
2010-11-11 15:21:09 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-11 15:19:40 ----D---- C:\Program Files\lx_cats
2010-11-11 07:55:24 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-11-11 07:45:08 ----D---- C:\WINDOWS\system32\config
2010-11-11 07:44:40 ----D---- C:\WINDOWS\system32\wbem
2010-11-11 07:44:40 ----D---- C:\WINDOWS\Registration
2010-11-10 16:33:41 ----RD---- C:\Program Files
2010-11-10 11:53:35 ----SHD---- C:\WINDOWS\Installer
2010-11-08 15:03:54 ----D---- C:\WINDOWS\system32
2010-11-07 11:17:58 ----D---- C:\Documents and Settings\solangei\Data aplikací\vlc
2010-11-03 14:09:50 ----A---- C:\WINDOWS\WDICT32.INI
2010-11-01 08:53:25 ----D---- C:\Program Files\Mozilla Firefox
2010-10-31 13:17:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-10-28 13:41:26 ----D---- C:\Program Files\Alawar
2010-10-28 10:44:47 ----D---- C:\games
2010-10-28 10:32:39 ----D---- C:\Program Files\SpeedFan
2010-10-28 08:21:58 ----RSD---- C:\WINDOWS\assembly
2010-10-27 23:05:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2010-10-27 22:01:16 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-10-27 22:00:40 ----D---- C:\Documents and Settings
2010-10-27 14:58:12 ----A---- C:\WINDOWS\DUMP60fc.tmp
2010-10-23 15:43:18 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-10-19 21:51:33 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2010-10-13 06:22:27 ----HD---- C:\WINDOWS\inf
2010-10-13 06:22:21 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-10-13 06:22:12 ----HD---- C:\WINDOWS\$hf_mig$
2010-10-13 06:21:52 ----D---- C:\WINDOWS\system32\drivers
2010-10-13 06:21:39 ----D---- C:\WINDOWS\WinSxS
2010-10-13 06:17:45 ----D---- C:\Program Files\Internet Explorer
2010-10-13 06:11:43 ----A---- C:\WINDOWS\system32\MRT.exe
2010-10-13 05:55:20 ----D---- C:\Program Files\Microsoft Security Essentials
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R2 cpuz132;cpuz132; \??\C:\WINDOWS\system32\drivers\cpuz132_x32.sys []
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-05-09 36496]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-09-26 101376]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2006-04-13 252416]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudios.sys [2003-06-16 369920]
R3 ZSMC211;USB PC Camera (ZS211); C:\WINDOWS\System32\Drivers\ZS211.sys [2006-07-25 391791]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-06-11 746496]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\solangei\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-04-15 42496]
S3 GMSIPCI;GMSIPCI; \??\G:\INSTALL\GMSIPCI.SYS []
S3 MSICPL;MSICPL; \??\G:\install4\MSICPL.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NTACCESS;NTACCESS; \??\G:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\G:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 STAC97;VIA Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\STAC97.sys [2001-09-17 91792]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 Vsp;Vsp; \??\C:\WINDOWS\system32\drivers\Vsp.sys []
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R3 lxcr_device;lxcr_device; C:\WINDOWS\system32\lxcrcoms.exe [2006-02-20 495616]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-06-11 376832]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-06-10 516096]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.07 (written by random/random)
Run by solangei at 2010-11-11 18:57:13
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 8 GB (38%) free of 20 GB
Total RAM: 958 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:57:58, on 11.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\WINDOWS\system32\freecell.exe
C:\Program Files\O2 Mobilni internet\O2 Mobilni internet.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\solangei\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\solangei.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyA1.dll
O2 - BHO: Lexmark Panel nástrojů - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: Adobe PDF Link Helper - {40A15B24-6472-1E4A-6842-2CCC7FC73F5F} - C:\WINDOWS\system32\wwmphoto.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyA1.dll
O3 - Toolbar: Lexmark Panel nástrojů - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyA1.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{DCFB694B-17FB-4EC8-9EEE-7F2ADFE20B86}: NameServer = 160.218.10.200 160.218.43.200
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
--
End of file - 7440 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\MP Scheduled Scan.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]
Lexmark Panel nástrojů - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-01-25 184320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2010-02-25 491520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40A15B24-6472-1E4A-6842-2CCC7FC73F5F}]
Adobe PDF Link Helper - C:\WINDOWS\system32\wwmphoto.dll [2008-04-14 200704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
MyAshampoo Toolbar - C:\Program Files\MyAshampoo\tbMyA1.dll [2010-10-21 2735200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Panel nástrojů - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-01-25 184320]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2010-02-25 491520]
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - MyAshampoo Toolbar - C:\Program Files\MyAshampoo\tbMyA1.dll [2010-10-21 2735200]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-06-10 339968]
"LXCRCATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16 []
"MSSE"=C:\Program Files\Microsoft Security Essentials\msseces.exe [2010-09-15 1094224]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Domino]
C:\WINDOWS\Domino.exe [2006-07-04 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
C:\Program Files\Lexmark 2400 Series\ezprint.exe [2006-02-07 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
C:\Program Files\Lexmark Fax Solutions\fm3032.exe [2006-02-02 290816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcrmon.exe]
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe [2006-03-06 286720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS]
C:\WINDOWS\OETRN.EXE [2010-02-25 26624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
C:\WINDOWS\system32\VTTimer.exe [2005-03-07 53248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]
C:\WINDOWS\system32\VTtrayp.exe [2006-04-11 176128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZSSnp211]
C:\WINDOWS\ZSSnp211.exe [2006-07-14 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^AudioDeck.lnk]
C:\PROGRA~1\VIATEC~1\VIAAUD~1\AUDIOD~1\AUDIOD~1.EXE [2003-07-08 581632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Corel MEDIA FOLDERS INDEXER 8.LNK]
C:\Corel\GRAPHI~1\Programs\MFINDE~1.EXE [1998-01-12 83456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-06-11 86016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\z disku C\uTorrent.exe"="D:\z disku C\uTorrent.exe:*:Enabled:uTorrent"
"C:\Program Files\O2 Mobilni internet\O2 Mobilni internet.exe"="C:\Program Files\O2 Mobilni internet\O2 Mobilni internet.exe:*:Enabled:O2 Mobilni internet"
"D:\eMule\emule.exe"="D:\eMule\emule.exe:*:Enabled:eMule"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\uTorrent\utorrent.exe"="D:\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"D:\StrongDC++\StrongDC++\StrongDC.exe"="D:\StrongDC++\StrongDC++\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-11-11 07:44:10 ----D---- C:\Config.Msi
2010-11-10 16:33:41 ----D---- C:\Program Files\Woodville Chronicles
2010-11-05 17:23:21 ----D---- C:\Program Files\Games
2010-11-01 21:24:47 ----D---- C:\WINDOWS\Chocolate Shop Frenzy
2010-11-01 21:24:47 ----D---- C:\Program Files\Chocolate Shop Frenzy
2010-10-28 10:45:23 ----D---- C:\Documents and Settings\solangei\Data aplikací\Orneon
2010-10-27 23:05:51 ----SD---- C:\ComboFix
2010-10-27 23:05:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-10-27 23:05:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-10-27 23:05:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
2010-10-27 23:05:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2010-10-27 23:05:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy2
2010-10-27 23:05:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Farm Fishes
2010-10-27 23:05:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Bluetooth
2010-10-27 23:05:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\ashampoo
2010-10-27 23:05:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2010-10-27 23:05:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\GameXzone
2010-10-27 23:05:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Friends Games
2010-10-27 23:05:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\FaxCtr
2010-10-27 23:05:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3_Madagascar
2010-10-27 23:05:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3_Arctica
2010-10-27 23:05:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3
2010-10-27 23:05:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Rumbic Studio
2010-10-27 23:05:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\page
2010-10-27 23:05:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\MumboJumbo
2010-10-27 23:05:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-10-27 23:05:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-10-27 23:05:17 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-10-27 23:05:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2010-10-27 23:05:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\The Game Equation
2010-10-27 23:05:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-10-27 23:05:17 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-10-27 23:05:09 ----D---- C:\Documents and Settings\solangei\Data aplikací\Apple Computer
2010-10-27 23:05:09 ----D---- C:\Documents and Settings\solangei\Data aplikací\Age of Japan II
2010-10-27 23:05:09 ----D---- C:\Documents and Settings\solangei\Data aplikací\Adobe
2010-10-27 23:05:08 ----D---- C:\Documents and Settings\solangei\Data aplikací\CannyGames
2010-10-27 23:05:08 ----D---- C:\Documents and Settings\solangei\Data aplikací\Ashampoo
2010-10-27 23:05:07 ----D---- C:\Documents and Settings\solangei\Data aplikací\Corel
2010-10-27 23:05:05 ----D---- C:\Documents and Settings\solangei\Data aplikací\Identities
2010-10-27 23:05:05 ----D---- C:\Documents and Settings\solangei\Data aplikací\Help
2010-10-27 23:05:05 ----D---- C:\Documents and Settings\solangei\Data aplikací\Friday's games
2010-10-27 23:05:05 ----D---- C:\Documents and Settings\solangei\Data aplikací\FairyNook
2010-10-27 23:05:05 ----D---- C:\Documents and Settings\solangei\Data aplikací\Evoly
2010-10-27 23:05:05 ----D---- C:\Documents and Settings\solangei\Data aplikací\dvdcss
2010-10-27 23:05:04 ----D---- C:\Documents and Settings\solangei\Data aplikací\LTOA
2010-10-27 22:05:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\GameXzone(2)
2010-10-27 22:01:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy(2)
2010-10-27 22:00:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\BigFishGamesCache(2)
2010-10-27 19:48:38 ----D---- C:\Documents and Settings\solangei\Data aplikací\PriceGong
2010-10-27 18:24:53 ----D---- C:\Program Files\Temple of Jewels
2010-10-26 12:53:43 ----D---- C:\Documents and Settings\solangei\Data aplikací\ShinyTales
2010-10-26 12:53:19 ----D---- C:\Program Files\bigup16
2010-10-13 06:22:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2010-10-13 06:22:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2279986$
2010-10-13 06:21:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2010-10-13 06:21:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2010-10-13 06:21:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2010-10-13 06:20:25 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2010-10-13 06:18:58 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2010-10-13 06:11:33 ----HDC---- C:\WINDOWS\$NtUninstallKB981957$
2010-10-13 06:11:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
======List of files/folders modified in the last 1 months======
2010-11-11 18:57:29 ----D---- C:\Program Files\trend micro
2010-11-11 18:57:16 ----D---- C:\WINDOWS\Prefetch
2010-11-11 18:56:31 ----D---- C:\WINDOWS
2010-11-11 18:56:31 ----A---- C:\WINDOWS\MAILTRAN.INI
2010-11-11 18:56:11 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2010-11-11 18:47:45 ----D---- C:\WINDOWS\temp
2010-11-11 18:00:28 ----D---- C:\WINDOWS\Minidump
2010-11-11 18:00:28 ----D---- C:\WINDOWS\Debug
2010-11-11 17:30:20 ----D---- C:\WINDOWS\Help
2010-11-11 15:24:50 ----SD---- C:\WINDOWS\Tasks
2010-11-11 15:21:09 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-11 15:19:40 ----D---- C:\Program Files\lx_cats
2010-11-11 07:55:24 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-11-11 07:45:08 ----D---- C:\WINDOWS\system32\config
2010-11-11 07:44:40 ----D---- C:\WINDOWS\system32\wbem
2010-11-11 07:44:40 ----D---- C:\WINDOWS\Registration
2010-11-10 16:33:41 ----RD---- C:\Program Files
2010-11-10 11:53:35 ----SHD---- C:\WINDOWS\Installer
2010-11-08 15:03:54 ----D---- C:\WINDOWS\system32
2010-11-07 11:17:58 ----D---- C:\Documents and Settings\solangei\Data aplikací\vlc
2010-11-03 14:09:50 ----A---- C:\WINDOWS\WDICT32.INI
2010-11-01 08:53:25 ----D---- C:\Program Files\Mozilla Firefox
2010-10-31 13:17:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-10-28 13:41:26 ----D---- C:\Program Files\Alawar
2010-10-28 10:44:47 ----D---- C:\games
2010-10-28 10:32:39 ----D---- C:\Program Files\SpeedFan
2010-10-28 08:21:58 ----RSD---- C:\WINDOWS\assembly
2010-10-27 23:05:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2010-10-27 22:01:16 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-10-27 22:00:40 ----D---- C:\Documents and Settings
2010-10-27 14:58:12 ----A---- C:\WINDOWS\DUMP60fc.tmp
2010-10-23 15:43:18 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-10-19 21:51:33 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2010-10-13 06:22:27 ----HD---- C:\WINDOWS\inf
2010-10-13 06:22:21 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-10-13 06:22:12 ----HD---- C:\WINDOWS\$hf_mig$
2010-10-13 06:21:52 ----D---- C:\WINDOWS\system32\drivers
2010-10-13 06:21:39 ----D---- C:\WINDOWS\WinSxS
2010-10-13 06:17:45 ----D---- C:\Program Files\Internet Explorer
2010-10-13 06:11:43 ----A---- C:\WINDOWS\system32\MRT.exe
2010-10-13 05:55:20 ----D---- C:\Program Files\Microsoft Security Essentials
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R2 cpuz132;cpuz132; \??\C:\WINDOWS\system32\drivers\cpuz132_x32.sys []
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-05-09 36496]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-09-26 101376]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2006-04-13 252416]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudios.sys [2003-06-16 369920]
R3 ZSMC211;USB PC Camera (ZS211); C:\WINDOWS\System32\Drivers\ZS211.sys [2006-07-25 391791]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-06-11 746496]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\solangei\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-04-15 42496]
S3 GMSIPCI;GMSIPCI; \??\G:\INSTALL\GMSIPCI.SYS []
S3 MSICPL;MSICPL; \??\G:\install4\MSICPL.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NTACCESS;NTACCESS; \??\G:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\G:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 STAC97;VIA Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\STAC97.sys [2001-09-17 91792]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 Vsp;Vsp; \??\C:\WINDOWS\system32\drivers\Vsp.sys []
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R3 lxcr_device;lxcr_device; C:\WINDOWS\system32\lxcrcoms.exe [2006-02-20 495616]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-06-11 376832]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-06-10 516096]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------